High-Level Segment (HLS) of Council 2008
Geneva, 12-13 November 2008
 
 
Message on behalf of Carlos Lopes, Executive Director, UNITAR, Delivered by Ivar Tallo, Manager of the UNITAR e-governance programme

Session 6: ITU Global Cybersecurity Agenda: Towards an International Roadmap for Cybersecurity

Secretary General,
Ministers, Excellencies, Ladies and Gentlemen,

I am providing this intervention on behalf Mr. Carlos Lopes, the executive director of Unitar that is a United Nations Institute for Training and Research.

As the name of our Institute shows, we are a UN training institution and part of our mandate is to train officials of member states governments. We were invited to participate in the High Level Expert Group to advise the Secretary General of the ITU on the Global Cyber Security Agenda which we gladly accepted as we think that closer cooperation within the UN system is clearly benefiting everybody.

We concentrated, quite naturally, on the capacity building questions in the agenda and that will be also the topic of my intervention today.

First,

Building and developing sustainable capacities is a long endevour but we usually tend to operate in short term horizon. To try to understand the complexities of capacity building HLEG developed the overall framework for the capacity building in cyber security and we think it is a rather simple and good one. We identified four levels or layers where actions have to be taken and that by necessity will have somewhat different character. These four layers are

  • End user;
  • National;
  • Regional;
  • International

In addition, we thought as central elements to the capacity building the two truly cross-cutting issues:

  • Awareness raising
  • Resources

There are recommendations for actions on all these levels and issues in the documents prepared by the HLEG and I trust everybody can access them rather easily.

That, however, brings me to the second point I want to make and this is about training. We are so much used to having easy access to variety of information that we can simply pull down or suck in and use that we don’t think that actually, we need a habit and an inclination of doing that first. And that is the place where training comes in quite prominently.

Thus, one element of the awareness campaign for the Global Cyber Security Agenda should be to educate a minimum number of key decision makers in national governments, where necessary, i.e. where governments have not started creating national cyber security strategies. The format of these trainings is to make actively available international expertise in these questions by the various international organizations and national governments who have gathered vast experience already, setting up their cyber security policies, organizational frameworks and technical solutions.

These training workshops should complement the ongoing exchange of information between security specialists of relevant national and international structures and not duplicate them. Their aim is to create necessary national expertise on policy making level to advance the topic into domestic policy making if it is still missing.

This type of awareness rising should be the priority for international actors for the simple reason of creating the minimum capacity for the all national governments in cyber security and to ensure the functioning of a sustainable international cooperation framework.

The third point I would like to make is about the well known capacity building dilemma about national priority areas and donor priorities, in this case cyber security threats.

National politics is always about the limited resources. If donors approach the countries with their priorities, these priorities are not necessarily priorities for the countries in question to divert their limited resources to.

Let us look at this as concrete case. We still have wide disparity on internet access between the societies. A lot of countries and international donors try to address this issue but the more successful they are the more initial threats we have in cyber space. But while unequality of access is problem for countries where it takes place, the cyber security issues will also have international character. Moreover, new and better access that we hope Connect Africa will create, will cause problems of the cyber security nature not only in Africa but imminently in the societies with high level of access.

So, the cyber security issue is a concern of us all, and we have to tackle it globally also through training. The paradox that I see is that those countries who can afford to deal with cyber security issues are doing that already but those with rapidly expanding access should be targeted for the future of safer internet and they themselves do not always feel this as a first rate priority. So it is the task of us all to take awareness also to the decision makers everywhere.

It is not just because of the seriousness of the challenge but because of the nature of the cyberspace.

To conclude, we at Unitar would like to offer our expertise in trainings and our ongoing cooperation with the ITU as a training vechicle to take the recommendations of the HLEG and the best practices of the member states to the policy makers everywhere.

Thank you for your attention!