IGF 2022 Day 2 Open Forum #50 Global Conference on CCB: Cyber Resilience for Development

The following are the outputs of the captioning taken during an IGF intervention. Although it is largely accurate, in some cases it may be incomplete or inaccurate due to inaudible passages or transcription errors. It is posted as an aid, but should not be treated as an authoritative record.



>> MODERATOR: I think we are set.

  One second, I just want to check with Francesca, I can see our online speaker there.  Why hi, Francesca, do we have Dr. Towela with us already.  I cannot see all the details about session participants online.

Okay, okay, just got information that yes, we have all our speakers in.  We can start.

So good afternoon, dear participants and welcome to the open forum of the global forum on cyber expertise, greetings to you joining us here in the room in Addis Ababa.  Greetings to all of you joining us online.  I got information from my colleagues that there are several of you there as well.  So thanks for making time.  My name is Tereza Horejsova, I will be your onsite moderator for this one hour long session.  Alongside my colleague, the director, so Director of the global forum on cyber expertise, David van Duren, his task is to make sure we involve our online participants in the session as much as possible.

For the session, we will want to make it interactive, we have to make it interactive, actually, because this is what the IGF is about.  So the way how you can jump in the session at any time, is, of course, for those of you in the room, it will be easier, just give me a sign.  For those of you joining us online, kindly raise your virtual hand or let David know and he will make sure to jump in and bring your inputs as well.  The topic of today's open forum is to discuss gcc3b.  It is quite a complicated acronym on first site, but it has some meaning behind it.  And the meaning is that the gc3b stand for the global conference on cyber capacity building.

  This is a major event that has been in the kitchen of the deputy GFCE and several partners, the main aim or objective for this global event is to see how we can explore the connections and synergy between the cyber community on one hand and development community on the other hand.  And I have several colleagues here with us in the room and online that will tell us more, that will guide us through and towards the end of the session, we would like to hear from you, because as this conference is quite a lot in the shaping still in the preparation phase, you will have the opportunity to help us shape it so it answers what the community is craving.

On that note, one last point that I will stress, that the conference, as the global forum on cyber expertise will be very multistakeholder and we are interested in inputs by governments, civil society, technical community, private sector, academia.

So to briefly share with you who we are with us at the session, we have with us, on my left, the President of the GFCE foundation board, Christopher Painter.  Also with us in the room, we have, give me a second, Theoneste Ngiruwonsanga, who is the Project Manager at the Smart Africa responsible for cyber security and data privacy.

We also have with us, Dr. Towela Nyirenda‑Jere who is the head of the economic integration division at AUDA‑NEPAD.  Good morning, Towela.  We have Francesca Bosco, the senior advisor at the CPI, CyberPeace Institute based in Geneva.  I would first like to gulf the floor to you, Chris, to share with us on some of the why we are doing the conference, what should be the objectives and outcomes, thank you.

>> CHRIS PAINTER: Thanks, Tereza.  One of the reasons we wanted to do the open forum at the IGF was to garner input from this community as to how are ‑‑ what kinds of things this conference should do or should contain, it's very important to consult with lots of different stakeholders, this is a prime opportunity to do it.  Thank you for coming.

As Tereza said, I'm Chris Painter, the President of the GFCE foundation, much has been done to promote best practices in cyber capacity building, including by the GFCE.  There's a lack of coordination that hinders implementation.  I think another thing that Tereza hit on that I think I've noticed and seen over the years I've done this, both when I was in the U.S. government and in this role now, is that there was lots of different divisions in the world, divisions in the technical community and policy community, divisions between the mic folks and security folks, there's a big division between the traditional development people and the cyber security capacity building people, their own little communities, little crossover, getting better, they don't really talk to each other or coordinate enough.  That's something that needs to be addressed as well.

In recognition of that and recognition of the need to elevate this issue, we partnered with the CyberPeace Institute, the World Bank, World Economic Forum, and together we have ‑‑ we are working on convening the global conference on cyber capacity building, the GC3 B, to advance operationalize and collaborate on cyber capacity building.  The conference will be a key gathering of decision makers from government, business, financial, academia and civil society.  The key is not just the cyber community, but the development community together.  I think that's really important.  Me need for cyber capacity building is a key enabler of digital development will not be highlighted.  Reflecting the key theme of the conference for 2023, cyber resilience for development.  One of the reasons we chose that term resilience is that has resonance with the development community and the security community.  Talk about security and the development community gets a little afraid.

I think that's helpful.

It aims to elevate and maintain cyber resilience, operational priority in international cooperation and development.  In addition to that, the conference aims to support middle and low income countries and incorporating cyber security and cyber resilience into national strategic plans, including their digital infrastructure strategies and investments.

Again, that's important to cross over between the mic digital transformation agenda and the security agenda.

In order to achieve these objectives the conference strives to achieve several outcomes, we want to hear from you about these and anything else you suggest.  The first of those outcomes is a high level demand driven global cyber capacity building agenda with cyber resilience international development that serves the needs and priorities of the global south countries.  And we already have the Africa cyber capacity building agenda under way, it was discussed yesterday at Africa regional that took place in the margins of IGF.  I think that will serve a model for the other regions.

Next the global conference on ‑‑ the global conference, I'll call it the global conference, that makes it easier, strives to seek a significant explanation of the pool of resources available for cyber capacity building through the mobilization of different sources of financing from, from international development, private sector and philanthropy, it will help form Allie coordination and cooperation mechanisms for cyber capacity building by leveraging existing structures and strengthening global, regional, multistakeholder and public‑private cooperation and initiatives.  The conference will also provide a platform for developing countries to shape, cyber resilience in the broader development agenda in line with their needs and lessons.  This ties in one out of things the GFCE has shifted to, demand driven approach, rather than simply saying, we'll give you this, which doesn't help them as much as asking them first what the need.  We'll have region necessarily targeted ‑‑ the outcomes and objectives I mentioned will frame the program for the conference and underscore this is a demand driven globally owned initiative, not just a top‑down initiative.

The conference will include region necessarily targeted and sector specific debates, to promote context sensitive and demand driven exchanges and commitments, it is really important for us to get your feedback, as I said at the top of my remarks here, and input, that's why we are here today, we want to hear from you, please don't be shy about expressing your opinion, you can talk to us afterwards and send us e‑mails afterwards, there's lots of ways to communicate.

With that, let me give it back to Tereza.

>> TEREZA HOREJSOVA: Thank you very much for that.  That was very useful kind of context of the why, with we feel that this conference is needed, and you also hinted to the fact that crossing the siloes is not always easy and comfortable, but we feel that it's missing because cyber and development are so much connected.  Though having you with us, you actually are one of the few people that know the connection, because that's kind of ‑‑ that's kind of your work.  Why do we need to talk more about cyber resilience for development, first?  And second, Chris mentioned it, stressed again the multistakeholder nature of the conference, why is that important for this particular connection, thank you.

>> DR. TOWELA NYIRENDA-JERE: We all know it requires a.

>> THEONESTE NGIRUWONSANGA: We know it requires a deeper understanding of hazards and risks.  So all countries, especially developing countries, needed to welcome resilience into their critical systems and functions.  And because cyber resilience is increasingly becoming, a competitive issue, as you all know, people we always choose to invest and live in communities that for resilient and gravitate or run away from those that are not countries should be supported to have the ability to prepare for adapt to changing conditions and disruptions, and they should be able to withstand and recover rapidly from attacks and threats.

So this is why cyber resiliency is very important.  We needed this meeting, this conference, I mean, so that it can put together people, multistakeholder approach, to mobilize effective and sustainable and inclusive stewardship of international cooperation for cyber resilience development and cyber capacity building.

As Chris said, the theme of this conference we focus on the cyber resilience as the theme, and the aim is to catalyze the global action to elevate and mainstream cyber resilience and capacity building in the international development agenda, as well as in national development plans as the key enablers of sustainable development, inclusive economic growth and social prosperity for all.

So this is why we need everyone from private sector, public sector and academia and subject matter experts, civil society, to get involved in the preparation and not only in the preparation, but also by participating in the conference so that they can share with us their inputs and so that they can be ‑‑ those inputs can be captured to be put into the recommendations.

So I think that's why cyber resilience is important and that's why we needed this conference to take place.

>> TEREZA HOREJSOVA: You were convincing, thank you very much.  Let's see what others think about whether this is the right approach that we have adopted.  But think a little bit in your region, in Africa, I would like to turn to Dr. Towela joining us online.  Now to give the context of why Dr. Towela is so important this session.

One of the aims of the conference, and Theo, you mentioned it very well, used the term global action on capacity building, besides other themes, is to come up with something that will make a change in attention given to cyber capacity building.  The plan that we have at the GFCE is to develop global agenda for cyber capacity building, and because we do need to be very sensitive to the specificity of individual regions, this should be informed by regional agendas.  And Africa is one region where I would say we are most advanced in shaping what the Africa regional agenda for capacity building could be.

Dr. Towela, thank you for joining us, I believe, from Brussels.  Could you tell us more about this plan and also the process of developing the agenda.  Over to you, thank you.

>> DR. TOWELA NYIRENDA-JERE: Thank you very much.  Good morning to you and good morning to everyone that's sitting in Addis Ababa, I very much wish that I could have been there, unfortunately, other commitments find me in Brussels at this time.

I think that as you rightly mentioned, I think as Chris has also mentioned, we are very keen to see in Africa cyber capacity building agenda, and we see this as something that is important in a number of ways, I think it helps in terms of helping to guide and shape the cyber capacity building, but also for us, I think in terms of the continent, we are very keen to see that there is a process and an outcome that is really talking to our needs and priorities in so far as cyber capacity building is concerned, and linking this very deliberately to our various development aspirations, whether it's at a national, regional or continental level.  We also want to make sure that this agenda is developed in a very coordinated, bottom‑up multistakeholder and inclusive process, using established regional and continental structures and frameworks, because, of course, we want to make sure that we are not duplicating and identifying where the gaps, needs and issues would lie an African, CCB agenda.

We have started the process of developing that.  There was a discussion document drafted.  I think this is what was the focus of the meeting yesterday.

Again, in the spirit of it being very bottom up and multistakeholder, it is being led by the Africa cyber capacity building coordination committee, this represents key institutions that have various interests in terms of the ICT cyber security space in Africa.  We want to make sure, as much as possible, all voices are heard, everybody has a chance and an opportunity to shape the agenda.  Ultimately, it will be our agenda and our responsibility to see it is complemented.

What we want to do is allow us to shape an ecosystem that will allow us to coordinate and identify good policies, practices and ideas that would shape cyber capacity building on the continent.  Of course, tying that into what Chris talked about in terms of a demand‑driven approach because we want to make sure whatever way shape, whatever we are building is meeting people where they are, it has to be demand driven and resonates across the continent.

At the same time, you know, we also must acknowledge the fact that a lot of the agenda is shaped in part by the cyber capacity building project implemented between AUC and the GFCE, and also brought in all the different Member States across the continent, along with the various institutions in the cyber space.

What we are now doing, we have collected the inputs through the meeting yesterday and what we have seen, of course, is there's a number of common themes coming out.  Again, hoping this will also shape the discussion we have today, but also shape perhaps the way in which we approach this going forward.

People are very keen to see that there is a whole of society and a whole government approach to how we do cyber capacity building.  They also want to make sure we are leveraging knowledge that already exists within the various constituencies, knowledge that exists between countries and knowledge that exists in terms of cross‑pollination across different sectors.

So we know for instance in the finance sector, tech sector a lot has been done on cyber security and cyber capacity building and the question is how do we draw on that and make sure we can develop something that is responsive to the needs of the entire society.

A few things, perhaps, that have come out as priorities for the agenda, number one is that people would like to see government political willingness beg met by action.  We know our governments are committed, we know in our various engagements we have with governments, they understand what cyber security is and how important it is, but perhaps we have not translated that into concrete action in terms of how we develop cyber capacity building initiatives on the continent.

The second theme that came out of the discussions is that there is a need, perhaps, to really revisit our legal frameworks on cybercrime and capacity building and tie that in, of course, to issues around data protection, as well as our ‑‑ across the kept.  A third theme has to do with coordination, Chris alluded to the fact that coordination is needed.  For us it is needed at three levels.

We need coordination at the national and regional and continental and also linking that to the international level as well.

Lastly, of course, we have to continue looking at the issues around cyber awareness and skills development and making sure that is fully embedded in the strategy.  So we will be working to finalize this strategy and our expectation is it will be shared at the GC3P conference.  We want it to be something we take forward and allow the trickle down from the continental to the regional and national level as well.  Thank you very much, Tereza.

>> TEREZA HOREJSOVA: Thank you not only for these words but for your leadership in developing the African regional agenda.  My colleagues and I cannot wait to update you about the outcomes of the Africa regional meeting we held yesterday for several stakeholders, getting more input into the African regional agenda.

So we will definitely connect with others on this very soon.

Now, digging more now into the actual program specificity of the conference, I would like to turn to you, Francesca, joining us front Geneva, thank you for making time.  Could you tell us something more about the pillars of the conference and then Zoom in one particular pillar that we think will be of special, let's say, importance for the audience here at the IGF.  Over to you, Francesca.

>> FRANCESCA BOSCO: Thank you so much, Tereza and good morning from Geneva.  I wish I could be with you all, thank you so much for the opportunity to join the line and excited to be with you.

It's a pleasure, as Chris was mentioning, as co‑organizer from the CyberPeace Institute to give you a brief overview, after hearing from esteemed colleagues about the why, so for example the needs and gaps and proposals, like the global agenda, we would like to discuss with you the what and how.  In consultation with different stakeholders, based on literature review and also express the priorities of different communities, engage both in cyber resilience and international development and together with the diverse program advisory team I would like to thank, the proposed conference program is structured around four main pillars, as Tereza was mentioning, with an approach that is going from high level policy and visions to micro solutions and tactical solutions.

I will give you a brief overview of the, let's say, first kind of like three pillars that are across the high level policy vision, to macro solutions and we will have a little bit of like a deep dive into the fourth pillar as Tereza was mentioning, on the more operationalization of solutions and this is exactly the moment where we would really like to gather inputs from you all.

So when it comes to the main pillars, allow me to give you the titles, but a brief overview of the different sessions, and the different approach that we have in the different pillars.  We start from basically making international development to cyber resilience, this goes back to what Chris was mentioning.  The idea is really to merge, to integrate the two communities ‑‑ I would say even more communities, but let's take the broader definition of cyber resilience and development community.  So addressing basically the main aim of the conference in making the case for cyber security, cyber resilience and the cyber capacity building to be mainstreamed into the international development agenda as a co‑enabler.  This is a key concept.  So how we can make cyber security and cyber resiliency an enabler for digital, economic and social development.  Thanks so much to mention specifically, for example, the cyber resilience as a factor.

But then how we can basically secure the digital ecosystem via collaboration.  This is the second pillar, that we'll try to understand how we Canada scale, for example, public‑private collaboration and multistakeholder cooperation to address the systemic challenges and vulnerabilities that are critical to securing the digital ecosystem.  We have identified kind of like a couple of like very critical areas, like, for example, the cyber security work force and skills gap and the protection of critical infrastructure and essential services, and as you might see here, and maybe we can go to the next slides where we see the different type of sessions that we envisage, you see here the let's say high level titles and we would be available to discuss with you all potential feedback and to give you more information about the ‑‑ each one of them.  Just to guide you through the different main topics inside the different pillars.

Then the third pillar, this is the cyber capacity building for the stability and security visit the digital environment.  In this pillar, we would like to address and understand basically the role that cyber capacity building can play in strengthening the links between international security and sustainable development.  And clearly, to contribute to, I mean, the open, secure stable accessible and peaceful information and communication technology environment.

This part specifically, the idea is to build on the ongoing work that ‑‑ in high level international dimension, like, for example at the U.N. and other agencies and processes when it comes to, for example, responsible state behavior and protecting digital environment, the idea how we can basically match and scale, thanks to the expansion of the capacity building effort.

Allow me to dig a little bit deeper into the pillar #4 as we mentioned at the very beginning.

What we call the operationalization solution pillar.  It's important because it's sort of like horizontal foundation of the conference covering all the different themes that we have identified in the different other pillar.  Focusing on very tactical and implementable ideas and solutions for and from government officials, Program Managers, front line practitioners, really with the idea of merging both, again, the broader communities like cyber security and development communities with the multistakeholder approach.  So from academia, civil society, private sector and government.

I really like when Towela talked about the cross‑Pollination, this is a practical example how we can move the needle with very concrete examples when it comes to cross‑Pollination.  I just would like to explain a little bit more what we envisage for this specific pillar.

As I said at the beginning, a little bit of the what, but the how.

We have identified four man tracks.  One track that is ‑‑ that we called empower better program management for cyber capacity building and cyber resilient development.  What we want to focus here is focusing on good practices, methodologies, practical solution when it comes to design management and also evaluation of international cooperation projects and programs and cyber issues and on mainstreaming cyber related dimensions.

Here it's very much for practitioners to try to understand the needs, the gaps, but also which are solutions that we have seen working and how we can be basically measure them, how we can measure their impact.  And then we move to the track that is focusing on implementing successful cyber capacity building and cyber resilience.  It is focused on practical solution and advise for the implementation.  The cyber resilience and increase cyber capacity.  This will enable the exchanges on how to basically good practices and the dos and don'ts of managing cyber risk and implementing effective cyber security solutions from the field.  Specifically, we would like to understand, which are the needs of stakeholders and implement cyber resilience projects on the front line, government officials, international partners, providing training advise, understanding the role of the different other communities.  And then track c, which is using global public goods for cyber capacity building.

I would spend just a couple of words on this because basically the communities working to improve cyber security and cyber resilience have developed a wealth of freely available resources in various formats, tools, frameworks, guides, platforms, that then can be considered global public goods in the service of practitioners in the cyber capacity building.

These cover a wider range of applications supporting the development of the cyber security ecosystem, but there's not an existing kind of like global comprehensive repository.

The idea here is really to raise awareness and showcasing such global public goods.

And I would like also to mention and building upon what Chris was mentioning at the very beginning, there is also another important dimension when we think about the operationalization of cyber capacity building within the development ecosystem, which is the regional dimension.

We also have envisaged a specific track that consists of five regional sessions to discuss how the issues raised during the conference apply locally and to promote and encourage regional coordination.  The five regions identified.  And this will be really like the moment to discuss not only, I would say the approach and dimension, but really which are the concrete actions that are taking place and how we can best coordinate.

Why I mention also the ‑‑ I mention also the how and we can go to the next slides, because the ‑‑ basically what we are currently working on, as a team of co‑organizers together with the program advisory team AASE to understand the criteria and format for opening this track as a call for proposal.

We are working on the criteria and format and selection committee that will be established by the 15th of December.  The open call will be launched on the 15th of December, and proposals can be submitted until the 15th February.  And the selection committee will review the proposals and select the session leads by March.

The open call will be communicated widely to the global community through ‑‑ you see the logo here that you see through the website and social media, different consultation events, like this one, the newsletter of the different partners and social media channels.

We as co‑organizer together with the GFCE, we are looking for feedback actually from the multistakeholder community that you all represent specifically on the topics of this track.

So Tereza, I hand over the floor to you, thank you so much for the opportunity.

>> TEREZA HOREJSOVA: Thank you, Francesca for diving in.  What became quite evident while you were speaking, it was on the quick slide you pulled together before the session, this is a result of quite some extensive work that has been done by the GFCE and all the partners for this conference, and I would like to thank you and the CPI for being so active in this process.

At this moment, before we get to the other part of the session, I would like to invite you participants online, onsite, to jump in with any questions, suggestions, concerns.  Just give me a sign.

>> CHRIS PAINTER: Don't be shy.

>> TEREZA HOREJSOVA: I know it's Wednesday already of the IGF.  Okay.  You can jump in any time throughout the session.  Please be encouraged not to ask just about GC3B conference.  And also function and work more broadly.

So many at this point, we will try a little online experiment that would be very convenient for anybody who is shy to speak here because we can anonymously, hopefully, if it works, contribute online.  And now, if I could ask you to kindly share your screen to put up the menti meter.  I feel a tool that many of you are familiar with already, it seems to be working, which is great where we will try to get your inputs on some of the ‑‑ let's say priorities that should fall under pillar 4 that Francesca so well described to us, I am aware it now looks super tiny on the screen, once you look at it on your device, it should look bigger.  I will make sure to read these out.

If I may encourage you our participants here and online, grab a device, mobile phone or your computer, go to menti.com and when you're there ‑‑ we have quite responders, whoever it is, congratulations.  And then put the code, which is 864‑1594.

And the first question asks for your input on empowering better program management for cyber capacity building and cyber resilient development.

And some of the ‑‑ I can see it here.  Thank you.  Some of the options that we want your input on, what you think are kind of like which four topics should be prioritized, yes, and in this we have lessons from and for practitioners in mainstreaming resilience into development.  Planning and implementing cyber security and cyber resilience programs that are multistakeholder by design.  Ensuring equality, diversity and inclusion into CCB and cyber resilience programs.  I'll give you a little while to kindly log your answers.

I think it's always fascinating to watch this slide as you are making your choice.  I think it's not totally surprising that we have kind of hit for every single, let's say, objective, or priority, because all of them, without discussion are 11's.  We would like to get your inputs, because one of them seems to be going quite ‑‑ performing very well, that's actually the last option bringing cyber expertise into development programs.  And upscaling development stuff on cyber issues.

Are you surprised but seeing a result like this, because that can go quite down your alley.

>> THEONESTE NGIRUWONSANGA: So I'm not surprised.  This is the choice of everyone.  We need to focus and put emphasis on bringing cyber resilience into the different programs on national level, international level, even regional communities programs, and strategies.  So this is what people are suggesting, so I'm not surprised.

>> TEREZA HOREJSOVA: If anyone else wants to comment.  Looking at the weakest performer, which is ‑‑ yes, ensuring equality, diversity and inclusion CCB and cyber resilience programs.  Francesca did this surprise you.

>> FRANCESCA BOSCO: Actually, I think it's ‑‑ I think one of the challenges is also that as a community, and I take it sort of like a responsibility for us all maybe, to better articulate it, because I think that one of the challenges that we've seen is that ‑‑ is this kind of like dimensions are often kind of like referred more a token or because it's kind of like becoming a sort of like passwords to have, for example, the diversity, equity and inclusion, while I think we need to be more kind of like solutions oriented and maybe a way to raise awareness, for example, is to ‑‑ by giving concrete examples.

So I think ‑‑ I take it as sort of like it is maybe the less voted one, but it's very interesting, and I think it's a good sign for us as a community to instead put the spotlight exactly on this topic to have a constructive discussion.

So I think a little bit the weakness is for us as a community, tot to give enough examples and meat to such an important topic and the conference can be an opportunity for doing so.

>> TEREZA HOREJSOVA: Also maybe as you alluded to, this should be a given, yes?  This should be an automatic expectation that the conference will be sensitive to equality, diversity and inclusion.  I can say that for the GFCE, it is a given, absolutely yes.

If we can jump on the next question in the menti meter.  Keep your devices warmed up because we are going to look at track b, which is on implementing successful cyber capacity building and cyber resilient actions, I will quickly read those priorities out.  Opportunities and challenges of financing cyber security and cyber resilience in developing countries.

Cyber fellowship program for small countries.  Improving national cyber hygiene.

Solutions for closing the cyber security skills and work force gap.  Best practices for establishing national ‑‑ protecting CNI and various simulations.

So feel free to take a little bit of your time.

Things are moving.

Just wait a few seconds longer.

Okay.  So we seem to have a clear winner again.  Which is the first one, opportunities and challenges of financing cyber security and cyber resilience in different countries through different resources.  I have to misuse my moderator role, here we are, and several speakers have mentioned at this conference outcome need to be practical and need to lead to some action.  This is ‑‑ that is not talked about enough, about financing.

So that's really great to see from my point of view.  Chris, what about your interpretation of what we are seeing on the screen.



>> CHRIS PAINTER: I too ‑‑ I think ‑‑ look, this is a real practical problem and something we have seen again and again is financing is a big issue.  So it's not surprising.  All these are important issues, but financing certainly is a threshold one to get anything else done, understood, makes sense.

>> TEREZA HOREJSOVA: Any comments on this actually in the room?  Any experience to be shared by those of you here about, you know, actually always ending at the money question for the many initiatives your organizations are involved in?

>> AUDIENCE MEMBER: Yes, Tereza, if I may.

>> DAVID VAN DUREN: As an online moderator we have a bunch of people here who are good listeners, and so I expect also some questions during the next 15 minutes.  Maybe ‑‑ if I look at it, at the outcomes, I think like Chris said, resources that's a key topic, also for the conference.  It does make sense.

Also skills development in general, capacity building, we also saw the track a, that also came up.  So I think that makes sense, as well.

I see that Francesca, you have raised your hand, do you want to add something.

>> FRANCESCA BOSCO: Actually, I'm not surprised by ‑‑ in this specific section.

I just want to mention that especially because we want to have an open call on this topic also to consider not only I mean the need for resources, but the innovative way we can think about which are the solutions that either we have seen that are working or also that we can think together about proposing how to involve different donors, for example, in this sector, for example.  How to go about joining forces for better using the resources that are already available.

I just wanted to mention these two aspects I think are also relevant under this topic.  So donors kind of like differentiation and the diversification and also the potential ‑‑ I mean, join forces when it comes to resources in terms of funding cyber capacity building initiatives.

>> TEREZA HOREJSOVA: Thank you very much, both of you, David and Francesca.  This will be important at the conference, and if the GFCE and through its facilitating role, can humbly contribute to more mobilization of donors, this will be excellent achievement.

Just for your information, the weakest kind of ‑‑ or lowest points were given best practices for national, and protecting C&I.  It's a zoomed in topic.  It's not important enough, but yes, probably competing with the other more broader topics was tough for this one.

Let's go to the last question in the menti meter if you wish, which I will give you a little bit more time because it's open ended question, you don't need to write a novel, but you can write us a few bullets and few words, your point on using global public goods for cyber capacity building.  I'm not interpreting the question on purpose, take it as you wish to interpret it, and feel free to share with us a few words that's, as you type, should be appearing on the screen.

I will then ask Dr. Towela to comment, if possible, once we get the answers flowing in.

Whoever is the fastest typier will appear first.

Okay, it's coming in.  Let's wait a few more seconds, thank you for those who have shared their inputs.  And, of course, both online, onsite participants are welcome to be with us and shape this discussion.

Already quite a few to pick from, but let's wait a little bit more and for your information, we have about 12 minutes left for this session.

If at any time any of you would like to the elaborate on your brief points a little bit more, you know the opportunity is there.

Okay.  So let me just share with you those that we can see already.  Twice I can see the word definition.  Do we need a definition to set the stage for this track?  To have a common understanding.  Another input was along the same lines, we need more definition.

Other inputs we can see here, the GFCE and its civil portal, I will talk it, could support public goods globally, yes, of course, global goods could also provide a repository to avoid duplication of efforts.

Involvement of the development community into CCB.  Thinking about mechanisms for sustainability of global public goods.  More are in, I cannot see because I need the colleagues to scroll down.  Thank you.  Okay.

So connotation between open source and public goods.  Handling for cyber-attacks, common platforms, cyber security knowledge mentioned in connection to global public goods.

Excellent, Dr. Towela, as you're looking at the screen and some of the ideas coming in on this track, do you have some observations to share, please.

>> DR. TOWELA NYIRENDA-JERE: It's very interesting in terms of some of the comments coming through in terms of especially when you look at issues of knowledge, platforms, and also I think, very important, the idea of defining and being clear we are all talking about the same thing.  What I think then, for me, you know, this also perhaps in some ways does tie into the last question, and the outcome of the last question are resources because, yes, we may have, and we may define global public goods and put these goods at the disposal of the committee, cyber capacity building, but someone has to pay for all these things.  It will still come back to the question of sustainability, how we develop these global public goods and how do we make sure they are sustainable.  I think the point on resourcing and resources and innovative financing is something that we will still need to really tackle very deliberately if we are indeed going to be able to create and sustain global public goods to address the issues of cyber capacity building.  Back to you.

>> TEREZA HOREJSOVA: Thank you for this quick interpretation of what we have been seeing coming in.  For your information we have a track of what you have put in, yeah, so we will definitely reflect it in the discussions of quite a big team that is actually working on putting the conference together.

Now, before we go to some practicalities, which is where to find more information similar, Chris, if I can go back to you to share what are the immediate next steps in the process of getting where we want to get in connection to the conference.

>> CHRIS PAINTER: One obviously is to get input from all of you, which we are doing today.  We would welcome more substantive input, and like Tereza said and I said earlier, it can be by talking to us while we are here, sending e‑mails, whatever you fancy will, I think, help us.  We are working on finalizing where exactly the conference will be and the timing of it.  We'll communicate that to the community once those are set.  We want to make sure it's a place that's accessible to people and make sure that it's ‑‑ gives us time to get the right people there, et cetera, and get the planning done and get the consultations we are getting now.  There's a lot of moving pieces in that, as you might imagine.  We'll be communicating that.

We plan to have a couple more engagement sessions in various places if we have a chance, this is a big one because a lot of the community is here.

But if you see us in any venue that we are at.  We are at different ones around the world, engage with us, if you have ideas, we really want to hear them.

>> TEREZA HOREJSOVA: Thank you very much, Chris, practically speaking, the best way to stay in the loop of the further announcement and planning is to actually go to the website of the conference, you can see the branding is very cool and elegant and ready and there is a website for the conference.  GC3B.org.  That's one source of information.  The same e‑mail address is actually available, it's contact at gc3b.org.  If I made a mistake, my colleague online ‑‑ colleagues online, please correct me.

And stay tuned, yes, to what's coming.

If you are a part of the GFCE community as a member or partner, of course, you will be kept in the loop as well, through the communication that we have with our community and obviously through the main website of the GFCE, which is the GFCE.org.  And I would also like you to explore to ‑‑ to talk to us, about whether your organization is maybe missing in the community and should be part of our community, where we try to bring together actors, active in cyber capacity building, especially on the global level.  But as was referred to earlier as well, we are zooming in to individual regions and are in the process of setting up regional hubs, so even if your work is on the regional level, we want to talk with you and engage with us, you can contact us at GFCE.org or please talk to any of us, of course, Chris, Director of the GFCE and Mario is with us as well, or myself, catch us in the corridors, catch us after the session and we would be very happy to exchange with you further.

So in case there are no other questions, at this stage, I would like to thank you for being here with us.  Or joining us online and enjoy the rest of the Internet Governance Forum.  Thank you.