IGF 2023 – Day 2 – WS #446 Successes & challenges: cyber capacity building coordination – RAW

The following are the outputs of the captioning taken during an IGF intervention. Although it is largely accurate, in some cases it may be incomplete or inaccurate due to inaudible passages or transcription errors. It is posted as an aid, but should not be treated as an authoritative record.



>> MODERATOR: Good morning, ladies and gentlemen. Welcome to a new session, a round table on the successes of challenges of cyber capacity building coordination. So, today we'll tackle these issues related to strengthening cybersecurity posture, resilience, as well as the competencies, which is the coordination of efforts aimed at cyber capacity building.

So, in a world where there are cyber attacks are proliferating, governments, multilateral organizations, private sector entities and international bodies are allocating substantial resources and funding to bolster cyber capacity building. Developing nations are receiving vital support to forty their cyber defense capabilities, encompassing the ability to detect cyber threats, promptly report on cyber incidents and respond to attacks.

However, with the proliferation of projects and initiatives in this domain, coordination of cyber capacity building efforts has emerged as a challenge. The task of aligning strategies, priorities, and supported activities among donors, recipients and implementers in the realm of cyber capacity building has grown increasingly intricate. We'll try to discuss all these things today.

So our session aims to explore both the achievements and difficulties associated with coordination in this cyber policy area. Today we are privileged to be joined by distinguished panel, representing not only various actors from the Internet Governance Forum space, government representatives, civil society, technical community, but also actors from the cyber capacity‑building community that are defined in a slightly different way, because we have talked recipients, donors and implementors.

Our speakers are from different regions of the world. Together we'll address questions related to the complexity of cyber capacity‑building coordination. We will explore what are the repercussions of inadequate coordination in the field of cyber capacity‑building, and we will share the existing mechanisms designed to enhance coordination in this sphere. And then we'll identify what actions can donors, implementers and recipients take to improve the coordination of cyber capacity‑building efforts.

And, of course, most importantly, we hope that many of you in the room will have the opportunity to actively contribute to our discussion. And we hope you will share also your own experiences and recommendations for enhanced coordination mechanisms in this cyber policy area. We also would like to prepare at the end of this session a policy brief which will be shared with many stakeholders in this area, the global forum on cyber expertise, the German agency for international cooperation, other agencies, the European Commission, ongoing projects and initiatives.

So, without any further ado, we can start the conversation. I would like all panelists to introduce themselves when answering the first question. I will go in order of the table. So, let's start with Rita. Thank you for joining us. So, can you tell us why it is difficult to coordinate cyber capacity‑building projects from your perspective?

>> RITA MADUO BADUMELENG: Thank you so very much for the question. And it's really a pleasure to be in this forum today to share my views pertaining to capacity‑building projects. First of all, I'd like to introduce myself. My name is Rita Maduo Badumeleng, and I work for the Botswana National CSERT. I'm a CSERT respondent. And before I can jump into your ‑‑ the answer, I would also like to emphasize what really cyber capacity‑building encompasses.

Cyber capacity‑building, it actually encompasses all initiatives that actually drive towards the development of necessary skills, necessary capabilities as well as the infrastructure that will ultimately or effectively address any cybersecurity challenges. Now, to go back to your question, why is it difficult to coordinate cyber capacity‑building projects.

One pressing issue that ultimately affects both developing countries and as well as developed countries is actually the rapidly evolving cyber landscape and its complexity. We are living in an enormously, tremendously evolving technology era whereby we are seeing the emergence of new technologies.

And these technologies are taking advantage of by threat actors. So in such cases, we are seeing emergence of sophisticated threats, sophisticated vulnerabilities. Now, therefore, in this dynamic environment, it rather becomes a challenge in coordinating, especially in reference to, like, strategies and priorities. There are strategies and priorities that are implemented to address issues that come with ‑‑ that are actually for addressing cybersecurity issues.

But adapting these strategies and priorities or policies rather is a challenge because of the dynamic environment. And this however, especially for us developing countries, for example, Botswana, it's rather expensive in the sense that in order to, like, be agile or keep up to speed with addressing issues pertaining to these emerging threats, this sophisticated vulnerability, it requires a lot of funding.

It requires a lot of, like, training, cybersecurity experts, in order to try and keep up with this emerging challenges. And then in addition to that, there is a lack of capacity, especially in Africa. We lack capacity in the sense that we do not ‑‑ there is no tailored training that is actually intended for different aspects of cybersecurity.

So those are one of the pressing challenges. But as for emerging or this constant or the evolving threat landscape, we are seeing that it also impacts countries such as Estonia, which is highly known for its great, strong cybersecurity posture.

So, in essence, complexity and rapidly evolving landscape as well as resource constraints are a challenge, especially for developing countries such as ourselves, Botswana.

>> MODERATOR: Thank you very much, Rita. I think it's clear that there is a need of support. There's no doubt of that. And because of these complexities and evolving cyber threats. And some organizations are also trying to improve the complexity around the coordination of these efforts for supporting countries like Botswana.

So for instance, Tereza, one of the main goals of the GFCE is to support coordination. So what's your take on that difficulty and everything else?

>> TEREZA HOREJSOVA: Thank you, Enrico for some excellent points. Good to be here. My name is Tereza Horejsova from the GFCE, working mostly on our regional hubs and regional efforts. And building on what you said already, I will try to provide a little bit more ‑‑ maybe frank assessment why it is difficult.

Frankly speaking, this is the cyber capacity‑building effort, it's quite a tough and very competitive environment. That's why, you know, for all the actors involved, be it the donors, be it the implementers, or being the recipient countries, kind of the intuitive answer is that less sharing will mean more projects will mean maybe more control about what type of projects are delivered and so on.

And that's a problem. We will get into why it's a problem later, because when we are in a situation that there is not enough sharing, that also means that one project does not build on another project. We do not connect the dots as we should. So, that's why it is difficult to coordinate.

We also ‑‑ and you pointed to it a little bit, Rita. In many cases, it's very supply‑driven, the capacity‑building support that is being provided, rather than demand‑driven. So I still think there is a lot of room for maneuvering and listening to the recipients of cyber capacity‑building support on what their needs actually are, rather than presuming that we, you know, on the other side, know what their needs are.

>> CALANDRO ENRICO: Thank you very much, Tereza, for addressing the issue of the competitive environment. There is a lot of competition. And it's clear also working from an implementer point of view, because I've been working for a project delivering capacity‑building and it's clear to see that there is competition, because the funds, even if they are available from a number of sources, are also somehow limited, because these projects also require a substantial amount of funds to deliver on the promises.

That's also the reality. So, Claire, from your perspective as a government representative, what do you think about the complexities and challenges of cyber capacity‑building coordination?

>> CLAIRE STOFFELS: Thank you. Hello. My name is Claire Stoffels, Digital for Development Focal Point at Luxembourg, thank you for inviting me to participate in this panel, on this topic which I hope I can share some useful insights with you from a donor perspective.

From my experience, I can definitely say that cyber capacity‑building coordination is lacking amongst stakeholders that we face a lot of challenges when attempting to coordinate notably diverging objectives, approaches, duplication of actions. There are a number of positive efforts, however, that have been undertaken, which I will get to a little bit later.

But first of all, cyber capacity‑building coordination needs to be driven by several parties from within. It requires an inclusive demand‑driven and context‑specific approach by which ownership is fostered amongst stakeholders at both national and regional levels in order to create sustainable change.

This encapsulates a key challenge in cyber capacity‑building coordination efforts. So as I said, they require ‑‑ it requires a regional approach. Because it transcends so many communities of practice from technical incident responders to cyber crime police to civil society educators it's challenging to gather all relevant parties around the same table.

But beyond getting everybody to sit at the same table and to actually discuss, one needs to recognize that the success of cyber capacity‑building coordination processes is contingent upon operationalizing the consensus at international level and reflecting that in national policies and practices in a way that aligns with national and regional socioeconomic and security priorities.

Another essential component to cyber capacity‑building coordination is trust. So it sounds very basic, but trust is definitely a necessary component for practical cooperation between stakeholders. However, trust can be challenging to establish when working across so many different policy fields and institutions.

And trust can be built through transparency and accountability. And I think Luxembourg has been perceived as neutral and trustworthy. And this has had a positive effect on relationship‑building and developing different initiatives in cyberspace.

Finally, one of the biggest challenges that I've encountered in the past year has been the development also of scalable models to establish mechanisms to coordinate capacity‑building efforts. And this is basically ‑‑ it comes down to how a project can be developed sustainably in the future.

>> CALANDRO ENRICO: Thank you, thank you very much, Claire, for the requirement on an inclusive approach, success contingent, consensus at an international level that needs to be translated in policy, coordination of cyber capacity‑building projects, and trust is so important. Trust in cybersecurity is a recurring theme across so many issues and also on cyber capacity‑building. Thank you for that.

Anatolie, what's your take on the challenges on cyber capacity‑building coordination?

>> ANATOLIE GOLOVCO: Hello, I'll try to oversimplify things. Cybersecurity from my perspective, it's about good people who are protecting computers against bad people. So the main goal is to teach that good people to have the right value, the right ethics and to be able to have the right skill to do the engineering of the process.

So, the fundamental problem is to deal to people, it's difficult. It's hard to plan. It's not like building a construction or a road. You have to adapt to the speed of learning of the people that you have in charge to cybersecurity process.

So what happening very often, the donors have the timeline for the project and they can't adapt to the speed of learning, to the speed of the humankind. So they starting to buy tools. They buying more and more sophisticated cybersecurity tools. It's easier to manage the project in this way. But you miss the main purpose. So you miss the humankinds who are fighting against ‑‑ let's say the defects in the cyberspace, in the engineering of the cyberspace.

So paying more attention to the people in the process, it's the main thing that can help with this complex puzzle. Thank you.

>> CALANDRO ENRICO: Yeah. Thank you. Another key issue. So, this issue of the timing of the project. Sometimes you don't give enough time to a project to allow to reach in terms of improving skills, because the learning curve might be slower, but there are specific requirements, especially from a donor perspective, the recommendation of focusing on the people and how much they can learn would be a better way of approach the project rather than specific and strong deadlines.

Probably from a donor's perspective, unfortunately that doesn't always work. But we can try to discuss that a little bit more. Hiroto, from the donor, national development, what do you think about the challenges?

>> Thank you very much, I'm Hiroto Yamazaki, cybersecurity at Japan International Corporation Agency, JICA, an off‑shore development assistant agency under the ministry of foreign affairs. We have been involved in bilateral corporation related to cybersecurity and mainly in Asian region. Over the past five years, the technical corporation has been implemented in Indonesia, Cambodia, Philippines, Thailand, and so on.

I'd like to share our experience. I have three points on the difficulties on the coordination of cybersecurity capacity‑building. First, there are simply too many stakeholders to coordinate. Some of them may not be globally identified, which makes coordination difficult. So cybersecurity has many communities divided into several areas such as private versus government, technical and policy, and country or region.

So in some cases, discussions among development partners do not include the communities of specialized cybersecurity organizations such as first and so on. In addition, not all organizations participate every time. So even when a group of organizations coordinates something, there will always be the organizations that are not included. So making it impossible to fully coordinate.

So I have some examples. So, JICA attends the regional coordination meeting. So since 2009, Japan have established the framework of the cybersecurity policy meeting and working group. So this meeting is held four times a year. So at the meeting, a capacity‑building session is held to share what kind of capacity‑building each organization is implementing and to exchange our opinions.

So this works well. But generally, we cover the corporation for government agencies. So that does not include support from civil organizations, private companies, and the international organizations such as the First or AP except for the coordination center.

I have a lot of example, but time is almost up. So we are the bilateral cooperation agency. So our cooperation is based on the bilateral agreement between Japan and the recipient country. So even if we could coordinate something with other development partners or donors, we have to follow the country's approach, strategy, and their needs by respecting the country's ownership.

So times it makes it difficult to coordinate. Thank you very much.

>> CALANDRO ENRICO: Thanks a lot, Hiroto, for highlighting the number of stakeholders that a donor organization is supposed to coordinate. I think it's a very interesting mechanism, describing the regional coordination meeting, including all stakeholders is challenging. what's your take?

>> HUREL LOUISE MARIE: For those of you who don't know, my organization is a security and defense think tank based in London. We work in different regions. I worked in think tanks and focusing Latin American, Caribbean, so hopefully I'll be talking from that regional perspective, but maybe also talking a little bit more from a more scholarly, academic perspective.

As a person that has been in the position of being an implementer in many ways of different capacity‑building initiatives, thinking that implementation is not something that's only conducted by different governments, but all different stakeholders have a place of implementation when it comes to cyber capacity‑building initiatives.

What I have observed in the past couple of years is we use the term cyber capacity‑building, but we're talking about evolving mechanisms, MOUs that should be in place so governments can activate and build an agenda bi‑laterally. We're talking about multi‑donor funds that are being established. We're talking about coordination among civil society organizations that are working in conducting cyber capacity‑building.

And academia in the private sector and other colleagues at the international level also developing agendas. So I think I have three key points. What I have observed in terms of the context is that many donor country are in the second or third wave of developing programs for capacity‑building, so they are restructuring the way in which they are doing and establishing funds within the government.

So which departments you need to bring together. That's interesting. But while you see the GFC, the Global forum on Cyber Expertise has a portal where you map the capacity‑building initiatives that are publicly recognized, while we see lots of programs, coordination doesn't necessarily mean that's something that's there.

But the first point I would say is that I think there needs to be a better understanding of how coordination happens amongst countries that are willing to support. So from a supporter perspective, one big challenge of coordinating investments in a particular region. Some would be more interested in regions and some more than others.

When there's no coordination it's hard to see one country receiving from multiple other countries, so how do you make sure you're not overloading the recipient country because they have to coordinate amongst themselves also.

So duplication is something that we need to think about. The second point is domestic buy‑in. As a person that worked in Latin America for many years, political buy‑in is fundamental. If you don't have political visibility over these capacity‑building programs it's very hard to ensure sustainability of implementation.

You might have a civil society organization or think tank, as I used to work, trying to implement and bring visibility to cybersecurity capacity‑building but if the government doesn't see that as a priority it's hard to gain traction. That is a very real challenge to thinking about coordination and sustainability.

And the final point is I think we need to break down the term cyber capacity‑building a bit for us to have a better conversation, a more focused conversation. So maybe we might be challenged on the coordination element because we need to break that down. I would break it down into at least three different subcategories as a good academic that I am.

There's the traditional cyber capacity‑building, skills, longer‑term projects or short‑term projects that are looking at more whole of society approaches. A second element could be CCB for crisis response. For example, Costa Rica having to respond to a large‑scale incident. This is a very different context of thinking about capacity‑building and investment in a particular recovery scenario.

And the third one is capacity‑building for a conflict or post‑conflict recovery, which as we've been seeing like in Ukraine, it's a whole different landscape of investment and capacity‑building effort. We need to break down the discussion around capacity‑building into the context in which it is applied. It's very different when we're talking about peacetime and conflict or crises triggered by a particular incident.

Second, domestic buy‑in. We need to ensure political buy‑in. And third, coordination amongst countries that are willing to support given regional priorities. These are my three key points.

>> CALANDRO ENRICO: Thank you very much, Louise. Many interesting points. And also, adding granularity on the term of capacity‑building. All these efforts have got different goals. It's a good categorization between skills, response, and conflict or post‑conflict recovery.

Regine, based on your experience as a cyber diplomat, what do you think about the challenges on cyber capacity‑building coordination?

>> REGINE GRIENBERGER: Thank you, I'm Regine Grienberger, German cyber ambassador. I would subscribe to almost all the elements that have been mapped out here as part of the difficulties that we meet when coordinating cyber capacity‑building. And I would like to add four more.

So, the first one, from a donor's perspective, it's actually difficult to fund cyber capacity‑building projects. For us, in Germany, this is ‑‑ I mean is this the 18th IGF? So there is quite a lot of time that has passed that we meet the needs, but in the foreign office, it's still a new topic and it's for us a new experience to really go into the details of cyber capacity‑building.

But we realize that it is not only capacity‑building for the sake of increasing cybersecurity, but cyber capacity‑building is also a diplomatic tool to strengthen our partnerships, to strengthen the stability of cyberspace and also the security.

It's difficult to fund CCB projects because it needs political willingness, and this depends on the risk awareness. And many people in the decision‑making level of the foreign office, for example, are not as risk‑aware as people in the basis like Rita described.

The second reasons of course, budget restraints. And the third reason is that we have a very short‑term planning for one year only. And we have midterm needs and even long‑term strategies, as you described when you broke down what is actually capacity‑building. So our planning period is a little bit contradicting the recipient's horizon.

And then the last element that makes it difficult to fund is the expenses. Because this is not always within the definition of what is then development assistance in the definition of the OECD, we have to take it from other funds, other titles.

So, another element that I would like to add to the difficulties is we need to free human resources to do this. It's not about money only, it's also we need resources, experts. We have established an EU cybernet which should be a platform to find an expert and also to develop train the trainers programs.

But this has really come out of the experience that we don't have enough people to implement cyber capacity‑building measures.

So an element is transparency. It's what we need is a transparency and what we experienced is that for example when we invest in trust funds to fund cyber capacity‑building measures like with the World Bank, we are really missing that kind of transparency that we understand what happens with the money and what do the recipients do with it.

And the last element that I want to mention here is what we are also needing to really coordinate effectively is we have to know the needs of the recipients, which requires them expressing and admitting and expressing their needs and often it starts with a cybersecurity strategy they're dismissing that would give a structure to what are the needs in this particular place. Thank you.

>> CALANDRO ENRICO: Thank you. Thank you very much, Regine, for sharing from a donor's perspective the difficulties to fund cyber capacity‑building projects. I think you touch upon the political willingness from a donor's perspective and Louise, the political willingness from a recipient perspective. Sometimes there is a mismatch there.

And issues of transparency also very important, there is a need of understanding what's happening with the money. So probably having monitoring, evaluation, mechanisms while the project is implemented could help that.

And also very interesting point that let's not forget the cyber capacity‑building is a diplomatic tool to strengthen partnership and working on security issues with other countries.

So, then let's move on to trying now to understand what can be the consequences of this insufficient coordination in cyber capacity‑building. For instance, Rita, from your perspective, your organization, the recipient. So if coordination is actually insufficient, what are the repercussions for your own organization?

>> RITA MADUO BADUMELENG: Okay. Thank you, Enrico, for that question. As a member of the national CSERT. I have had first‑hand experience and exposure to the repercussions of insufficient coordination, coordinating cyber capacity‑building.

So, what we have identified or what we have come across is insufficient coordination ultimately leads to disjointed cybersecurity efforts that's leading to gaps and vulnerabilities in the country's overall cybersecurity posture, making it easier for cyber criminals and malicious actors to ultimately exploit such weaknesses within the cyber posture.

And then another consequence could be there could be insufficient resource allocation. For example, if different or multi‑stakeholders within a nation do not come together, coordinate towards cybersecurity capacity‑buildings, resources may be wasted or they could be duplicated efforts, or there could be misallocated areas with less priority. And this inefficiency could ultimately limit the overall effectiveness of cybersecurity programs.

And then with insufficient coordination, there's certainly limited information‑sharing, because effective cybersecurity entirely relies on timely and accurate information‑sharing between different entities, that is between different stakeholders such as government agencies, civil sectors, or private sectors, or even international partners.

So if there's insufficient coordination, this can hinder sharing of threat intelligence and then making it harder to detect and as well as respond to cyber incidents.

>> CALANDRO ENRICO: Thank you very much, Rita. Those are really worrisome points, because somehow it seems that lack of coordination could result in the deterioration of the posture, limited information‑sharing, increasing vulnerability, and the effect of cyber capacity‑building can be contrary to its final end goals.

Tereza, from your perspective, there are also some mechanisms at the GFC, like the clearinghouse and others. So, what are the repercussions of insufficient coordination between all these actors?

>> TEREZA HOREJSOVA: Thank you. In answer to this question, we will reconfirm what you have said. What are the consequences ‑‑ less impact than we could have, and definitely insufficient use of the limited resources, as several donors on this panel have already stressed. So, there is a lot of duplication going on. And if you are a recipient, you might have got into situations that the same or similar project was offered to you by various implementers, in some cases not knowing that this is been delivered, or donors trying to also support a project that might have been delivered in the given country.

Another point worth mentioning is that we are often overwhelming the recipients because if there is not sufficient coordination, imagine that for every single project an implementer would want to do a needs assessment for their particular project. And a needs assessment is so time‑consuming. And in this sense, it's very unfair to overwhelm already limited capacities, for instance in a given country.

So yes, it's a bit maybe utopian to expect that if a needs assessment is a deliverable in your project, that you would be sharing it with other implementers. I understand that this is probably not a typical situation, but I feel it is a topic that we really need to talk about. And do you want me to go to the mechanisms now or later?

Yes. Perfect. So, yes. Sorry, I will be talking a little bit about the GFC, because for those of you not familiar, we are kind of a platform for actors involved and interested in cyber capacity‑building. Over 200 members from all stakeholder groups. And the main idea, actually, is exactly providing a platform that hopefully naturally will lead to more exchanges, more networking, more conversations about cyber capacity‑building.

A few concrete mechanisms that we have experimented with, for instance, you've named it Enrico, the clearinghouse mechanism, which in practice means that let's say government would express a concrete demand or need that they have and we would try to kind of clear it through the richness of the network that we have at the GFC, connecting to the right implementers in an ideal case scenario, connecting to the right donors.

It's not straightforward for sure. The idea is probably good. The practice can be very complicated. But we feel this is an experiment that is worth playing with further.

We also try to organize various donor alignment meetings in various regions where we also try to provide space for donors to come together and talk and exchange notes. It's also delicate and tricky and it is unrealistic to expect that donors would come and share all their intentions and plans and strategies. But we feel that there is maybe some progress that is being done in this regard and the GFC can have a role in helping to facilitate the discussion. We would be very happy to continue doing that.

Another mechanism that we have available for the community is the civil portal, which is available free of charge at thecivilportal.org. And this is a space where we kind of try to provide mapping of what are the projects available for a specific topic in the field of cybersecurity, for a specific region of cybersecurity, for a specific country as well.

So it's possible to filter and to play around. The resource will be more valuable the more comprehensive it is, so I cannot say that we have 100% of projects everywhere covered. It also relies a little bit on the implementers and donors sharing with us this information so that we can feed it in the platform. And, of course, it relies on us and our agility to keep the portal as up to date as it can be.

So this can be kind of a basic resource to see let me see what projects in the field of cybersecurity skills have been implemented in Botswana by whom, what was the angle. civilportal.org. I have to stress our regional efforts. I talked about it a little bit, that we think there should be more of this demand‑driven capacity‑building. And then it's not something that should be happening from the headquarters somewhere, but being much closer to the situation on the ground is essential, which we are trying to tackle through our regional hubs.

And maybe to conclude, a general mechanism and also building on what others have said, Regine, you've been very frank in your response, is the kind of short‑term/long‑term planning. If we have project that is a quick fix on something but we don't have the sustainability outlook in a way, it's also not as impactful as it could be in the long term, which is the common goal. Sorry, I took more time.

>> CALANDRO ENRICO: Thank you, Tereza, for sharing. There are many mechanisms available from the global forum on cyber expertise, the clearinghouse mechanisms, the regional donors meeting, a portal which is a great resource, because all the information is publicly available. You have been collecting data and information for a number of years, so you've got an historical perspective.

And that's available for not only donors, but also for implementers, for recipients. It's a great way of increasing transparency for the broader global community dealing with cyber capacity‑building. So information is there. It is available. Sometimes it's a matter of making an effort. I believe there are still organizations and donors that do not know, unfortunately, these tools.

But I believe that those are also the foundations to try to improve these mechanisms globally. I invite everybody in this room, if you are involved in cyber capacity‑building, to have a look at these tools before embarking in your next project, because that could really help you improve the coordination efforts.

Claire ‑‑ so, from your perspective, what are the consequences of this insufficient coordination and if you would like to talk about the mechanisms to improve the coordination.

>> CLAIRE STOFFELS: Yes. I don't want to repeat anything that's been said already, the excellent points that were made. From a donor perspective, there's definitely a risk for duplication and lack of coherence because of the proliferation of actions in the cyber capacity‑building space.

So coordination is essential to increase situational awareness and allow us to learn of some of the needs identified in a country or that will be identified by the project have already been addressed by other projects. So that's why also platforms like the ones from the GFC are essential, especially for countries like Luxembourg where we don't have resources to identify what's being done by other stakeholders in the field.

So I want to address some mechanisms. So, I just said, as a small country with limited resources, Luxembourg has to foster multistakeholder approaches across sectors, not just in development cooperation. Within digital for development, cyber capacity‑building is one of our main intervention sectors and it's a key priority at national level and it's reflected in our policies, in our administrations and our private sector.

And it has trickled down into development cooperation. With our implementing agency, as well as other actors, we fostered a lot of partnerships to carry out CCB ‑‑ sorry, capacity‑building interventions. We've coordinated efforts with also our national cybersecurity agency in the framework of our projects, really because we try to identify which needs and gaps can be filled by different partners that we work with.

At European level, Luxembourg is a founding member state of the Digital for Development Hub. It's a global platform that was launched by the European Commission in 2021 which aims to foster digital cooperation amongst EU member states in partner countries. The Digital for Development Hub has different working groups dedicated to different thematics which aim at fostering discussions and initiatives, among which cybersecurity.

So Luxembourg shares the colead of this thee metic working group with France and the European Commission and the purpose is to provide a forum for information and best practices sharing and experience sharing between member states. And we try to involve as much as we can different external actors as well on a regular basis.

And it has been more or less successful. So successful in the sense that it has created an informal forum for technical levels to exchange and share practices. Less successful in the sense that most European member states still have limited resources dedicated towards digital development and, therefore, I don't think it has reached its full potential in terms of how much information, knowledge‑sharing and coordination capacity it could carry out.

Allow me to share an example of how the working group can work in practice. The European Commission is currently formulating a new project focusing on Sub‑Saharan Africa with one component on cybersecurity and one on governance. We're working with our implementing agency and the African Union Commission with complementary actions.

Our teams are in contact now, also with the African Union Commission to ensure the projects are complementary and make efficient use of resources, that we don't duplicate needs assessments, that we can base ourselves on one single needs assessment, that we ensure we have the same contact points within the African Union Commission, they feel that we are coordinated on our side and it's not going in every direction.

So we were able to share this information and our respective objectives through this thematic working group, which is quite a good example of how that can actually work in practice. And then Luxembourg has also joined other coordination platforms or practitioner groups such as the GFCE, the EU Cybernet, which is a great platform, and those have proven to be very beneficial for a country where we have limited resources dedicated to D4D and small administrations to carry out these initiatives.

>> CALANDRO ENRICO: Thank you very much, Claire, for highlighting some of additional efforts from the national and European perspective. Maybe not everybody is familiar with this Digital for development Hub, This European Union Mechanism Between Member States. But As Claire Said, They Can Share What are the priorities in terms of digital development and assistance to various countries.

Of course as you said, there's some challenges, but it just started in 2021. So it's significant to say there is an effort towards trying to improve coordination of these efforts. Thank you for providing concrete examples from that point of view. And, of course, also the issue of national coordination and the problem with lack of enough resources as Regine highlighted.

From your perspective, what are the consequences of this coordination and can you highlight some other mechanisms?

>> ANATOLIE GOLOVCO: I'd like to start with elaborating on what Tereza said about the competition of donors. What I've seen in the last years since I'm serving by Prime Minister is sometimes the beneficiaries are losing the point. They are losing the scope of the project. So we see the project, but we miss to remember why we started this project. Because, you know, when the scope of the project is just to buy some hardware or software, it's very clear.

You have a shopping list, you split the list between donors, buy it, put it in place and expect people to use it. It's more complicated when you have people involved. Sometimes you have a training program but you don't have enough brains to put that knowledge in. So you have a shortage of people to train.

I can give you an example why it's happening that sometime the people don't fit the project in cyber we have. We had a discussion with the European Commission on the topic of nationwide approach when we have to improve the cybersecurity in the regions, in the local authorities. And I discovered that the same problem is not just in Moldova, it is in Estonia because of this big decentralization of power.

You have local authorities with big autonomy. At the same time, they have to serve themself. And what we discovered, the cyber or IT in general in the regions is handled by private companies. So the Commission said we can't invite nonpublic servant and trainings for cyber. And we had now to find the mechanism to fit that employees of private companies who serve the infrastructure of the state in the regions and it's not easy because you have to find the legal mechanism and to rebound the project scopes.

So as I just told in my previous block to work with people is hard. And when you have technical people, it's more hard because they are special. The solution to that is obvious. You need better planning. But it's not the planning that the donors have to do, it's the planning that the state actors have to do in terms of making this wish list to the donors.

And that's a solution. Regarding the mechanism, we developed in the last ‑‑ let's say half year or maybe eight months ‑‑ we developed the following mechanisms. Since 2015, we have the discussion that the Prime Minister needed one single point of contact person in his office to be the window to the state.

So they found the person, it's myself. And I organize the council of cybersecurity in the Prime Minister office. And the vision of the Prime Minister who are spreading across the institutions, we are spreading it to give the understanding what we wish to achieve and to give this clarity that sometime is missing in all cybersecurity projects.

Another mechanism that we have, it's small groups, because this council, usually it's between 30‑50 people and when you have in the same room 50 people all together talking it's not efficient at all. So that's why we have ‑‑ the council usually is meeting every month. We have every two month meetings with a shift from different donors. Usually it's happening in small groups. It's around 5‑7 people.

And these small groups are delivering the peer review between projects and between activities of the donors and it's very efficient because they can adjust their steps in delivering the project. So, after having all this coordination and identifying what has to be done, it's already our ministry of economic and digital development and digitalization. So this ministry is putting all that in the policy and it became a law or a government decision to have it on paper, let's say.

So, this three‑layer mechanism is very efficient for now. We'll see how we'll move with the critical infrastructure, because critical infrastructure is beyond cybersecurity and we'll need extra coordination, because it's a different profile when you have to take care about cables and other physical stuff. But, yes. Thank you.

>> CALANDRO ENRICO: Thank you. Thank you very much, Anatolie for highlighting some very important issues. So, I like the point on the need for better planning, not only from the donor's perspective but also from a state actor's perspective, because sometimes, as we have highlighted, there might be some lack of transparency on that level.

And I think some of the mechanisms that you have identified at a national level are really great. They probably could be replicated in other contexts. I like the small working groups. We have all been part of several working groups. Probably working with less people might be easier and more efficient. And probably in your role, trying to coordinate these smaller groups is something very concrete that other countries or mechanisms could try to replicate.

Thank you very much for that. And the importance of another point of the recipients that are not only or always government offices, maybe also private sector representatives and that might create a problem of formality from the European Commission perspective because they cannot directly support them. The difficulty is from a recipient perspective of trying to find legal ways to understand those are acting as public sector employees because those are the people dealing with cyber capacity issues. So thank you for that.

Hiroto, once again from JICA perspective in terms of consequences of insufficient coordination, from your experience, and what mechanisms did JICA put in place to improve that?

>> HIROTO: From the development agency's perspective, in coordination in cyber capacity‑building, will leave negative effects such as reducing efficiency and not maximizing development impact and lack of sustainability.

So looking at the negative effects in more detail, we can see previous speakers already mentioned the duplication of assistance and lack of resources or too much resources and siloed approaches to assistance and so on. And I skipped some others, but conversely, by promoting coordination and cooperation, it is possible to eliminate these negative effects.

So I have two examples. One is the bilateral effort. The other is more market and stakeholders effort. So, regarding the duplication of assistance, so I have example from Cambodia. So our project started in May this year. And this project included assessment activities for the national CSERT, but it was discovered that the cyber development had conducted already it a few years ago.

So in this case, since the project had not yet started, we had a chance to talk with our Cambodian partner and Cyber for Development. So then we could ‑‑ we decide to use the results of the Cyber for Development instead of conducting the same assessment so that we could reduce the duplication of the assistance.

The other example is more about market stakeholders. So, JICA is conducting the cooperation project in Thailand. So there is a training center in Thailand that is called Cybersecurity Capacity‑Building Center, AJCCB, established in 2008 or something. In this training center, we are coordinating with Asian member state countries and Asian secretariat so that we conduct training at least six times a year and also CPF contest to meet their needs.

So in in addition to providing training, providing Japanese training company or training institute, we also discussed with other donors or partners. So this CCB framework provided more training with the CSA of the United States. So they provided open source training ‑‑ cybersecurity evaluation framework. And also we have ‑‑ now we are planning to provide more training in coordination with the United Kingdom and other organizations.

So through this program, this is kind of a training center for Asian region, but also this AJCCB has the coordination function to meet the needs of Asia and to reduce the duplication or something like that. Thank you very much.

>> CALANDRO ENRICO: Thank you. Thank you very much for sharing one concrete example of two projects collaborating in order to avoid duplication, and also for sharing the existence of this center, which I believe probably also other donors that you have mentioned could collaborate in order to improve coordination within the Asian region. So I would invite everybody who's working in that region to get in touch with you and try to understand better how to work together through that center, because it's not only a physical center, but it's actually a coordination mechanism.

Yeah, Louise. Same question for you. Insufficient coordination, consequences, and some of the mechanisms that you might have identified to improve coordination.

>> HUREL LOUISE MARIE: Absolutely. And we're right at the last mile right now of the panel. (Laughing) Yes. I also don't want to say the same. I think we're biased. We understand very nicely the landscape and the challenges. But in terms of fragmentation of efforts, one of the consequences is leading to poor sustainability measurement and that goes from an individual donor or recipient country, but also from different donor countries trying to assess the landscape.

I think we don't have necessarily good measurements for longer‑term sustainability efforts. We're very good in measuring KPIs for an immediate project that you're implementing, but once you've implemented the project that longer‑term element, because of so many other layers, Regine alluded to the bureaucracy of government and how sometimes it's very hard to keep track of things beyond the financial year.

So we need to be very realistic of how we then build effective measurements in terms of sustainability over a longer period of time. Is that something that should be discussed in other fora, internationally. Is that something that we should talk more about, be it at the UN, of making those two communities work, the CCB and the development community.

That also leads to a higher propensity of one‑off efforts or effects, so you only measure impact ‑‑ I implemented a project, you measure impact based on that project so you don't have a holistic view. I don't think that's something that's just applicable to donor countries or implement ‑‑ or recipient countries, I think implementers as well, organizations, civil society organizations, think tanks that are working on this.

It's having a bigger measurement of how do we see this as more than a one‑off. Is there something on the recommendations for you as an organization, and from a think tank perspective, having conducted CCB in different countries and helped in implementation, how do you provide recommendations that are sustainable. Is it about developing a longer‑term capacity‑building program in a region.

So I think we need to think more about that. In terms of other consequences from the donor side, domestically, there are multiple departments dealing with different types of capacity‑building efforts within different governments. One example, it's not to put the U.S. on the spotlight, but with Costa Rica and the ransomware incident, you had USAID providing some support and you had the foreign military fund providing other types of support to Costa Rica, which shows that there are different parts of government that are doing different types of CCB.

Whether they're coordinating and I have no insight into the particularities, but from a person that has been observing from the outside and the public information we see, this is something to consider in terms of the consequences of insufficient coordination from a donor perspective internally.

And then domestically from the recipient side, this can lead to really overwhelming effect when recipient countries have lots of offers. That is assuming a very good scenario where you have a country receiving. From a crisis response perspective, going back to what I said previously, when you look at countries such as Montenegro, we hosted a discussion over at the open‑ended working group on thinking about ransomware and requests for assistance.

And we discussed with the colleague from Montenegro said it was hard to designate one POC to respond to the multiple countries trying to support. That is a good scenario where you have lots of countries wanting to support, but then you need to be realistic internally of whether you have a POC. Do you have a national cybersecurity agency that has the authority to do that.

There are lots of different nuances to thinking about coordination domestically from the recipient side, from the donor side, and from organizations that are trying to measure sustainability more broadly.

Very shortly on mechanisms ‑‑ so, still sticking to my breaking down the discussion and the language around CCB, more broadly as they discuss the mechanisms we have for broader CCB, there are MO us. Australia has done interesting work of tying the declaration, looking at the Pacific Island countries, tying particular pots of funds to do training on certs within the region.

So there's a sequencing of actions and MOUs that come before that. These are things that have been working quite well in different regions. There are different experiences. When it comes to crisis response mechanisms, I think there's still a lot of experimentation on how government seeks to institutionalize this.

From Costa Rica and others, from a research perspective we've observed that all of them have been proceeded by MOUs. Countries that provided assistance in the context of a crisis already had a previous relationship. So we go back to the point on trust and how you have to build that trust before you conduct any kind of assistance.

But there are other evolving mechanisms such as in the EU the PESCO framework and the Cyber Rapid Response teams, which is a way of getting particular types of countries within the EU to respond to a particular crisis like cyber crises. So that's still in the experimental stage, even though the PESCO framework has been there for a couple of years. This is one way of thinking about how mechanisms can be explored within a group of countries.

When we're talking about crises, CCB, we see some mechanisms that go back to the broader lense of CCB. One other example we've identified is Slovenia, France, Montenegro, set up a center for monitoring in 2022 and that is an example of Montenegro got ransomware and got assistance and now they're looking at building a sustainable impact and how different countries can come together to institutionalize that.

We need to see those different types of CCB as complementing each other depending on the context. That last example just shows that you can go from crisis response back to a broader CCB lense and use the crisis response as an opportunity for that political visibility to set up new mechanisms. Hopefully that provides a bit of the landscape based on this typology.

>> CALANDRO ENRICO: Absolutely. You touched on so many important points, the issue of sustainability, trying to find long‑term sustainability mechanisms. From our perspective, to have a broader understanding of the impact beyond the single project. That would be great. I don't think it exists, unfortunately. I'm sure that all European‑funded projects, to demonstrate the impact, but that happens at the project level, not what about globally, observing the impact of all these projects, what will be the result.

So thanks a lot for that. And also some of the mechanisms and how from cyber crisis we can then identify other more long‑term mechanisms on coordination. Those are great examples that you highlighted. Regine, you are the last one in our table. Is there anything else that you would like to add on insufficient coordination and some of the mechanisms that may be put in place to improve coordination in cyber capacity‑building?

>> REGINE GRIENBERGER: I would like to throw some ideas around and see if we can follow up in discussion. The first one is that I would like to flag that there is often a misunderstanding of what coordination actually is, and I have to explain in my own system that coordination does not mean telling other people what they should do.

For example, we have a situation that is perhaps familiar also for other members of government here. Ministers struggling, want some deliverables, so come up with a project. So this is a way of establishing a cyber capacity‑building project that is ‑‑ that cannot be coordinated in the same way that something, when you start with a white sheet of paper and map it out according to the needs of the recipient.

So this coordination with this kind of project means that I just go to the coordination meeting and tell them that's what I'm going to do because there is no leeway on my side to do something different or to choose a different recipient.

A second element, of course like in all development cooperation, there are darling recipients and others. And we are aware of that. But a coordination mechanism should also help us to overcome this bias that we always lean towards certain recipients who are well‑prepared to receive our assistance.

Then you mentioned the Montenegro Center. What I was very ‑‑ not surprised, but what became very visible in for example the Albania case when the ransomware attack hit them was that they turned towards help, emergency support, far, far away from the U.S., from France, and others. They didn't ask their neighbors. Although there might be some familiarity with the structures, you know, arguments to ask the neighbors.

So I would say a mechanism or mechanisms should also look for, you know, regional cooperation, not only global cooperation. In cyberspace there are no borders. So neighborhood doesn't mean the same thing as in the analog world. But nevertheless, national cyberspace there are reasons to ask your neighbors for help.

Mechanisms ‑‑ I mean, what is really necessary, Claire mentioned the D for D hubs, but I also find very promising the regional tables that the European External Action Service is setting up with regard, from Moldova, to integrate foreign policy and security policy considerations and development or assistance considerations.

So to bring these two aspects or two perspectives together, because it is often ‑‑ development cooperation seeks to be not so political, more technical. But, of course, there are many reasons to integrate these technical perspectives with a more foreign policy perspective.

And then something I would also like to add is I think there is a good case for ‑‑ on the donor side ‑‑ to have also a top‑down approach with regard to coordination. So starting with the language and with the paragraphs that we have in the OEWG report from 2021, there is a good outline of what cyber capacity‑building is like. There is this very good idea and notion of a two‑way street.

And we haven't talked about this yet, but I think cyber capacity‑building should in principle be a two‑way street so that there is also north‑south, south‑south, north‑north cooperation included and not only a donor/recipient relationship as in development cooperation. So there are reports on the cyber norms have provide us with a good concept. And what we have now in the discussion, the program of action will even ‑‑ will give us more opportunities to also have it in a sustainable way.

So not reopen the case every five years and renegotiate the same document, but have a more long‑term perspective of where we would like to arrive one day.

>> CALANDRO ENRICO: Thank you very much, Regine, for highlighting some of the ‑‑ how regional cooperation could actually improve this coordination mechanism, and the fact that not always that is actually the preferred way to ask for support. Thank you for highlighting the example of Albania having the Montenegro Center next to them.

And also, it's very interesting on how these new discussions on linking policy consideration and development considerations are not growing, the political aspects and technical ones are trying also to find a way to have a better dialogue. And then of course for those that are not familiar, we would invite you to read the working group final report on responsible state behavior in cyberspace, which highlight some of the principles of cyber capacity‑building.

And one of those is these two‑way streets and the fact that the relationship needs to be revised and understand that they're on an equal base in some cyber capacity‑building. I would like to open up now the floor to some questions or additional comments before we wrap up and conclude. Okay. There is somebody. Yeah. You can start. Thank you.

>> AUDIENCE: Hi. I'm an attorney. I'm a lawyer. So I like to consider legal basis as being a sustainable way going forward. And there are different things we talked about, OEWD, the Budapest convention provides a legal bases. I was thinking about the work I've done with them. They have sustainability because of the legal basis.

I'll mention three things. First is the legal basis. The second, their capacity‑building programs make sure they don't do drive‑by trainings. If they're training judges, they'll make sure the training is done, it is localized, and then after that those trainers are going to train others and not only that, but the point you made about south‑south cooperation, an African judge in Ghana ‑‑ I was part of this just a few week ago ‑‑ trained judges in Kenya, as an example.

That's helpful. Someone from Philippines is training someone in Morocco. And the Committee for the Council of Europe allows a measurable mechanism which is global for all countries to check what you're doing when it comes to capacity‑building, they do these.

And they do regional cooperation constantly for Albania, Montenegro, I've been part of exercises where these countries get together. The most important one is the point of contact, the 24/7 network which allows you to have a stable, legally international law compliant, domestic law compliant sustainable point of contact, everybody can talk to each other. You're not saying which country does what. Every country has one point of contact. If there's a problem, they know who to contact.

This might be one alternative. Thank you.

>> CALANDRO ENRICO: Thank you very much for your comments, for adding some other mechanisms for coordination. That was great. I'm wondering if somebody would like to address the question on the legal basis for cyber capacity‑building, because that's something we didn't touch upon for sustainability and better coordination. Is there anybody who would like to . . .? Hmm.

I think it's an interesting question, because there aren't and probably that could be also a way of creating more clarity and somehow to address some of these issues.

>> AUDIENCE: At the risk of repeating, it wasn't a question for the panel. I'm not expecting we should have legal basis at all. I'm saying there are legal basis in treaties which have capacity‑building programs that bring sustainability and maybe using them more is something to think about. Donors should say that's stable, that provides structure. It's legally sustainable international and domestically.

>> Understanding it as a tasking for both sides, both donors and recipients, or partners in crime.

>> CALANDRO ENRICO: Thank you very much for that. There was another question.

>> AUDIENCE: Thank you so much again to the panelists and this very comprehensive points of view from different regions and different expertises. Thank you for that. My question/comment ‑‑ first of all, I'm Jasmine, I work in the cyber capacity‑building implementation. Many of the things mentioned resonated. My question is related to the challenge of demand‑driven capacity‑building because donors have different political priorities, different budgets and everything that was mentioned.

But we need to remember that this is not only a cybersecurity issue. There are a lot of lessons learned that can be learned from the development world. There's decades of development work being done. There are mechanisms in place like donor pledging conferences, coordination conferences. So something that on the donor side that can be done is at national level to look into what is being done in other government agencies and other divisions to see if there's any lessons learned there.

And, of course, at national level this can be looked into so it's improved at the international level. My question, how can donor countries look into ‑‑ inside in their national lessons learned when it comes to development so that we can improve on demand‑driven cyber capacity‑building? Thank you.

>> CALANDRO ENRICO: Thank you very much. One of our donor countries would like to answer the question? Thank you.

>> CLAIRE STOFFELS: Thank you for your question. I think the D for D hub that I mentioned earlier gives a very good platform to do that. And what we aim to do within the working group is to do exactly that, to have the technical‑level people to share what good practice is, lessons learned, what went wrong and how to do it better to provide an informal platform to exchange on that basis.

Sometimes it's a bit difficult to gather that information that you mentioned. And that is the important elements that we need in the inception and formulation of a project. So I think the D for D hub provides a good stage for that, but.

>> TEREZA HOREJSOVA: Is it on now? Thank you, Jasmine, for your question. It's an important point of connecting, learning from the development community, but also connecting the development community with the cyber community, which is also something of interest for the GFC and we are organizing a conference on global cyber capacity‑building in Ghana at the end of November. And this is exactly one of the objectives, to bring these communities together a little bit more for more efficiency in the future.

>> CALANDRO ENRICO: Thank you, Tereza. Regine.

>> REGINE GRIENBERGER: I would like to add one aspect. That is that it is also true in the other way around. If you do digital development cooperation, so development cooperation for digital transformation, or for digital transmission of public administration, you should include the cyber capacity‑building part because it doesn't make sense to, kind of, help an administration transition to a digital system without including enhancing their skills, their capabilities, also the hardware and software part that is necessary for good cybersecurity.

So, I would say it's also the other way around.

>> CALANDRO ENRICO: Thank you. Probably there is an online question.

>> Yes. First off, a response to Claire's early intervention, regarding support, that was support for that intervention. Then the question is can we see capacity‑building as end to end across the whole community, rather than just technology, and what do we use thinking of capacity‑building as building community awareness, legislation framework, government policies, etc.?

>> CALANDRO ENRICO: Is there anybody who would like to answer to that? Trying to see beyond the technical issues, but rather on building awareness, legal basis, and so on and so forth.

>> HUREL LOUISE MARIE: Thank you for the question. Maybe I'm biased. (Laughing) Because I feel that we probably bursted that bubble a lot. And I think a huge part of that, I take my hat off for the GFC which tries to provide that platform. There are working groups of instant response and cyber diplomacy and norms and those communities and the coffee break meetup. It's about the small efforts in the sense of mixing those communities and having the space to do that.

From my perspective, the CCB discussion across communities is gradually at the international level through these mechanisms progressed. But when you look domestically, depending on the country, the culture, on where in the development spectrum they're in, it's still very challenging. I remember working in my previous job in a think tank based in Brazil, sometimes speaking to different departments across the government or people that were working more in CCB for certs, it's a very different kind of community.

So there's also this effort of us, at least from civil society organizations or think tanks to try to do that as much as possible when we're planning and designing a particular project. That's part of how do we design that engagement with those communities as much as possible in our own stakeholder group.

>> CALANDRO ENRICO: Thank you very much, Louise, for that. We only have four minutes left, so very quickly before we conclude I would like to invite the panelists to provide the true takeaways or recommendations to improve cyber capacity‑building coordination. Brief, sorry.

>> RITA MADUO BADUMELENG: Okay. Sorry. So, effective cyber capacity‑building actually requires multifaceted approach and a commitment from donors, from implementers as well as recipients. So drivers and coordinators of such efforts should be intentional about onboarding new strategic members such that the voices of all parties are diversified and initiatives do not remain stale due to having the same players at the table at all times.

By working together and following these actions we can enhance cybersecurity resilience and capabilities. Thank you.

>> CALANDRO ENRICO: Thank you.

>> TEREZA HOREJSOVA: So, let's consider this openness that we want to build to the extent possible as a win‑win‑win situation. And without wanting to sound pathetic, let's try to talk more and exchange more. Thank you.

>> CLAIRE STOFFELS: Thank you. I have one major point. I really believe that it's donors' and implementers' role to promote and carry out awareness‑raising measures, enhance communication and facilitate cooperation amongst actors and bring relevant parties together and facilitate knowledge and information‑sharing as much as possible. I think ‑‑ yeah.

>> ANATOLIE GOLOVCO: I believe my main point is we need a people‑centric approach in all the cybersecurity. So we need to reduce the complexity of tools to protect and to rethink from scratch the entire cybersecurity architecture of states. So, having a good strategy is what we need and probably we need to put more effort into strategy and the existing ecosystem instead of putting layers of cybersecurity on top of badly designed things.

>> HIROTO: Thank you very much. So, through this discussion, of course the coordination is very important with the multistakeholder or the bilateral to reduce the duplication or to maximize the development impact. But also we must think about the sustainability from the coordination perspective. So, we should not ‑‑ of course we can reduce some duplication but we should not provide one training or one meeting or something like that.

That's not a good way. We should create something like a sustainable outcomes or sustainable output so that we can coordinate in real time with the stakeholders, but also I think through that kind of a sustainable outcome such as the guidelines or the training materials or train the trainer and so on. And also we can refer to such sustainable outcomes or output so we can delay the coordination, not the real time. Maybe we leave the country but one donor will join the country.

That donor can see our outcome. We don't need to talk, but we can coordinate later, after we leave.

>> CALANDRO ENRICO: Thank you very much. Louise.

>> HUREL LOUISE MARIE: Three key points. First, both from think tanks, implementers and others, and also recipients, include recipients in the design phase. We can do that. That is a very practical element that we can do, be it providing a bigger inception phase for projects where we actually get to engage with stakeholders. From an implementer's perspective, that is great.

From a donor perspective, it's about thinking what you need to embed that while ‑‑ to embed that in the timeline. Second, my point since the start, we need to break down the typology. We need to design a typology to thinking about CCB that accounts for the different contexts as we see the landscape evolving in terms of agencies, stakeholders, and crises, up to conflict and post‑conflict situations.

On the south‑south point, you know, there's a next step for developing countries to also kind of, you know, empower their development agencies or to also kind of bring more of the cyber into the development agencies. Sometimes it's a different part of the government that's doing that, but there is a remodeling thing. There's an element of bringing cyber into that.

These are my three key points.

>> CALANDRO ENRICO: Thank you very much. And Regine.

>> REGINE GRIENBERGER: I think I have nothing to add.

>> CALANDRO ENRICO: It was a lot. No problem at all. So, thank you very much for all our panelists for sharing your experience and insight and, of course, for our participants. We conclude our session. Thanks a lot. But the conversation doesn't end here. Thank you all.