At the end of October I was attending the annual meeting of Internet Governance Forum 2013. As you may know, it is the biggest forum worldwide discussing Internet issues (over 100 countries and 1500 participants this year). The IGF embodies “multi-stakeholderism” which serves to bring people together from various stakeholder groups as equals in discussions on public policy issues relating to the Internet. While there is no negotiated outcome, the IGF informs and inspires those with policy-making power in both the public and private sectors.
The overall theme of IGF2013 was “Building Bridges – Enhancing Multi-stakeholder Cooperation for Growth and Sustainable Development”. Today infrastructures which we in the World Bank believe lie at the core of the sustainable economic development (e.g. Government, Finance, Energy, Telecom, Transport, etc.) are becoming more and more often the target of internal and external cyber-attacks. Thus subject of Cyber security – within the broader Interne governance context - becomes increasingly important and has remained among the core topics of IGF this year.
The World Bank delivers support to developing countries in this important area, as so do other multilateral and international organizations as well as bilateral donors (e.g., Rep. of Korea). However, it is not always clear what the mandates of those different actors are, what they are focusing on, whether and how they coordinate their efforts in cyber security area.
In this context, the World Bank, together with the Inter-American Development Bank and Rep. of Korea, organized a workshop at the IGF to discuss the roles of different actors in supporting development efforts in the area of cyber security and look for the way(s) to work together on a topic where collaboration is the key.
Many good questions were raised, e.g. do international organizations indeed cooperate on the ground while assisting developing countries? To which extent it is possible to achieve the complementarity (avoid duplication) of donors in practice? Is it realistic to distinguish the roles and (or) divide the areas? Then it was the turn of the countries to tell about their experience in working with us. (Transcript of the workshop, video)
Of course, not all of the answers were found, but this was not the goal either. Much more important was the fact that this topic was raised and we all were able to get together. Prior to the Workshop, we were working on the joint background paper reflecting our thoughts regarding potential complementarities among our organizations in different cyber security areas. Country participants contributed with their case studies to the overall discussion guiding us on their needed and development priorities.
We concluded the workshop with the following ideas and common views (Workshop report):
- A trusted, secure and resilient digital environment is essential for innovation and growth. Cyber resilience is a critical economic issue for countries and companies. As increasing areas of our economies and daily lives become dependent on and transformed by digital connectivity;
- The recently adopted UN-wide framework on enhanced coordination on cyber security and cybercrime is a welcome initiative to ensure that there is a practical framework for better coordination among multilateral organizations in their provision of assistance to Member States;
- So far there has been no systematic approach in place for cooperation among different donors. Nonetheless, case-by-case cooperation is taking place.
- It may be beneficial to establish a community of practice in the area of the Cyber security engaging practitioners working with developing countries;
- Complementarities among different multilateral organizations may need to be explored more substantially in order to increase the effectiveness of development efforts;
- Multilateral financial institutions while financing the Internet infrastructure in developing countries must take the utmost account of mitigating the “cyber” risks;
- Protection of critical infrastructure, capacity building as well as well development of CERT infrastructure seems to be a major concern among the developing countries;
- Developing countries shared the opinion that Cyber issues are not the same across developed and developing worlds; despite the fact that core pillars and principles for cyber security are common.
What’s next? The next is to build on this momentum. As for today it is absolutely obvious that we need to share our practices on greater scale and look for partnerships in each initiative/project/etc. It would be good meet up again next year and see if we were able to make a step towards this objective.
Written in conjunction with:
Dr. Antonio Garcia Zaballos, Lead Specialist on telecommunications in the Competitiveness and Innovation Division of the Inter-American Development Bank and associated professor of applied finance to Telecommunications at the Instituto de Empresa Business School
Ievgeniia Viatchaninova, Consultant, TWICT, Public Diplomacy Program Graduate 2013, Syracuse University and Fulbright Foreign Student Fellow 2011-2013.