The 2019 GFCE Annual Meeting (#GFCEAM2019) was held on 8-10 October at the African Union commission’s headquarters in Addis Ababa. Six months on, this post is a look back on what it was like to be there, the meeting’s significance and what it led to.
A quick recap of GFCE Annual Meetings
For those new to the Global Forum on Cyber Expertise, it is an international forum where any country or organisation interested in international cyber security capacity building can come to share knowledge, coordinate their projects and find new partners and support. As I write, it has 104 member and partner countries, companies and international organisations.
The GFCE’s origins lie in the Global Conferences on Cyberspace, which began in 2011. In 2015, this series of international policy discussions spun off the Global Forum on Cyber Expertise to focus on capacity building. Every year since, the GFCE has held its Annual Meeting in a different city.
Impressions of the GFCE Annual Meeting 2019
My perspective on the 2019 Annual Meeting will be a little different to others, because I was part of the GFCE secretariat team organising it. As an organiser, you miss a lot of the conversations that happen in the margins. Those are so important that some people go to international conferences just to do business in the corridors and never step foot inside a single session in the programme.
Nonetheless, as an organiser you get to speak to a lot of people about what they are hearing. One of the main topics of conversation I picked up on was just how productive people felt it was to be meeting at the Africa Union.
Being at the AU and having so many African delegations present – 35 in total – gave the conference a sense of purpose and a feeling that we were discussing capacity building with the right people: those who were working with projects on the ground and who wanted to take home ideas they could implement.
The African Union venue itself was an impressive modern conference facility that combined the grandeur of the UN without its fussiness. Taking selfies was positively encouraged!
Structure of the conference
For those not there, I think it’s worth briefly summarising the programme.
Day one was filled with workshops organised by volunteers from the GFCE’s working groups and task forces. For example, one workshop brought together people who had drafted national cyber security strategies to present to delegates who were drafting them at the moment and those interested in the process. At the end of the workshop representatives from five countries, most of whom had previously no involvement with the GFCE, expressed interest in finding partners who could help them with the strategy setting process.
Day two was the plenary day, with speeches, roundtable discussions of the GFCE’s future direction and a choice of half hour presentations from members on their initiatives or research.
Day three was for working group and task force meetings. These groups are the place where members come together to agree and implement work plans that move forward or improve international cyber capacity building.
The first GFCE Annual Meeting in Africa
This Annual Meeting had several firsts for the GFCE. Arguably the most of important of which was that it was the first one to deliberately reach out to, and invite, all the countries in a continent.
The seed for this was planted at the 2018 Annual Meeting in Singapore. At a session on projects in Africa, the room looked at a map of projects in the region. They discussed how they were concentrated in a few countries and how a large portion of the continent had experienced no direct projects at all.
Several people suggested that instead of talking about this in Singapore, we should instead be talking about it in, and with, Africa. Some excellent principals underlie this: try to talk with countries, not about them; and try not to ask country representatives to come to you, when you could go to them.
After the 2018 meeting in Singapore, the Africa Union Commission offered to host the GFCE in 2019. Several donors then stepped forward to sponsor the travel of delegations from every African country, should they choose to accept the invitation.
The feedback from African delegates was very positive and several are now in the process of becoming GFCE members.
The first GFCE Annual Meeting with a day of workshops
Another first for a GFCE Annual Meeting was that we devoted a day to community-organised workshops. This was highlight of the conference for many people.
The workshops ensured the conference served a practical purpose. They also kick started practical, action-orientated conversations among the delegates for the rest of the conference.
The first GFCE Annual Meeting with a clearing house session
The 2019 Annual Meeting was the first to have a clearing house meeting. This was focused on Sierra Leone and attended by Minister Swaray, Minister of Information and Communication.
At Minister Swaray’s request, the GFCE had earlier held several months of conference calls and email discussions with everyone running cyber capacity building projects in Sierra Leone. These were to understand all the projects in Sierra Leone and, also, who might be able to contribute more to meet the countries requirements in the next phase of its capacity building.
By the time of the Annual Meeting, this clearing house effort had already resulted in at least one new project – national cyber risk assessment support from the UK Home Office – and moves towards new collaborations.
At the Annual Meeting itself, Minister Swaray held a meeting with 17 partners who were already working with Sierra Leone or were interested in doing so. He set out the countries’ priorities and the attendees discussed how they could each respond.
The test of whether that clearing house process worked is whether it led to anything afterwards. I’m pleased to say it has. At the US’s suggestion, Sierra Leone has joined STOP.THINK.CONNECT and is using its public awareness campaign materials. The Council of Europe and EU are providing further advice on cybercrime legislation. I believe other concrete offers of support are in the pipeline, either as a result of or informed by that meeting.
When Minister Swaray returned to Freetown he briefed the Cabinet on the meeting, as an example of how international partner coordination can work.
The first GFCE Annual Meeting with an online knowledge portal
The final first of the Annual Meeting was that it launched a new online portal for sharing information on international cyber security capacity building projects, tools, publications and events: www.CybilPortal.org.
The Portal has a full-time manager and an international oversight committee.
Having written before about the GFCE effort to map all cyber capacity building projects, I’m pleased to say that the Cybil Portal has now uploaded all the projects in the GFCE database: over 570 now. It is adding new features and improving every month.
What next for the GFCE and Africa?
The bottom line is that the GFCE’s first Annual Meeting in Africa was a real success. What we need to do now is help convert promising conversations into concrete capacity building collaboration, coordination and activity. That will be a task for the working groups, with support from the GFCE secretariat.
We also need to maintain the momentum of the GFCE process in Africa. There was a lot of interest in holding annual regional GFCE meetings on the continent. The question now is when and where? The front runner idea is to choose a conference that already brings together many on the continent and hold a GFCE meeting in the margins. SMART Africa came up several times as an option.
What do you think?