Session 2-8 Transcript
(OEWG 2021-25)

This is an unofficial transcript

Ambassador Gafoor  

Good afternoon distinguished delegates. The eighth meeting of the second substantive session of the Open-ended Working Group on security of and in the use of ICT, established pursuant to General Assembly resolution 75/240 of 31st December 2020, is now called to order. This afternoon I’d like to continue with the consideration of agenda item five sub item on capacity building. I’d now like to suspend the meeting so that we can start our work in informal mode and I will open the floor for speakers under this agenda item of capacity building. The formal meeting is now suspended and we will continue our work in informal mode to hear statements on the issue of capacity building. I have a list of speakers so we will go through them in order. I give the floor to the delegation of Kenya. You have the floor, please.


Thank you Chair. Kenya places great importance on capacity building as a means to bridging the gap in ICT and cyber capabilities. We affirm that all capacity building initiatives be demand-driven, context specific, sustainable and embodied in national ownership and leadership. Kenya has benefited from various capacity building initiatives and would like to thank our global friends and partners for this. As a country, we can attest that sharing good practices including in the area of capacity building has national and regional benefits. Kenya is also one of the co-sponsors of the National Survey of implementation of United Nations General Assembly resolution 70/237, that invites member states, on a voluntary basis, to survey their national implementation of the resolution. In response to the Chair’s question on unique roles that the UN can take to support and/or facilitate capacity building at a global level, the UN can utilize existing specialized multistakeholder agencies and organizations such as the ITU and the Global Forum on Cyber Expertise (GFCE) to develop curriculum on various issues on cyber security. On the question of what roles can be put in place to facilitate effective consideration for developing countries needs in designing and developing capacity building measures. Kenya proposes the promotion of cyber risk and status assessment of capacity and capabilities be nationally led, especially in identifying areas of need. Kenya also proposes developing exchange programs, including through South to South triangular cooperation where states can learn from each other. On the question of what OEWG can learn from what the roles of sub-regional organizations currently play in capacity building. The regional arrangements demonstrate a shared understanding of the ubiquitous nature of ICT and the need for cross-border and regional arrangements to safeguard the cyberspace. Equally, creation of regional centers of cyber excellence will reinforce the importance of capacity building. On the question of contribution of other stakeholders to capacity building, the academia can contribute to capacity building through adequate and knowledge based research. The private sector could also be better utilized to reinforce resources towards capacity building, including partnerships with governments to respond to cross-border cyber threats. On concrete measures that the OEWG, the Secretariat or other UN body’s can take to advance capacity building, we concur with the Chair’s proposal that the UN designates a cyber capacity building focal point to coordinate offers, requests and calendar for capacity building. I thank you, Chair. 

Ambassador Gafoor  

Thank you for the statement, I give the floor now to the UK.

United Kingdom

Thank you Chair. My intervention concerns a contribution that we and others will submit to you in the coming weeks. In December, we highlighted the Oxford Center Cybersecurity Capacity Maturity Model, or CMM. It is the first of its kind model to review cybersecurity capacity maturity, enabling nations to self assess, benchmark, better plan investments and national cybersecurity strategies, as well as set priorities for capacity development. Undergoing a basic needs assessment and developing a national cyber strategy enable states to make the most of international cooperation. This need was recognized in our consensus framework as early as 2013 and it is beyond time to make it real. At least 89 states, including the UK have taken this first step since 2015, using the CMM. 36 states have gone on to use the process a second time to review their strategy. But that leaves many others who may not have had that opportunity to go through this or a similar process. Delivery of the CMM is a global effort delivered through a range of well known stakeholders from the World Bank, with funding from Korea and Japan, to the International Telecommunications Union, or ITU, and through regional institutions, such as the Organization of American States, the Inter-American Development Bank, the Commonwealth Telecommunications Organization, the Oceania Cybersecurity Center, and the Cybersecurity Capacity Center for Southern Africa. We believe that the OEWG provides an opportunity to ensure that all states who wish to work through a CMM or similar model, can conduct an initial needs assessment and develop a national strategy if they wish to do so. We therefore call on all member states to prioritize their own cybersecurity capacity maturity, and recognize the role of these models in enabling international cooperation. By sharing opportunities for best practice, we can support practical progress towards identifying state’s needs, improving coordination and ensuring that states are appropriately matched to existing opportunities, which support international cooperation. And we call on the OEWG to promote the routes by which states can access support, including funding to conduct the CMM through the above organizations and through the Global Forum For Cyber Expertise, or GFCE, to promote alternative routes for those who do not wish to complete a full guided assessment, including the online guides provided by the Oxford Center, and the National Cybersecurity Strategy Cycle Catalog, which is available through the GFCE Cybil Portal. And we invite UNIDIR to track global progress against the movement for states to assess their priority needs and aims and develop national strategies, perhaps through voluntary reporting using the survey of national implementation. Chair, undertaking one of these assessments can help states address so many of the challenges raised here this week, including improving the protection of critical national infrastructure. This contribution is currently co-sponsored by Australia, Botswana, Chile, Colombia, the Dominican Republic, Fiji, Georgia, Germany, Iceland, Japan, Malawi, Mauritius, the Netherlands, Norway, Peru, Switzerland, Tanzania, Uganda, the United Kingdom, and Vanuatu, The Global Cybersecurity Capacity Center in Oxford, The Cybersecurity Capacity Center for Southern Africa, the Oceania Cybersecurity Center, The Commonwealth Telecommunications Organization, The Organization of American States and the Global Forum on Cyber Expertise have also confirmed their support. Invitation to co-sponsorship is open to all, but particularly the 89 states who have undertaken a CMM. Many of whom are currently in the process of confirming with capitals in the hope of being able to support this contribution. Many thanks, Chair.

Ambassador Gafoor  

Thank you for the statement. Poland, please. 


Mr. Chair, I would like to start with thanking you and your team for your smart stewardship in leading the session. Mr. Chair, distinguished delegates, it is deeply deplorable that while discussing responsible behavior in cyberspace, we’re witnessing not only a military aggression of Russia against independent Ukraine, but also continued malicious cyber activities conducted from the Russian territory. We call on Russia and other countries which allow using its cyberspace for such harmful activities to stop them forevermore. Mr. Chair, capacity building is one of the most important aspects we need to focus on. In fact, capacity building should be a practical translation of our mutual will of cooperation. Referring to your questions, Mr. Chair, we agree that capacity building efforts should be objective, sustainable and resultsdriven. It is a very complex task and without creating certain mechanisms, it will be difficult to achieve tangible results. Even for developed countries, it took years to implement proper legislation, structures and strategies in cybersecurity domain. We know how difficult it is to build infrastructure, including ICT one, but what do we need to understand is that it is also very easy to destroy it. An example here would once again be Russia’s aggression against Ukraine. From our point of view, the UN level can become a proper platform for setting certain standards of capacity building. However, to make progress in this area, we need a more visionary look at this task. We need to establish a permanent platform of exchanging information and ideas, offering concrete projects of cooperation with partners being on an equal footing in terms of advancement of cybersecurity systems. Mr Chair, as a matter of fact, we already have a proposal of such a platform, the Program of Action, which is aimed at achieving concrete results. Sponsored already by more than 50 states, the POA has a potential to become a sustainable forum, covering all important aspects of responsible behavior in cyberspace. Moreover, the Program of Action constitutes also a good proposal for establishing regular institutional dialogue. In the POA forum, states together with civil society, private sector and academia could efficiently address current and future challenges of cybersecurity, including application of international law. Multistakeholders are very important in this process, because they could be instrumental in shaping assistance, knowing the needs of their respective partners in other countries. I thank you for your attention. 

Ambassador Gafoor  

Thank you very much. European Union please.

European Union

Thank you Chair, for giving me the floor. I have the honor to speak on behalf of the European Union and its member states. The candidate countries Turkey, North Macedonia, Montenegro, Serbia and Albania, the country of the stabilisation and association process and potential candidate Bosnia and Herzegovina as well as Ukraine, the Republic of Moldova, Georgia, and San Marino align themselves with this statement. Achieving better cybersecurity and combating cyber threats is a key enabler for utilizing the economic and social opportunities that the deeply connected and digitized world offer. The need for increased cybersecurity has been further strengthened by the COVID pandemic, which has highlighted the increasing dependence on both developed and developing countries on ICTs and the vulnerability of interconnected systems in light of increasing determination and ability of malicious actors to conduct malicious cyber activities. To meet the growing need, cyber capacity building needs to be prioritized. Funding needs to increase, more efforts need to be undertaken to coordinate cyber capacity, and further integration with larger development programs needs to be explored. In order to contribute to this efforts, the European Union has underlined the importance of cyber capacity building in its 2020 EU cybersecurity strategy for the digital decade, in which the European Union reaffirms its continued commitment to supporting partners by increasing their cyber resilience and capacities to address cyber threats. The strategy also outlines some ambition to establish a focused agenda for capacity building, and to increase coordination in order to meet the needs from both countries. Cyber capacity building needs to be both policy driven, building on the UN framework for responsible state behavior, as well as needs-driven and build on the expertise of all states involved. In order to further enhance cyber capacity building at the global level, we should increase our international coordination. Using organizations such as the Global Forum of Cyber Expertise to bring states together, facilitate the exchange of information on ongoing and planned efforts, best practices and lessons learned. In addition, more coordination should take place between states and stakeholders, noting the significant contribution by private sector and civil society to cyber capacity building, as we all see now happening in support of Ukraine to mitigate the impact of the Russian aggression. The EU is working hard to encourage greater information sharing and transparency between all stakeholders when it comes to cyber capacity building, and sees the Program of Action as an opportunity to further operationalize the coordination and cooperation. The POA proposal supports tailored capacity building based on states assessments of their needs to develop exchanges of best practices and experiences between relevant experts and to foster meaningful multistakeholder engagement in this regard. Under the POA initiative, the EU and its member states see the opportunity to establish a dedicated funding mechanism and enhance coordination between existing instruments such as the World Bank Cybersecurity Multi-Donor Trust Fund, in line with the principles set out in the paragraph 56 of the Open-ended Working Group final report. Dear colleagues, the EU remains available for exchange and cooperation on capacity building. Please feel free to reach out to us to this end. Thank you. 

Ambassador Gafoor  

Thank you, European Union. India to be followed by Costa Rica. India, please.


Thank you, Mr. Chair. Mr. Chair, the role of capacity building is of vital importance in taking forward the mandate of the working group and in actually assisting the member states in building a resilient ICT-based infrastructure. India would like to underline that capacity building is not just limited to respective national technical agencies, but in reality transcends into policy level entities. Capacity Building is a common thread that connects focus areas of the working group, such as promoting study and common understanding on existing and potential threats, implementation of normative framework for responsible behavior in cyberspace, application of international law to the use of ICTs and developing inclusive, transparent and action oriented confidence building measures. An inclusive, democratic, neutral and trust based capacity building program lays a strong foundation in sustaining regular instructional dialogue for member states. To that end we would like to propose some of the following action items that the OEWG could work and deliver during its mandate. The OEWG may consider to form a forum of CERTs and CSIRTs at UN level and it can develop and execute specific capacity building programs to small and developing countries through the forum. In particular, enough focus should be on protecting critical infrastructure of member states. Global cybersecurity mock drills and exercises under the UN forum on the latest threats will help small and developing countries to check their preparedness against latest threats and attacks. At present, capacity building measures are well developed by relevant global forums by organising security mock drills, exercises, conferences, working groups, training workshop programs involving many member states, the same methodology may be considered by the OWG to help small and developing countries. The OEWG may involve in partnerships with the national CERTs which focus on the capacity building and security awareness activities in their constituencies and can help in improving the capacity building of the member states. The OEWG needs to play a major role in the capacity building of developing countries under the UN framework. These countries lack infrastructure and technology to mitigate and counter ICT related threats. Developing an international counter task force by involving experts from the member states may be useful. Such task force may be used to provide the technical assistance to developing countries in times of attacks, targeting their critical infrastructure. They may also provide support in guiding small and developing countries with the necessary infrastructure to protect their assets against attacks. We understand that cross regional initiatives and regional organizations in their own unique way have an important role to play in enhancing capacities of the member states. Mr. Chair, it needs to be noted that a large number of small and developing member states have no readily available vibrant and functioning private sector academia, and civil society at the national level. At the same time, their capacity building programs have unique priorities and interests. The OEWG needs to incorporate these final events in its proposed capacity building programs and initiatives. The OEWG could consider preparing a capacity building calendar that includes events like conferences, security drills, exercises, workshops and training programs, with the hands on sessions for developing countries. Thank you, Chair. 

Ambassador Gafoor  

Thank you for the statement. Costa Rica to be followed by Dominican Republic. Costa Rica, please.

Costa Rica

Chair, Costa Rica will now respond to points 4, 5 and 6 relating to confidence building measures [sic]. Concerning the fourth guiding question of regional organizations like OAS and ASEAN tend to play coordinating roles when it comes to cyber capacity building efforts. These groups could facilitate inter regional dialogue by holding specific meetings so that representatives by those organizations can share their experiences, current mechanisms that are being implemented and the way that this group could support and not duplicate measures. Concerning the fifth question, non-state stakeholders are already playing key roles in cyber capacity building initiatives through the evaluation of needs for analysis and investigations, research, training sessions, especially training for diplomats and public officials, as well as the creation of programs so that local communities can develop the cyber skills they need, increase their cybersecurity presence in the realm of education and facilitate access to the internet and digital services. States can collaborate with other stakeholders in partnerships that will recognize experience and knowledge that these groups contribute to our efforts. We states can also take measures to guarantee that the environments being created by policies and regulations will facilitate the development of the talent we need to protect human capital and guarantee access to greater information. Concerning the seventh question, it’s clear that we need greater coordination in our capacity building efforts in order to reduce duplication and overlaps. The UN could play a coordinating role in this regard, although any new role or structure should take into consideration existing efforts, for example, the Global Forum for Cyber Experts has created a portal for conducting follow up on capacity building measures. There are also regional organizations and bilateral associations that are working on the creation of skills building centers within their specific regions. Thank you. 

Ambassador Gafoor  

Thank you very much. Pakistan to be followed by Saudi Arabia. Pakistan, please.


Thank you, Chair, for giving me the floor. Considering the fact that cybersecurity is relatively a new field, therefore it demands a huge sum of financial and technical investments for capacity building research and training. Moreover, there exists a large gap in terms of capacities and skills between states to deal with the threats emanating from the cyberspace. Therefore, Pakistan is of the view that capacity building of all states on equal footings is indispensable for a secure and stable cyberspace. For going in view, Pakistan proposes that the principles of the capacity building should include the following. Number one, capacity building should be demand driven, made upon request by the recipient state taking into account the specific needs of member states. Number two, for capacity building all states should be given their due right to participate and to make consensus based decisions in all the key bodies responsible for regulating the global internet. Number three, developing states must be provided with necessary financial and technical support and resources required for the establishment of CERTs and CSIRTs, securing critical infrastructure and the training for crisis management. Number four, providing scholarships, fellowships and trainings for cybersecurity professionals from developing states in the areas of critical infrastructure security, cyber policymaking, application of international law in cyberspace, etc. In this regard, the institutions like UNITAR, ITU and UNIDIR can play an important role. Number five, being mindful of the inter linkages between confidence building and capacity building, member states should ensure that ICT-related capacity building is seen as a trust building measure and it remains transparent, accountable, non-discriminatory and politically neutral. Lastly, the principle of common but differentiated responsibilities should be applied concerning the provision of capacity building. Thank you so much. 

Ambassador Gafoor  

Thank you for the statement. Saudi Arabia, please.

Saudi Arabia

Thank you, Chair. First and foremost, we would like to express our gratitude to you for the efforts that you have made in steering the work of this committee. We welcome your efforts as well as the efforts made by the working group. We support Indonesia’s statement on behalf of the Non-Aligned Movement. Chair, we have seen an increase recently in cyber challenges. They are becoming more dangerous, they are expanding. And these dangers have to do with the threats facing my country. My country has increased its efforts to engage in capacity building for ICTs. These efforts are in line with the latest report of the working group on capacity building. We have created a body to work on security aspects, we also have developed a vision for Saudi Arabia, a 2030 vision to involve all local governments to this end as well. We are working on ITC security and we are working on capacity building for human resources, increasing participation of civil society and of the private sector as well. We’re also developing various frameworks and legislation making structural changes to ensure cybersecurity. In addition, we are enforcing quality control at the national level and we are strengthening international cooperation and between the public and private sectors. We have adopted a number of initiatives to raise awareness and provide information to the public, while also informing the public of the threats that are increasing. Additionally, we are attempting to bridge the digital divide. We are training personnel, we also have a Cyber Pro initiative for human resources in the public sector and in academia. Saudi Arabia was ranked second in the global index prepared by the ITU. We have improved our rank compared with 2011, thanks to the progress that we have made. Under the presidency of Saudi Arabia, the G20 in 2020 we held in Intergovernmental Panel, over 250 participants from all over the world examined a number of issues including capacity building at the national level. As well as strengthening the network for cybersecurity globally, we are also increasing our efforts at the global level. Preparations are currently underway for stage two of our efforts. These will launch next year, we have created two initiatives in order to protect children in cyberspace and also to increase the role of women in cyberspace as well, with an accent on their professional life. In the context of the pandemic over the past two years, we have addressed cyber security by strengthening our efforts nationally, and by working on capacity building in the workplace and in residential areas. We would like to note the importance of cooperation and the need to increase international cooperation on ITC security. We also need to engage in additional capacity building to this end, and to strengthen cooperation and international initiatives that are relevant to the subject area. Thank you, Chair. 

Ambassador Gafoor  

Thank you very much. Delegates, we have about thirty delegations which have inscribed to speak and I’d like to hear everyone, so I’d like to urge all delegations to do their best to stick within the time limit of around three minutes. So on that basis, we’ll continue with the speaker’s list. I’ll keep now the floor to the Dominican Republic to be followed by Finland. Dominican Republic, please.

Dominican Republic

Thank you, Chair. Our delegation associates itself with the statement delivered by Indonesia on behalf of the Non-Aligned Movement. As this is the first time we are taking the floor at this meeting, allow us to commend the exemplary manner in which you have conducted the work of this group and we appreciate your tremendous efforts towards reaching an agreement on the outstanding issues regarding modalities. And we reiterate our unwavering support to that end. Chair, the Dominican Republic, as a country that has strived for more than 20 years to contribute to a free, open and more secure global cyberspace, is honored to be part of this substantive session, and looks forward to working together with other states and stakeholders in order to increase cooperation to counter cyber threats, contributing to collective improvements and resilience. We would like to express our support for the initiative presented by France and Egypt, regarding the action plan to promote responsible state behavior in cyberspace. Based on some of your guiding questions, we will address the following aspects. First off, combating threats requires government response, measures to ensure law enforcement, incident management and above all, capacity building. In that regard, we strongly believe that it is an urgent priority that we promote international cooperation and capacity building for prevention, protection, and recovery when facing these threats. We must also focus on generating awareness among decision makers, who at the end of the day are the ones that call us to support and respect international norm. We also believe that we should establish public-private partnerships with academia and the private sector to promote and strengthen technical training programs and risk management capabilities. In this regard, we continue to strongly support inclusive, transparent and active participation by stakeholders in this process, including NGOs, the private sector and academia, as they are key players in prevention and protection, as well as in the exchange of lessons learned. Thirdly, our delegation considers it pertinent that we continue with the work aimed at promoting the exchange of information on threats and the exchange of best practices in cyber capacity building. In that regard, we wish to highlight the work being carried out by the Global Forum on Cyber Expertise. Rather than creating an additional platform for this purpose, we feel that it might be better for the UN to support and strengthen these existing initiatives. Finally, we consider it essential to support and strengthen to improve the mechanisms aimed at reducing the gaps and training needs of the states to develop training and capacity building programs, thus, achieving more effective use of current efforts and resources. That’s why we must highlight initiatives like that of the Latin American and Caribbean cyber capacity center LAC4, which serves as a coordination and support focal point for the Americas, sponsored by the European Union and established in the Dominican Republic in 2021, which can be used as a reference to share lessons learned. To wrap up, we would like to reiterate that the Dominican Republic is a country with a long history of international cooperation and assistance on issues related to cybersecurity, and the responsible use of ICTs with the support of the OAS and programs like Cyber4Dev, also a project of the European Union. Success stories that we can promote and replicate from within our own Working Group. Upon reflection, we conclude that from this space, we should promote thinner bureaucratic lines between agencies and organizational frameworks that will generate agile procedures and thereby promote collaboration and trust between various parties, and standardize best practices for cybersecurity and capacity building. Thank you very much, Chair. 

Ambassador Gafoor  

Thank you very much. Finland, please. 


Mr. Chair, my delegation aligns itself with the statement by the European Union and wish to make a few additional remarks in our national capacity in light of the guiding questions from the Chair. Chair, no chain is stronger than its weakest link in the interconnected cyberspace. This serves to underscore the importance of international cooperation in capacity building and global resilience in order to enable each member state to reap the full benefits of the ICT as well as to promote security and stability in cyberspace. As it has been highlighted in the previous OEWG outcome report and in many previous statements, insufficient coordination and complementarity in the identification and delivery of cyber capacity building efforts are impairing the effectiveness of the capacity building efforts. It has become increasingly clear that a coordinated effort at the global level is needed to better ensure complementarity, sustainability and reduction of unnecessary duplications in cyber capacity building efforts. The United Nations has an essential role to play in highlighting the need for and raising the profile of capacity building, as well as in advancing greater coordination between states and relevant stakeholders by leveraging its convening power. In similar vein, as said by Kenya, many of the existing platforms within the United Nations system need to be better utilized to share national practices on capacity building, to share lessons learned and experiences of recipients and providers of capacity building support, as well as to facilitate access to information on capacity building and technical assistance programs, and to support the mobilization of resources and to match available resources with demand for capacity building assistance. In this regard, we see great value in the Program of Action, serving as an action oriented basis to advance coordination, sustainability and coherence in our capacity building efforts. Achieving sustainable impact should be the driving force for cyber capacity building efforts, and this is best achieved through inclusive partnerships and shared responsibility. Talks and cooperation between states are necessary, but not sufficient without an inclusive and meaningful public-private partnership. As has been highlighted earlier by several delegations, including Switzerland and Costa Rica, there is a clear need for further broad based regular and dedicated dialogues with relevant stakeholders in order to foster a better understanding of the opportunities and challenges to global capacity building. This is not an option, but a must if this working group is to deliver tangible, forward looking, implementable outcomes, they will carry weight in practice. I thank you, Mr. Chair. 

Ambassador Gafoor  

Thank you for the statement. Syrian Arab Republic to be followed by Ghana. Syria, please.


Thank you, Chair. With respect to the sub point on the agenda in question, my delegation would like to make the following comment. My delegation affirms the importance of strengthening openness, justice and non-discrimination in our work in order to allow all countries, especially developing countries to gain access to ITC products and services. This is extremely important for bridging the digital divide, we need to support developing countries in many areas to have partnerships between all countries. This will help strengthen international safety and stability. We need to create a specialized program to facilitate capacity building that will target the least developed countries as a part of our work on information security. We need to shed light on the scientific need and knowledge of these [unclear] to allow them to strengthen their capacity and human resources. And to allow them to catch up in their efforts on information security and to participate effectively in ensuring ITC security. We should have a global indicator for assessing information security. And this should be provided to developing countries while taking into account their conditions and their scientific and economic development levels in order to build capacity. It is also necessary to establish a reference entity within the UN to support the efforts of developing countries in this area. Distinguished Chair, capacity building can only be done if we do not have illegal, coercive measures that are imposed on countries, including Syria. This is an impediment to the capacity building and technological development of these countries, which is necessary for capacity building and we hope that these measures will be canceled soon in an unconditional manner as soon as possible. Thank you, Chair. 

Ambassador Gafoor  

Thank you for the statement. I give the floor now to Ghana, to be followed by Republic of Korea. Ghana, please. 


Thank you, Mr. Chair. During the last OEWG session my delegation underscored the validity and necessity of capacity building, especially to enable developing countries engage in bilateral and multilateral cooperation at a technical and diplomatic level, and to learn about concrete threats in the cyberspace to respond effectively to them. In view of this, capacity building has been at the core of Ghana’s cybersecurity efforts. Ghana has since 2018, embarked on massive cybersecurity awareness creation efforts through a whole of society approach. These efforts which have included a monthly awareness events, dubbed National Cybersecurity Awareness Month have aimed at ensuring that across the whole of society, there’s an awareness of the cyber threats and the developments of the minimum level of deterrence through collective and individual preventive action by citizens. Through this program, we continue to build the capacity of children, the public businesses and local governments. Mr. Chairman, although developing countries are rapidly increasing their access to cyberspace, most so lack the capacities to safeguard their virtual communities with regards to cyber security, cyber crime, data protection, eDevelopment, international security and diplomacy, basic cyber hygiene practices, incident responses and overall protection of Critical Information Infrastructure. It is therefore essential to consider the concerns of small and developing nations and to provide them with the necessary technical assistance they stand in need of. A lot of gains could also be made through experience sharing and international cooperation. It is our opinion that technical assistance should be anchored in normative frameworks to ensure that they are clear guidelines in which they can be carried out. Thank you. 

Ambassador Gafoor  

Thank you for the statement. Republic of Korea to be followed by Canada. Korea, please.


Thank you, Mr. Chair. As my delegation has stated, we believe that our OEWG should be a more integrated and inclusive process. We also witnessed just before, at the informal dialogue with stakeholders at the lunchtime, how the expertise and experience of diverse stakeholders can contribute to capacity building. Cyberspace is a multifaceted domain characterized by the broad participation of diverse actors. Empowering those member states in need of greater cyber capacity and recruiting the untapped expertise of various stakeholders must take center stage in our joint responses. Capacity building for developing countries is an urgent issue that merits greater attention and commitment of all member states, as it is crucial to implement the normative framework and respond to current and future threats in the cyberspaces we are all interconnected in. To effectively respond to current and potential threats, my delegation is of the view that the building technical capacity as well as legislative, regulatory and policy capacity will be required. Capacity building and the legislative and policy domain will help support developing countries align their laws and regulations with relevant norms as well as international laws, thus contributing to the overall implementation of normative framework. Holistic capacity building that met the legal policy and technical needs of developing countries were conducive in providing countries specific assistance feeding the different needs of its country. For its part, the Republic of Korea is actively participating in regional fora to promote capacity building. For example, we co-chaired the ASEAN Regional Forum Inter Sessional Meeting on ICT security, alongside Indonesia and Australia. We also co-chaired the ASEAN Defense Ministers Meeting Plus cybersecurity group. In response to your first guiding questions, Mr. Chair, we believe that the UN can play an important role to support capacity building at the global level as to share the ongoing regional, sub regional, bilateral and national capacity building efforts as well as best practices. This will contribute to more effective and coordinated capacity building. In addition, the ROK believes the Program of Action for responsible state behavior in cyberspace, as a permanent and action oriented instrument will have particular merit, especially in capacity building. As such, we call for all member states interest and participation in the POA. Capacity building combined, with international cooperation and confidence building measures, will contribute to bridging the gap in our global efforts to enhance security in cyberspace. The Republic of Korea stands ready to cooperate with all member states to achieve this important goal. I thank you, Mr. Chair. 

Ambassador Gafoor  

Thank you for the statement. Canada to be followed by Haiti. Canada, please. 


Thank you, Chair. As outlined in the suggested guiding questions you have shared, I’d like to provide some detailed and specific initiatives on Canada’s cyber capacity building efforts. We hope this may offer some examples or lessons learned through which the UN could take on and support capacity building at the global level. Since 2015, Canada has committed $29 million to cyber capacity building initiatives. These efforts seek to build an open, free and secure cyberspace around the world by helping states develop their technical and policy level cybersecurity capacity. As a direct result of Canada’s support, the Organization of American States through the Inter American Committee Against Terrorism (OAS CICTE) has been able to support the implementation of at least one of the cyber norms by improving or implementing new computer security incident response teams, CSIRTs throughout the Americas.  Finally on gender, over the last year alone, the OAS Cyber Women Challenge has trained over 500 women in cybersecurity, while also implementing relevant gender events to promote the role of women in cyber. These included online networking events and a webinar on cybersecurity and countering online gender-based violence. Canada is also a donor and supportive the Women in Cyber fellowship. We welcome the interventions from Argentina and Chile, whose representatives are here with the fellowship. Chair, I would also like to request that the Secretariat take note, when looking at the recordings of how many interventions were made by women. It would be good to build on the success of the last OEWG when we achieved gender parity. Canada continues to support the meaningful participation of women in these cyber negotiations. On the point of the OEWG improving engagement and working with organizations to optimize global capacity building efforts, Canada would suggest that the OEWG canvas members to see what capacity building is already underway, and what developing countries might need before deciding on this. The OAS has already been doing substantial national cybersecurity strategy development. The ASEAN-Singapore cyber Center of Excellence is also developing programming that would overlap with some of this work. Together with partners from non-government organizations, the tech community and academia, stakeholders are an able and critical part to develop practical initiatives to build cyber capacity. The Global Forum on Cyber Expertise, GFCE, has also made significant progress since its establishment to increase participation and provide all participants with the tools, knowledge and expertise required to coordinate global efforts in cyber capacity building. With regard to the useful lessons of the OEWG, I can draw from these existing mechanisms. The OEWG should take advantage of existing cyber capacity building coordination bodies such as the GFCE, in order to maintain coordination and coherence as it relates to cyber capacity building efforts. The GFCE regularly produces roadmaps and publications on how to improve cyber capacity building efforts and develop confidence building measures and standards. This combination of regional organizations working in tandem with states, while also supported by the non-governmental multistakeholder community, can ensure the most effective capacity building projects possible. Lastly, Chair, we have heard how this process itself is considered a capacity building exercise, but in order for it to be truly effective, there needs to be a degree of trust among states. It is therefore incumbent of us us to speak out against the unprovoked and unjustifiable devastation that Russia’s military forces are causing in Ukraine. President Putin’s war of choice threatens Ukraine and Europe security, but also international peace and security, the rules based international order and the normative framework for responsible state behavior in cyberspace. Canada would like to remind all states of their obligations under the UN Charter and other normative and legal commitments made in previous UN cyber processes. Chair, and perhaps the most pertinent example I could give on capacity building, I would humbly suggest the following. We would invite the delegation of Ukraine to present to the entirety of the OEWG their exemplary efforts in cyber resiliency and bolstering their defenses. In conclusion, Chair, Canada reaffirms the importance on the respect of the framework for responsible state behavior in cyberspace, a framework which we have all worked so hard to build together these last 12 years, which has since been undermined by Russian cyber operations, including most recently in Ukraine. We stand with the Government of Ukraine and its brave and resilient people as they defend their country. Thank you, Chair. 

Ambassador Gafoor  

Thank you for the statement. I’ll give now the floor to Haiti, to be followed by the Russian Federation. Haiti, please.


Thank you, Chair. Thank you for giving the delegation of Haiti the opportunity to speak for the second time on the in depth question of resolution 75/240 of the General Assembly. Distinguished Chair, capacity building remains a fundamental element of our fight against cyber attacks and the imminent threat that they pose to the technological infrastructure of our states, civil society and the global economic system. As we have already mentioned during our previous statement, cyber attacks may threaten the very sovereignty of states and systematically violate human rights. This becomes an increasingly important challenge for states and a potential threat to international peace and security. The Republic of Haiti is aware of the threats that exist in cyberspace. This is why we are making every effort with respect to all initiatives regulating the issue, specifically, initiatives undertaken as part of international negotiations. Allow me to cite an example. We co-sponsored the draft resolution A-C1-75-L4 of the First Committee of the UNGA, entitled ‘Promoting responsible state behavior in cyberspace in the context of international security’. It was presented by the US Delegation on October 4 2020. In fact, the very complex nature of these threats shows that we face a serious problem, even worse, we depend on ITC technology and this makes us vulnerable to cyber attacks. Thus, in order to address this scourge, we need an integrated solution with the participation of all players, including civil society, states, etc. We must build international cooperation on the subject that is based on sincerity, mutual trust,  judicial assistance and avoiding an exacerbation of the issue. Distinguished Chair, we cannot ignore the fact that this progress helps the collective wellbeing and sustainable development of countries. Nevertheless, cyberspace is once again a battlefield, a new space for conquest for great powers. This is why the risk of using digital technology in interstate conflict is certainly high. My delegation invites UN member states to display a great openness, inclusivity and transparency in this negotiation process. This will allow us to address the current concerns and also address future challenges. Distinguished Chair, we cannot fight cyber attacks if we are unable to establish mechanisms to promote capacity building on digital security for the most vulnerable countries. No state however powerful it may be, is able to address issues related to cyberspace on its own. This is why it is important to define and implement strategies for global, regional and bilateral cooperation to fight cyber attacks. Such strategies must involve private actors, such as internet operators or service providers. My delegation believes that capacity building also requires formal communication channels, which can be used to share information as well as strengthening POCs regionally and creating an international platform for technical, political, and legal issues. Capacity building measures need to be taken to promote the use of digital technology for peaceful ends. Cyberspace does not know any boundaries and this is why preventing the use of digital infrastructure for criminal ends needs to happen by building the capacity of developing countries. It is extremely important to promote, facilitate, support and strengthen international cooperation in order to prevent and combat the use of ITCs for criminal purposes. We must establish the necessary follow up mechanisms and promote capacity building. To this end, we need to take decisive actions and make proportional efforts with respect to the regulatory framework in order to address the threats of cyber attacks, both nationally and internationally. Thank you. 

Ambassador Gafoor  

Thank you for the statement. I’ll give the floor now to Bangladesh, to be followed by Sri Lanka. Bangladesh, please. Sorry, my apologies. I think the list on my computer here has been jumping up and down. So, my apologies. So, its the Russian Federation now, please.


Thank you, Chair. Distinguished ladies and gentlemen, colleagues. We assume that states should assist developing countries and building their capacity in the field of information security and overcoming the digital divide. Taking into account the work of the first OEWG we propose continuing to harmonize universal principles for providing assistance and capacity building. This would allow us to carry out this activity as effectively as possible and with due regard to the interests of all parties involved. The list of such principles should include, one, inadmissibility of using ICT technology by states as a tool for taking economic, political, or other coercive measures, including measures that restrict or block use by particular states that also hamper access to the benefits of ICTs. Second, the requirement for states to prevent the use of harmful hidden functions in ICT supply chains developed under their control and jurisdiction, in order to create or facilitate the creation of vulnerabilities and products, goods and services that would affect the sovereignty and security of recipient states. Three, the inadmissibility of taking measures that unreasonably restrict the use of ICTs for peaceful purposes, international cooperation or transfer of technology. The OEWG can provide concrete, practical assistance to states and capacity building mainly by promoting a better understanding of the needs of developing states, including advanced training and human resources. The collection and analysis of information can be carried out through questionnaires, we are ready to develop a draft of a questionnaire. The results of this work will serve as the basis for a targeted program or fund for capacity building in the field of international information security. The OEWG could recommend the establishment of such a program within the UN. Other interested parties could also contribute to capacity building, for example, businesses and NGOs. It would be useful to intensify the exchange of best practices and experience sharing within the framework of a public-private partnership and the use of ICTs on the national level. We look forward to a constructive discussion on these matters within our informal exchanges with non-governmental entities. We have seen how constructive from today’s meeting. Thank you. 

Ambassador Gafoor  

Thank you very much for the statement I give the floor now to France. 


I think it was Bangladesh, Mr. President? 

Ambassador Gafoor  

Well, I think the list is in two pages. So I was looking at the second page. So I’m following the order in which it appears on my computer. So the mistake was mine. My apologies to Bangladesh. France, you have the floor. Thank you.


Thank you. We align ourselves with a statement made by the EU, I would like to make a few comments in our national capacity. Our discussions this week have confirmed the key role of capacity building in general and also for the work of this group. My delegation, like many other delegations, has reaffirmed on multiple occasions that support that is adapted to the capacities of states is necessary for effectively implementing the regulatory framework and for increasing our collective resilience in the face of cyber threats. Many share this view and with respect to capacity building, we already have as you have mentioned, Chair, in your guiding questions, we already have a number of useful initiatives both at the regional and sub regional levels from both public and private players. Nevertheless, we believe that the UN can play a unique role in order to complement these initiatives and to create an institutional framework to provide such a framework for mobilizing these resources and better use them to support the implementation of agreed regulations. As for the statement made by Miss Izumi Nakamitsu at the opening of the session, she noted that there is a need for a quote “permanent support platform for capacity building and implementation of the existing regulatory framework”. Distinguished Chair, we believe that this group could contribute to the implementation of such an institutionalized platform within the UN. My delegation believes that this platform could be part of the POA. France, Egypt and an increasing number country of states, almost 60 states, also the EU, are promoting the establishment of this POA. Here, I will just share a few brief remarks on the way in which the POA could strengthen capacity building. These remarks are based on discussions with the co-sponsors. Distinguished Chair I would like to also respond to some of the guiding questions which you asked us. The POA would create an institutional mechanism that would allow us to follow up with the existing normative framework. It would invite states to report on a voluntary basis about the national efforts on the implementation of the various elements of the regulatory framework. They would also report on difficulties and obstacles in implementing each standard. States will be encouraged to use instruments such as the National Survey of implementation, which were promoted by Australia and Mexico during the previous OEWG and its development is almost completed. The POA could have its own Secretariat, for example, which could be provided by UNODA in order to centralize the various reporting hub. On the basis of the work of the POA, which would be coordinated with the work of this group, would allow states to identify challenges in a detailed manner in implementing the existing framework, and as a result determine what priority action needs to be undertaken in capacity building. Given these priorities, the POA would support and encourage the implementation of capacity building programs, which would specifically address the needs expressed by the states in the implementation of existing regulations. For example, the POA could encourage the development of capacity building efforts to assist states in the establishment of a national cybersecurity strategy or in helping them build capacity on incident response, or in outlining policies that would improve the protection of critical infrastructure etc. It is clear, Distinguished Chair, that in order to avoid duplication the POA would need to account for existing initiatives on the coordination of capacity building. It would create an institutional architecture that would encourage greater synergy between existing initiatives and capacity building. It would also encourage these initiatives to specifically respond to the needs identified by states in the implementation of agreed standards and recommendations of the UN. To complement mechanism, states could consider the potential creation of a fund for this POA . Based on voluntary contributions, it could help fund projects to promote the framework for responsible behavior. I will stop here this afternoon because my colleague from Egypt will provide more details shortly. Distinguished Chair, my delegation submit these elements to the group for its consideration. We are determined to continue discussing the subjects under your leadership and with all interested states as part of this working group. I would like to conclude by saluting Fiji, Jordan, Paraguay, East Timor and the Dominican Republic, which have addressed their support to the POA. I would like to thank them and I thank you, Distinguished Chair. 

Ambassador Gafoor  

Thank you very much for the statement . I give the floor now to the Organization of American States. OAS, are you here? 

Organization of American States  

Thank you, Chair. My mic was off. Chair, distinguished delegates. 

Ambassador Gafoor  

Sorry, is that the Organization of American States? 

Organization of American States  

Yes, it is, Sir. My mic was off earlier. 

Ambassador Gafoor  

Okay, alright. Please, you have the floor. 

Organization of American States  

Chair, Distinguished Delegates, on behalf of the General Secretariat of the Organization of American States, we would like to thank you for the opportunity to address you again. Cybersecurity capacity building has proven to be a pivotal element in the pursuit of mitigating the risk of conflict in cyberspace. For this reason, for more than eighteen years OAS CICTE has worked to help our member states develop public policies, strengthen capacities and create knowledge and awareness around a diverse range of cybersecurity issues. Chair and member states, it is because of this wealth of experience that we as the General Secretariat can provide some perspective on the benefit of establishing implementation programs on capacity building that takes into account the diversity and multiculturalism factors of each region and specific qualities of each country. These characteristics mirror the varying cyber security levels and the challenge that can be faced to develop a common approach to cybersecurity capacity building. Undoubtedly, inter-regional cooperation and collaboration presents an opportunity at a minimum for dialogue, as this will enable the possibility to create synergies and build upon common topics to define concrete actions. To this extent, the OAS has been seen benefiting in establishing cooperation agreements with different stakeholders, as the ones who are participating in the informal meeting earlier today, as well as serving as a unique role and platform for engagement to achieve a broader global agenda in our role as the GFCE hub for the Americas. As a practical example, Chair, we wanted to explain the role of regional organizations in their region and capacity building. At the beginning of each year, the OAS CICTE meets with our various colleagues, such as the EU, GFCE, OSCE, ITU, LACNIC, ARIN, Cyber Security Agency of Singapore, among many others. We do this in an effort to coordinate capacity building efforts when they’re active in our region, and for others to identify possible areas of collaboration. After these efforts, we then meet with our member states to determine their needs to ensure our programs are targeted and our partners are coordinated. These efforts have not proven unfruitful, and we believe that they foster peer to peer learning and sharing of good practices. Some practical outputs have been the joint stages of capacity building courses between the EU Cyber4Dev and CyberNet program, sharing of best practices with our colleagues in the Commonwealth, and we have also been able to join efforts with GFCE Working Group on incident response capabilities. We would therefore like to take this opportunity to mention as a final point, the example of our network of Cyber Incident Response Teams of the member states of the OAS (CSIRTs Americas). This is the main driver of our program in terms of strengthening capacity of our incident response teams. Currently CAN, as we call it, brings together 153 cybersecurity experts from 31 CSIRTs from our member states. Through this network, we’ve been able to provide 24 hour early warning reports and cyber threats. We do training opportunities for CSIRTs members, technical assistance as our member states require. However, it is most important to identify the unique role that this community plays in consolidating the region in this effort. We have been in dialogue with other regional entities such as the OSCE and the EU, with similar CSIRTs network, as we seek to figure out how we can have global joint exercises based on our networks. This, Mr. Chair, we believe is a good practice example to study and hope that what we have shared today can contribute to member states deliberations in this process as to what practical capacity building can look like. Thank you, Chair. 

Ambassador Gafoor  

Thank you. I give the floor to El Salvador, to be followed by Pakistan. El Salvador, please.

El Salvador

Chair, we welcome our discussion on capacity building. Concerning the previous, the government of El Salvador through our secretariat for innovation in our presidency, is currently undergoing a transformation process that will allow us to advance technologically at the national level. We understand that we must strengthen our capacities in these themes, among them policies and strategies for cybersecurity, social and cultural aspects, training, skills building and development in cyberspace and the development of international standards. We believe that this OEWG could highlight within its report the current efforts that are generating progress in cyberspace and incentivize such initiatives through information exchange and specialized technical assistance through other organisms and agencies like UNIDIR on its portal. Efforts undertaken in El Salvador on cybersecurity have been carried out through inter-sectorial perspectives, that includes the private sector, NGOs, civil society and other bodies. We believe that the work of this working group could benefit from contributions by these actors around skills building, something that we advocate for. We advocate for their contributions to be included in our working group. Finally, we believe that the recommendation expressed during the first session on involvement by the United Nations on skills building initiatives could be quite positive. We would have to define the logistics and coordination aspects of that, but we find that a center for coordination within the UN framework could [unclear] initiatives among members, thank you. 

Ambassador Gafoor  

Thank you very much. I believe Pakistan has already spoken. Am I correct? Yes. So I think there was a mistake in the list. Yeah. I give the floor now to Bangladesh. My apologies to keep you waiting. 


Thank you, Mr. Chair. My delegation believes that the peace and the security of cyberspace is a collective goal that requires collective action. Capacity building for strengthening global cyber resilience and reducing the ability of potential perpetrators to misuse ICTs for malicious purpose is a core element of our discussion. Bangladesh handled a big setback in 2016, when more than 80 million US Dollars from Bangladesh central bank was siphoned by hackers. Eventually, a large portion of the money landed in another country and through its banking channel reportedly released to the country’s casino system. The fact that the hackers had been able to breach the supposedly secure global money transfer system is no doubt an alarming development. We reckon that our hard earned gains in the ICT sectors need to be made secure. On our part, we are working toward building a safer ICT ecosystem in the country, we are promoting a cybersecurity culture across various administrative legal and business continuum. We have set up a digital forensic laboratory for training purposes, but we are aware these are not enough. Allow me to share few points in this regard. First, we need meaningful global cooperation for defending cyber attacks, creating awareness, developing reliable early warning systems, creating capacity to coordinate across sectors, including governments and major tech firms. Proper training, knowledge sharing and technology transfers are critical in this regard. Second, the development partners should consider specific support to technologically less advanced countries for their capacity building, so that these countries can protect their critical infrastructure and reap the benefits of 4IR. Third, we must build public-private partnerships involving actors from government, the private sector, civil society, international organizations, academia and technical community as an important stepping stone to tackle the use of cyberspace for harmful purposes and to spread the hate and hostility. Fourth, capacity building activities should be evidence-based, neutral, transparent, accountable and without conditions, taking into account the principle of state sovereignty. Finally, we must consider capacity building as one of the main pillars of international cooperation, reducing the attack surface and enhancing the ability of states to address cyber threats for the present and our future generations. I thank you, Mr. Chair. 

Ambassador Gafoor  

Thank you very much for the statement. I give the floor now to Philippines, to be followed by Switzerland. Philippines, please. 


The Philippines aligns itself – forgive me Mr Chair – the Philippines aligns itself with the statement delivered by ASEAN and the Non-Aligned Movement. We appreciate the guiding questions that you and your team developed, as it allows the group to move towards achieving meaningful and concrete results. To this end, the Philippines offers the following points while answering some questions from the guiding questions. First, on the measures that would facilitate effective consideration of the needs of developing countries in the design and development of capacity building measures. The Philippines would like to underline that it’s important to assess the capacities of each state first, to effectively consider these needs. There are already several models that assess the state’s capacity, for example, the Oxford cybersecurity Capacity Maturity Model for nations or the CMM, the Potomac Institute Cyber Readiness Index or the CRI 2.0. Using the model of the National Survey of implementation of the UNGE resolution 70/237 is also a way to advance capacity assessment. The Philippines underlines that this is only a first step and not the capacity building per se. Second, on existing mechanisms or capacity building measures, the OEWG can build and improve on the work of the Global Forum on Cyber Expertise, such as the catalogue of Project Options for the National Cybersecurity strategy, or the NCS cycle and the global overview of existing cybers capacity assessment tools or the GOAT. Alternatively, the OEWG can also look into replicating the GFCE working groups to organize sub working groups to work on thematic priorities of capacity building, inter alia, norm implementation, establishment of national strategies, international law, incident response, emergency management and protection of critical infrastructure that would offer concrete deliverables. Third, on what role can the UN take to support capacity building at the global level, the Philippines is of the view that the UN can take an active role in facilitating coordinated efforts, such as in consolidating all regional and sub regional programs related to cybersecurity capacity programs, and make it available and updated in the UNIDIR Cyber Policy Portal. In this regard, the Philippines finds it useful to avoid a focal point with responsibility of coordinating offers and requests for capacity building, as well as updating the consolidated capacity building programs. The Philippines also recommends that of such consolidated capacity building programs will be operationalized, it should also be regularly circulated to all missions for their reference, example, every quarter of the year. This is to actively remind missions of this endeavor and encourage participation, and fourth, on what role the UNIDIR can do to support a more coordinated capacity building efforts. Perhaps the UNIDIR can conduct a comparative study on different international and regional organizations that offer programs and assessment tools on cyber capacity building, determined best practice and list recommendations on how the UN can build and improvement in these existing initiatives for the OEWG’s consideration. Mr. Chair, at the previous OEWG, states highlighted that many obstacles hinder or reduce the effectiveness of capacity building. The Philippines is of the view that two significant concerns that this group can address are insufficient coordination and complementarity in the identification and delivery of capacity building efforts. We are not starting from scratch, we have information right before us. What we need is to work and improve on existing programs, and effectively implement and consolidate all these initiatives and efforts in such a way that all member states will be able to meaningfully participate and contribute to this capacity building efforts. I thank you, Mr. Chair. 

Ambassador Gafoor  

Thank you for the statement. Switzerland, please. 


Capacity building is critically important in order for the international community as a whole to achieve our common goal of a safe, secure, peaceful and sustainable ICT environment. In paragraph 56 of the Open-ended Working Group consensus report, we agreed on a number of principles for capacity building. We recognized the capacity building should be sustainable, have a clear purpose, be evidence based and demand driven. We also recognized that mutual trust is an important pre-existing condition for successful capacity building. It is paramount that capacity building stays politically neutral, transparent, accountable and without conditions. United Nations Program of Action a cross regionally supported initiative would be an important step forward in supporting the capacities of states to advance responsible state behavior in cyberspace. Capacity building actions within the framework of the POA would be implemented in accordance with the principles outlined in paragraph 56 of the Open-ended Working Group consensus report. The POA would support tailored capacity building based on state assessments of their needs, develop exchanges of best practices and experiences between relevant experts and foster meaningful multistakeholder engagement with civil society, academia and private actors. By drawing on the uniquely universal role of the UN, UN POA would support and facilitate capacity building at the global level. What does this mean concretely? For example, the POA could support the development and update as appropriate of UNIDIR’s survey of national implementation. It could encourage the use of the survey to regularly assess of state’s needs and to identify during POA meetings, further action is required to build capacity. It could also encourage workshops with partner countries and regional organizations in order to identify individual needs on the basis of a holistic approach and ensure the most efficient and sustainable cooperation possible. The POA could promote better coordination of capacity building activities, including at regional level, by encouraging states and other actors to leverage existing instruments to improve the matching between capacity building activities and identified needs. Also, within the POA, a Trust Fund dedicated to the funding of capacity building projects could be established. The POA would also facilitate the contribution of other interested stakeholders, such as the private sector, NGOs and academia to capacity building. Mr. Chair, Switzerland believes that establishment of the POA would be a concrete measure the Open-ended Working Group can take to advance capacity building efforts in the near to medium term and in a sustainable manner. As such, the POA would be complementary to the Open-ended Working Group’s work and would allow us to go in more depth to discuss concrete and technical issues. In our view, the Open-ended Working Group could therefore in its first annual progress report, recommend the establishment of the POA. The POA is a living proposal, we look forward to continuing discussions on the POA within and outside the UN and invite all interested states to join in and contribute to build together a platform fit for purpose and beneficial to all. Thank you. 

Ambassador Gafoor  

Thank you for the statement. I give the floor now to Indonesia, to be followed by Singapore. Indonesia, please. 


Thank you, Chair. On behalf of the Non-Aligned Movement, we wish to highlight the importance of the OEWG in promoting corrective measures for international cooperation and assistance, including capacity building measures. In this regard, the principle of shared but differentiated responsibilities should be applied. NAM call upon developed countries and international entities to provide real and concrete contribution to assist and cooperate with developing countries, upon requests targeted without any condition or discrimination taking into account specific needs and particularities of each recipient state. NAM reaffirms that in order to transform the digital divide to digital opportunities this activity should ensure the imperative of universal, inclusive and non-discriminatory access to information and knowledge related to ICT, and should result in supporting national efforts in developing countries in the area of building, improving and strengthening capacities to facilitate their genuine involvement in all aspects of the information society and knowledge economy. NAM calls immediately withdrawal any coercive unilateral measures that prevent universal access to the benefits of ICTs or restrict or deny in any manner whatsoever developing countries of the ICTs-related science, know how, technology, and services in in all its aspects for peaceful purposes. This would undermine states opportunity to take benefit from capacity building, international cooperation and technical assistance, as well as might increase digital divides and hamper capabilities to protect critical infrastructure and to address threats from malicious use of ICTs. Chair, on Indonesia’s national capacity, my delegation also acknowledged our fruitful exchange during our last session, particularly in identifying and assessing the specific needs and unique circumstances faced by different states and regions, which may be useful to expand areas of cooperation in capacity building. We also encourage interaction and collaboration between states and relevant stakeholders in terms of expanding potential areas for capacity building, and increasing access to technical expertise. At this point, we believe that stakeholders engagement could be a component of capacity building, for example, by providing state with the know how required to identify and engage meaningfully relevant stakeholders in order to strengthen their ICT policy making processes. The UN, through its relevant agencies may consider assisting and facilitating capacity building program that adhere to principles of process and purpose, people and partnership as elaborated in paragraph 56 of the last OEWG report. Lastly, it is important for both donor and recipient to come up with a way to measure the success of capacity building. The UNIDIR can play a role in compiling lessons learned on capacity building in the field of ICT security. This way we can keep learning from each other and build a sustainable capacity building program that will work for many years to come. I thank you, Chair. 

Ambassador Gafoor  

Thank you for the statement. I give the floor now to Singapore. 


Thank you, Chair. Singapore aligns ourselves with the statement delivered by Indonesia on behalf of NAM. Member states have agreed that the OEWG should facilitate capacity building efforts to strengthen the overall security and resilience of cyberspace. Singapore highlighted that capacity building would enable countries to contribute meaningfully to international cyber discussions. With this in mind, Singapore has proposed the establishment of a UN Singapore Cyber Fellowship Program. This fellowship is targeted at senior level officials, particularly those from developing countries holding decision making responsibilities in the areas of cybersecurity and cyber governance. We envisage the fellowship to have an interdisciplinary curriculum, integrating the key domains of strategy, policy, technology and operations. This is in line with the final report of the inaugural OEWG, which identified the need for building expertise across a range of diplomatic, legal, policy, legislative and regulatory areas. We believe that the fellowship will help to plug an important gap by equipping participants with necessary skills to effectively balance the considerations of policymaking with the operational management of technical teams. It will also provide a platform for participants to network and engage with practitioners from government to private sector and academia. We look forward to receiving feedback on this proposal and we’ll be happy to engage interested delegations on how best to take this proposal forward. As with the earlier tabletop exercise program, we will circulate the content and publish them on the OEWG website after the end of the session. Given the prior calls for global repositories and portals on capacity building activities, it will be useful for the OEWG to work with UNIDIR, in consultation with member states, regional organizations and stakeholders and organizations such as the Global Forum on Cyber Expertise to better coordinate global capacity building efforts. This would help us better identify synergies for a more collaborative and sustainable approach to cyber capacity building. For instance, the Cybil portal established by the GFCE has enabled participating member states to tap on the rich exchanges of cyber capacity building initiatives and help foster public-private partnerships and optimize resources. It would also be good for the UN to compile a comprehensive calendar of capacity building programs. And this will allow the international community to have greater visibility of existing needs or gaps to better tailor our programs and focus our resources. Thank you. 

Ambassador Gafoor  

Thank you for the statement. I give now the floor to Portugal, to be followed by Egypt. Portugal, please.


Thank you very much for the floor, Mr. Chairman. We align fully with the statement delivered by the representative of the European Union, but we’ll add very brief specific considerations. Portugal was one of the first co-sponsors of the Program of Action to promote responsible state behavior initially proposed by Egypt and France. The political consensus on the applicability in cyberspace of the UN Charter and Geneva Conventions on the one hand, and of the Universal Declaration of Human Rights on the other hand, which we have achieved, thanks to seven government expert groups, has finally entered an implementation phase under the auspices of the first and second Open-ended Working Group. And in the phase of implementation of the political commitments already achieved, the Program of Action submitted to the consideration of this Open-ended Working Group, during the first plenary session last December is the right path to follow. The sizeable number of co-sponsors that it has already attained means that its practical role has been widely understood and accepted. Bringing the information systems of the critical infrastructures of every member of the UN to the same level of security, will indeed necessitate a consistent collective effort at all levels of international cooperation to build the required capacity. However, in order to be effective, cybersecurity capacity building must be complemented by a proportional effort to combat crime. And in that respect, Portugal is very pleased to acknowledge the progress in the initial session of the negotiations of a future UN convention to enable a higher level of general cooperation against cyber crimes. Apart from cybersecurity capacity building and combat of cybercrime, a structured dialogue about development of voluntary norms of responsible state behavior is essential in order to achieve a high level of awareness about how to protect the openness, freedom, accessibility and stability of cyberspace. Governmental Organizations such as the Global Forum on Cyber Expertise, and the Freedom Online Coalition, which identify and promote best practice in crucial areas are therefore instrumental in this regard and should become as universal as possible. Thank you, Chairman. 

Ambassador Gafoor  

Thank you for the statement. Egypt to be followed by Venezuela. Egypt, please. 


Thank you, Mr. Chair. I would like to align ourselves to the statement delivered on behalf of NAM, adding the following remarks. International cooperation and assistance play an essential role in enabling states to secure ICTs and ensure their peaceful use, while providing assistance for capacity building in the area of ICT security is also essential for international security, by improving the capacity of states for cooperation and collective action. Moreover, capacity building involves more than a transfer of knowledge and skills from developed to developing countries, as all states can learn from each other about the threats that they face and effective responses to those threats. In this context, states should consider a variety of measures to provide technical and other assistance to build capacity and securing ICTs in developing countries requesting assistance, including training exchange of legal and administrative best practices, and access to technologies deemed essential for ICT security. Bearing in mind the urgency to promote a culture of cybersecurity to ensure that all users, owners and operators of ICT networks understand their responsibilities and have methods to combat attacks, it is timely to move forward to turn from conceptual discussions and endorsing recommendations into the operationalization phase, and the establishment of an institutional sustainable platform, streamlining and strengthening capacity building efforts and activities with a view of assisting developing countries and enhancing and bolstering their information security and emergency response capability. Therefore, proposal of Program of Action constituted by Egypt and France, and cosponsored by almost 60 member states will play a vital role in this regard. The Program of Action would seek to operationalize the principles for conducting capacity building activities, which are set forth in paragraph 56 in the final report of the previous OEWG. In particular, it would ensure the capacity building actions remain inclusive, adapted to the needs of states and respectful to their sovereignty, and based to their national assessments. Their proposal of Program of Action could play a crucial role, also in the capacity building efforts, allowing a bottom up mechanism to support implementation efforts at the national level, in particular through tailored coordinated capacity building with full respect again to state sovereignty. The POA might consider benefiting from relevant UN programs, in particular international cyber crisis management regional workshop series of UNIDIR, tailored disarmament orientation courses also from UNIDIR with a focus on raising awareness of national points of contact for both experts/senior officials was relevant cybersecurity focuses. In the same context, the POA might also consider to cooperate with relevant UN specialized agencies in particular ITU, which conducts cyber drills at regional and national levels as well as international cyber crisis management regional workshop series. Finally, I’d like also to echo what was mentioned by our French colleague welcoming the positive responses that we have received during the session with regards to the POA proposal. And I would like also to value the proposal raised by Singapore’s delegation, regarding the establishment of the UN Singapore Fellowship Program, which would push forward the cooperation and capacity building efforts, while also we reiterate that our proposal that we have highlighted during the last session regarding the establishment of a fellowship program, which is similar to the NAM fellowship program, is suggested within the POA on small arms and light weapons. I thank you, Mr. Chair. 

Ambassador Gafoor  

Thank you for the statement. Venezuela to be followed by Iraq. Venezuela, please.


Thank you, Chair. The Bolivarian Republic of Venezuela considers that the norms and principles on capacity building in the field of information and communication technologies within the context of international security must be applied first off and in the context of international security. We must first recognize the persistent technological asymmetries as well as the existence of multiple approaches to capacity building. Therefore, capacity building should be carried out on a voluntary basis at the request of the recipient state within the framework of their constitutional prerogatives and pursuant to their national development strategies, in order to respond to their own needs and specificities with full recognition of national ownership. We should also see respect for non intervention and confidentiality and always take into consideration shared but different responsibilities when it comes to developing capacity building measures among member states. Capacity building should respect pluralism in the area of ICTs and avoid political stigmatization, and the application of unfriendly policies among states that need special technical assistance. This should also benefit development in intersectorial, holistic, multidisciplinary measures that will help us to train and research in member states that will be receiving cooperation measures when it comes to evaluating and following up on national policies for ICTs within the context of international security. No less important than that is that we must take into consideration the capacity building measures before us and when we do that we stimulate the development of new technologies as well as access to information, non-discriminatory and open access to information on using ICTs. We should use sustainable and predictable measures that will be non-discriminatory and not subject to conditions, especially for political reasons going forward. We should also explore possibilities of establishing public-private institutions within the framework of international organizations and to offer tools that will allow states to measure the effectiveness of their capacities in the ICT area and the cybersecurity area based on non-conditional voluntary standards. Chair, capacity building and the safe use of ICTs should result in social and economic benefits that are concrete for all nations, promoting and applying coercive unilateral measures goes against the precepts of our charter, and is an attack on capacity building, it erodes trust as well as cooperation opportunities and opportunities for technical assistance. It broadens technological gaps and destroys existing technological capacities, thereby affecting international infrastructure and the international infrastructure in place for combating malicious use of ICTs. We must use that infrastructure and we need that infrastructure in order to create a more safer environment for all. Thank you, Chair. 

Ambassador Gafoor  

Thank you for the statement. Iraq, followed by Cuba. Iraq, please.

Thank you, Chair. Distinguished Chair, the delegation of Iraq believes that capacity building in the cyberspace is one of the most important priorities of the working group. We encourage all countries to strengthen international cooperation and we are grateful for efforts made by all countries that have taken steps to build their capacities. We believe that it is necessary to promote these efforts in the near future. Iraq for its part, after approving the cyber strategy, is working on strengthening cooperation with stakeholders internationally. We are doing this in order to establish a survey and assessment for the five criteria for cybersecurity. Also as for policies, at the national level, we have legislation, we have standards and relevant criteria. Iraq is making active efforts to include cybersecurity in school programs and curricula and to strengthen awareness building activities to raise awareness about this issue, in order to address cyber threats and their impact on society. As we hold this meeting here today, the national authorities in Iraq have successfully introduced these aspects in three universities in Iraq in order to train specialists in this area. Thank you, Chair. 

Ambassador Gafoor  

Thank you for the statement. Cuba, to be followed by Netherlands. Cuba, please.

Thank you, Chair. We align ourselves with the statement by Indonesia on behalf of the Non-Aligned Movement. ICTs should be used for peaceful purposes for the benefit of humankind and to promote the sustainable development of all states. And in that regard, we require international cooperation, especially for developing countries. The principle of a shared but different responsibilities should be applied, we make a call to developed countries and international organizations to make concrete real contributions to help and cooperate with no conditions or discrimination. Countries that have specific needs. Going forward in this area, the OEWG should implement effective measures for international cooperation within the area of ICTs, including measures that will help to develop capacity building measures and new technologies. We also advocate for, as have said other delegations during this debate, for this group to discuss the potential establishment of: one, mechanisms for financial support to developing countries in order to promote the security and use of ICTs taking into consideration their national priorities and responsibilities; two, a scholarship program to train experts in developing countries on all aspects of cybersecurity, taking into consideration current debates within the United Nations, study plans should be defined while taking into consideration the needs of developing countries; and thirdly, a database of best practices and techniques available within this area. Measures for skills building or capacity building within the OEWG should be implemented to close the technical gap, strengthen human and technological resources among states in order to implement norms, rules and principles for responsible behavior, improve cybersecurity and contribute to sustainable development. States must abstain from imposing any unilateral course of action that would restrict or impede access to the benefits of ICTs, limit capacity building of other states in this area or impede international cooperation. The UN, through its specialized to agencies like, for example the International Union for Telecommunications, should play a central role and poise itself as a focal point for dialogue, cooperation and coordination among member states, including to promote and foster capacity building and technical assistance within the area of ICTs. Efforts for capacity building at the bilateral level, sub regional and regional levels should complement, not replace mechanisms that we would establish within the multilateral environment, not all regions share the same characteristics. For capacity building and technical assistance at the regional level should be promoted within the framework of mechanisms that all countries in the region can participate in. Participation by other actors in capacity building should be coordinated by states under the auspices of the United Nations. Mechanisms should be established to monitor these initiatives by the states themselves. Thank you. 

Ambassador Gafoor  

Thank you for the statement. Netherlands to be followed by South Africa. Netherlands, please. 

The Netherlands  

Thank you, Chair. My delegation aligns itself with the statement of the European Union and would like to make some additional remarks in our national capacity. Cyber capacity building is a vital importance to global digital development, and the entertainment of sustainable development goals. States should cooperate to enhance global cyber resilience. This can range from technical steps like ensuring that all states have a national CERT, to supporting the development of national cyber policies and strategies. In undertaking these efforts, it is of utmost importance that all actors adhere to the principles for capacity building laid out in the previous OEWG report. One such principle is that capacity building should be demand driven. In this regard, I would like to highlight several complementary tools that can help states identify their needs and priorities in different areas. These include the Cybil Portal of the Global Forum on Cyber Expertise, UNIDIR’s National Survey of implementation and the Capacity Maturity Model developed by the Oxford Global Cyber Security Capacity Building Center. Chair, on Monday, the High Representative Miss Nakamitsu, highlighted the need for permanent platform to support capacity building and the implementation of the existing normative framework. We believe such a platform could complement the OEWG’s work to further develop common understanding and elaborate the consensus framework for responsible state behavior. The Netherlands believes that the Program of Action may act as such an implementation body, it could facilitate the sharing of expertise, best practices and capacity building to allow states to effectively implement the framework. It can also facilitate other mechanism as shared earlier by Frace and Egypt. Multistakeholder organizations can make a valuable contribution to the POA. And here I would like to highlight the work of the Global Forum on Cyber Expertise, which helps match capacity building needs, with expertise and resources. Finally, Chair, we believe that the OEWG should further promote a gender sensitive approach to cyber capacity building, as was also suggested by Canada. This also replies to the area of cyber diplomacy, where we seek to increase the representation of women in our discussions through the Women in Cyber Fellowship Program. Thank you, Chair. 

Ambassador Gafoor  

Thank you for the statement. South Africa, please, to be followed by Cote d’Ivoire. South Africa. 

South Africa  

Thank you, Chairperson. South Africa aligns itself with the statement made by the delegation of Indonesia on behalf of the Non-Aligned Movement. South Africa believes that international cooperation is the only way to adequately address the threat to cybersecurity, there is no reason to leave any state behind. In this regard, we stress that capacity building activities should be context specific, evidence based, politically neutral, transparent, accountable, and without conditions in line with the decision of the first OEWG. Notwithstanding the above mentioned principles, South African notes with interest practical proposals, such as the establishment of a cybersecurity fellowship that the delegation of Singapore just highlighted, which we believe should be well targeted based on nationally determined candidates and needs. We believe that international cooperation for capacity building in general, should be targeted, needs based and nationally driven. It should help develop skills, human resources, policies and institutions that increase the resilience and security of states, so they can fully enjoy the benefits of digital technologies. I thank you. 

Ambassador Gafoor  

Thank you for the statement. Cote d’Ivoire to be followed by Colombia. Cote d’Ivoire, please.

Cote d’Ivoire

Distinguished Chair. Since this is the first time that my delegation is speaking here, since the beginning of the session, allow me to express our gratitude to you for steering our work, as well as for all of the efforts that you have made to promote the broadest discussions possible. My delegation also aligns itself with the statement of Indonesia on behalf of the Non-Aligned Movement, and we will make the following comments in our national capacity. For developing countries, capacity building is key to international cooperation with respect to digital security. By increasing the technical, operational and structural capacity of our states, we can build capacity in order to develop our ability to benefit from the digital world and also to more actively participate in discussions about security issues and ITCs. Additionally, capacity building is a key role in promoting and implementing other principles which guide us in our work. These are the prevention and mitigation of existing and emerging risks, respect for international law, the implementation of responsible behavior, norms and confidence building measures. Given the increasing inter-dependency of our societies, thanks to ICTs, capacity building for recipient states helps increase the resilience of global cyberspace and also benefits the entire international community. Distinguished Chair, in order for it to be effective, support for capacity building of states needs to be targeted towards serving critical national infrastructure in order to protect them. We need to prioritize the coordination of information and viewpoints through strategic partnerships, while accounting for different realities and national needs. Additionally, we need to encourage initiatives for facilitating exchange of experiences and best practices, also through direct interactions, and bilateral contacts, as well as regional and multilateral cooperation. Distinguished Chair, the promotion of support for capacity building is one of the priorities of our cybersecurity efforts in Cote d’Ivoire. My country has benefited from the support of France. Since 2012, France has helped us set up training programs on combating cybercrime for police, the Gendarmerie and investigators. We also have a cooperation program for data sharing since 2017, it exists between the authority for regulating telecommunications and ICTs of Cote d’Ivoire, our ARTCI and the ANSSI of France. Additionally, in June 2014, Cote d’Ivoire hosted a workshop for strategic discussions on cybercrime. We have a convention on experience sharing and strategic support for ITCs, Cote d’Ivoire signed it with the IB Morocco group on the sidelines of this workshop. Also, as part of the ratification process of the Budapest Convention, which we joined in June 2019. We have benefit from the valuable support of the Council of Europe. Regionally, Cote d’Ivoire held the inaugural Cyber Africa Forum on June 7th 2021. Its goal is to exchange viewpoints and best practices in order to provide decision makers with specific suggestions on cybersecurity. Distinguished Chair, we value our international commitments and we’re concerned with the security and dependability of cyberspace. That is why it Cote d’Ivoire on December 22nd 2021,  adopted its 2021-2025 National Cybersecurity Strategy. Its total cost is estimated at 31 million US dollars. This strategy is focused on creating an operational security center which will monitor cybersecurity incidents in real time and improve cybersecurity. Thank you. 

Ambassador Gafoor  

Thank you for the statement. Colombia, to be followed by Japan. Colombia, please.


Thank you, Chair. We want to take advantage of the opportunities that ICTs present and we want to guarantee responsible behavior around this area, and we need cooperation. International cooperation and assistance in this area is truly fundamental. In previous statements this week we’ve specifically referred to areas where we need to strengthen our capacity building measures and we would like to mention those actions that help to close technological gaps and that help to increase socioeconomic capacities as well and close gender gaps. We will need to continue our capacity building efforts when it comes to responding to cyber events. We have to protect critical cyber infrastructure and have greater resilience capacities. Going on to your specific questions, Chair, about measures that could be implemented to facilitate the effective consideration of needs of developing countries when it comes to developing their capacity building initiatives, we think that in order to effectively implement cooperation, we should carry out technical studies like gaps research, that will allow us to understand the needs present and offer adapted assistance to countries that might be a bit further along. In this regard, we have to look at the role that regional organizations play in this area, they could carry out such a study that I’ve mentioned and channel that sort of assistance supply. We’ve seen success at the regional level and we could take advantage of various fora to broaden our capacity building initiatives, when it comes to responding to cyber events through trans-regional initiatives. As various other delegations have mentioned today this OEWG can base its work on such experiences and we could focus our our perspective going forward to a regional level. We see an OAS initiative bringing various actors together that look at how we can respond to cyber incidents. Another successful project within the framework of the OAS is the initiative that was recently started and that Colombia co-sponsored, in addition to other projects that we have co-sponsored, like with the UK in this area. As co-sponsors of the Program of Action, Chair, we have mentioned on many occasions the relevance of this program when it comes to promoting a results-based process to promote capacity building. We ask states that have yet to do so to sign on to this initiative, so that we can know who wants to participate going forward. We understand that capacity building requires joint efforts and that public-private partnerships have great potential in this area. We cannot close our statement on this theme without highlighting the positive impact of our debates on the initiative of Women in Cyberspace, co-sponsored by various countries. Thank you. 

Ambassador Gafoor  

Thank you for the statement. Japan, to be followed by Lao PDR. Japan, please.


Thank you, Chair. Japan strongly believes that capacity building is essential for maintaining peace and stability and promoting an open, secure, accessible and peaceful ICT environment. Capacity building assists states to act in accordance with norms of responsible state behavior and capacity building is also important for many developing countries to prepare and respond to malicious cyber activities. Enhancing the capacity of individual states enhances the strength of the international community to prevent and mitigate the impact of malicious ICT activities. Capacity building requires close coordination between the recipient and donor countries. Capacity building activities have to be based on the needs of the recipient country, and the Program of Action proposed by France and Egypt will support tailored capacity building based on state assessments of their needs. The international community can benefit from even more information sharing on the capacity building programs of various countries. We could have countries that provide capacity building efforts to provide a summary of the programs that could be included in the annual reports of the OEWG, or states could use the portal site of UNIDIR to share information related to capacity building. It is also Japan’s view that non-governmental actors such as NGOs, the private sector and the academia play an extremely important role in capacity building. There are numerous seminars and programs offered by these non-governmental actors that are beneficial to capacity building. Compiling and sharing information related to these programs could assist states to consider which programs may help them to build capacity in cyberspace. The UNIDIR portal site could be used to post information concerning cyber related events around the world that will help to build capacity. Thank you very much. 

Ambassador Gafoor  

Thank you for the statement. Lao PDR, to be followed by China. Lao PDR, please. 

Lao PDR  

Thank you, Mr. Chair. Distinguished delegates, the Lao PDR aligns ourselves with NAM and ASEAN statement. Capacity building in the field of ICT is fundamental to ensure cybersecurity. Therefore, the Lao PDR highly valued the discussion at the OEWG under the UN auspices, which put strong emphasis on the importance of capacity building. It is gratifying to note that throughout the session, many important initiative and ideas have emerged and some of them have already been materialized. This reflects our collective effort not only to continue discussing this important topic, but also produce actionable outcomes. In this regard, the OEWG has played a crucial part and nurture itself to become a mechanism for promoting international cooperation and assistance on cybersecurity. Mr Chair, to ensure the effectiveness and sustainability in capacity building, the design options program should be tailor made me based on national needs and circumstance. More importantly, capacity building should be conducted without pretext and carried out in a neutral, transparent and non-discriminatory manner. In this context, I would like to highlight the ongoing work of ASEAN on embarking on a process of developing metrics for a regional plan of action to implement the norm of responsible state behavior in cyberspace. To advance this initiative, capacity building program are needed to include technical skills and expertise, development of regulatory framework and enhancing common understanding on related international law and its application in cyberspace. Another initiative worth mentioning is merging sustainable development goals with cybersecurity by supporting developing countries through SDG implementation, aimed at making ICT affordable and accessible to all while focusing on building resilient critical infrastructure and ensuring cybersecurity across all sectors. This would further help building digital skills and equip them with sufficient skills to prevent any malicious use of ICT. Mr. Chair, in conclusion, as an LDC, the Lao PDR highly appreciate the continued support and assistance the OEWG has mobilized. We sincerely hope that the assistance to multi efforts rendered to developing countries will make important contributions to insuring tangible progress and achieving our common objective of maintaining a peaceful ICT environment. I thank you. 

Ambassador Gafoor  

Thank you for the statement. Nicaragua. Nicaragua, have you spoken?


Thank you, Chair. Nicaragua, a small and developing country, attaches great importance to the adoption of this Open-ended Working Group of a framework for international cooperation, capacity building and technology transfer among other things in line with the SDGs outlined in the 2030 agenda, which explains that developed countries must fulfill their commitments under the principle of common but differentiated possibilities. We believe that technical assistance to states should promote information and communication technologies contributing to the sustainable development of all countries and mainly to the eradication of poverty. This should be materialized through the establishment of a mechanism for financial assistance to developing countries, especially in projects that promote safe and peaceful use of ICTs. Also through the promotion of scholarships, workshops and seminars, and other spaces for experience exchange. Another critical point of our work will be addressing the digital divide and facilitating access for all countries, prioritizing training so that we can strengthen cybersecurity and the implementation of norms, rules and principles of responsible behavior. We reject the imposition of any unilateral coercive measure that could become an obstacle to achieving international cooperation and capacity building, which at the same time undermine our development plans. We consider that the United Nations through its specialized bodies should take on a key role and and position itself as a permanent forum for dialogue, consultation, cooperation and coordination among member states. We are in favor of regional cooperation mechanisms as well. Participation by other actors in capacity building should be coordinated by the UN and member states through oversight mechanisms for such initiatives. Thank you, Chair. 

Ambassador Gafoor  

Thank you for the statement. Islamic Republic of Iran, to be followed by Sri Lanka. Please, Iran. 


Mr. Chair, states can exercise responsible behavior, realize their rights and accomplish their obligations in the ICT environment if and when the required capacities exist. This is however, not realized on this technological infrastructure and information of needs are met, including through the demonopolization and facilitation of access to share of new ICT relative science and technologies. Providing open, fair and non-discriminatory access to ICT related science technologies, products and services should be prioritized for early action in the area of capacity building. Security should never be used as a pretext to hamper international cooperation on ICTs for peaceful purposes. Restrictive measures against other states in the ICT environments such as limiting and blocking IP addresses, restrictions to the registration of domain names and removal of popular apps from app marketplaces pose serious threats to ICT development, security and trustability, while affecting existing capacities and efforts to build and develop the required capacities. The OEWG should focus on the components of the global architecture for capacity building, including cybersecurity training and education under the auspices of the United Nations. This should guarantee a balanced non-discriminatory and demand driven global cooperative arrangement for ICTs relative capacity building. There are still countries that are not part of regional mechanisms. The OEWG should facilitate and encourage sub-regional and regional schemes with the widest participation of demanding states. Any capacity building program relevant to cyberspace should be designed and implemented under the national policies and needs of states with their economic, social and cultural systems. These programs should not become an instrument to intervene in their internal affairs. The principles of common but differentiated responsibilities should be applied to the ICT environment, so to provide cooperation and assistance to developing countries upon their request without any conditional discrimination. Some specific proposals that the OEWG can take to advance capacity building are as follows. One, transfer of technology technical assistance and financial support. Two, establishment of a specific fund to support projects to promote security in the ICT environment in developing countries. Three, a dedicated fellowship program by the United Nations and also the one proposed by Singapore, in collaboration between Singapore and the United Nations. And four, establishment of a databank for best available techniques. I thank you, Mr. Chair, and we’ll submit our full version of the statement to the Secretary. Thank you. 

Ambassador Gafoor  

Thank you very much, indeed. I give the floor now to Sri Lanka, to be followed by Chile. Sri Lanka, please.

Sri Lanka

Mr. Chairman, Sri Lanka aligns itself with the statement delivered by Indonesia on behalf of the Non-Aligned Movement. It is a fact that there exists a significant digital divide in today’s world, a divide that has been precipitated by a pandemic, which is our own creation. A pandemic that has driven us to a greater use of ICTs, and necessitated the bridging of that divide. We placate ourselves with the thought that this presents us with a digital opportunity in our quest to build back better, making a virtue of a necessity. Sri Lanka enacted the Personal Data Protection Act Number Nine of 2022 in March 2022, which provides for mechanisms of protecting personal data while simultaneously facilitating the growth and innovation in the digital economy in Sri Lanka. The Act ensures data protection is provided to those identified as data subjects and provides the legal framework to strengthen cross border cooperation, while assuring the interoperability among personnel data protection frameworks. Furthermore, Sri Lanka is in the process of developing a cybersecurity bill, focusing on the civilian aspects of cybersecurity for the purpose of implementing the National Cybersecurity Strategy of Sri Lanka, by establishing a cybersecurity agency and incidentally protecting the Critical Information Infrastructure within Sri Lanka. In light of the above developments in the legal sphere and as a developing country rapidly marching towards overall digitalization of governmental functions, Sri Lanka wishes to highlight the following features we believe would among other applicable ideas facilitate effective consideration of the needs of design and development of capacity building measures. Capacity building efforts should be needs based and nationally driven. Strategies must clearly define and effectively integrate the priorities of each state. Creation of partnerships facilitating knowledge and skill transfer should be an essential component of such efforts, which would be facilitated by the adoption of a bottom up policy, allowing communities and regions to adapt to their specific needs. Capacity building policies should be adaptive to concepts of equity, and must endeavor to bridge existing divides of technological capacity, gender and poverty. Capacity building policies must increase transparency and contribute to the confidence building, acknowledge the strong linkages between confidence building and capacity building, enhance capacities of regional law enforcement officers to investigate cybercrime as well as focus on strengthening criminal justice systems. Capacity building should also focus on improving general cyber awareness in multiple sectors. Classification and mapping out challenges that can drive the capacity building efforts as a dynamic process promoting development of policies that are more resilient to the risks. The need to understand complex cybersecurity issues, especially on application of international laws in cyberspace. Sri Lanka also takes this opportunity to acknowledge the work of the Group of Governmental Experts that preceded this OEWG, and their notmative recommendations on capacity building, which has laid the basis for discussions at this and the previous OEWG. Whatever the difficulties we have encountered from the outset in this forum. We hope that the deliberations in another forum on a new international convention which takes cognizance of national, regional and international instruments, in combating the use of information and communication technologies for criminal purposes, together with the outcomes of this OEWG, will open windows of opportunity to arrive at a consensus to secure international cooperation to build capacity to counter cybercrime. Sri Lanka also takes this opportunity to thank our partners, especially the Council of Europe and the UK Government for the assistance rendered in strengthening our national capacity building efforts. Thank you. 

Ambassador Gafoor  

Thank you, Sri Lanka. Chile, please.


Thank you, Chair. For Chile, capacity building is an urgent and priority issue, as it is a strategic and critical element when it comes to advancing in the implementation of agreements and measures within the framework of ICT use. We believe that capacity building is a key element and essential element to building an open, safe, stable, accessible and peaceful cyberspace. In that regard, we support the recommendations outlined in the report by the GGE and this OEWG. Similarly, we should highlight the role of regional agencies and bodies as well as their capacity building programs, which are essential to generating a more effective set of initiatives by member states. In that regard, we would like to highlight once more the important work done within our region for the cybersecurity program of the Inter American Committee on Terrorism by the OAS. At the international level, we believe that we should highlight the work of the Global Forum of Cyber Expertise who have focused their work specifically on capacity building. We believe that the UN could evaluate these kinds of initiatives to move forward with viable cooperation, assistance and capacity building plans and strategies. In that same regard, we highlight the importance of the plan of action, an initiative that is focused on implementation, which could help us to strengthen technical cooperation and capacity building cooperation among states. Chair, we believe that this OEWG, through the UN system could contribute to developing a global map for capacity building opportunities, and work with regional bodies and other initiatives as focal points. We could achieve this through a specialized unit in this area. Those units could be responsible for coordinating these capacity building opportunities in an effective and efficient way with particular goals in mind. We need a global strategy for this theme, which will allow us to establish short, medium and long term goals aligned with particular perspectives of action. We want to complement the various initiatives that currently are in existence, so that countries that need help can access the opportunities that are out there. We want to express that we think that the Program of Action could play an important role in this initiative, because it could contribute to carrying out concrete action in this area. Thank you very much, Chair. 

Ambassador Gafoor  

Thank you very much, Chile. I’ve got three more speakers left under this agenda item relating to capacity building. And I intend to take the three speakers tomorrow, so that we give them adequate time to express themselves, given the fact that it is almost 6pm. Distinguished delegates, I don’t intend to make any summary at this point, but I just wanted to say that tomorrow morning we will begin or rather continue our discussion on agenda item five relating to capacity building, and take the three remaining speakers, which is Germany, Malaysia, and China, in that order. And then we will proceed to Agenda Item 5c, which is the sub item relating to regular institutional dialogue. And I will invite interventions from delegations and we will take that agenda item in the morning. The second point that I wanted to mention is that tomorrow morning I intend to begin our meeting at 10:30am. The reason is that I have prior engagement with the Secretary General of the UN and it is important that I be present at the meeting. And therefore, I apologize that I will not be able to begin at 10:00am, but we will begin at 10:30 tomorrow morning. The venue for the meeting will be conference room one, correct, the conference room one. So, we are going back to the basement and that will be our meeting room for the rest of the day, for both the morning and afternoon session. And in the afternoon, I intend to continue our meeting to take up agenda item 6, which relates to other matters., and under that I intend to invite views from delegations on the content and structure of the annual progress report. And I’m looking forward to that discussion as well which is going to be an important basis for our preparations in advance of the session in July. I’d like to thank all delegations for their very constructive and very detailed statements on capacity building, which is a very, very important part of the working groups mandate. And judging from all the comments that I’ve heard I think there is considerable common ground. The challenge for us will be to capture them in a way that is concrete and very forward looking, so that we can put it in our annual progress report in July. At this point, I’d like to resume the formal meeting of the working group and then adjourn the meeting with the announcement that we will meet tomorrow at conference room one at 10:30am. The meeting is resumed and adjourned. Thank you.

Leave a Reply

Your email address will not be published. Required fields are marked *