Making Cybersecurity Institution and Capacity Building ODA-eligible.

A proposal by Estonia and ICT4Peace

Activities, Capacity Building CS, OECD, Cybersecurity High-Level Policy Briefings, ICT4Peace Cybersecurity Policy and Diplomacy Capacity Building, ICT4Peace Support to UN OEWG and UN GGE, including Programme of Action PoA, Norms of Responsible Behaviour and Confidence Building Measures (CBMs) for the Cyberspace

5. April 2020

Considerable investments into Cybersecurity Institution and Capacity Building Programs in Developing Countries and LDCs have been made in recent years by Governments, Inter-governmental Organisations, Academia, Civil Society and the Business Sector. International processes such as the UN GGE and OSCE reports have called for increased investments in this sector.

“Official Development Assistance” (ODA) is a statistic compiled by the Organisation for Economic Co-operation and Development’s Development Assistance Committee (DAC) to measure what does (and what doesn’t) count as aid.”

Cybersecurity Cooperation or Support to Cybersecurity Institution and Capacity Building do not, at present time, constitute ODA-eligible projects or programs.

ICT4Peace [1] and major actors in the sphere of Cybersecurity such as the Government of Estonia are of the view, that International Cooperation in Cybersecurity Institution and Capacity Building is not sufficiently recognized as a “Development Issue” and/or is not treated as a development priority by the Development Community, Development Partners, or by the MDGs or SDGs. A recent paper by the Dutch Government aims to bridge the gap between the discussions on cyber capacity building and the SDGs.[2]

It is hoped, that by bringing the discussion around the need for increased cybersecurity capacity-building also into the policy orbit of the OECD Development Assistance Committee (DAC), Cyber Security Capacity Building could more likely be recognised as a development priority by policy makers and more financial resources could flow into this sector in a consistent and coherent fashion.

Please find attached a concept note on “Making Cybersecurity Policy and Diplomacy ODA-eligible“ prepared by ICT4Peace in February 2020, based on a discussion on the margins of the UN OEWG Meeting in New York between the Ambassador at Large for Cyber Diplomacy, Ministry of Foreign Affairs, Estonia and the President of ICT4Peace Foundation Geneva. It is suggested that this proposal will be taken up for discussion by the Global Forum for Cyber Expertise (GFCE), and a proposal prepared for consideration by the DAC. ICT4Peace stands ready to support this process.

[1] ICT4Peace has been conducting eighteen (18) Cybersecurity Policy and Diplomacy Capacity Building Workshops on all Continents since 2014 (see ICT4Peace Note).

[2] https://unoda-web.s3.amazonaws.com/wp-content/uploads/2020/02/the-kingdom-netherlands-non-paper-on-cybersecurity-capacity-Building-and-sdgs.pdf