IGF 2023 – Day 0 – Event #208 Building Capacity in Cyber Security – RAW

The following are the outputs of the captioning taken during an IGF intervention. Although it is largely accurate, in some cases it may be incomplete or inaccurate due to inaudible passages or transcription errors. It is posted as an aid, but should not be treated as an authoritative record.

***

 

>> Good evening, ladies and gentlemen.  The next session, building capacity in Cybersecurity will start soon.  So if you could please be seated and wait for just a moment.  Thank you.

[PAUSE]

>> So thank you very much ladies and gentlemen for attending this building capacity in Cybersecurity session.  The moderator of this session is Mr. Peter Stephens.  He's from the OECD and he will be participating online from Paris.  So, Peter, can you hear us?

>> Peter:  Yes, I can hear you.  Good afternoon, everyone.

>> Great.  So if you're ready, the floor is yours.

>> Peter:  Thank you very much and welcome everyone to this session on capacity building on Cybersecurity.  As was said, my name is Peter Stephens and I'm at the OECD looking on digital security and today we've got fantastic panel.  Before we start, can I please Passover to introductions, can I please pass to Ms. Shanona, please.

>> Me first?

Yeah, I just say my name.  I'm Cana.  Thank you.

>> I'm Chris Painter, president ‑‑ former U.S. Government cyber diplomat among other things so very nice to be here in Japan.

>> I'm Tomoo, Cybersecurity at ministry of international affairs and communication in Japan.

>> Peter:  Thank you very much.  And it's a great pleasure to have such a fantastic group of panelists today.  We all know that Cybersecurity is very much international problem that requires a lot of international partnerships in order to respond to them.  We know that cyber crime is interconnected and the way technology can be weaponized across borders is on‑going challenge.  If he with just take one example of the Meria attack we saw that able to compromise 600,000 devices across Brazil, Columbia and Vietnam and then those products were able to be weaponize and damage and cause harm in the U.S., Liberia, Germany.  Governments can operate in isolation and we need to work in partnership to boost resilience from cyber threat and we know this issue continues to evolve.  What is an issue now will not be forever and more problems will continue to come.  So there is a need for all countries to adapt and prepare for those future threats within new and emerging technologies as we know a lot of interest now in AI and also as things develop in quantum as well.  Really important question about how can we build capacity in two ways.  So I always think about capacity building as a combination of the cross country capacity building, which is how can high capacity countries support lower capacity countries and that's the supporting to the development of international norms as well as helping governments to set the foundations by delivering meaningful policy to address market failure and promote strong Cybersecurity practices.  Also a challenge of how can we move from strategy to the delivery of it all in countries and how can we implement government approaches to help set expectations on industry which of course all operate globally.  As well as the reasonable component.  There's also an important component which is about how can we help time based capacity building?  How can we prepare for the future?  How can we make sure we have sufficient skillsets and the diverse group community of people who are working in Cybersecurity.  I most recently was at a deaf com conference in the United States and a really passionate discussion around the distinction between Cybersecurity skills and also how can we prepare for the workforce?  How can we make sure that more people are able to find the right roles in Cybersecurity to help them to make big impact and support industry and also the wider economy.  So we saw that already with the cyber workforce strategy in United States but also there's a need for further partnerships between these communities.  So I know there's a lot of work helping to bridge the gap between Cybersecurity professionals and also policymakers who historically have not worked in partnership perhaps for a number of different reasons we might go into.  And I think it's really interesting to see how that is continuing to evolve and that relationship changing.  I'm looking forward to hearing from participants about that as well:  So as we say, we have a one hour session here today.  So we will have three presentations from each of our panelists before going into 20 minutes of discussion and then there will be five minutes of Q&A towards the end.  If you do have questions please do make a not and there will be time for them at the end of the session.  So without further aces do, I would love to Passover to Chris Painter, president of the global forum on cyber expertise and what I would love to you do Chris if you could tell us a bit more about the work that the GFC is doing and how it is supporting policymakers to address Cybersecurity threats around the world.

>> Chris:  Great.  Thank you Peter and first let me just say how much of a pleasure it is to be here and be back in Japan which ‑‑ especially when I was with the U.S. Government had worked with a lot over the years and really valued that interaction on Cybersecurity, other kinds of cyber issues and so it's ‑‑ thank you to our hosts.  I know how much work it is to put on something like this so thank you for that.  I really appreciate it.

So let me just put the first slide up that I have.  Or someone put up the first slide.  Okay, there.  So when I think about cyber capacity building I think it's really foundational to everything we're trying to do, not just to fight threats online of which there are many and growing but also it's a foundation for achieving all the good things.  All the digital economy, digitalization, all the things we talk about into power countries and power individuals, Cybersecurity having good Cybersecurity is key and having capacity building to enable countries to do that is also very important.  So let's go to that next slide.  The GFC is basically an organization that was set up as a response, an international response to this global challenge because many countries and individuals and organizations around the world are now faced with these threats but don't really have the capability to deal with them.  Thanks particularly true in the global south, global majority who are dealing with this issues and really their economies are depending on it.  And it's meant to close the Cybersecurity capacity gap because there is a large one between more developed and less developed countries but even within the developed countries there are gaps that need to be addressed.  The point of the GFCE is to help countries and organizations put foundational building blocks to help with cyber resilience.  That phrase I think has more currency outside the cyber fear.  Peter mentioned sometimes the break down between policymakers and technical experts certainly that's there but there's also I think a break down between communities of interest, people who do economic policy, security policy, people who are in the development community like the SDGs and folks who do Cybersecurity capacity building.  We can't afford to have those communities together they need to be brought together.  So we can share them between regions and individuals but also in countries but also multiply their effect on the global level.  Next slide.

An organization have now 200 members and partners including about 60 countries including Japan, U.S. and many others.

Civil society, industry a. true multistakeholder organization.  The overall vision is fully reap the benefits of ICT through free open people secure and digital world.  Strength then capacity building and do that.  What we try to do and really important and something I saw when I was in the government, the resources are pretty slim in this area and often what happened in five different countries train the same five people in the country over and over again not really asked them what they needed and therefore the resources somewhat miss spent by duplicating efforts and not really having a strategic plan in place.  So one of our core things is to avoid that duplication to coordinate projects and really coordinate these efforts and also to help improve the efficiency and effectiveness of products both by coordination but also being able to share knowledge more fully among different stakeholders.  Fill capacity building gaps which is critical.  Finally help develop research.  Look up at the gaps, I see we commissioned research and projects so we have a research agenda, clearinghouse.  So if a country says we need help with X, match that country with donors and implementers who are part of the GFCE community, knowledge sharing we do through a portal, coordination is really ‑‑ next slide.  The key things I'd mentioned, the research agenda is what I just mentioned is commissioning research that feels the gaps where we identify gaps in the mapping that's done.  The clearinghouse is where a country says I need help.  We've had a country come to us recently saying I need a national strategy.  So lots of national strategies out there.  Lots of best practices which we provide to them but also match them with people can really walk through and help that process and make sure it's sustainable.  And the cybil portal which is at WWW.CYBILportal.org, collection of hundred of best practices, other documents along a number of different areas both regionally searchable but also more broadly in various national strategies, diplomacy, crucial crime, incident response, standards, all the of those are mirrored in that portal and I recommend it to all of you.  Next slide.

So this a broke down of what's on the civil portal.  Repository for subscriber capacity building projects.  Central portal.  We cross link between us some of the work they've done.  Now over 200 publications, 830 projects, 120 tools and over 800 actors including regional actors and I think that's really important because some things are really specific to particular regions and that helps people really fill the need that they have for more help and also points them to directions where they can get more help.  Next slide.  This gives you a regional break down too from really all over the world that we have projects actors and a number of upcoming events.  We also have a counter built on this which I think helps people see what all the upcoming events and there are many in this area.

Next so our priorities coming toward are to expand global cooperation, expand our network focusing on inclusive from every region around the world.  Regional coordination to bridge the gap both on a national and global level and one of the things I've heard often is this has been a move we have been doing a demand vision approach, listening to the people who want the help rather than saying here's a program we can give you saying here's a program we can give you, really listening doing that demand driven approach and doing work on regional hubs to do that.  Local collaboration by connecting local projects with a larger global GFCE ecosystem.  Next slide.

Part of the way we've done that recognizing that global efforts are important but you also have to have regional efforts more to the ground closer to the ground so I just came from Fiji where we launched our Pacific hub.  It's for the Pacific islands.  Where will linked there and really meant to help their needs and they particularly are some of the places that said look everybody wants to begin us I had a but we don't have the capacity to deal with that I had a because it's duplicative often they say here's how to build a cert 101 give that 12 different time where we need to build 102, put this in the larger context.  Pacific hub just launched really look forward to that.  We have in Latin American Caribbean region regional hub there liaison based in sing pour that's just starting to work I think that's again for this region in particular going to be really important working with Japan and other countries to make sure we're really listening to the region and amplifying efforts out there.

Next slide.

Which leads me to the last everything I want to touch on.  I mentioned these different communities.  Development community, cyber community and others and bringing them together and having a major conference in Ghana in acro at the end of November, 29th and 30th for several things.  One to elevate this issue of cyber resilience international and national development agenda.  We all know who deal with this area that increasingly Cybersecurity undergirds every kind of infrastructure project you could think about.  Water, power, financial systems.  It's not given the attention I think it deserves to make sure those development projects see the long‑term with strong Cybersecurity.  How can we bring those communities together to really leverage each other's efforts and not make these opposing things but things that are built together.  I mean that's really the over all point of this and also to bring more attention to capacity building in the cyber area globally firsts of a kind event, going to have leader, decision makers, experts from all over the world.  I say it's hosted in Ghana to be opened by the Ghana president.  We're bringing the development, cyber folks in, regional efforts, regional discussions from each of the regions I talked about.  Really going to be ‑‑ massive undertaking.  Planning for a while.  But I think it's going to be really important.  Next.  Slide.

I mentioned some of the outcomes of all of this.  Really elevate capacity building in that development agenda we want that to be a high level global cyber capacity building agenda for going forward based on regional agendas.  We're planning on launching something called the ‑‑ I think it's going to be called the call right now.  Still working on the phrasing.  Going to be a set of high level action item principles.  So lots of principles out there including Cybersecurity principles we've done but really now taken this to the next level in terms of action and overall expand the pool of resources far too limited in this area because the demand is huge, particularly in developing world.

And that's it for me.  So really look forward to your participation here today.  Look forward to your input if your country is not a member of the GFC, it's not hard to join.  If your organization is not a member, not hard to join as a member or partner.  We welcome these efforts.  Expanded dramatically over just a course of seven years but really key.  As I said this is foundational to everything else I think we're trying to do in this space, both positive and fighting threats.  So thank you.

>> Peter:  Thank you Chris.  That was fantastic to hear about first of all the importance of networks bringing together the communities from typical development communities as well as cyber communities and more policy folk, how can we make sure ‑‑ I also liked what you said about the demand driven approach and thinking about what are the issues that need to be done and how can we help to amplify what has already been done.  I think there's a supposition that you can ‑‑ you don't need to start from ground zero.  You can build on other people's work already.  I think there's a need to do that.  I also enjoyed hearing what you said about the importance of regional hubs and regional development work and I also would love to Passover to Mr. Yamuchi who I know has done a lot of work with particularly with Japan and I'd love to hear more about the work at a regional level to promote more policy initiatives within Cybersecurity.  So could I please pass it over to you.

>> Thank you very much.  First of all, thank you everyone here joining this session on‑site and online.  And I thank you very much for participating in the forum as a member of the host.  Okay, yes, next slide, please.

Okay, for the Japanese government.  We have Cybersecurity strategy every three year and now the existing strategy was decided 2021.  This was just about the ‑‑ when we established the agency to promote DX and just after the Tokyo limp picks games we have successfully operated the game.  And we have three major policy 123 and a three you can see the enhancing set from the perspective with the national security.  And under this pillars we have several specific measures and you can see number three the international collaborations and in these objectives, the supporting full capacity buildings we focus the activities for the capacity building in especially in the Pacific regions.  So I can ‑‑ I'd like to explain how we extend in order to have the capacity building activities for ‑‑ as young countries.  Next slide, please.  That we have not only the MIC ministries but also the holistic policymakers in Japan to have the Cybersecurity building activities.  And you have several activities in one to ten and the capacity building.  And I'd like to ‑‑ last column, so you can see the lead countries.  Of course now Japan has about more than half the items but you can see Indonesia or Thailand for several items.  So that means Asean countries has ability to lead these activities.  So we expect that the ASEAN countries has more abilities or incentives to promote kind of Cybersecurity.

Next slide, please.

I'd like to explain the ASEAN capacity building center in Bangkok.  This is a very busy slide, I'm sorry.  The major difficulties at the center we have two major pillars.  One is Cybersecurity exercise, the other is cyber C game.  The first run the Cybersecurity exercise we have originally called the cyber exercise.  This is established and organized for Japanese local government.  This is the very realistic exercise and we devised a cyber program to follow the ASEAN countries.  The cyber game this is in order to promote the activities for younger age especially for student or highly educated people.  We have conducted ‑‑ we have been conducting the CTS style contest and we promote them to have capacity in executing such kind of games.  Now we have more than two ‑‑ I don't know, sorry.  1,200 people participating as of August this year and now from this year, from this fiscal year the centers, operation of the center was transpired to Jacob, ministry of foreign affairs and NYC is continuously providing content to the centers.  And now we're constantly trying to expand these activities to ASEAN countries.  Now we are talking with the neighboring countries including the United States and area how to operate such kind of activities.

Okay.  Next slide.  This is the end of my presentation.  Thank you very much for your attention.

>> Peter:  Thank you very much.  And it was fantastic to hear about the work they have been doing and the exercises and how you are helping to scale that across the area.

I'd love to drill down into a bit more detail with Ms. Shudoda, founder of blue code events and blue Inc.  I'd love to hear more some work about Code Blue events and build partnerships with the technical community and also your work with youth development.  So Ms. Shinoda, can I pass it over to you.

>> Yes, thank you.  I would like to talk about three project.  One is called blue and 1Tajiji and Icc.  Code Blue is international conference in Tokyo.  It's been this year it will be 11th this year, happening in next month.  Keynotes like Miko from Finland and Sergi, ambassador to Japan.  Those two will be the keynote and then we going to have the 35 sessions.  It's like mixed conference and the Code Blue itself is very top global event and workshop and contest in Cybersecurity and ‑‑ first time it was very technical but since we thought we need to mix more low end policy people and cyber grant people too so that's why we mixed ‑‑ built low end track and cyber crime track.  That's why we try to mix those people all together in one venue to change the society faster by, you know, let them talk together in the same field.

Also to cultivate the young people we hire ‑‑ we set up like 25 youth sessions, two sessions and we created scholarship.  Code Blue research grant.  Really good speaker and really good research.  We going to give them some grant from the Code Blue.  And also at the same time we hired student staff too.  We hired this year 34 student staff to involve more young people to the Cybersecurity necessities too.  Mostly like high school student, university students are coming here to they work one day and they listen one day.  So they have enough time to talk with speakers and then the people of the ‑‑ industry people and also they make friends among student staff too who is coming from all over Japan.  Student staff is very popular among the young kids.  We hire only 34 students but we have three times more applications.  Very popular.  So we created Code Blue because about ten years ago security in Japan, we kind of like I felt like that we have lots of taboos in Japan.  Like they don't fully open to talk about security.  Like for example automatic security stuff even like America they talk about ‑‑ but in Japanese they don't publish that much about it.  So I try to make the security higher in Japan.  So that's why I try to make it like international conference, English and Japanese equally.  That's why ‑‑ Code Blue is a technology blue is in the ocean.  That's why we name it that way.

You can see pan sonic, NEC and those and in the pinks and lots of Japanese companies are supporting us and also some other companies from overseas also interested too.

Next slide, please.

Can you go back slides?  I wanted to mention that for supporters we have automotive association here now.  So yeah I just want to mention it.

Can you next ‑‑ thank you.  This is just a snapshot from the Code Blue.  Before COVID‑19.  That's why people are so close together.  So you see some people playing with sorting stuff and making like hardware hacking stuff and then some people are working together, you know, internationally smiling and working.  Some people are standing and watching about some tools talks and at this time we had about 1/3 people in one room.  It was COVID‑19.  Next slide, please.  And this is part of ‑‑ because Code Blue is always happening Halloween period.  That's why some people joining with dinosaur suits.  So we having fun with that.  And some people left ‑‑ very seriously.  Take that.  Next slide, please.

That's about Code Blue.  Next one is GCC, global Cybersecurity camp.  One week training camp for ASEAN youth and then ASEA.  In version in Japan.  Been already five years.  Global camp is like ‑‑ yeah, you see from the left we have eight countries already, Japan, south core I can't, Taiwan, Singapore, Malaysia, Taiwan.  Those remember countries.  Going to have Indonesia probably from next year.  And those various type of organizations, like from the panel we have security camp is joining.  Like NPO in Japan and like a Taiwan they are ‑‑ it's like government education project too.  And South Korea project too.  Some others a community, some others a university.  Very mixed people.  Are supporting and joining.  Each country select like six or seven students and we came all together in one place and we do one week training and we give them one week training and whole cutting edge trainings too but we have the group work for all students to connect and talk whole entire week.  So for example ‑‑ how to foster friendship among ASEAN countries or just think of the future carriers of themselves too and the kind of stuff.

Model of the security camp in Japan.  Held like it's been over 13 years already.  Once in your ear and just one week.  But I created this one because security camp is very succeeding in Japan.  Mixed with academia and industries and yeah in communities too and then ecosystem working very good like students, after graduate they becoming the trainers or tutors.  So we don't have to train the trainers but buy security camp they come back to the community because they want to be so that's how it works.  And it works like that in GCC.  Itself is like the students are coming back and being the trainer and sponsor and also the staff too.  Now I'm kind of step a little bit aside and let them work.  Because of the friendship they work mostly with the countries.  Because of Cybersecurity is ‑‑ we have been ‑‑ I mean, teaching the kids in the community for long time.  That's the nature of the Cybersecurity here in the community us to get together and helping them get together.

Next slide, please.

And this one is the GCC students.  It's about 50 or 60 size of the class yeah and it's going to be tied in 2024 February.

Next slides, please.

ICC and GCC.  It's ICC is international Cybersecurity challenge and it's a city of championship where representative from the conscience competitions.  The ICC is founded by ANESA, European Cybersecurity challenge.  Also CTIFN of European countries.  Been doing gad, they're confident to expand to a global level.  That's why they create the ICC in ‑‑ first meeting was 2020 February.  Then we started to expand this way.  We hired seven teams from each region, like from one from Open/Secure, Africa, one from South Africa and so on and so forth.  We have eight countries and then yeah for next round.  We had Thailand last year but they were kind of decided to leave and India was part of us but India has huge population.  Will make their own to participate this one.  And then final round will be some time in 2024 and it will be probably in Dubai in Middle East.  We had a Middle East team but they couldn't participate in America this year so probably Middle East but we haven't decided yet.

Next slide, please.

This is team ASEAN and on the left side you see the overall results.  Open/Secure was first, Asia second and USA was third.  And then the interesting thing is the ASEAN team won the ‑‑ even when we didn't have a chance to train the team and we even didn't have a uniform all together but they did a very good job.  Next slide, please.

And this up with was from this year.  The result is Open/Secure is ‑‑ team Asia is third.  For the difference we want the first only again.  So maybe because we select add final list among 14 competitors from the one city.  So that's what they're really good that data can do for us I think.  Thank you.  Sorry.

>> Peter:  Thank you very much and that was fascinating and I can see a lot of consistency with Mr. Nomoo's ‑‑ scenario plans and how can they competition in the CTF help boost capacity also at a regional level.  Thank you so much also to Mr. Yamuchi about presenting for the AG ‑‑ for talking about of the work on the global conference inside the capacity building which is happening in Ghana in November as well as the civil program which sounds fascinating for policy workers around the world to access materials that have already been created and build partnerships with experts to help them address their own challenges and I think the demand level approach ‑‑ demand based approach is a really important point.  Thank you so much for the presentations.  Fascinating for me and I'm sure it has for everyone else in the audience.  What I'd love to do now is delve into a bit more detail into some of the challenges we know exist.  You all have a great deal of experience working with partners inside the capacity building.  What I'd love to ask the panel perhaps starting with you Mr. Painter is what are some of the key challenges you find you need when you're facing capacity building initiatives, key challenges that you see coming up again and again in your experience?

>> Well one is getting sufficient level of political buy‑in in a country.  As much as they may immediate capacity help if you don't have that buy‑in not going to have sustainability.  Making sure it's not just the experts you're talking to although they're important to talk to but getting that buy‑in at a higher level.  That's one.  Resources as I said are a continuing challenge not enough resources devoted to this given the huge demand of countries around the world and need for better information sharing.  Efficiency and coordination is really important.  What we're trying to do and my organization but really expanding that pull I think is important.  The third one I mentioned is breaking down the silos I talked about between the technical, policy community, innovation community, security community and the development community and the cyber community.  All of those I think are challenges.  They're not challenges that can't be overcome or take concerted effort because this really is something that's critical to the cross of economies, societies and we need to address it now and not treat it simply as an afterthought which I think too often we've done in the past.

>> Peter:  Thank you very much.  Would any of the panelists like to contribute on that topic?

[PAUSE]

>> Peter:  In which case ‑‑

>> I kind of agree with him.  Security is a process and it's never ending.  We collaborate together.  We have to discuss getting old together.  So I totally lose him.

>> Peter:  Great.  Thank you.  So to Mr. Yamuchi based on the important role of efficiency in helping, you know, generate resources and getting that political buy‑in, how do you think countries like Japan can support developing countries more as we look to deliver initiatives in Cybersecurity?

>> North government side, I think they need two issues.  One is casino kind of policies do they need and the second how do they make such kind of policies?  So once you're determined I think we have sufficient content the rest with the policies and we can make some kind of respective initiative like this.  So in this right the ACCEBC is a technical capacity building.  So before we need that we have to give capacity building for the government side.  That's my comment.

>> Peter:  Thank you very much.  I think we're talking about the important role of foundations in a policy level as well as the technical on top and how we can make sure to Mr. Painter's point we are breaking the silos between those communities more effectively?  I think something that's come across in this panel already is that there is a lot of work that is already happening and lots of different initiatives whether they are competitions or conferences or other programs between policymakers.  Using your existing resources efficiently.  Given that all of these challenges are global, how can we support and amplify what has been seen to work well?  What has really worked and what would you like amplified at a greater scale.  Things that really worked and you would like to see grow at a greater scale.

>> Yes, from the community side I really like to Chris mentioned mixed up people all together.  Japan is a really good case we kind of mixing community and government and academic all together I've seen it but some countries are having hard time.  I see some walls that divided.  So person to person or people to people they don't get it but some countries may need some breach to work with government in a community.  Because community has lots of resources and trainers and they reed to the students too.  Doesn't have to be some countries they're not rich enough to go to school those people who don't go, really ‑‑ so the community can reach there and it's ‑‑ community government all together working is very good and we can help with ‑‑ we can help them to breach all together perhaps.

>> Peter:  Thank you.  I think it's really coming through as a theme building the communities and having works that bridge existing communities and skillsets.  So Mr. Yamuchi, I would love to understand from your perspective how you think the international policy community can help better amplify the success of initiatives that have had impact.

>> Thank you.  You can see to my presentation, for example now between us and Japan policymakers we have ten working groups.  So it's important to enhance and reach the content and whole day can't know, obtain the much more acknowledgment.  Important for us the teachers to expand the countries.  So wees but we need to expand the target.  So as the previous presenters that they have the global coverage but the from government side we see some missing countries.  It's important for us to extend and feel the gap.  That's my comment.

>> Thank you.

And you were talking about the work of Cybil and help support policymakers to identify what already has been done in the era that may be of interest to them.  Do you have any thoughts about one issue that you think is really seen to work or one program that's really worked.  Do you love to see amplified more that you can share with us.

>> So I'd say more generally that having the multistakeholder approach has been very helpful.  Government's doing a lot of work in this area but not only ones.  Cybil society, so bringing them together I think it's been a good convey to do that.  Another thing that I think we found is the enemy of progress I think is one offs.  Then you come back five years later and then any momentum you built is gone.  I think building that ‑‑ goes to the political buy‑in but having a program something that's sustainable in countries has really been important and that that's been good.  Sharing platform but also looking for gaps and we're organized around working groups one on Cybersecurity, one on national strategies and sub group on diplomacy one on internet reports and ‑‑ one on awareness training and workforce.  Organizing around those themes and getting folks to talk about that and sharing what they've done has helped a lot too.  I think all of those have had some real practical benefits and we want to think on those make sure not just one‑off conversations but a long and sustained conversation building on all the great work that's being done in Japan which the other speakers have talked about focusing more on the region I think that's been very helpful too.  We're having our annual regional meeting in Singapore for the ASEAN countries.  That's an important way to ground what's happening globally in a more local environment and I think that two way communication has worked and it's important as well.

>> Peter:  Great.  Thank you so much.  I'm aware that we're running quite short on time.  What I'd love to do is now look towards the future because as we all know one thing that's for certain is the future is very much uncertain and all countries need to develop further capacity to face these challenges.  Whatever format they may take.  A lot of interest in Artificial Intelligence but also other questions that are being brought out into the on‑going all elements of public life whether that is infrastructure or moving into the home more broadly.  What trends will lead the next three years and what can policy makers do to build future capacity in light of these trends.

>> Nomoo:  Actually I see a lot of people participating here but I think the international ‑‑ capacity building programs remains still ‑‑ so we need the capacity building activities will be needed.  I need some kind of accessibilities and policies and programs and activities.  We need some kind of the capacity building in the private sectors and correlation between private sector and government side.  We need to expand the content and many countries.

>> Can I ask you what you think about what policymakers can do now.

>> First of all I think we need to do a lot of work just to satisfy the man we already have.  So not just look to the future but also look there's lots of ‑‑ still a huge gap in terms of needs versus resources versus delivery.  We need to address that.  I think we can up.  I worry sometimes we turn from to the next and AI is the new ‑‑ oh, everything's AI.  It is.  It's important.  But let's use that as a action call because of the challenges that AI poses and the opportunities that the kind of basic Cybersecurity capacity building, basic breaking down the silos between communities is something we need to do now.  So not critique just a whole new false set of risks and opportunities but folded into the conversation we already have to make this again stronger and sustainable going forward.  So that is exactly what the global conference on cyber capacity building is meant to achieve, break down silos have greater retention and longer term future view.  Not a separate thing.  Something that is important as we have any of these conversation going forward and look at the threats but also the technological developments.

>> Peter:  Thank you so much.  I think your point about leveraging AI as a need to generate political will to help get the basics right is really critical.

Ms. Shinoda.

>> I was fascinated by the U.S. Government trial ‑‑ AICC, it's a cyber grant challenge stuff and I love that, I love to see the result in two years later.  That's a trend for next three years.  And then the other one for the execute of capability, compass on duplications, that's the key word.  I think countries offering lots of similar trainings to one country, the other country.  And I think we have like one platform and put, you know, the trainings all together and yeah we have lots of trainers ‑‑ there's a ‑‑ we can collaborate all together in that way ‑‑ even the country having, you know, lots of time to, you know, digest all the trainings materials too.  I like to see that one, that kind of collaboration in next three years.

>> Thank you very much and I'm aware we're running very close on time.  So we I think only have time if possible for one question.  Is there any burning questions in the room?

[PAUSE]

Peter:  If not what I'd love to do is just to round up and say a really huge thank you to our three panelists.  So Ms. Shinoda, Painter and Mr. T ‑‑ thank you also very much to the MIC in Japan and thank you to everyone for joining in person or remotely.  I think what came through closely was everyone mentioned the importance of networks, breaks those silos and how can we support one another as an army of the good and willing who want to support capacity building to generate political will and also help support the efficient use of resources in this space.  I'm really grateful and this is a huge task but one where I think there is a great amount of how can we support one another, break down the knowledge gaps and how can we once again help to amplify what works and build towards more efficient future.  Thank you so very much everyone for your presentations and I look forward to continuing on this journey together and I wish you all a wonderful day.  Thank you very much.

[APPLAUSE]