IGF 2023 – Day 1 – Open Forum #6 Development of Cyber capacities in emerging economies – RAW

The following are the outputs of the captioning taken during an IGF intervention. Although it is largely accurate, in some cases it may be incomplete or inaccurate due to inaudible passages or transcription errors. It is posted as an aid, but should not be treated as an authoritative record.

***

 

>> OLGA CAVALLI:  We have two remote participants, but we are not able to ‑‑ I cannot open the Zoom. OK. Thank you. OK, thank you, for being with us. In the meantime, just let's start our conversation.

  They're in, OK, but I cannot see them. I moderate in the dark.

  (Laughter)

  OK. Thank you very much for being with us. So in respect of the time and people that are punctually joining us this afternoon, let me introduce myself. My name is Olga Cavalli. Presently, I'm the national director of cybersecurity of Argentina, and I also do several other activities in my academia side. I am the Director of the South School on Internet Governance and university teacher as well. With me, I have a lot of friends and very well‑known and respected specialists that were so kind to be with me this afternoon. He's been the first type of diplomat in the world, and known for his work with President Obama. And I met him for the first time in IGF in Turkey.

  And since then, we have been in contact, and he has been participating in all the schools of Internet Governance that we organize in countries of the Americas, whether in‑person or remotely, he's always akin to ‑‑ keen to help us with his knowledge and presence and share in all the activities that he does with he. My dear friend, Claudio Lucena. Claudio is a professor in Universidad Estadual de Paraíba in northeast Brazil. We formed the South School on Internet Governance in the beautiful city of Campina Grande where he lives and is based. Thank you for receiving us. And to my right is Mark Datysgeld, he's one of the young of the Internet Governance space. Very active in ICANN. He's a GNSO Council member, and involved in several research activities related with the Internet.

  And I have remote, my dear friend remote participant that I have Sandy, are you there?  Sandy Palma?  Sandy Palma, she's from Honduras, and she's the CEO of nongovernmental organization named Honduras Cibersegura.

  And she is very active in all related with cybersecurity. Also, she has been a student, fellow of the South School on Internet Governance, and I have José, are you there?  Jose Cepeda, he's a parliamentarian from Spain.

  >> JOSE CEPEDA:  (Speaking Spanish)

  >> OLGA CAVALLI:  (Speaking Spanish)

  >> JOSE CEPEDA:  (Speaking Spanish).

  >> OLGA CAVALLI:  No problem. So I have drafted some questions for my dear colleagues. And I would like to start with Chris. Chris is now the ‑‑ what's the ‑‑ director ‑‑ CEO? 

  >> CHRISTOPHER PAINTER:  President.

  >> OLGA CAVALLI:  President of the global forum of cyberexpertise, and he travels all over the world contributingand organizing different capacity building activities related with cybersecurity.

  And I have kind of a weird question. How do you see the impact of all the activities that you do around the world?  Do you see that it's really changing the cybersecurity landscape in the countries that you visit?  Especially focusing on developing economies, countries that, what I see at least in Latin America is that priorities are always other priorities. It's not cybersecurity, it's not the main priority. It's usually problems with economics, security, exporting goods, or some other problems related more, mainly with economy. How do you see that evolving after ‑‑ through all the work that you do? 

  Do you feel that has an impact and something is changing?  And then we can ask some other questions to you. Thank you for being here.

  >> CHRISTOPHER PAINTER:  Really happy to be here with my friend Olga and the other panelists and all of you. Well, I shouldn't say no, then I would have to find another job. [Laughing]

  No, I do think it has an impact, and I should say capacity building was one pillar of what I did when we started the office at the State Department. The cyber diplomacy office, and now there are like 45 around the world, some of them are in this room. That's great. Important to look at this not just as a technical issue, but as a diplomatic issue, as a policy issue.

  Even back when we started the office, we were doing capacity building in different parts of Africa, other parts of the world. We also focused on the organization of American states and others, and one of the reasons of that, I think capacity building in the cyberrealm, but really, in everything, has the enabler ‑‑ not just to fight all the bad things we see. All the threats that are continuing to grow and evolve. But also enable all the good things we want out of the Internet. And more importantly, to your point, Olga, to enable something that every country wants now, which is to seize on digitization, and seize on the digital economy, and take advantage of this relatively new platform, where they all see. You know, this is bridging gaps between communities, it's always interesting. The security community doesn't talk to the economic innovation community. This is true when I worked in the White House too.  There was national economic council and national security council, and they didn't always coordinate.

  So if you can message it in a way that both the security people and the economic people understand, which is this enables this digitization, this seizing the digital economy that you all want, to grow your economy, particularly in developing countries. That makes it something where they say this is really a priority. Because that's a priority and if cybersecurity is going to enable that priority to succeed, then we want to be part of this, then we understand what the end game is. That it's not just a cost, it's something that's going to achieve something.

  And to get that, you often, for this capacity building to build in cyber or anything else, you need real political buy‑in. It can't just be the technical people you're training say yes, we want more. Which is great that they do. But if you don't get the larger political bien, it's not sustainable in the long‑term. You end up doing onoff training one‑off things.

  Get it ingrained in that country and that's tying it to the economic priorities as well. I think we've seen that in the pandemic, had a silver lining in the sense that countries recognized how reliant they were on these technologies. That it wasn't optional anymore. And they see it in terms of infrastructure projects. Water, power, financial. Everything is controlled by cyber. And security is something that will make that more trustworthy, and also operational.

  So a couple things that I say in Africa we created a cyber experts group, and I think that's having real impact. In the Latin American, Caribbean region. ‑‑ ‑‑ ‑‑ American, lots of great efforts to build certs. Computer response Teams have national strategies which is the policy framing document, and I have seen impact there, which is good. I just came from Fiji, where we launched our Pacific hub. So for the Pacific Islands. More and more countries are understanding ‑‑ and that was with the deputy Prime Minister of Fiji, so I think again that political level was important. We've seen that connection, but we have to sustain this, and my organization was brought together to have more, as a community, really, is supposed to coordinate and make sure we put this in a higher level. And we're having a big conference in Ghana, a worldwide conference not just Africa conference, end of November, to bring some of these communities together including traditional development community. We all know the SDGs, but the cyber community and development community, again, two separate spheres. And bringing them together is critically important if we're going to make progress. So my long answer is yes, there's been an impact, I have seen it. It's hard to measure these things, but I have seen progress in a number of countries as they create a more and more trustworthy system against all the threats that will help them succeed economically.

  >> OLGA CAVALLI:  I think some recent events with ransomware, are showing the value of having resilient infrastructure and having rising awareness about all these things. The link you make with development of economy is interesting. It we don't have that infrastructure in shape, that won't happen. I think this latest new attacks are perhaps putting this issue more in the spot? 

  >> CHRISTOPHER PAINTER:  Yeah, look. I've been doing cyber now for 33 years. For a long time. I was a prosecutor prosecuting cybersecurity crimes when nobody cared about them back in the '90s and then helped run the computer crime section and at the FBI and the White House and the State Department. Through that whole time, the cyber people, we're not cyberpeople, but we do cyberstuff. We would be saying this needs to be a priority. And to be sure in the U.S., under the end of the Bush Administration, certainly the Obama Administration, because his campaign was hacked into, and now in the Biden administration, it's a priority, but [can't|capt] just be one priority of like, 300, right?  When we had the ransomware, attacks where people had to wait in line for gas, where you might not get your hamburger because it went after a meat packing plants.

  That makes it a back‑yard issue. It makes it a political issue and makes it a real priority. That's what I've seen not just in the U.S. but around the world, more and more this is becoming a priority. The other thing is the cyber people are pretty bad at being the translators to policy people. And we need that translation.

  We can't make this a magic thing. It has to be something that they understand. This is a geopolitical issue, it's a capacity building issue, it's an economic issue, and we need to put it in those terms. With the exception of Janet Reno as the attorney general who got this early on on cybercrime. Most senior officials or cabinet officials you talk cyber, and their eyes roll in the back of their heads, oh, that's a technical issue and I'm afraid of that. You don't need to be a nuclear engineer to deal with these issues and you don't need to be a coder to understand implications of cyberand cybersecurity. You need to have some of these people on your staff, but you don't need to be. We need to be sure that policymakers can grasp that. I have seen that in the government and companies, and that's a real change too.

  >> OLGA CAVALLI:  Thank you. This is why capacity building is so important, to build bridges in between technical people and policy people. Which is always challenging, especially technicians and lawyers. [Laughing]

  No?  I'm an engineer.

  (Laughter)

  OK. José?  (Speaking Spanish)

  >> OLGA CAVALLI:  José is a parliamentarian from Spain and he's been going around the world and engaged in a very interesting initiative. I'm sure you have heard about it. It's cyber helmet. And you're involved in that initiative from the United Nations. José, maybe you can tell us about that, and also another initiative that you told me is about a map about cyber ‑‑ critical infrastructures and related with parliamentarian activities. So maybe you can start with the cyber helmet issue. And if you speak in Spanish, then I can translate to the audience.

  Many thanks for being with us this afternoon, morning, early morning for you, in Spain.

  >> JOSE CEPEDA:  Thank you so much for this meeting. And especially to all of you, thank you so much. I prefer to speak in Spanish, because my English is very bad.

  >> OLGA CAVALLI:  Sounds good.

  >> JOSE CEPEDA:  OK. OK. Well, thank you. (Speaking in Spanish)

   >> OLGA CAVALLI:  I will translate. So Spain is ‑‑ he will focus first in Spain, they are developing resolutions, especially with the interparliamentarian union, and definition of critical infrastructure. And they're starting to think that the parliament, and the parliamentarians are a critical infrastructure. And also he finds it interesting this idea of building bridges in between technical people and policymakers. And also the politicians to be involved with the value and the importance of cybersecurity.

  >> JOSE CEPEDA:  (Speaking in Spanish).

  >> OLGA CAVALLI:  OK, José, thank you so much. I will translate. So in Spain, they have noticed that most of this attacks are performed Friday at 5:00 p.m. So they have all the weekend to work with the infrastructure that they have intruded.

  So the government has started to work with all levels of the government, which is national, regional, and municipal, local level. And also, establishing responsible people of cybersecurity. And all of this at different levels of the government.

  >> JOSE CEPEDA:  Thank you. (Speaking in Spanish).

  >> OLGA CAVALLI:  So, there's like a map of critical infrastructure of all the country. So everyone knows, companies, organizations, government, also the individuals, they know where to go and what to do if they have an incident, and how to try to solve it, and where to connect.

  >> JOSE CEPEDA:  Thank you. (Speaking in Spanish).

  >> OLGA CAVALLI:  Thank you, José. This is challenging. It was a long one.

  (Laughter)

 

  >> JOSE CEPEDA:  Thank you. Sorry.

  >> OLGA CAVALLI:  I will do my best. So they have been thinking about this concept ‑‑ Mark is translating everything in the chat. He's so fantastic.

  So exists this concept of the blue helmets that are taking care of security and organized by United Nations. So he has been working with the interparliamentarian union to promote the creation of a summit in United Nations focused on cybersecurity, cybercrime, with this United Nations paradigm focused on security, why not having cyberhelmets for cybersecurity, as they have already cyber, normal blue helmets to try to help bring security to all different places in the world. So the idea would be to develop this concept of cyber helmets in this summit that would happen in one or two years.

  (Speaking in Spanish).

  >> JOSE CEPEDA:  (Speaking in Spanish).

  >> OLGA CAVALLI:  (Speaking in Spanish).

  >> SANDY PALMA:  (Speaking in Spanish).

  >> OLGA CAVALLI:  I have to switch to English, Sandy, so sorry, but your English is very good, so I'm sure you will handle it well. Sandy is the CEO of a nonprofit organization in Honduras. Honduras is a country of Central America. And she has been very, very active, apart from the fact she has been one of the students of our school several times. She was in Buenos Aires last year.

  And she's a good friend of our group and our community. Sandy, how do you see the situation in Central America?  We see, especially I see all these immigrants going through Central America trying to reach United States, going through borders. I don't know how this has an impact in the infrastructure, how these people handle the situation. How do you see the situation in Central America in relation with cybersecurity?  How do you see the capacity building in bringing a difference in that region?  Thank you very much for being with us today.

  What time is it for you?  It must be the middle of the night? 

  >> SANDY PALMA:  (Speaking in Spanish).

  >> OLGA CAVALLI:  OK, thank you, Sandy. Sandy is saying that the region has a lack of professionals in cybersecurity, which I think it's a problem all over the world. And many professionals from developing economies are moving to being captured, perhaps by other countries demanding the capacity of these professionals. They have high necessity of infrastructure.

  A few universities have programs to train. And this is something that I want to speak with Claudio in a moment. A few universities have careers focused on cybersecurity. And a country in Central America, Costa Rica, we all know they have really suffered a very, very strong high ransomware attack that practically immobilized the government for several days.

  So she said something very, very interesting that I have been thinking about, after I heard something in the school of Campina Grande. Nobody talks about what is happening. The only way people get to know about attacks is citizens explaining that something is happening on social networks. This is something complicated, and someone in the school said something very interesting. That the aviation industry uses all the information of every event, or unfortunate event, like an accident, to improve the security of airplanes.

  And now we all know that it's safer to go in an airplane than crossing the street. We all know that. But that is because and thanks to all the information that has been provided and captured after something wrong is happening. So someone said, I cannot recall who said that in the school. And I said why don't we find a way to capture all the details of the attacks.

  Perhaps taking away the name of the institution or bank or organization or country that is being attacked, but using all this information to really try to improve and advance the way that ‑‑ to solve or to be resilient. (Speaking in Spanish).

  >> SANDY PALMA:  (Speaking in Spanish).

  >> OLGA CAVALLI:  Thank you, Sandy. She really explained very well how the academia moved to virtual activities during the pandemic. And they had to develop their own internal policies, because some countries in the central American region, she's explaining they don't have a national cybersecurity strategy, or perhaps they don't have the policies in place. So the different organizations have been organizing themselves in having their own internal policies.

  And she talks about the lack of participation, perhaps in this fora of government officials or people that are involved in developing policy. Especially from Central America. And the importance of rising awareness and education of public servants.

  And the lack of activities in the academia. Sandy, can I give the floor now to Claudio?  Because I want to follow up a question to him in relation what you have been saying, is that OK? 

  >> SANDY PALMA:  OK.

  >> OLGA CAVALLI:  Sure. Chris wants to make a comment in between.

  >> CHRISTOPHER PAINTER:  It's interesting, this idea of doing something like the National Transportation Safety Board does for airplanes in the U.S. And actually, this is something I think our department of Homeland Security, I'm no longer in the government, the Department of Homeland Security, has done, is they have an action board and look at major cyber incidents with a number of luminaries on it, Jeff Moss among others that have reports. Still in its infancy, but that's what they're trying to do.

  >> OLGA CAVALLI:  What we notice, at least in Argentina, is that in general, who has been attacked doesn't want to say. Because of different reasons. Because if it's a bank, they want to keep the reputation for the customers. They don't want to ‑‑ the customers go away to other bank, because they think that their deposits will disappear. Or if you're a government, or government agency, perhaps you ‑‑ yeah.

  >> CHRISTOPHER PAINTER:  That's been true for like, 30 years, right?  And I think it's changing a little bit, because now in certain parts of the world, there are disclosure laws. If there is a breach, they have to disclose it. Securities regulators like the securities and exchange commission is saying if you are a public traded company and it's a significant event you need to disclose it. Europe has laws they're passing now as part of their package of laws. I always used to say to companies that didn't report it, same as government, better to report it and get it out of the way, and make sure that people understand you're on top of it. A year and a half later down the road, you risk reputational harm.

  >> OLGA CAVALLI:  It's challenging. It's a process that it's starting to be more transparent. But we still have kind of a lack of transparency in general to learn from experience. And Claudio, Sandy mentioned something that I think it's really important. The role of universities.

  There are few universities that really have a career in cybersecurity. As far as I know there's one university in Argentina, in Buenos Aires, the University of ‑‑ (Speaking in Spanish)

  I cannot remember the name of the university. They have created one career on cybersecurity. They have very high demand of students. It's not virtual yet. It's still for some demands of the bureaucracy, local bureaucracy of universities. But they plan to go virtual. How do you see the role of universities? 

  Because I've been a university teacher for 20 years, and it's ‑‑ I teach these issues to my students, but as part of ‑‑ not part of the formal programme. I do ‑‑ I share with them information, try to motivate them to learn about these things. But it's not really in the formal programme of the career that they do, which is general informatics. How do you see someone being so much involved in this process being a university teacher? 

  >> CLAUDIO LUCENA:  Thank you so much, Olga and thank you for the invitation and for the space. Good afternoon, everyone. That's a very good question, for which I obviously do not have "the answer" I do not have the truth. But I have a suggestion of path to follow based on at least three pillars. The first one is we have from the academia, we have to acknowledge that the presence of the digital ecosystem is much more different now than it was 33 years ago when Chris started. I think that's a very good starting point.

  In scale and in nature. I will elaborate a little bit more on it. Second, the university has to understand its role in the process. And it's difficult to make universities change. University professors who are here are already starting to laugh.

  (Laughter)

  And the third, it should be for universities to understand that traditional approaches, such as courses, curricula, reform, as Sandy was mentioning to us, might not be good enough, might not be enough for the amount of the challenge that we have. On the first point, back in 2005 when the IGF started, cybersecurity was already an issue. So there were critical infrastructures, there were particular professions that were concerned about it. It was important but still a niche thing, if we could say so.

  Fast forward 15 years and now visiting a temple in Kyoto during the IGF might raise cybersecurity concerns. So it's not only the scale, it's the nature. I've written a paper during the pandemic, that was initiative from the Latin American office in our foundation. We were trying to analyse cybersecurity aspects of what happened after the pandemics in the scenario of Latin America. There was some data I collected from a friend from University of Chile that struck me absolutely. He mentioned that by February, in the COVID time, before the COVID, right?  Before the declaration of the pandemics.

  Point ‑‑ 0.6% of the Chilean population had some online activity connected to labour. 0.6% of the labour force was somehow connected to working online in Chile. He measured it in April, three months later and the percentage risen to 5.6%, and again in July, it had risen to 18% of the population in Chile doing some activity related to work. It's an aspect of people that had not been online yet, and it's a personal digital transformation that accelerated a lot.

  So that is to end this point is to say, a lot of our life, it's not a niche thing. It's not an aspect. It's not a fraction of the human lives. Cybersecurity is an embedded aspect, an embedded dimension of everybody's life that touches ‑‑ it's a back‑yard issue.

  This is not obvious to universities.

  The second and third points, I think they're together. And this, I speak a little bit more from a global south perspective in public universities, to be very specific. Because those are institutions that have a different role in the global south. They have a different outreach. They are able to work on that awareness. And as I say, bringing you numbers, Sandy brought a deficit of cybersecurity professionals. I have an estimate of around 300,000 professionals, that we look today, around ‑‑ lack today, around that mark, and confirm that, and that number is in Brazil only. We do not, and we will not fill that gap with regular courses, reforming curricula, formalizing this. For one, because the university simply does not do that.

  Do not reform curricula overnight, or depending on that.

  >> OLGA CAVALLI:  Takes forever.

  >> CLAUDIO LUCENA:  So thinking about other alternatives, but the university and academia in general and in the global south it happens a lot. We have a huge mobilizing power, community engagement. So through other alternatives, we can try to hit one of those aspects. And I can bring you a good practice from my university, which is the WAMA, which stands in Portuguese for the open university to the elderly, I think is something we discussed over the SIG. It's a programme, it's a formalized programme in the university that is directed to the elders, 60+ people. We include various ‑‑ the idea of the programme is to bring them back to the university and make them do interesting things in life again. So they have language classes, health for their age, human rights notions, and then last year, in the beginning of last year, because they have suffered a lot in their personal process of digital transformation, that was a segment of the population that was hit hard.

  So the Director of the Programme asked me, he ‑‑ law school and said why can't we prepare cybersecurity course for these people, 60+?  And I thought the idea was just brilliant, and then I thought of looking at it stakeholder‑wise and it seems very much, children concerned. They learn how to grow up in this environment. We help them navigate. It's pretty much taken care of. It's far from being solved or far from being safe, but pretty much taken care of.

  For us... we manage, right?  [Laughing]

  We'll get around.

  >> OLGA CAVALLI:  As best we can.

  >> CLAUDIO LUCENA:  But it seems for 60+, we have just forgotten them. Left them on their own, and they do not instinctively act add kwtly and ‑‑ adequately and appropriately. The results of that first semester of two groups of 30 people was absolutely amazing how much engaged, how much more they were aware, more able to defend themselves in this environment. Because then again, and I close here, the cybersecurity dimension that we have to tackle today is not only institutional anymore.

  It's not only collective anymore. It's also on an individual basis, and I think universities have an incredible role they can play in this, provided that they meet these three aspects and understand those three criteria.

  >> OLGA CAVALLI:  It's interesting what you mentioned, because at the ‑‑ where I work in the directory of cybersecurity, we're promoting some papers that we're writing. And I did write about old people, because I experienced that with my mom. She had Facebook, and she used ‑‑ she died two years ago, but she used a lot, social networks. And she tended to believe that everyone was thinking like her, because all the people were her friends. [Laughing]

  And it was very difficult for me to explain to her that was not the whole universe of the connected world. And yeah. She was very vulnerable about the information that received, what she read. And I think it's a target that is totally forgotten, and I agree with you. I wrote something about that.

  So now I will go to my dear friend, Mark, he has been so kind to do the translation in the chat of the Zoom room, when I was translating into English from Spanish, which is my new profession now. Mark is very active in the GNSO, which is one of the places of participation of ICANN, and ICANN is the organization that gathers all the different ‑‑ millions of different networks in the world together through some unique identifiers.

  And one of these unique identifiers is the domain name system. And Mark has been working very actively in working group about security in the domain name system. So why don't you share, Mark with us, what is that and how does it affect the cybersecurity, and what should we know about that, and how people can learn about it?  Thank you for your participation here.

  >> MARK DATYSGELD:  Thank you so much, Olga. It's a pleasure to be here with everyone. I will try to be that guy that is the bridge between the technical and the normal [Laughing]. So let's give this a try.

  So when we talk about the domain name system, we're talking about pretty much anything that resolves using that system. People don't think about that. But when you're using WhatsApp, it is using the DNS, you just don't see it. So the domain name system actually operates most of the Internet as we know it. So it's one of the only ‑‑ one of the few shared resources that we really have in the world that are truly global.

  And that's why caring for security should be a priority. The problem is, and we have people here in the room who are very active in ICANN as well who can say I'm wrong or right. But for a long time this was not put as a priority. This was put as something important to be looked into, and certain aspects of security were maintained. But that was on the very, very deep, technical level. At the security level of the protocol.

  So it's like, how secure is the technical part of the DNS, right?  Is it running smoothly; can it be tampered with?  That was the concern for a long time.

  But as we see an increasing amount of cyberattacks, different types of initiatives that really seek to harm users around the world, then we had to expand the conversation a little bit.

  Who are the actors who are using the DNS to do things that are simply not secure, simply do not fulfill the mission of the DNS, which is being reliable, secure and available for all.

  And there are some cases in which we arrived at, that simply do not have a positive use. So the operation of a botnet, there are no good botnets out there. There's nobody doing charitable nice things with a botnet, it's always criminals, and always the worst kind as well, might I add. So why are we allowing these people to make use of the system, that is a global good, to leverage this for their attacks? 

  That was the sort of question that started this working group, this process that I chaired. And the reality is that there are a few categories of questions that we arrived at, that we believe are not good uses of the DNS. And as a working group, we recommended that to the people who run these systems, or the DNS. So we're talking about the registrars, and registries, which are basically the people who either have custody over a certain suffixes, like say ‑‑ ninja, or they sell those domain names using that suffix. We approach them and say in these narrow use cases, this can not go on, so we settled on a list that is basically botnets. So it's basically leveraging machines from around the world to carry out a concerted attack or a disruption enmasse. So phishing, sites that impersonate another institution or organization and use that to steal credentials from users. Malware distribution. So its sites that only exist to perpetuate malware. So only to spread or be a bridge for an attack. There's nothing else there, other than that. And farming, which is when a website only exists to collect informations of users for malicious purposes.

  There's also a "addition" to that, which is SPAM. But when I mention SPAM you shouldn't really think about it that way, because it's SPAM as a vector to the things that I said before. It's very specific. So this is not about fighting SPAM, which might have legitimate uses. This is about fighting SPAM that leads a user to a malware website.

  And this has been presented to these operators. And so far what we think is that they agree with us that this is something that would be desirable. That it would be better for the Internet if they adopted these changes to block these specific use cases. So the term that we use is DNS abuse, but if we are to be very, very accurate, it's technical DNS abuse.

  Right?  We're talking intellectual property, infringementses, anything that has to do with honor or anything like that. Anything that's contents is not going to be touched upon by that, because ICANN has a technical mission. What we're trying to fight is some forms, this is not even all forms. Right?  We didn't actually arrive at all forms.

  But we arrived at some forms that malicious people use to leverage the DNS in a negative way. And we are now in very deep negotiation of this being a standard for the entire world...?  No. So it is for generic names.

  The country codes, they operate under their own rules. We hope that some of them adopt this or want to talk to us about this or think that this is a good idea, but this is each nation's prerogative. So our expectation is that within the next year or so this will come to be. These new rules will come to be.

  And with that, we'll be able to add a little bit extra security to the Internet. It's not even like the tip of the iceberg. But we are hoping at least we can show that we are actually looking into this. That this is not a non‑issue, and that we understand that there are very, very bad criminals leveraging this public resource for things that it should not be ‑‑ should not be used for. That's the general idea. If anybody is more interested in this, I can offer more technical material. But this is the overview sort of. So thank you very much for your attention.

  >> OLGA CAVALLI:  Mark, this is an issue of operators only or global citizens ‑‑ individuals can have a say or do something to prevent that?  Can I do something against the DNS abuse or just have to suffer it and hope that my operator or my registry and registrar do something about it?  What do you think? 

  >> MARK DATYSGELD:  As part of this agreement ‑‑ that's a very good question ‑‑ we're also upping the requirements for what these operators need to include in their contact forms. Before, it was very much like whatever you want, right?  They needed to have some form of reporting available on their website. So you go to a big registrar, I'm not going to cite names, but like a big register that sells a lot of domain names, and you have identified the ones that are operating a malicious domain name. If you go there, it's not very clear where you can report something. But that's going to be standardized.

  It's going to go into their contracts that they need to have something that's actually, the user can get there and say hey, I noticed this website is a phishing operation. It's copying this website. I have the proof, and here's the RD elements and here's the proof of this and here's the comparisons. This would enable people who are lookinginto the system to verify. It's not an automated thing, it's never going to be that.

  It's literally a way for you to communicate with these operators very directly. At the end of the day, it's still their call, but we're making an effort so that people actually can report these things. So supposing your business was cloned and you're currently suffering an attack from that, now you can report that at the international level. Which you know, I think it's a big win. I consider it a win.

  >> OLGA CAVALLI:  It's an event that we usually see in the national (?) And people having problems with domains. We have like eight minutes?  Any questions, comments from audience?  Yes, there's a mic there, can you go to the mic?  Can you tell us your name and where you're from? 

  >> Thank you, my name is James. I'm from Cameron ‑‑ my question go to the man in the middle.

  (Laughter)

 

  So quite frankly, I would like to understand the difference between digital diplomacy and cyber diplomacy. Thank you very much.

  >> OLGA CAVALLI:  Slight difference...

  >> Hi, everyone. Good afternoon, my name is Paloma and I'm from northeast of Brazil. I would like to congratulate the panel. These speeches were wonderful and necessary. Of course. Then my question. Especially taking Claudio's speech about the digitalisation of personal life and the attack on individual base. And your speech, I forgot your name, sorry, when you told us that everybody's using DNS, while we're using WhatsApp. But people don't see it, or about phishing. Something like that. Cyberspace is an increased risk of the development of any country. Strong cyber capacity is crucial for states to progress and develop in economic, political, and social spheres. The need to integrate cyber capacity building and development policies has been documented by the academia and policymakers and the other sectors from society. The investment in securing cyberspace affects the success rate or other policies, initiatives, as well. However there's a clear need for a deeper dialogue with the development ‑‑ received countries in order to understand better how to implement cyber capacities in practice to achieve broader development goals. So to stimulate the debate, on cyber capacity building and its impact on social and economic development worldwide, I would like to understand your opinion about the contribution of digital education to this issue.

  Since digital education involves not only learning how to use platforms and tools, but also involves a critical and reflective use of the Internet and its possibilities, and is capable of long term, preparing a society for life in a cybernet context. And including this topic at the debate, because I think that it's a ‑‑ I think it's something really important when we are talking about demonstrating risk or better, we are talking about to define what kind of risk I'm able to support. And to know that I need to understand which are the risks and the impacts in my society, business or whatever. I don't know if I made myself clear, but that's my question, contribution to the panel. Thank you.

  >> OK. I'm from Nigeria. I have a comment and then a question. First, to Chris.

 

  On the issue of connecting, cyber security, to development. Last year, (?) Research programme, which was released at the IGF. Chris, you were there, and I had the privilege to actually conducting that research. Were able to really measure it. Measure critical maturity to development. As a way of persuading leadership, policymakers, to see the connection. In that study, 10% increasing cybersecurity maturity, yield between 0.66 and 5.4 increase in the GDP per capita. And I use data from Africa, Asia, and Latin America. So it's available on the website, at least some of the data available on the website, www.cD4IR.Africa. You can check it there (phonetic).

  The question is ‑‑ OK. OK. Mark talked about DNS, so WhatsApp. I wanted to expand further, because there's this oddity, in name of this oddity, need to depend on the root system. So I want to expand on what you mean by people using WhatsApp. There are a lot of ‑‑ top application. Thank you.

  >> Good afternoon, everyone. Kristin. I work with regulator in Uganda, and we operate a set there for the communications sector. So information sharing indeed is like Olga said, reputational risk. Especially the financial sector tends to keep it back. But what you have done is to have an awareness of the (?) Companies, they don't see this as a technical issue and they begin to invest in it. But I'm curious to know about investment in tools. We are talking about capacity building, but we need the eyes to know what's happening.

  And that is really very, very expensive. And in developing countries, emerging economies, it's not affordable and sustainable. So I would like to hear from the panelists what is being done in that area.

  The other, Mark mentioned the issue of botnets and them only being malicious. But I know that there are use cases of AI in terms of the cyber intelligence. Always a balancing act when they are deployed for those purposes. Especially since you said you have a list. I don't know if it's a black list or a white list. And then lastly, on the cyber certification, again, this is very expensive, and yes, there's ‑‑ cybersecurity experts. So what level are you looking at?  The basics, like children are told to look left and right before you cross the road. Not to share your ‑‑ is it that level or at a higher level?  Thank you.

  >> OLGA CAVALLI:  OK. We have run out of time. I'm so sorry. Next year, I will book one hour and a half.

  (Laughter)

  I promise. My proposal is that we find a moment outside ‑‑ do you have five more minutes?  We can ‑‑ maybe you can respond quickly, and then we have to ‑‑ yeah, we have to cut off the queue. I'm so sorry for that.

  >> CHRISTOPHER PAINTER:  Those were all great questions. Diplomacy. Digital diplomacy and cyber diplomacy, they're similar. Telecommunications, where cyberwas the larger cybersecurity, geopolitical issues. But I think they're merging. I would say that. I think the question about I agree the development community and cyber community, bringing them together is critically important and that's what our conference in Ghana is trying to do and a lot of our efforts are trying to do.

  I thank you on the GTP issue. That's ‑‑ GDP issue, that's an important one that shows actual impact of this work. And I think that helps drive decision‑maker and money and funding, which is scarce. So that is good. Those are the ones I'll quickly comment on. Wish I had more time. Sorry.

  >> MARK DATYSGELD:  Very quickly, I'll go back to my comment. This is something I mention when I give classes.  People think the DNS only works when you have a URL on your address bar. So that's where DNS exists, and you go, and you type, and that's the DNS, right?  But the DNS operates when you find something on a search engine. The DNS exists when you're operating any app pretty much because they use DNS routing to actually function.

  So this protocols, they exist everywhere. Doesn't matter if your using on your microwave, or whatever you're using. And we don't do enough to explain this to users, so they think it's a very specific thing, and that oh, it's [about|ug] having a domain name. It's not that, it's an entire system that sort of runs the Internet.  So people can't appreciate the importance of it, because they don't understand it's not just owning your name, dot, anything.

  >> OLGA CAVALLI:  Big applause to everyone. Thank you, Chris, thank you Mark, thank you Claudio.

  (Speaking in Spanish)

  I promise next time I will book more time.

  (Session concluded)