在抱负与务实之间：碎片化世界中的网络能力建设未来

The future of cyber capacity-building in a fragmented world byNayia BarmpaliouandPatryk Pawlak backdrop of a rapidly evolving and complex threatlandscape.The demands and costs associatedwith developing the expertise and skills needed toaddressthe strategic,institutional,regulatory,andsecurity challenges for a successful andsustainabledigitaltransitionplaceadisproportionate burden on low-and middle-incomecountries.As a result,there is asignificant divergencein cyber equity betweencyber-mature countries and those beginningtheir cybersecurity journey.1 CONTENTS Despite the interconnectedness of cyber-relatedissues, many debates to date have not capturedthe whole CCB ecosystem as it has organicallygrownwithintheconfinesofdifferentcommunities,such as international security,criminaljustice,andinformationandcommunication technologies (ICTs). The siloeddiscussions on CCB have fostered a high potentialfor gaps and inefficiencies by not systematicallycombining the different communities’ respectiveknow-how and resources. The result has been aprogressing operational fragmentation of cybercapacity-building efforts. This paper has been commissioned by the EuropeanUnion Institute for Security Studies (EUISS) with thefinancial assistance of the European Union (EU) as acontributionto the side-event“The future ofresponsible state behaviour in a fragmented cybercapacity ecosystem” that took place on 13 May 2024 inthe context of the intersessional meetings of the Open-ended working group on security of and in the use ofinformation and communication technologies 2021-2025. The side-event was co-hosted by the EU, theEUISS, the Global Forum on Cyber Expertise (GFCE),and the United Nations Institute for DisarmamentResearch (UNIDIR). The contents of this paper are thesole responsibility of the authors and can under nocircumstances be regarded as reflecting the position ofthe European Union or any of the side-event co-hosts. As investments in digital infrastructure, systems,and services continue to increase worldwide, theneed for a more holistic understanding of capacitydevelopment for cyber resilience has become evenmorecritical.Anincreasingnumberofdevelopmentactors are now integrating cyberresilienceinto broader development financingand programming, beyond the initial first moversof the2010s. Collective initiatives such as theAccra Call for Cyber Resilient Developmentaim to"stimulate action and voluntary commitments toelevate cyber resilience across international andnational development agendas" and to promotecyber capacity-building that is responsive to theneeds and priorities of developing countries whilesupporting broader development goals. Similarly,discussions within the current mandate of the“Open-ended Working Group on security of andin the use of information and communicationstechnologies2021-2025”2(OEWG)under theUnited Nations First Committee have begun toconsider CCB more broadly, beyond the context ofinternationalsecurity and the Framework forResponsible State Behaviour (FRSB), recognizingtheconnection to sustainable development.However,debates in such policy forums, as wellas CCB practices to date, point to a persistent INTRODUCTION Cybercapacity-building(CCB)hasgainedincreasingprominence in international cyberpolicydiscussions over the past decade.It isviewedas a key mechanism for internationalcooperation, supporting countries in developingtheir cyber resilience and fostering partnershipson cyber-related issues. However, while there isbroad consensus globally on the need for CCB,this agreement has not fully translated into aunified approach for scaling up, coordinating, andenhancingthe efficiency and effectiveness ofthese efforts. Although CCB cooperation has grown, with morefunders,implementers,and partner countriesengagingbilaterally,regionally,or throughmultilateralorganizations,thecybersecuritycapability gap is also widening, set against the divergencein conceptual understandings andapproachesto cooperation that are crucial inshaping global CCB efforts. and financing programmes for partner countriesand regions in order to “leave no one behind”.Thefinancing streams for CCB in nationalgovernmentsrarely originate from a singleinstitutionor authority,but there is often aleading actor with eitherthe majority of availablefunds or the institutional mandate to coordinate–ranging from the Ministry of Foreign Affairs,the Ministry of Finance, the Ministry of ICT, thenational development agency, the cybersecurityauthority,to the national law enforcement orcrime agency. For partner countries and regions,it is useful to understand which part(s) of thedonor governments finance CCB actions as thesemostoften inform the funders’objectives,thematic and geographical priorities, and deliveryapproaches. This paper aims to provide a structured overviewofthe complex international CCB ecosystem,deepen the reflection on how the ideological andoperationalfragmentation within it influencesthe effectiveness of ongoing efforts, and