 Dobroga noga. Dostingučne delegacije, izglednje panelisti, ljudi in ljudi. Veliko v toj svoj event, izglednje v online svoj zelo. Mi je Kemal Huseinovič, čefa departamentu v infrastrukturnih, inabljanje, iCT aplikacije, vsega cybersecurity. I will be moderator za vse seštje. As the title suggests, the topic of this session is cyber security and will be focused on how you as a part of ITUD community can guide and support the ITUD work toward achieving a global culture of cyber security and help ITUD and its secretariat BDT to better fulfill its mandate. The 55 minutes session today will feature experts representing administrations and community at large and I will introduce them, each of them in due course. As we don't have much time let me quickly go through the format of this event. We have a pleasure to have here the director of BDT and he is going to provide an opening remarks. After that we are going to give an opportunity to each of the panelists to provide their remarks in 4-5 minutes. I am at your disposal and at service of the panelists to be in a position to ask few questions to the panelists to instigate a dialogue as we want to have as much interaction as possible. I will encourage you to ask questions to the panelists. Without any further delay allow me to introduce you to Mr. Yushi Torigoe deputy to the director of ITU telecommunication development bureau. Yushi, you have the floor. Thank you Mr. Husseinabich. Excellencies distinguished panelists, ladies and gentlemen, good afternoon. It is my great pleasure to join this event on cyber security organized in occasion of world telecommunication development conference 2017. First of all, I would like to express my sincere appreciation to the government of Argentina for hosting WTDC 17 in the beautiful city of Buenos Aires. As the internet is an open medium where information flows freely across the borders, many threats faced online by countries have an international dimension to prevent use of ICT for criminal purposes. It is necessary for governments to work together with private sector and academia among others and build effective cooperative relations to reduce threats in accessing digital services. Over the past decade, progress has been made in the promotion of international and regional tools aimed at improving global cyber security. Countries increasing recognize the importance of key mechanisms such as harmonized legal frameworks international level, national cyber security strategies and information and knowledge sharing. However, there is still a sort of cyber security gap where some countries are lagging behind and having difficulties in keeping up with the first growing cyber crime trend. In particular, despite the increased number of cyber risks reported to a broad range of entities such as government, banks, public and utility services, which runs critical infrastructure and private companies, some countries still have difficulties in mitigating cyber risk. As a consequence, there is still a visible gap between countries in terms of knowledge, awareness and capacity to deploy strategies, capacities and programs in the field of cyber security which could ensure a safe and secure use of ICT which could in turn lead to economic growth. Potential use of the digital space for criminal purpose is now real threat for every country in the world that is not able to properly respond and large scale cyber attacks to national critical infrastructure could have devastating long lasting damage. In order to prevent such damage, ITU is making every effort to share the experience and expertise with our members by fostering dialogues and promoting international cooperation. I would like to mention ITU's key initiatives contributing to this endeavor. First, the national cybersecurity strategy is a multi stakeholder effort aimed at aggregating existing guide toolkits and publications on national cybersecurity strategies into an internationally recognized product that would serve as a platform for governments and any interested institution to develop national cyber security strategies. Second, global cybersecurity index, GCI is an initiative to measure the commitment of countries to cyber security. Through the information collected each country's level of development deployment is analyzed with five categories legal, technical, organizational, capacity building and cooperation aspects. The uniqueness of GCI is not only to run countries and foster improvements at national level but more importantly to share good practices to be used by a country in need. Ladies and gentlemen an enhanced cooperation in this area has become essential. Such cooperation requires efforts to bring together countries and all relevant parties to share their knowledge and to minimize cyber risk. ITU is providing assistance and facilitating sharing knowledge between different parties. We firmly believe that member states can benefit significantly from sharing their experiences. I would like to call all of you to join this initiative to enhance our cyber security knowledge and capacity together. Thank you very much for your attention. Mr. Toregoi for setting the stage for the further discussion. Now it's time to go to the court of the session introducing the panelists but before that let me just emphasize the two topics that Mr. Toregoi just mentioned. It is a national cyber security strategy project and ITU is a facilitator of this project and global cyber security index. So this national cyber security strategy project should harmonize all existing guidelines publications and best practices in a format that should be a new product international product agreed among the ITU and the partners who are working together with ITU on this product. GCI Global Cyber Security Index is a certain way of measuring the commitment and efforts that countries are doing in order to increase the level of cyber security and to build the confidence and trust in the societies. So there are four categories actually that should be mentioned in order to instigate the discussion today. It's a capacity of the legal measures organizational measures, institutional measures, capacity building and the fourth one is cooperation international cooperation. The session therefore will try to address topics around the need to build and implement national cyber security strategies and build the capacity by sharing experiences and practices and by gathering and analyzing efforts undertaken by member states on cyber security. I have the honor to have with us today. Let me introduce our speakers on my right side. It's not from the left to the right. It's just a random announcement of the speakers. So first is Mrs. Heather Butler, assistant director EU, European Union and international cyber security policy department for culture media from United Kingdom. It's Jefferson Fouet Nassif, head of international affairs office, Anatel from Brazil. Liselle France, office of the coordinator for cyber issues at US, United States Department of State from United States of America. Mr. Veringai Mabika, senior policy advisor from ISOC. All our panelists today have extensive experience on cyber security and I'm sure they will provide a valuable contribution to the session. I would like to request all of them to provide four to five minute statement on their views and experience on cyber security starting from their role within the organization they belong to. Let's start with Heather. Heather, you have the floor please. Thank you and thank you to the ITU for having us here today at this presentation. It's great to see so many people in the room and interested in this really important subject. So I thought I would present today by giving you an overview on our recently published UK national cyber security strategy. So some context to this. In 2015 we in the UK published our national security strategy and that strategy is a strategy that looks beyond cyber security and at all security threats and in that strategy we identified cyber attacks as being a top national security threat. So following on from this the UK produced its new national cyber security strategy in November 2016 and that was our second UK national level cyber security strategy. That strategy is supported by significant transformative investment almost double the amount that we had actually put in investment over the previous five years. In terms of our overarching vision for this strategy we have articulated this as being that we want to see the UK as being secure and resilient to cyber threats prosperous and confident in the digital world. Our strategy itself is split up into three pillars to defend against cyber threats to deter our adversaries and to develop our skills and capabilities. And as part of this we also see international partnerships as being an important element of our national strategy. The strategy itself sets out new approaches and new elements to say a little bit about why we have chosen to take a new approach. On reflection of where we were at when we were looking at the drafting of the new strategy we determined that the UK was not keeping pace with the changing and increasing threat. We also felt that market forces were not driving the pace in the scale of action that was needed to tackle the threat in the short term. And the strategy sets out the need for greater intervention led by the government. So moving on to the what and I'll explain a little bit about what some of the new elements are within that strategy. Firstly we have simplified the government role and improved it. One really important thing that we have done is we've created the National Cyber Security Centre and this is a part of GCHQ our security services and it's the single point of advice government on cyber security and it offers world class incident management capabilities. We've also increased our technical defences so we look to support industry to develop active cyber defense capabilities which will automatically tackle phishing, block malicious domains and IP addresses and disrupt malware attacks. We're also looking at the right leavers so we want to ensure that we have the right regulatory framework to ensure that organizations across the UK can protect themselves from cyber attacks. And I've already mentioned investment so we've increased funding for intelligence and law enforcement we're looking to close the cyber skills gap to support the UK cyber security sector and make sure that the public understands how to stay cyber safe. So I'll just say a little bit more in detail about what those pillars involve. So firstly defend against cyber threats what does this mean? This is active cyber defense measures implemented by industry that automatically protect UK internet users from the vast majority of high volume, low sophistication and cyber attacks. We're also looking to ensure that all new government digital services will be secure by default. We're offering greater support to our CNI Critical National Infrastructure and other premium groups from the economy and society through the creation of the aforementioned National Cyber Security Centre. And we're looking to be better joined up on incident management capability again through the National Cyber Security Centre. Moving on to the second pillar deter our adversaries. What does this mean? So we've established offensive cyber capabilities that can be deployed at the time in the place of choosing. We're looking to identify and disrupt terror cyber actors and we're also continuing to invest in capability in order to tackle cyber crime. And finally the third pillar our skills and capabilities. We are seeking to encourage an innovative growing cyber security industry which is underpinned by world leading scientific research and development. We're looking to create a self sustaining pipeline of talent providing the skills that we need in order to protect our national needs across the public and the private sectors. And finally we're developing cutting edge analysis and expertise to enable the UK to meet and overcome future threats and challenges. And just to finish I would just say a little bit about our national cyber security sector which is a key part of our strategy and runs through this. So the national cyber security sector draws cyber security into a single expert organisation. It brings our set function alongside lots of other different technical functions. It was launched in October 2016 and it's based in London and also in Cheltenham, some joint headquarters. And the national cyber security centre's goals are to reduce the cyber security risk to the UK to respond effectively to cyber incidents, to reduce harm to the UK to understand the cyber security environment, share knowledge and address systemic vulnerabilities. We're looking to build the UK's cyber security capability by providing leadership on key national cyber security issues. And I think I will close there and pass back to the chair. Thank you very much for listening. Thank you very much dear header. I would like just to remind our distinguished speakers to stay stick with the four minutes otherwise we will not have enough time for the questions from the audience. So it will be good to announce director of BDT who just joined us and he doesn't like to speak, that's fine but he's here. So I would like to ask you to give him an applause for joining us. Thank you. Our next speaker is our distinguished colleague from Brazil that I introduced earlier, Jefferson. Jefferson is tightly linked to the work of the ITU in many areas. So I'm glad to see you here Jefferson to say a few words about your experiences related to the cyber security issues. The floor is yours. Thank you very much Kamal and it's a pleasure for me to be here and to have some words here in this audience. It gives a glimpse of the importance of the subject to see this room almost full and it's extremely important the subject, that's why everybody is here. And also the the number of high level interventions that we listened during the first days of this conference reflects the importance of cyber security for all of us many of our governments that need to respond to many challenges that cyber security imposes on. Well, I have to say that cyber security, I'm very curious and I'm studying this a lot and I must say that I'm specializing in this issue in this issue because of ITU. When I first chaired the group in WICAT for cyber security and then I realized that I should study more this issue and after that I realized that we should have been doing more in Brazil, especially in the regulatory agency which is my agency, HANATEL, we should do more there and then I started to learn a lot from you many of you in this audience are with me in the ITU discussion so I'm listening and always learning with you all. Well, regarding the aspect, I would like just to put some context where we are in terms of cyber security and then I would like to pass very fast to what we are doing in Brazil which is not so much as all the colleagues but we are starting I think that we should put in context in the context of cyber security there are many perspectives many approaches. You can see this in terms of cyber defense you can see this in terms of cyber crime no matter the perspective you put the challenges are immense. Numbers are immense as well some people say some reports we can read that the world is losing something related to 400 to 600 billion dollars in cyber crime. So the numbers for cyber defense as well are immense so we really need to deal with this subject because we are in the basis of every aspect of cyber security we are as telecommunications where everything is transported so that's why it's so important for us the moment is very appropriate for us because of cyber security it's been even more important after the attacks of cyber cyber warms and other threats there's only one that I would like to put which was WannaCry WannaCry was a complete of what we understand of what is is a warming in our networks and it happened it got worse because of the lack of communications that we have and how difficult is for industry and for governments and for all the protection schemes that we have to follow the subject to follow the virus and to say to all the word what is going on and what is the attack so that's a huge problem that we have to solve I'd like to say also that really impressed me the words of the prime minister Theresa May when she after the attacks in London she urged the collaboration between the companies the high tech companies and the government that would be their words to be extremely important to deal with the threats we all see all the attacks that we saw was extremely important to have to make us all think on the story of George Ukraine the attacks on Sony they stuck that flame they are all different they are different nature put us in terms of objective put us to think on the diverse and the complexity of all things well there's a very good phrase that devoted to Ambrose Peace in the 19th century he said that war is a good way of teaching us geography if we could in the 21st on cyber security issues we could say that cyber attacks against us are God's way of teaching us how weaker enemies are stronger than they seem there are many rules laws and politics and practices that are in development nowadays but we have some challenges and it's a challenge that we have to face in a very sincere way we have challenges to connect the readers of foreign affairs magazines some people here may know this magazine it's a very important magazine that discuss international politics with the people that reads wider so this is the great challenge we have to put technologies with politicians international politicians together in order to solve this extremely difficult issue trying to find bros and responsibilities between the public sector and the private sector is also extremely important the networks are in the hands of the private sector so we must deal with this very fastly we have to find concepts on security defense and and splitting sharing responsibilities between this so let's try to find exact words for cyber security what cyber security is and what cyber defense is and what are the rules we should try to split the rules and responsibilities especially here in ITU we are not dealing with cyber defense at all and if we want any kind of international cooperation on cyber security we must deal we have to the differences between cyber defense and cyber security well, in terms of Brazil we are working on a national digital strategy it is actually now in public consultation there we have a specific chapter for cyber security and in this in this document we are trying to have at least initial words initial thoughts on what should be dealt with in Brazil in terms of cyber security what we can see the most difficult is how to deal with cyber crimes, which is immense and what we have to do firstly we need to invest more in order to protect our networks we need to invest in research and development in order to have internal products and services and also we have a huge challenge in terms of human skills there is a report that says that we are lacking 150,000 security engineers in our market so those are some issues that we have to do so I would love to answer more questions at the end thank you very much thank you Jefferson for sharing with us your thoughts and views for all of us so let me give the floor to our next speaker so dear Liselle you have the floor thank you very much and I would like to add my thanks and to everyone for joining this session today and also commenting on the level of interest in this topic and hope I can share some the activity that the United States has been undergoing and and talk a little bit about the work here at ITU I am in the State Department's Office of the Coordinator for Cyber Issues and what that means is that I am on the policy side of the conversation not the wired side of the conversation I really appreciated that that illustration of something that we've been working on for many years which is basically the translation of these issues between the technology and the technologists and policy makers and trying to bridge that translation gap because we definitely speak in different terminology, different languages and that has been a challenge over the course of time so I really did appreciate that illustrative view so Jefferson may have to copy that from you sometime. Let me start by saying the United States has been looking at cyber security issues for some time and I would say that we've had an iterative approach to our policies regarding cyber security way back in the day we had cyber security strategy that tried to was released in 2003 and it tried to at least articulate some of the challenges that we were dealing with with regard to cyber security rather than put forward a strategy I would say it was a good foundational document but of course many years later in 2010 and 2011 we knew that we needed to do something more that was a little more strategic and forward looking so then Obama Administration put forward a cyberspace policy review assuring a trusted and resilient information and communication infrastructure and one of the things, it did many things with regard to what we needed to do with our federal networks and our critical infrastructure but one thing it called out was a need for international cooperation so one of the things that was then came out in May of 2011 was our international strategy for cyberspace and it looked at a number of things that impact the stability and security of cyberspace including international security which is really how we view state state on state behavior are the activities of states the second is cyber security due diligence which is more things like how do you protect your own networks whether you're in the government or whether you're in the critical infrastructure or whether you're in large companies or academic institutions or even individual users and that's where even things like awareness come in cyber defense was another one, Jefferson mentioned cyber defense which is also a key area of how our military protects their own networks one thing we also talk about is internet governance how the internet is governed and maintained and reflects the multistakeholder nature of the development and innovation of the networks as well as how it's run and the next one is internet freedom the importance of the freedom of the rights that we have online we also have online and the importance of freedom of expression online and then lastly looking at economic development and capacity building now I've mentioned all of those issues to explain that that we needed to look at cyber security across the spectrum of things that might impact it so we can't look just at the security items itself or just state behavior or just the behavior of our critical infrastructure or neglect the users online and not talk about how they impact on them so the approach was really an integrated approach and it was a very arduous approach to work with all of the agencies within the United States government as well as with our stakeholder community to elaborate that integrated approach to our international strategy and that has been a very good framework for some time but of course we have a new administration so now we have a new executive order in may of 2017 the administration issued executive order 13800 on strengthening the cyber security of the federal networks and critical infrastructure so much like my colleagues from the United Kingdom we are looking at a new a new strategy that builds on our existing work and that is very important to note in there are three main sections to the new executive order one is focusing on the cyber security of our federal networks one is reflecting the security of our critical infrastructure and then the one that is more pertinent to my work at the state department and perhaps our work here in ITU is cyber security for the nation that talks about deterrence concepts as well as cooperation but one important thing is that the policy set forth in that section is to ensure that the internet remains valuable for future generations it is the policy of the executive branch to promote an open interoperable reliable and secure internet that fosters efficiency innovation, communication and economic prosperity and that is something that we bring forward from all the existing work that we have done there are some reporting that are required out of the new executive order so many of my colleagues and our team have been diligently working on those reports one was several agencies had to articulate their international priorities with regard to cyber security secondly there is a report on deterrence and protection on how we deter those that might ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... We are also quite glad and happy to be speaking on our perspectives or understanding of cyber security space from the Internet Society. The Internet Society really is a global organization dedicated to ensuring that the Internet is open, supporting the open development, evolution and the use of the Internet In for 25 years we have been working through our communities to promote technologies that keep the internet safe, secure in advocates for policies that enable universal access. The Internet Society is also the home, the organizational home to the internet engineering task force. And I'll probably speak to two initiatives that we are currently supporting as the Internet Society. One that probably is at a global level. And I'll also speak briefly about the initiatives that we have done in Africa or in some developing countries. The first initiative is the Global Commission for Cyber Stability, which is helping to promote mutual awareness and understanding among cyberspace communities working on issues related to international cybersecurity and most importantly finding ways to link these dialogues on international security and the new communities that are being created by the cyberspaces. We have also focused our attention particularly in developing countries. I think we may all agree that the capacity issues that my colleagues have mentioned, these gaps are even more pronounced in developing countries. In 2014, the African Union Commission passed the African Union Convention on Cyber Security and Personal Data Protection and is a way of assisting in facilitating the implementation of this convention. The Internet Society partnered with the African Union Commission to develop the Internet infrastructure guidelines. I actually brought a few copies for those that may want a hard copy, but you can also be able to get these documents online. The understanding really was just based on an analysis that we observed. Maybe I would be happy to share some few statistics. For example, currently out of the 54 countries in Africa, only 30 countries have cyber crime laws, so you can see the daring gap there. And just about 11 countries are currently implementing comprehensive policies on data privacy and legislation. So these gaps sort of indicate the need to focus our resources, particularly in developing countries in Africa, the African region, also being a priority issue. So with the security infrastructure guidelines, the intention really was just to recommend some critical actions for various stakeholders to take on building or strengthening the Internet infrastructure security. And these actions are actually tailor made for the African cyber environment. Also looking at the various capacity issues that relates to a shortage of skilled human resources, the limited resources, particularly financial, and also the expertise and the level of awareness. I think my colleagues also touched a bit on that. And one of the recommendations that we are pushing for is also, with the African Union, is the formation of an Africa-wide cyber security collaboration and coordination committee, that we also look at these issues and continue to recommend best practices from other regions. I'll end there. Thank you. Thank you very much, dear Veringa. It's right on time. Now we have time to open the floor for the audience. Flo is open for questions. Please introduce yourself and the name of the panelist that you wanted to ask. I am Senator Duru Jaje from Nigeria, Nigeria Communications Commission. I thank all the speakers for contributing to our knowledge of what they are doing. Maybe because Madame Franza from USA was not allowed to complete what she wanted to say, I was very anxious to hear what she has to say about the serious allegation of intervention of a country in the American presidential election last year. How far have you gone in saying whether it is true or false? Then, too, whether, as Mr. Bakar said, other speakers have brought us information that we go around this large audience. At least I am interested in getting the written scripts of all the interventions because they are very interesting. Thank you very much. Thank you. So, Lizelle, you have the floor. Thank you very much for your question. We will refer to the comments made by the administration in addressing the issues with regard to our election. And there are not only issues with regard to the problems that we saw with it, but also the opportunity that we had to work with all of our election municipalities within our states and local communities to shore up their cybersecurity as well. One thing that did happen after that was that our electoral systems were then designated as critical infrastructure and our departments and agencies work with them very closely and continue to keep working with them on what they can do to protect themselves from things like that. On the higher level, of course, I defer to the comments made by the administration, but we all have these issues in ways in which we can do better to protect our networks. So, we have a lot of hands at the moment, but just I will give the floor one minute and 30 seconds to Mr. Bakar to answer on the second question regarding the report. Yes, so we, I brought a few copies, but I will be happy to share this information. And for those that may want the physical copies, I'll be happy to. Ok, thank you. So, next question, please. On the back, on the last road, gentleman was asking the floor first. Good morning. My name is Dr. Dixie Lusuala. I'm from Telekom's Authority of Trin and Tobago. My question to the panel is this. From the United States and from the United Kingdom, I know here anything about partnerships and collaborations internationally and regionally. And when my colleague from ISOC spoke, he made reference to, like there have been some deliberations at the regional level between countries and they took into consideration different socioeconomic factors because not all countries are at the same level or threshold of economic development. Secondly, like I am of the mindset that cybersecurity globally as a whole should involve other countries and other regions. And I'll give a perfect example. Small island developing states in the Caribbean, different countries at different levels of economic development and for instance, we have the HM 2016-2021 national cybersecurity strategy for the UK and we have the one for the United States. Has there been any collaboration, are there any future plans for collaboration so that in terms of implementation, which should be the keyword here, which strategy would better fit the current realities, which different developing countries are actually facing? Thank you very much. Thank you, Liselle, then Heather, please. Thank you very much for your question. Not only because it's a good one, but it allows me to touch on something that I wasn't able to capture in my few minutes, but we absolutely, you've raised two very important points. One is on cooperation and collaborative efforts and there are many examples of those, which I touched on by ISOC, but we can talk about some of the regional venues, but also that there's not one single solution. There's not one single solution for any one entity, there's not one single solution for any one country and so you have to look at these in your own context, these kinds of things in your own contexts to be able to apply any number of practices or solutions for what your situation is. But with regard to cooperation, it's not only there's any number of venues for such collaboration. Each of the regional organizations, and we are engaged in many. For example, the Organization of American States has programs on cybersecurity, both capacity building, but also developing norms of behavior. We work within the Organization for Security in Cooperation in Europe. We work within APEC and the Telecommunications Aspect of Cybersecurity and the Development of C-Certs. So there are a number of ways in which we collaborate, not only in the ITU, but in provide not only integrated discussions about what best practices might be, but also there are a number of ways in which we do provide capacity building in regions where there is a greater need, either by region or by country. So there are a number of cooperative efforts going on. One, and I don't know if you mentioned or not, but one area to look to for some of these collaborative efforts also is the Global Forum for Cyber Expertise, which has been developed for lack of a better word, better matchmake and find partnerships with regard to capacity building on cybersecurity, developing national strategies and developing C-Certs. And that's a global program that was launched at the Global Conference on Cyberspace in The Hague. And the next conference of that and the next meeting of the GFCE will be in India in November. Thank you. But Jefferson would like to add something. Yes, please, before we give the floor to Heather. Yes, thank you. That was a really good question. And I just like to reiterate that there is no common, only one solution for establishing a plan or there will be difficult to find the best plan or they are so different in scope and analysis and they are very specific for each countries. But by really mean of them I could see that there are some commonalities among many. One of these common ground is the need to have international cooperation. That's extremely important and you can see this written in different forms but the concept is there in many different national plans. The need also for research and development is also there and I can see also the different roles and the need to work together with public and private sector and academia. Those three or four bases for the development of the cybersecurity project or sector in your country would highly depend on the cooperation among those actors in your country. If the other commonality would be incapacity building. That's extremely important. Sometimes in case of Brazil you have some courses for cybersecurity but they are spread, they are not connected and they promote only a few courses and they are actually graduating just a few students which wouldn't be enough to correspond to the immense challenges that we have in the market. If there is something different from one national plan to another would be how you organize institutionally your country, your government to deal with the challenges. I think this is the most important one. We are quite different countries here and sometimes you need one more more than one strategy to find the proper way to work within your government to deal with all the different areas of cybersecurity. So maybe the military can respond faster to this because this is maybe more imminent and they have the skills or they know how to do this much faster than we do in civil work, in civil service. But how we establish our institutions to work with all the aspects of cybersecurity is a huge challenge. Sometimes you see a national agency for this. Sometimes you establish this but it doesn't work. Sometimes you have a national coordination in the presidency or in the prime minister office. Sometimes it works, sometimes it won't work. So the best experiences that I'm seeing now is no matter if an agency or an office what you must have in your government and we are working in Brazil also in this is you must have at least an authority. This authority has to have budget but also a more important legitimacy to do with this. And then I come back. What is legitimacy in this? Try to split the rules, try to work with civil society, with the private sector as well and the various different spheres of the government that deals with security and infrastructure as well because you cannot deal with this thinking just about telecommunication or thinking just about in one of the sectors involved. You have to put everyone together. But for this to work you have at least you need to have one authority. Thank you, that's all. Thank you, Jefferson. Do you have comments on the answer on the first question from the gentleman from the last talk, please. Thanks and thank you for the question. It's a really good question. I think to some degree I would definitely echo the points that Liesel and Jefferson have made about having a tailored national strategy. I think it's really important that national strategies fit the national government or structure, that they are appropriate for the national problem. As my esteem colleagues have said, there is no one size fits all picture and solution to this issue. What we in the UK feel is really important is having international collaboration as a key part of our national strategy. So we do place a lot of importance on that and Liesel made a very good point about there is no one international system that will work and often responding at the regional level is a very effective way to respond and we certainly within the UK as current members of the EU we do a lot of work with our EU partners and that's a really fundamental way that we're shifting and shaping our own response. Something else that I would also add to this is the importance of the national cert and to get international collaboration right it's really important that your national cert is set up and is able to respond and collaborate internationally. Jefferson made the points about capacity building and for us in the UK capacity building is a really important role that we feel we can play. We dedicate a significant amount of our overseas development assistance to capacity building in a number of countries across the globe and will continue to do so. Thank you Heather, obviously there is no silver bullet for cyber security threats. There is no single recipe for cyber security issues. So next question please, we have a little bit of time. Yes, this gentleman here in the middle. Yes, you, please, go ahead. Thank you very much, Mr. Chairman. I'm from Nigeria, University of Nigeria in Suka. One of the issues raised here if my memory is correct is capacity. And there is this tendency that availability and accessibility of end user equipment will permeate everybody in the world and their cyber security problem. What modalities are we adopting towards modeling these security issues, identification at very micro level so that it will grow to a very worldwide level. Two, what awareness are we creating to be able to combat this at the source, at the grassroot level, maybe a bottom-top approach. Thank you very much. Thank you, I would rather say that it was a comment but however I will give the opportunity to the panelists to answer, so who would like to give some additional clarification on this? I might just quickly refer to what you said at the end of that question. And one thing that we found really important in the UK experience is ensuring that the people at the very top of the system, so your prime ministers and your very senior ministers understand exactly what the issue is. And Jefferson referred to Theresa May, our prime minister's comments in his response earlier on. And I think when you've got that support from your senior government officials that really helps and helps you to build and get that capacity. But first of all, we had a gentleman from Nepal. So please introduce yourself again the next. Thank you, Mr. Chairman. I'm just raising the issue of since cybercrime is across jurisdictions and we don't have a single international treaty where the membership is growing. So back in 2001 the Budapest Convention was opened for signature. And 2007, IT is leading a global cybersecurity agenda. Is there any possibility that ITU brings this kind of international treaty? Either follow the Budapest Convention or different kind of treaty that every ITU member becomes the member of that kind of international convention. Thank you. Seems to me that this question is directed to the ITU. Am I right? So I have here with us our director, deputy director, so if anyone might question might try to answer to give some clarifications other clarifications than question. Or I can do by myself, it depends just maybe to give a chance director for short comment if he is willing to provide us his thoughts. Thank you very much, Mr. Moderator. Of course this is a very important issue as you can see here in this room the number of people who are present room is totally packed. I think that we have to be how would I say it. We have to do what we know to do very well. So in ITU we are a technical organization. We are created a technical organization. This cybersecurity is not new for us. We were dealing with the security of networks for a long time for ages. So cybersecurity is just an extension of how we know how to do. Having said that, as someone said we are working when we talk about cybersecurity or cyber crime or whatever, whatever is cyber or something we have to look at the ecosystem. We have got other organizations that are very whose mandate will cover cyber crime. The ITU mandate so far doesn't cover cyber crime, that's fine. But when it comes to technical issues on cybersecurity we have a say that what we did actually we are cooperating with another UN agency, UNODC, the Nation Office on Drug and Crime that have the mandate on the crime side of the business we are cooperating with them in the ways that we can work together. So I would say let's try to cooperate across agencies and across organizations together with the private sector to tackle the issue, not to try to bring everything under one umbrella that may create some confusion. So my answer to this one is that of course the Budapest Convention was then part of the European Union and a lot of members subscribe to it but of course ITU can always bring its skills and competencies when it comes to implementing it particularly on the technical side. Since I have the world, the mic may abuse of it. Thank you. I think that when we talk about cybersecurity in this room here elsewhere I have the impression that I'm not sure we all meant the same thing for some people, some country organizations or some private sector cybersecurity is something very high level where that involves defense issues, I would say international relations issues but when we take the majority of developing countries when we are talking about cybersecurity I just talking about a certain computer incidence response team and capacity building and the best raising of their communities to protect their children and technical capacity to make the set work. So maybe we have to make a distinction at that level at what level are we talking. When you make the two levels sometimes making the debate quite difficult. So I think that what I want to appeal to all of you here is that let's continue this legitimate debate at very high level about a lot of things let's just in the frame of ITUD start thinking giving a minimum I say a minimum and basic infrastructure to the developing countries and the required capacity building for them to be part at least of the ecosystem of the cybersecurity so they can also contribute to the debate at the other level. So I think that this is what ITUD is at the platform and I would like you to use it for such platform and finally when it comes to cooperation I would like just to remind us something I read and I kept in my mind for a long time it is a Philadelphia declaration of the International Labour Organization in 1994 and one of the basis of the ILO says poverty anywhere constitutes a danger to prosperity everywhere and cybersecurity is the same a weakness in cybersecurity anywhere will it represent a danger for the cyber space everywhere can we get that in mind in whatever we do and focus on that we constitute a strong cyber space as a term we are talking about artificial intelligence as a term we are talking about big data and all those things particular artificial intelligence can we as an ICT community provide humanity with something that is strong and secure so they can build their own application on it this is a question we are asking to all of you here we may not have the answer here let's look at seeing this direction I thank you very much thank you director for sharing with us your inspiring thoughts and vision of ITU regarding the cyber security I'm afraid that another meeting will start very soon it's sitel meeting we have time only for one question this gentleman here, please he was asking for the floor thank you chairman my name is Hamid Rawahi from Oman in fact it's not a question it's a level comment for the panelists and the ITU the issue of security is not new it started many years back from security, IT security and until then our problem is that we always play the role of reactive technology introduced we react and then we build strategy and so forth I think in my view the technology partner should be in the center of discussion whoever introduce any technology should be really a part of discussion to ensure that they are part of enforcing and introducing security thank you very much thank you very much honorable delegate from Oman for sharing your thoughts with us and experience and maybe we can give the floor to our gentleman in the first row for just 30 seconds please yes, you have the floor thank you thank you chair first of all I would thank all the speakers for their enlightening inputs I thank my friend from I think it was Nigeria just a comment and then I will ask a question I thank the friend from Nigeria who raised the point on accessibility and my intake as delegate from internet society is that we have to make policies all inclusive I appreciate the work that countries, states organizations have been doing but in my opinion what we can do better is that we can integrate the accessibility standards and their related talks into the policy planning, design and implementation so until or unless you and what wrong we have been doing is that we have been trying to treat accessibility as a separate or as an add on secondary project accessibility has to be integrated in our policy I repeat plan, design and implementation until it is not integrated in that in all of these steps will all be wasting our time, money and resources because once you build a project and start adding accessibility to the projects it is more costly and takes more time my question to our speaker from United States the lady is that you talked about deterrence and you also talked about cooperation so to me this integration is very interesting that how would you reconcile deterrence and cooperation and on the related topic there was a couple of weeks there was a report that Russia has sorry to interrupt you, we don't have too much time we are already round of time let's give a chance maybe to Liselle to respond on your question we have to leave out this room okay I leave it here, deterrence and cooperation, reconciliation thank you for your comment because it is a good one we certainly don't there comments have been made throughout the session today about the global nature of cyberspace and the global issues of cyber security and I think that precisely is why deterrence is not something we would do alone either as a government alone or as we rely on partners both in the stakeholder community as well as with other partners around the world so that's one element of our efforts on cooperation is to find ways to coalesce efforts to determine malicious behavior in cyberspace and that requires cooperation it's not the only aspect of cooperation but it is one of them so I would say that they are part and parcel not something that needs to be rationalized but thank you for your question it's a good one thank you very much to all of you thank you very much for your patience for the dynamic interaction, thank you very much to the panelists and I apologize to Sital for to be late now I sincerely apologize to Sital for occupying the room longer than it was expected