Pacific Forum held the second virtual experts meeting of Cyber ASEAN last July 26, 2023. The purpose of the online meeting is two-fold. First, it explored the importance of building trust in information-sharing and incident response. It provided updates on the initial country consultations held in Manila in March and Vietnam last March and June 2023 respectively.
During the first session, Dr. Koichiro Komiyama, Cyber ASEAN Expert Advisor, and Saia Vaipuna, the Inaugural Director of Global Forum on Cyber Expertise (GFCE) Pacific Hub shared their views on fostering a trusted environment that is conducive to sharing timely and actionable cyber threat intelligence, particularly among the Computer Emergency Response Teams (CERTs) in the Asia Pacific.
Speakers noted the inherent value of informal engagements in complementing official partnerships in trust-building. Informal activities encourage social interactions that help facilitate a collegial atmosphere, thereby, allowing CERT professionals to exchange views, and build rapport, familiarity, and connections. Over time, regular engagements such as training, and tabletop exercises, combined with social activities aid in fostering trust that inspires confidence and collaboration in information-sharing and incident response. Because of the mutual respect built, the CERT community manages to cooperate and maintain a neutral and balanced approach to address increasing cyber incidents amid the prevailing political and diplomatic tensions among its member countries in the Asia Pacific.
The second half of the virtual experts meeting focused on key updates following the successful conclusion of the country consultations held in Manila and Hanoi in March 2022 and June 2022 respectively. Adopting a multistakeholder approach, the country consultations were pivotal in obtaining preliminary inputs on the Cyber ASEAN framework, and its three foundational pillars: International collaboration and international technical standards, Information-sharing and incident response, and Inclusion among target stakeholders. The consultation served as an opportunity to apply the initial pillars of the framework and solicit feedback regarding its viability as Southeast Asia’s homegrown cyber-capacity assessment framework.
Cyber ASEAN Philippine country expert Gen Macalinao shared that there is a consensus among Filipinos that international technical standards and cybersecurity frameworks serve as a common language that enables cooperation and confidence-building in the region. The Manila consultation also revealed a rising demand for a more efficient and effective information-sharing system among government, owners, and operators of critical national infrastructure, and other cybersecurity stakeholders. On inclusion, participants emphasized the need to address the prevailing cybersecurity workforce gap by considering non-traditional qualifications like cybersecurity certifications in addition to or instead of a formal college degree. Women and girls should also receive equal or more opportunities for technical training in cybersecurity.
Cyber ASEAN Vietnam country expert Lam Nguyen, Ph.D., discussed Vietnam’s perspective regarding the importance of integrating local context in establishing a regional approach to cybersecurity. He also emphasized the role of financial incentives to encourage effective data-sharing between the public and the private sectors. Like the Philippines, the shortage of cybersecurity professionals remains a major roadblock to Vietnam’s cyber resiliency. Other emerging concerns in Vietnam’s cyber environment are the proliferation of online scams, fraud, and disinformation campaigns.
Many of the participants during the Philippines and Vietnam workshops echoed their appreciation of the consultative and collaborative approaches in formulating the Cyber ASEAN framework. The feedback obtained among the target recipients or intended users was insightful in testing as well as further refining the framework. Following the Philippines and Vietnam consultations, the project team of Cyber ASEAN will be heading to Indonesia and Malaysia for the remaining country consultations.
Held with support from DFAT’s Cyber and Critical Technology Cooperation Partnership, Cyber ASEAN is a capacity-building and development initiative that aims to advance Southeast Asia’s proactive role in strengthening its overall cybersecurity and resiliency posture. Learn more about Cyber ASEAN and key updates of the project through: https://cyberasean.pacforum.org/.