News

Articles:

ASEAN leaders issue statement on cybersecurity cooperation

ASEAN leaders issue statement on cybersecurity cooperation

On 27 April, on the occasion of the 32nd ASEAN
Summit, leaders of the member states of the ASEAN issued a statement
on cybersecurity cooperation
, in recognition of the growing urgency and
sophistication of transboundary cyber threats.

ASEAN’s shared vision
for regional cyberspace

According to the statement, ASEAN leaders share the vision
of a peaceful, secure and resilient regional cyberspace that serves as an
enabler of economic progress, enhanced regional connectivity and betterment of
living standards for all.

ASEAN leader are also cognisant of the pervasiveness of
cyber threats that has long been considered an international problem, and of
the urgency and increasing sophistication of the ever-evolving and
transboundary cyber threats facing our region amidst widespread economic
digitisation and the proliferation of Internet-connected devices across ASEAN.

While ASEAN recognises the cyber domain potentially
represents an opportunity for significant regional economic and technological
development and can also serve as a significant source of employment, it also recognises
that cybersecurity is a cross-cutting issue that requires coordinated expertise
from multiple stakeholders from across different domains to address effectively.

As such, this ASEAN leaders’ statement acknowledges that the
promotion of international voluntary cyber norms of responsible state behaviour
is important for cultivating trust and confidence and the eventual development
of a rules-based cyberspace.

The 10 countries also reaffirmed that international law, and
in particular the Charter of the United Nations, is applicable and essential to
maintaining peace and stability and promoting an open, secure, stable,
accessible and peaceful Information and Communications Technology (ICT)
environment.

At the same time, they also affirmed the need for ASEAN to
speak with a united voice at international discussions aimed at developing
international policy and capacity building frameworks with regard to cyber
security so as to more effectively advance regional interests at such
discussions.

ASEAN’s effort in cybersecurity
cooperation

Cybersecurity has been a key area of focus for ASEAN. The regional
body has been fostering greater regional cybersecurity cooperation and capacity
building, including law enforcement training on cybersecurity and cybercrimes
through efforts such as the ASEAN
Ministerial Meeting on Transnational Crime
(AMMTC), ASEAN
Telecommunications and Information Technology Ministers’ Meeting
(TELMIN), ASEAN
Ministerial Conference on Cybersecurity (AMCC), ASEAN
Cyber Capacity Programme
, ASEAN
Regional Forum
(ARF) Inter-Sessional Meeting on ICT Security and the ASEAN
Defence Ministers’ Meeting (ADMM)-Plus Experts’ Working Group Meeting on Cyber
Security.

The statement noted the outcomes of discussions in various
ASEAN sectoral fora that have called for greater regional cooperation in cybersecurity
policy development, diplomacy, cooperation and capacity building. However, it
also emphasised the need to synergise relevant undertakings across ASEAN
Sectoral Bodies and Pillars to avoid duplication of efforts, while ensuring
that existing and future initiatives on cyber security are coordinated and
streamlined.

Closer cooperation
and coordination

Moving forward, ASEAN leaders agreed to reaffirm the need to
build closer cooperation and coordination among ASEAN Member States on
cybersecurity policy development and capacity building initiatives, including
through the ASEAN Cyber Capacity Programme, the AMCC and the ASEAN-Japan
Cybersecurity Capacity Building Centre, towards the promotion of voluntary and
non-binding cyber norms, as well as the development of a peaceful, secure and
resilient rules-based cyberspace that will contribute to continued economic
progress, enhanced regional connectivity within and improved living standards
across ASEAN.

ASEAN leaders are recognised the need for all member states
to implement practical confidence-building measures and adopt a set of common,
voluntary and nonbinding norms of responsible State behaviour in cyberspace so
as to enhance trust and confidence in the use of cyberspace to its full
potential to bring about greater regional economic prosperity and integration.

They also recognised the value of enhanced dialogue and
cooperation on cybersecurity issues with Dialogue Partners and other External
Parties, and in other ASEAN-led platforms, including the ARF and the ADMM-Plus.

The statement will see relevant ministers of the ASEAN to
closely consider and submit recommendations on feasible options of coordinating
cybersecurity policy, diplomacy, cooperation, technical and capacity building
efforts among various platforms of the three pillars of ASEAN, so that ASEAN’s
efforts are focused, effective, and coordinated holistically on this important
cross-cutting issue.

The relevant ministers from ASEAN will also make progress on:
(1) discussions by ASEAN ICT and Cybersecurity Ministers at the AMCC, TELMIN,
as well as other relevant sectoral bodies such as the AMMTC, to identify a
concrete list of voluntary, practical norms of state behaviour in cyberspace
that ASEAN can work towards adopting and implementing, and (2) to facilitate
cross-border cooperation in addressing critical infrastructure vulnerabilities,
as well as (3) to encourage capacity-building and cooperative measures to
address the criminal or terrorist use of cyberspace , taking reference from the
voluntary norms recommended in the 2015 Report
of the United Nations Group of
Governmental Experts on Developments in the Field of Information and
Telecommunications in the Context of International Security (UNGGE).

As reported
earlier
, cybersecurity is a key area of focus for ASEAN. Last year, Singapore’s
Foreign Minister Dr Vivian Balakrishnan has emphasised that
ASEAN countries “need to step up, and to step up urgently, collaboration on
cybersecurity, because you can’t have a smarter world, you can’t have
e-commerce, you can’t have seamless digital transactions if you don’t have
cybersecurity. It’s the flip side of the coin.”

At the 2nd ASEAN Ministerial Conference on Cybersecurity, it
was revealed that
Singapore will set aside S$1.5 million of the ASEAN Cyber Capacity Programme
(ACCP) to build technical capability among incident responders and operators in
the ASEAN region.

The S$10 million ACCP was announced at
the Opening Ceremony of the inaugural ASEAN Ministerial Conference on
Cybersecurity during the first Singapore International Cyber Week in 2016.
Through a modular, multi-stakeholder and multi-disciplinary approach, the ACCP
seeks to develop technical, policy and strategy-building capabilities within
ASEAN Member States through workshops, seminars and conferences organised, in
collaboration with partners such as Government agencies, industry players and
Non-Governmental Organisations (NGOs), including the US Department of State,
the MITRE
Corporation
, Cyber Law International and the ICT4Peace Foundation.

At the same conference, ASEAN Member States expressed their
support for the development of basic, operational and voluntary norms of
behaviour to guide the use of ICTs in a responsible manner, in line with the
2015 Report of the UN Group of
Governmental Experts
 on Developments in the Field of Information and
Telecommunications in the Context of International Security.

The Sydney Declaration at the inaugural
ASEAN-Australia Summit also includes a
commitment to deepening cooperation on cyber security.