Resilience constitutes one of the central objectives of Japan’s
2018 Cybersecurity Strategy, whose core components include international cooperation in sharing expertise and coordination of policies, incidence response, and cyber capacity-building (CCB). Japan has traditionally
argued that global initiatives are required to reduce cybersecurity vulnerabilities and has advocated for a tailor-made approach that takes into account the national situation of recipient countries and the importance of national ownership.
Japan recognises the ‘trickle-up’ effect of national initiatives,
stating that CCB “not only improves the capabilities of the recipient country, but also directly leads to enhanced security and stability in cyberspace as a whole”; in that sense, it disfavours the understanding of CCB as a “common but differentiated responsibility”, believing that such a view “does not fit the context” of international cyber cooperation. As a result, the country has assumed a balanced approach to CCB. On the one hand, it has successfully utilised multilateral fora such as the G7 and G20 summits to promote its own normative standards.
At the G7 Ise-Shina Summit in May 2016, for instance, Japan introduced the
Ise-Shima Principles, which included the enhancement of cooperation on CCB. On the other hand, Japan considers its own security and that of its nationals as intrinsically tied to the cyber capabilities of developing countries, since attacks on the IT infrastructure of regional partners can adversely affect Japanese trade. Japan has thus acted primarily through ASEAN to promote regional capacity-building efforts.
In 2016, Costa Rican Cybersecurity Incident Response Team (CSIRT) joined
CAMP, an international alliance that serves as a platform for the members to enhance their cybersecurity capacity.
Costa Rica is also
collaborating with Israel on cyber issues and digital transformation in an effort that has the potential to streamline innovation in the public sector, transforming public services and institutions and positioning Costa Rica as a regional benchmark in cybersecurity.
On a national scale, Costa Rica launched a
digital transformation strategy for the public sector in 2018 and is now working to create a
strategy for the implementation of Artificial Intelligence. The initiative seeks to promote the use of digital technologies and access to scientific knowledge, innovation, technology, and telecommunications for social and productive transformation.
Having
suffered a cyber attack in 2022, Costa Rica is now
positioning cybersecurity as a top national priority, and the Ministry of Science, Innovation, Technology and Telecommunications is beginning to implement various actions to detect, respond and correct cyber intrusions, build faster and more robust response protocols, and train individuals in skilled threat detection.
In recent years, Albania has significantly expanded its capacity-building activities, modernising both the relevant institutional apparatus and the diplomatic outreach accompanying it. Since 2017, ALCIRT, Albania’s national CSIRT, has been given an expanded mandate and merged with the National Authority for Electronic Certification and Cyber Security (AKCESK). AKCESK is responsible for preparing strategic documents relating to cybersecurity, drafting legislation, collaborating with relevant stakeholders (international organisations, civil society organisations, the private sector) and providing training. [
x] Through AKCESK, Albania has signed Memoranda of Understanding (MOU) with several regional national CERTs (Kosovo, North Macedonia, Romania) and is currently negotiating similar MoUs with Serbia, Montenegro, Cyprus, and Slovenia. [
x] AKCESK also frequently collaborates with the Council of Europe in relation to incident response and awareness training. [
x] As a member of NATO, Albania signed the MoU with the NATO Cyber Incident Response Centre (NCIRC) on enhancing cyber defence in 2013 [
x] and has participated in numerous NATO-led training initiatives, including the flagship Cyber Coalition exercise. Meanwhile, increased emphasis has been placed on the protection of critical infrastructure, with a 2015 government paper stating that future actions will be focused on “the protection and resilience capacity of critical infrastructure” and on “encouraging operators that own them to implement a full security architecture (including risk management and emergencies)”. [
x] In 2020, Albania adopted its first-ever cybersecurity regulation for the electricity sector, which establishes incident reporting and assessment criteria for electricity operators. [
x] This was reportedly only the first of many planned initiatives intended to reduce the country’s cyber vulnerabilities and increase trust in digital services.