—

On October 6, the Department of International Relations and Cooperation of South Africa and the Ministry of
Foreign Affairs of the Netherlands, in partnership with the Observer Research Foundation America and
Research ICT Africa, hosted a virtual “Roundtable on Implementing Digital Transformation – A Case for Cyber
Cooperation.” Participants explored the imperative of inclusive digital transformation and the associated
security implications and risks of digitalization in Southern Africa.

The event is part of ongoing cooperation between the government of South Africa and the Netherlands to
tackle challenges to a stable, inclusive, secure, and open cyberspace. The meeting kicked off with opening
remarks from Ambassador Nozipho Mxakato-Diseko, Deputy Director-General of Global Governance and
Continental Agenda at the Department of International Relations and Cooperation of South Africa, and
Ambassador Nathalie Jaarsma, Ambassador-at-Large for Security Policy and Cyber at the Ministry of Foreign
Affairs of the Netherlands. A panel discussion followed, covering a wide range of aspects related to the
intersection of digital transformation and cyber stability, including cyber diplomacy and United Nations
negotiations, the difficulty of building trust, and the challenges associated with ensuring that government-
enabled digital transformation is inclusive and manages downsides that may come as a result.

Summary of Key Points from the Discussion

Ambassador Mxakato-Diseko opened the meeting describing the promise and peril of digital transformation:
new technologies promise benefits for future generations, but present inherent challenges that require
concerted efforts to address and ensure real transformation. Without intervention and planning, fast-paced
development in the digital sphere has the potential to exacerbate existing inequalities. She stressed the need
to address both security and resilience in cyberspace as a critical aspect of bridging the digital divide. The
multistakeholder nature of these efforts is also a key point, as the Ambassador noted the need for broad
consensus and mutually-beneficial arrangements among different stakeholders and sectors. She noted that
inclusive stakeholder engagements should be convened under government leadership to ensure coherent,
workable, and fit for purpose solutions.

Ambassador Jaarsma agreed with the need to bridge the digital divide both between and within countries, in
order to ensure the even distribution of the social and economic benefits of the digital environment. She
highlighted the key role that trust plays in achieving the goal of an open, free, and secure cyberspace that is
accessible to all. In particular, she described the technical side of trust, which is trust of citizens in the
technology itself: that data is secure and connections will not be interrupted. She also described the human
side of trust, which reflects trust in the international community to create a secure digital economy and avoid
using the digital space to carry out attacks and antagonize one another. She concluded by outlining three
principles that contribute to building trust in cyberspace: inclusivity, responsibility, and sustainability.

After the opening remarks, a panel of experts tackled the issues of digital transformation and cyber stability,
featuring the following speakers:
• Kaleem Ahmed Usmani, Head, CERT Mauritius
• Anriette Esterhuysen, Chair, Multistakeholder Advisory Group, Internet Governance Forum
• Moliehi Makumane, Researcher, UNIDIR; Former South African Expert to the UN Group of
Governmental Experts and Open-ended Working Group
• Chris Painter, President, Global Forum on Cyber Expertise Foundation
• Katherine Getao, Former CEO, ICT Authority of Kenya
• Enrico Calandro, Senior Research Associate, Research ICT Africa

2
The panel was moderated by Bruce W. McConnell, Distinguished Fellow at the Observer Research Foundation
America. The following sections highlight key themes from the discussion.

The digital transformation paradox

Kaleem Usmani began the discussion by emphasizing that digital transformation is the focus of many African
countries, and that its potential had become apparent during the pandemic. Digitalization has the potential to
leapfrog development, but there are many associated challenges including protecting human rights online and
ensuring that digital systems are resilient. Conversely, Anriette Esterhuysen challenged the notion that
leapfrogging development is an inevitable result of digital transformation. She echoed Ambassador Mxakato-
Diseko with the notion of a paradox of digital transformation—digitizing political, social, and economic contexts
that are already deeply unequal risks replicating those divides in the digital space and, ultimately, deepening
them. Participants in the meeting highlighted that while there are many promises with regard to information
and communication technologies (ICTs), most people in Southern Africa are currently witnessing the downsides
of introducing technology into industries like agriculture, where automation results in fewer jobs. More data is
needed about the impact of digitalization on employment in various sectors, but Katherine Getao also asserted
that investments in technology should be done in a way that is appropriate for a given environment and
lifestyle, what Esterhuysen called “needs-responsive digital transformation,” instead of just broadly pursuing
digital transformation at every opportunity.

Moliehi Makumane connected this discussion with the Sustainable Development Goals (SDGs). ICTs are often
promoted as tools to contribute to achievement of the SDGs, but the vulnerabilities stemming from these
technologies are not adequately addressed in forums focused on development. For example, in a discussion on
SDG 9, which is focused on building resilient infrastructure, there is a clear connection to the cyber norm on
protecting critical infrastructure from cyber attacks. However, elements regarding protection of critical ICT
infrastructure are not integrated into infrastructure development strategies.

Enrico Calandro echoed the view that the COVID pandemic has offered a new view of digitalization, one where
connectivity is a human right that must be ensured and protected. Looking at connectivity this way, it is clear
that we need to re-evaluate our existing approaches to digitalization and perhaps develop new ones.

The role of government in digital transformation

A large part of the discussion with meeting participants was devoted to assessing the role of government in
leading or enabling digital transformation. In her remarks, Anriette Esterhuysen emphasized the need for
governments to resist the urge to carry out all the processes related to digital transformation, and instead
devote their efforts to creating enabling environments for the involvement of all stakeholders. Such
environments should be conducive to investments of public and private resources and building human
capacity, and result in equitable and affordable access to infrastructure. Governments also have a role to play
in creating an environment of openness that fosters responsible freedom of expression and trust in
governance. Other participants raised the need for governments to take an active leadership role in creating
environments for equitable digital transformation, although Katherine Getao questioned the feasibility of this
when many African governments face capacity challenges and competing priorities. She challenged participants
and speakers to concretely identify what they expect from governments in this space. The capacity challenges
faced by governments highlight the need for other stakeholders to share the burden, and for governments to
facilitate this by creating an environment that enables private sector and civil society engagement and
leadership. African governments need to make cybersecurity and digitalization a priority, and some suggestions
were made as to how that could happen at a meaningful level that moves beyond mere lip service, such as
investing in research and development including through partnerships with the private sector, developing cyber
policy that proactively includes non-governmental stakeholders from the beginning, and investing in digital
infrastructure that is affordable and available to all.

3
 It was acknowledged that no actor alone—government, private sector, or other—can facilitate equitable digital
transformation, and in this vein, speakers emphasized that the UN processes on cyber stability (the Open-
ended Working Group, Group of Governmental Experts, potential Programme of Action, and others) must also
include stakeholders beyond government. In particular, Ambassador Jaarsma, while applauding the presence of
big tech companies as engaged actors, noted that the participation of smaller, more innovative tech companies
would also enrich the discussions. Oftentimes they do not have the capacity to participate, so governments
should exert some effort to connect with this sector more deeply. It was noted by Bruce McConnell that the
issue of small companies mirrors the challenges faced by small countries, who also often do not have the
bandwidth to effectively participate in the multiple ongoing international discussions on these topics.

Capacity building and cyber diplomacy

The role and capacity of governments was also connected to the international processes at the UN on ICTs and
international peace and security. Chris Painter pointed out that cyber capacity is foundational to all the issues
being discussed. If governments are unable to participate in cyber-related discussions at the diplomatic level, or
if their country’s cybersecurity is faulty, they will not be able to participate effectively in the digital economy or
global cyber governance. Enrico Calandro referred to the principles for cyber capacity building laid out in the
UN Open-ended Working Group report, which bring a development lens to cyber capacity building, as a path
forward. Adhering to these principles when pursuing capacity building efforts could help bridge the gap
between cybersecurity and development which had been highlighted earlier in the meeting.

The conversation about governmental capacity also turned specifically to diplomatic capacity. Katherine Getao
raised the question of whether governments should be developing a corps of cyber diplomats or building the
capacity of traditional diplomats to participate in cyber-related negotiations. Moliehi Makumane responded by
noting the challenges associated with the role of the generalist diplomat in the cyber context and explained
that generalist diplomats may not have the technical knowledge to understand all the nuances of cyber
discussions. In her view, the role of a generalist diplomat is to build policy space for dedicated agencies in the
home country to work in and take advantage of. She stated that the disparity in cyber maturity between
countries makes truly inclusive conversations at the international level difficult, and there may be a need to
pause some of the international discussions to allow countries to catch up. Kaleem Usmani mirrored this by
discussing the differing levels of capacity and understanding about the UN processes between African
countries. He pointed to the need to build understanding within governments about how these processes and
the implementation of the agreed norms and confidence-building measures can benefit African countries. He
gave the example of cyber incident response, where a country first needs a computer emergency response
team (CERT), then it needs to be able to connect country-to-country across borders in order to be effective. A
role for the international processes could be to provide a platform for this cross-country connection.

Moving to implementation
The discussion was wide-ranging and revealed the breadth of issues and challenges that exist at the
intersection of digital transformation and cyber stability and security. As Enrico Calandro pointed out, further
work is necessary to deepen our understanding of the issues at play and move from discussion to action.
Implementation of internationally-agreed cyber norms and principles for cyber stability is part of this move
toward action. Calandro highlighted some of the work being done in this regard by the Cybersecurity Capacity
Centre for Southern Africa, including conducting surveys of national implementation efforts in order to track
implementation progress.

In an effort to contribute to the move from discussion to action, the following areas from the meeting have
been identified for further engagement:

4
1. Enhancing cyber diplomatic capacity: The success of the UN processes on ICTs in international peace
and security depends on the ability of all countries to participate and implement outcomes effectively.
There are several initiatives that offer training for diplomats on cyber issues, but more awareness and
buy-in is needed from the political level in many countries. Further efforts could be focused on
increasing awareness and high-level political buy-in, identifying the areas where countries need more
support, or finding new approaches to the challenges of engaging in diplomacy on cyber issues. How
can trusted relationships be built in an environment where diplomatic resources are stretched thin?
2. Creation of multistakeholder, enabling environments for equitable digital transformation: It is clear
that equitable development gains from ICTs require concerted efforts from governments, along with
meaningful engagement from all stakeholders—which requires invitation and openness from
governments. The development of model frameworks or guiding principles for governments to create
such environments can help focus limited resources and ensure that values like respect for human
rights, inclusivity, and rule of law are respected in digital transformation processes. In addition,
identifying existing fora, such as the Internet Governance Forum and the Global Forum on Cyber
Expertise, that could play a role in facilitating multistakeholder engagement in cyber governance, can
help avoid duplication of efforts.
3. Connecting across silos: The impetus for this meeting was an acknowledgement that the discussions
about ICTs and peace and security intersect with the Sustainable Development Agenda, but that this
intersection has not been adequately explored in either the development or peace and security “silo.”
A more concerted effort to bridge this gap and cross reference the internationally-agreed norms and
cyber stability principles with the SDGs and other development benchmarks could contribute to more
informed international processes as well as mutually reinforcing outcomes.