I. ADMINISTRATIVE PART

1. The conduct of the inaugural meeting for the ASEAN Defense Ministers’ Meeting (ADMM)-Plus, Experts’ Working Group (EWG) for Cyber Security, co-chaired by the Philippines and New Zealand, was agreed upon in Cebu City last April 2017 during the ASEAN Defense Senior Officials’ Meeting (ADSOM) and ADSOM-Plus Meeting, where the Cyber Security work plan was adopted.

2. In this work plan, it was agreed that the inaugural meeting shall be held in the Philippines and shall aim to consider the problems relating to cybersecurity, identify cross-pollination abilities with other cybersecurity, identify baselines for confidence building measures (CBMs), capacity building, and to establish firm Point-of-Contacts (POCs) for each ASEAN member states.

3. This meeting was attended to by ASEAN member and its Plus countries except the Republic of Korea.
II. HIGHLIGHTS OF THE MEETING

Day 1: July 17, 2017

1. The first day of the meeting marked the registration of all participants of this event followed by the breakthrough session of the meeting where countries were divided into three (3) syndicate groups that aimed to address the objectives of this EWG as well as establish each country’s Points-of-Contact (POCs). This also involved each country’s presentation of their respective cyber security structure, policy, concerns, and current focus, to be presented to fellow member-countries as part of this meeting’s confidence building measure.

2. The first syndicate group included Australia, Brunei Darussalam, Cambodia, China, India, and Indonesia. This was led by moderators from the Philippine Army. This group was tasked to expound on the measures to enhance awareness on cyber security challenges and responsibilities, the international community’s contribution in addressing these challenges, and how to leverage each nation to address these cyber security challenges.

3. The second group composed of Japan, Lao PDR, Malaysia, Myanmar, and New Zealand. This group was led by moderators from the Philippine Navy where discussions on how to encourage common efforts to protect cyberspace from ASEAN, its Plus countries, and the international community may be harnessed. Also discussed were ways to develop cooperative solutions and initiatives to address cyber security threats.

4. The third group composed of Russia, Singapore, Thailand, United States of America, Vietnam, and the ASEAN Secretariat, led by moderators from the Philippine Air Force. The last group was tasked to discuss about the appropriate mechanisms for cooperation among defense and military establishments of the ADMM-Plus members, and coordination of military and civilian groups in addressing cyber challenges.

5. After this breakthrough sessions, all moderators were required to prepare a report to be presented during the plenary session on the second day of the meeting for this EWG.

Day 2 : July 18, 2017

6. The second day marked the plenary session of the meeting. The session was opened by a group photo of the heads of the delegates, and welcome remarks from the co-chairs, Director Jesus V. Lomeda, Jr. and Mr. Michael Thompson.

7. This was followed by Mr. Joe Burton, a subject matter expert from New Zealand who discussed about Cyber Security in the Asia Pacific and its Challenges. In his presentation, he discussed how cyber security is largely becoming a critical national issue in all countries. He mentioned that cybercrime acted upon by non-state actors for financial gain – acquire 500B USD, this amount is projected to quadruple by the end of the decade. Cyber espionage, where state and non-state actors target each other for strategic and political gain. Cyber protest of hacktivism, coerce change in political behavior – this also uses the social media to undermine established institutions. Cyber terrorism aims to involve damage, induce fear, and targets civilians and infrastructure. Terrorists nowadays use cyberspace to promote ideology, political support, recruitment of members, and plan terrorist attacks. This is now also being done by ISIS. Lastly, cyber warfare, as it is seen, cyber warfare is being used as a tool of war, a precursor to armed conflict. This amplifies the effects of military operations. This 5th domain is being used to affect other domains through the Internet of Things.

8. In the Asia-Pacific, 80% of the victims of cyberattack come from Asia. This is due to the fact that there is a low price of entry in terms of cyber attacks. It does not cost much to develop cyber capability and there is a continued growth in the malicious use of the internet. Also, there is a problem in asymmetry, where a single person can cause havoc in a big nation from the comfort of his own home. Anonymity, in cyberspace it is becoming harder to attribute an attack to an individual as it is easy to disguise the trail of a hacker. Also, disinformation, propaganda, and fake news obscure attribution. There is also a problem in territory as cyberspace cannot be covered by the geographical territory. And at the same time, cyberspace blurs the territory built by international law.

9. As a response, Mr. Burton concluded and recommended the following. In the ASEAN perspective, it is important to harness and solidify international cooperation and engagement, understand the legal debates, and capacity and confidence building. It is also important to dig down in to the issues, and establish multi-disciplinary discussion. He also recommended that a panel should be created to discuss the issue on deterrence as well as the possibility of private-public cooperation.

10. After Mr. Burton’s presentation, a panel discussion, with discussants from USA and Singapore, moderated by Mr. Michael Thompson of New Zealand. On the panel, it was discussed that readiness, through education training must be established to all ASEAN and Plus countries, as competency affects trust and confidence among members. It was also discussed that norms should be established in a way that these norms are agreed upon by the members at an international level and exchanges should be held to operationalize these norms.

11. As an individual, it was also discussed that each person may contribute in protecting each country’s cyber space, and this is through cyber hygiene. Also, it was reiterated that all ASEAN-Plus member countries must never venture into the cyber offensive – as cyberattacks may become a weapon of mass destruction (WMD) that may lead to worldwide conflict.

12. The next presenter was BGen Pedro A. Sumayo Jr., AFP Assistant Deputy Chief-of-Staff for C4S, AJ6, who discussed about AFPs cyber update. In his presentation, he elaborated on cyberattacks aimed toward military operations. That is why, as a response, AFP published a letter directive adopting cyberspace as one of AFPs domain of operation. Also, just this year, the Department of Information and Communication Technology published the National Cyber Security Plan 2022, that shall address challenges that military operations in cyberspace face.

13. The AFP is now in the process of formulating the AFP Cyberspace Strategic Plan 2018-2022 that aims to mitigate risk to AFP missions.

14. This was followed by the second panel discussion moderated by Director Jesus V. Lomeda, Jr. and participated by the Philippines, India, and Malaysia.

15. In this panel, India reiterated that one of the most important aspects in ensuring the safety of cyberspace is through nationwide awareness and literacy. In India, they have the Data Security Council of India where people with qualified skills register in database as much as possible information for other industries to pick up. This also provide precedence from previous working environment. It was also mentioned that a military CERT under CERT India be established to ensure that networks are secure, most especially defense networks.

16. The same goes for Malaysia who has a unified database that provide the same mutual understanding and sharing platform that can identify threats at a national level. This information sharing mechanism synergizes the efforts of all agencies and provides best practices that may be used by all agencies nationwide. Malaysia also reiterated that there should be An active defense drill, where a cyber activity involving all agencies are conducted to ensure that all agencies are prepared when a cyber attack is aimed at an agency.

17. A question was raised regarding difficulties in implementing cyber security regulations, it was responded to by the panelists by answering the best practices that can be done to minimize this difficulty. To address this, it was said that there is a need to create trust between agencies. This may be done through collaborative talks among agencies to establish mutual interests. This may also be done by appointing a single champion to serve as a channel to provide advisories and alerts from the top level to the lowest level. By having this platform, trust and confidence may be established among agencies.

18. It is also mentioned that to minimize difficulty, education in cyber space is important. In India, it is their goal to cascade best practices to the lowest level. This ensures that in a chain, the weakest link is eliminated.

19. After the panel discussion, the syndicate group’s designated rapporteur presented the output of the breakthrough session conducted the day before.

20. The group one (1) on enhancing awareness; recommended that a website or an internet forum be created to be a venue to share whitepapers and best practices among ADMM-Plus member countries. It was also noted that sharing of whole-of-government mechanisms and frameworks should be shared on the subsequent ADMM-Plus EWG for Cyber Security meetings. Lastly, it was recommended that  enhancing of international cooperation and collaboration is important and may be done through multi-lateral meetings.

21. The rapporteur of group two (2), after presenting briefly the POCs and cyber security stance of each country, discussed on the recommendation of the group after their breakthrough session. It was recommended that it is most important for the cooperation among member-states be established in accordance with the international norms and order. The group also reiterated the importance of instituting cyber security awareness, incident response, and promulgation of cyber security related laws, and establishment of a cyber security agency. Also, there should be a cyber threat information sharing mechanism for awareness in ASEAN region. There should also be a workshop to formulate policies, laws, and standards. Finally, there should be a training of personnel with technical expertise to enhance capability and increase pool of experts in terms of cyberspace.

22. The third group identified the mechanisms in terms of military operations. This group named three (3) mechanisms that may be used to further improve military operations. First is the cultivating of trust and understanding, conducting bilateral and multilateral exercises and active partnership collaboration on cybersecurity concerns.

23. After the event, participants were required to submit a survey questionnaire form on how to further improve the conduct of this EWG. Some of the comments and recommendations included the development of a website or portal about the EWG, the POCs, and references. Also, recommended that technical personnel be involved to the subsequent meetings of this EWG. (Tab ‘C’)
III. INSIGHTS AND RECOMMENDATION

1. The co-chairmanship of the Philippines to this Expert Working Group is momentous to the cyber security development of the Philippines. Thus sustaining the interest of the ADMM-Plus member countries are important to establish trust and confidence that will lead to confidence and capacity building among member-countries. Therefore, it is recommended that the subsequent meetings in the Philippines and New Zealand be participated by the core group for the next three (3) years of the implementation of the cyber security work plan.

2. Also, recommend the development of a portal to serve as the hub for all information among POCs of the member-countries most importantly information on best practices and latest cyber threats to foster confidence and trust among member-countries while providing necessary details to protect cyberspace of each member.

3. For consideration.

   JESUS V. LOMEDA, JR.
Chief, Management Information System Service