BPF Cybersecurity 2018 Contributions NRIs

(note: this is a call for contributions directed to National,Regional and Youth IGFs. A general call for contributions is published here)

Dear National,Regional and Youth IGF representatives,

The IGF Best Practices Forum on Cybersecurity is calling for input for its 2018 effort.

We are very interested in understanding national and regional specifics on the cybersecurity challenges we all face, and are looking for your assistance. The 2018 IGF Best Practices Forum on Cybersecurity is a multistakeholder group focusing on the development of culture, norms and values in cybersecurity.

Norms have become a very important mechanism for states and non-state actors to agree on responsible behaviour in cyberspace. There are numerous initiatives under way in this regard, but with limited exceptions, such as the Global Conference on Cyberspace (GCCS) and the Global Commission on the Stability of Cyberspace (GCSC), most of these norms discussions happen in inter-state forums, and they do not always provide an open and inclusive mechanism for non-state actors to participate and to contribute.

The Best Practices Forum is taking a multi-stakeholder view on the development of norms, both within and between participants of each IGF stakeholder community.

We are issuing this Call for Contributions to gain perspectives from all interested stakeholders on existing norms development efforts, how those norms are being implemented and whether they are successful. We’re also trying to understand whether differences in design and implementation may result in a “digital security divide”: a group of “haves” and “have-nots” in terms of the protection the norms offer.

Your contributions will help develop our final outcome document, and enrich discussion on cyber norms within the group and within the IGF.

To provide additional background, the Best Practices Forum has developed and released a Background paper.

***  Call for Contributions  ***

You can assist in the BPF by sending us answers to any or all of the following questions. They are divided in two sets:

  • General questions should be relatively easy to answer, and provide a strong contribution to the BPF. Thank you in advance for addressing these.

  • Specific questions are focused on very specific areas of interest. We do not expect you to respond to all of them, but if you have the opportunity to discuss them in your NRI, we welcome your input.

Contributions will be listed on the IGF website, then be compiled and synthesized by the Secretariat, and further circulated on the BPF mailing list and to the community for comment and further work towards an output document for the BPF to be presented at the 13th IGF in Paris, France from 12-14 November.

You’re kindly requested to try to keep the contributions to no more than 2-3 pages, and to include URLs/Links to relevant information/meeting agendas/presentations/etc. When including specific examples or detailed proposals, those may be included as an Appendix to the document.

Questions

Your name and official role at the NRI you are responding for:

  • Coordindator
  • Chair or co-chair
  • Member of the Steering Group/Organizing Committee/MAG of the NRI [describe which]
  • Intertested participant/observer in an NRI
  • An NRI community member
  • Observer on the NRI's mailing list(s)

Your contact information (e-mail):

General questions

  • Has your NRI organized a session on cybersecurity? Was it considered a priority session?
  • For how many years has your NRI covered cybersecurity as a topic?
  • What did the session address, or was covered in the session agenda?  Were any implementation plans or policy proposals presented or discussed at your meetings, or discussed during intersessional work?
  • What were the main outcomes, or work initiated out of this session?
  • Does your NRI maintain any key messages on cybersecurity?

 

Specific questions

  • What working definition do you maintain for cybersecurity? What is considered a cybersecurity issue and what is not?
  • Has your NRI identified work on cybersecurity culture, norms or values? What are typical values and norms that are important to you or your constituents?
  • Within your field of work, do you see organizations stand up and promote specific cybersecurity norms? This can be either norms at an inter-state level, or norms that only apply within your community or sector.
  • Are there examples of norms that have worked particularly well? Do you have case studies of norms that you have seen be effective at improving security?
  • Do you have examples of norms that have failed (they have not seen widespread adherence), or have had adverse effects (living up to the norm led to other issues)?  
  • Within your community, do you see a Digital Security Divide in which a set of users have better cyber security than others? What is the main driver of the divide?
  • What is for you the most critical cybersecurity issue that needs solving and would benefit most from a multi-stakeholder approach within this BPF? Should any stakeholders be specifically invited in order for this issue to be addressed?

 

Publication

  • Contributions will be published on the BPF webpage and included in the BPF’s output document. Please inform us here, should there be any limitations on the publication of your contribution, and indicate what title, organisation or contact person could be used to identify your contribution.

 

Submission

Please attach contributions as Word Documents (or other applicable non-PDF text) in an email and send them to [email protected] .

 

 

Subscribe to the BPF Cybersecurity mailing list: https://intgovforum.org/mailman/listinfo/bpf-cybersecurity_intgovforum.org

Relevant reading: