Session
Best Practice Forum on Cybersecurity - 'CYBERSECURITY AGREEMENTS'
The 2019 edition of the Best Practice Forum on Cybersecurity is exploring best practices in relation to recent International Cybersecurity Initiatives. The BPF analyses existing initiatives such as the Paris Call, the GCSC’s Six Critical Norms Towards Cyber Stability, the UN OEWG and GGE, and collect and share best practices around the implementation of suggested measures.
The BPF is part of the 2019 intersessional work program of the IGF and started its discussions already well ahead of the Berlin meeting. The BPF published a draft report that will be further completed with input from the BPF workshop at IGF2019. (see below for more details on the report and how to provide feedback).
Workshop Agenda "Putting Agreements into Action - Operationalising Cybersecurity Agreements"
Chair / moderator - Maarten van Horenbeeck, Board member, Forum of Incident Response and Security Teams (FIRST)
Introductory scene-setting discussion
- Maarten van Horenbeeck, BPF Cybersecurity lead expert
- Markus Kummer, BPF Cybersecurity co-facilitator
- Professor Madeline Carr, Professor of Global Politics and Cybersecurity, UCL and Director of the Research Institute in Science of Cyber Security (Academia)
Panel discussion – focused on the following questions:
1) What do you see as a role for norms? Where you are involved in / responsible for an agreement, where do you see it on the spectrum of observation - implementation?
2) Can you share an example of an effective implementation effort?
3) What is the road ahead for implementation? Is there an opportunity to collect and share best practices on these efforts, or is a framework needed?
4) How can we assess whether norms are adhered to? Are there good examples of norms assessment or measurement efforts?
Panelists:
- Carina Birarda, CSIRT Buenos Aires Cybersecurity Center (Technical Community)
- Sheetal Kumar, Global Partners Digital (Civil society)
- John Hering, Microsoft (Private sector)
- Olaf Kolkman, Internet Society (Technical Community)
- Dr. Alexander Klimburg, Global Commission on the Stability of Cyberspace (Multi-stakeholder)
Online moderator: Alyssa Moore, CIRA, The Canadian Internet Registration Authority
Rapporteur: Ben Wallis, Microsoft and BPF Cybersecurity co-facilitator
REVIEW the draft output report !
IGF2019 BPF Cybersecurity draft output
Instructions:
- Review the report here (link BPF report)
- Send your feedback to [email protected]
- Format: email, or word/pdf attached to an email
- If your comment is on a specific section or paragraph, please indicate this clearly!
- Deadline: you can submit feedback on the draft document until the last day of the IGF2019 meeting. However, we would appreciate receiving your feedback before Friday 22 November, as this would allow us to take your comments into account during the BPF workshop in Berlin.
- Received feedback will be posed on the BPF webpage (unless the author indicates that he/she prefers the feedback is not published) and will feed into the final BPF output report.
Report
- What is the role of norms? And can and should we then move forward from discussions on cybersecurity norms to operationalization of those norms?
- Are cyber norms cascading into the international system and what are some challenges that arise? What are some processes or norms that do not exist today but are still required?
- How can cybersecurity norms be assessed to evaluate whether they are working?
see report at https://www.intgovforum.org/filedepot_download/8395/1805
see report at https://www.intgovforum.org/filedepot_download/8395/1805
Success examples, projects, and initiatives mentioned during the session:
- GCSC norms
- Technical examples related to the routing system and anti-spoofing standards and best practice
- APC publications on network and society organisations into the Human Rights Council procedures
- AccessNow publications
- Oregon Observatory of network interference
- OIA American research
- AR2018
see report at https://www.intgovforum.org/filedepot_download/8395/1805
There were an estimated 60 onsite participants, of which about 20 were women
There were 8 online participants, of whom 3 were women.
The session discussions were gender-neutral and did not discuss gender issues.