Session
- Masae Toyama, JPCERT/CC, Civil Society, Asia-Pacific Group
- Hiroki Mashiko, NTTDATA-CERT, Private Sector, Asia-Pacific Group
- Bernhards Blumbergs, CERT.LV, Government of Latvia, Western European and Others Group
- Adli Wahid, APNIC, Technical Community, Asia-Pacific Group
- Masae Toyama, JPCERT/CC, Civil Society, Asia-Pacific Group
- Hiroki Mashiko, NTTDATA-CERT, Private Sector, Asia-Pacific Group
- Bernhards Blumbergs, CERT.LV, Government of Latvia, Western European and Others Group
- Adli Wahid, APNIC, Technical Community, Asia-Pacific Group
9.1
16.10
16.7
17.13
17.17
17.6
17.9
Targets: As mentioned in the session description, CSIRTs play a critical role in ensuring that the Internet remains safe and trusted for users. This session will address the SDG targets by: - Help CERT practitioners with the hope of a secure and trusted Internet to build connections and foster collaboration across national, sector and industrial boundaries - Ensure that participants have the opportunity to access a wide range of information - Discuss the intersection of Internet governance and cybersecurity and strengthen the involvement of cybersecurity professionals in the governance driven by an effective multi-stakeholder approach
Gathering
This networking session gathers cybersecurity professionals and the wider Internet governance community to exchange views and share information on activities they are involved in the IGF community through casual conversations. The session is mainly designed for those who belong to, and are working with, national, sector and commercial CSIRTs (Computer Security Incident Response Team). Anyone who is keen to explore the intersection between cybersecurity and the Internet governance is also warmly welcome to attend this session. CSIRTs play a critical function of ensuring the Internet remains safe and trusted for users. Through handling cyber incidents, CSIRTs have vast knowledge and expertise on tackling and mitigating cyber threats. Their first-hand insights are invaluable to policymakers. Hence, this session enables interaction between cybersecurity experts and policy makers/policy influencers.
As the session’s aim is to allow participants to meet others working in the field and potentially identify areas for future collaboration, participants will be randomly divided into small groups and given some minutes to briefly introduce themselves and answer guiding questions provided by organisers. Participants will come back together and then split into new groups. This process will be repeated as time allows. This hybrid networking session welcome those attending in-person and participating online. The organisers will facilitate all participants to build connections and share key takeaways discussed by onsite participants with onsite participants to facilitate interaction between the two.
Everyone will be expected to actively participate in the small breakout groups by introducing themselves, sharing about their work, and explaining their interest in the intersection of Internet governance and cybersecurity.
Report
Prior to discussing the presented guiding questions, the moderators, Hiroki Mashiko, Bernhards Blumbergs, Adli Wahid, and Masae Toyama as well as participants introduced themselves to get to know each other. Toyama mentioned the background story of session proposal. Her idea was to break the situation of fewer chance to meet CSIRT practitioners in IGF and create a place for them to attract themselves and a wider technical community. She said that while CSIRTs play an important role in keeping secure and stable cyberspace, their voice in IGF is not yet loud enough amongst various stakeholders.
She explained how the networking sessions ran. All participants invited to stand up and walk freely in the room to talk to someone they not spoken to yet. One of the features of the session was that participants were encouraged to pick coloured sticky note(s) to show their own stakeholder group, and this facilitated to foster the conversation in terms of ice break.
Of the 10-minute session, seven minutes are allocated for short discussion to answer a guiding question and three minutes for the exchange of comments from the virtual and physical venues. It was repeated three times with different questions.
Mashiko actively addressed the onsite participants and encouraged them to comment. Blumbergs and Wahid interacted with the online participants by summarising the views of participants and sometimes adding their own views as well. The instructions were carefully explained to those who came in the middle of the session so that they could enter the discussions smoothly.
After that, the programme proceeded to three rounds of discussion session. Comments shared by participants are including but not limited to:
Question 1: When do you feel that your commitment to cybersecurity is creating and sustaining an open, free and secure Internet?
- Meeting different stakeholders through IGF is my commitment.
- It is a difficult time to achieve a secure, open and free internet all at once. Practitioners are forced to balance the three on a daily basis. It is necessary to interact with people in countries that are not open.
Question 2: What international (geo)political issues prevent CSIRTs from an open, free, and secure digital cyberspace in engaging with cybersecurity? If we cooperate, how can we address this?
- A government CERT feels that the outflow of personnel and data out of the country is a problem.
- Practitioners in other sectors should be made aware of the environment inside and outside their organisations that discourages information sharing between practitioners.
- A gaming company's CERT always considers the possibility of internal or user backlash if the vulnerability is made public and the game rules are changed.
- A university CERT considers whether it makes sense to disclose vulnerabilities outside the stakeholders.
Question 3: To promote cybersecurity, what is a key message you would like to convey at this IGF which is attended by a wide range of stakeholders?
- Cybersecurity practitioners are varied: national, academia, private sector from dealing with public infrastructure and product security. All deal with different information in different styles.
- Cybersecurity practitioners with different perspectives should be interested in sharing what information they deal with in their own activities, and acknowledging what they can and cannot compromise will increase their awareness of participating in cybersecurity discussions.
- In multi-stakeholder fora, strengthening information sharing and capacity building is often the conclusion of the sessions, but how can it be properly assessed, or what other solutions are there?
Moderators thanked the participants for raising the issues and reaffirmed the need for such a place for exchanging views. In the end, participants agreed to promote IGF more to cybersecurity practitioners not only to enhance collaboration with other stakeholders but also focus on diversity within the cybersecurity cluster to encourage mutual understanding.