IGF 2023 Town Hall #126 Who will attend to the cybersecurity needs of civil society?

Issue(s)

Cyberattacks, Cyberconflicts and International Security
New Technologies and Risks to Online Security

Round Table - 60 Min

Description

In recent years investigations, in particular those conducted by Citizen Lab from Toronto University and Amnesty International Tech Lab, have revealed that civil society, activists, and journalists are regular targeted for intrusion by a range of actors using advanced cybersecurity tooling such as Pegasus and Predator malware. There is also evidence of a growing influence of Chinese industry in offering surveillance technology in African governments which is a frightening scenario as well. Those examples are only the tip of the iceberg of civil society digital risk. As a whole civil society organizations are increasingly under all types of attacks that can threaten also the availability and integrity of their systems, some for political reasons others as vulnerable targets for conventional cyber-crime. From attacks on their websites, crypto ransomware, theft of their computers or smartphones, non-governmental organizations are under immense threat. Staffed by small teams and often saddled with under-resourced operations most are in no position to repel modest attacks, much less ones using bleeding edge tools and zero day exploits. Moreover they are rarely in a position to respond effectively after incidents occur. Where are the Computer Emergency Response Teams(CERT/CSIRT) dedicated to civil society, activists and journalist? Who will help them when they face an emergency, an incident or suspicion of spying malware? Who can help them prepare their organizations and infrastructure to be more resilient? In the FIRST (Forum of Incident Response and Security Teams, first.org) list, there is only one organization in the world working from and for civil society: Access Now Digital Security
Helpline (recently "officially" recognized as a CERT/CSIRT and represented by one of our speakers). Such a large sector broadly devoted to humanitarian aid deserves better.
There are other entities trying to fill the gaps, from other non-governmental organizations to private sector entities offering free or reduced price services and even independent consultants, but the need is far greater than the collective capacity. Even with the recent arrival of CIVICERT (civicert.org), a network of Computer Emergency Response Teams (CERTs), Rapid Response teams, and independent Internet Content and Service Providers helping civil society respond to incidents, prevent digital security issues and detect surveillance technologies like advanced malware many are left with no recourse when facing a cybersecurity incident arrives. These existing support entities are seeds of a rich ecosystem, but we need a vast field of civil society digital security support mechanisms to bloom if we are to respond efficiently to all the threats civil society is now facing in using the Internet to help those in need and hold accountable those in power. It will take a unique, sector specific approach to meet the landscape in which civil society operates: high stakes information attracting advanced threat actors defended by sparse systems and small teams. What are the steps we can take to make all the actors of civil society truly safer in the digital realm and more confident in doing their work because they know who can help them in case of digital security issue? When will we finally empower civil society in the digital realm? What could be the states of states and public international organizations?
This TownHall aims at exploring the unique needs of civil society in receiving digital security support as well as presenting examples of emerging and existing organizations fully or part-time dedicated to addressing those needs. We will explore together what could be done to strengthen the existing organizations and create the full capacity that is needed in this large sector. We will focus on organizational, trust and financial aspects, and public policy making, informed by the perspectives of front-line practitioners from various stakeholder groups including a CERT, Rapid Response teams,private companies and also persons working in cybersecurity public policy (IGF, OECD). Many of our speakers are dedicated to responding to digital civil society emergencies, incidents and security issues, working for the same purpose, but from diverse type of organizations, perspectives and from multiple continents. We are excited to find the common threads in our experiences to help point the way to a better cybersecurity future for global civil society.

It’s going to be an interactive session participants online will get first call on questions to panelist after interaction. An online moderator will be fully alert to take questions communicating with the on site moderator.
Four of our participants are yet fully confirmed to be present in Kyoto for this IGF.

Organizers

Fundación Karisma
Stéphane Labarthe, Fundación Karisma (Colombia) from 7 years and ex Chief Information Security Officer of French Data Protection Authority (CNIL), civil society, LATAM (Colombia)
Poncelet Ileleji, CEO Jokkolabs Banjul, Gambia, visiting lecturer at the Business University in Dakar, Senegal, civil society IGF and academic, Gambia NRIs, Africa
Jonah Sheridan, Information Ecology, private sector, America ans Asia (United States living in Japan) ;

Speakers

Jonah Sheridan, Information Ecology, private sector, America ans Asia (United States living in Japan) ;
Hapee de Groot, Greenhost and member of CIVICERT, private sector and civil society, Europe (Netherlands);
Alex Argüelles, Access Now Digital Security Helpline, civil society, LATAM(Mexico);
Zanyiwe Asare, Digitally Legal, IGF, and African Women Leaders Network South Africa Department President, private sector and civil society, Africa (South Africa)
Peter Stefen, OECD, Intergovernmental organization, Europe (Irland),
Stéphane Labarthe, Fundación Karisma, civil society, LATAM (Colombia)

Onsite Moderator

Poncelet Ileleji

Online Moderator

Stéphane Labarthe

Rapporteur

Jonah Sheridan

SDGs

3. Good Health and Well-Being
4. Quality Education
8. Decent Work and Economic Growth
9. Industry, Innovation and Infrastructure
11. Sustainable Cities and Communities
16. Peace, Justice and Strong Institutions


Targets: Whereas there are a lot of teams focused on addressing digital security issues for governmental entities, the corporate sector, and academia, the resources for the civil society sector which comprises millions of organizations and trillions of dollars of operating expenditure are few. Responding to this need, which implies also educational aspects, will help not only the well being of civil society itself, but all the persons who benefit from their actions. They are in many cases excluded people, in poverty, or belonging to minorities. That's why this topic is also about well being, economic growth, sustainable communities, peace and justice, education and technology innovation applied to civil society.