Session
DC Internet Standards, Security and Safety (IS3C)
Bastiaan Goslings (SIDN, vice chair IS3C WG 8), Janice Richardson (InSight, chair IS3C WG 2), Kristina Mikoliūnienė (council member RRT Lithuania), Steven Tan (Team Lead safer internet CSA, Singapore), Filip Kužma (director smart consumer institute, Slovakia), Elif Kiesow Cortez Director Quantum and AI, WG 9 chair), Nicolas Fiumarelli (LACNIC/ISOC, WG 1 chair).
Wout de Natris
Janice Richardson
Mark Carvell
9. Industry, Innovation and Infrastructure
12. Responsible Production and Consumption
Targets: The deployment of security-related Internet standards and ICT best practices directly results in the far more secure development and manufacturing of ICTs, resulting in a far more secure and safer use of the Internet and IoT for all end users. This allows for further and safer economic development and innovation. The deployment of security-related Internet standards and ICT best practices also leads to responsible production, which includes the ICT-industry,which is able and often responsible to deploy the standards, which leads to a more secure and protected consumption.
Roundtable
Interactive consultative session comprising two parts (60 + 30 minutes): Part 1 (60 minutes): Short opening presentation by two experts from ICT industry and consumer protection agency on the challenge of increasing greater awareness amongst consumers of the benefits of purchasing ICT products that are secure by design. (10 minutes) Interactive discussion with onsite and online audience to identify how to ensure consumers understand the importance of buying digital products that are secure by design. (40 minutes). Summing up of main points of agreement (10 minutes) Part 2 (30minutes): Short opening presentation by an expert from the Dutch Institute for Vulnerability Disclosure on the practice of responsible disclosure and the experience of successful examples in mitigating risks to consumer security and safety. (10 minutes). Exploratory discussion with session participants on merits of this approach and how it might be formalised at scale regionally and globally. (15 minutes) Summing up of general points of agreement and next steps to develop the required framework of cooperation. (5 minutes)
The deployment of the latest generation, security-related internet standards and ICT best practices is at best a moderate success for some and up to dismal for many. IS3C endeavours to speed the deployment up by raising awareness how deployment by the ICT industry can be stimulated in a positive way. By providing reports on the current situation, including recommendations and best practices. It also provided toolkits that can assist in procuring ICTs and today will provide a set of arguments that can convince decision-takers in organisations to either deploy or demand deployment through procurement procedures. It’s plans for the future contain the organisation of workshops on ICT procurement, IoT security by design and “The Hub”.
IS3C’s new tool providing arguments that can sway decision-takers to decide positively on deployment, is presented at the IGF in Riyadh, just like our animation film on closing the skills gap in tertiary cybersecurity education’s offer and industry’s demand.
In a highly interactive consultative session the topics of cybersecurity standards and consumer awareness and protection are brought together. Together they will discuss how consumer organisations and consumer protection agencies can contribute to the adoption of security by design principles in the global ICTs market. In this part of the session IS3C will discuss how consumer (protection) organisations can contribute to the more wide-spread deployment of the latest cybersecurity standards. The session will consider in particular: i) new ways of empowering consumers towards a level of awareness that allows them to make a well-informed choice in buying ICT products that are secure by design; ii) the value of comprehensive independent testing of the security of ICT products entering the global market; iii) whether there is a role for regulators to ensure producers, suppliers and service providers comply with the latest cybersecurity standards, in order to increase the ability of their consumers to protect themselves when they use their devices and services and; iv) are there ways in which the two very different organisations could cooperate in the future that leads to secure by design ICTs?
IS3C has ambitious plans for 2025. It will share them with you in this workshop. Of course, there will be ample time for discussion and questions.
In this IS3C Day 0 workshop the deployment of the latest generation, security-related internet standards and ICT best practices will be presented from different angles. The main part consists of a roundtable discussion on how consumer organisations and consumer protection agencies can contribute to a more secure and safer internet. How can they ensure that consumers better understand the importance of buying digital products secure by design.
The workshop’s agenda is:
1. The launch and presentation of IS3C’s latest toolkit and report titled ‘To deploy or not to deploy, that’s the question. How to convince your boss to deploy DNSSEC and RPKI’. (10 minutes)
2. The premiere of IS3C’s short film on the cybersecurity hub made by students and staff of the Pixel Blue College, Alberta, Canada, followed by a call to join the Hub. (10 minutes)
3. The consumer debate has the form of a round table (40 minutes). In this interactive discussion with onsite and online audience we discuss how can we ensure that consumers better understand the importance of buying digital products secure by design. The second angle is, what could be the role of consumer advocacy and protection organisations in putting pressure on the ICT industry to produce and/or provide secure by design products, software and services? The panel will also reflect on the potential role of IS3C to raise awareness with these organisations.
4. Finally, IS3C will announce its plans for 2025 (15 minutes)
5. Questions (15 minutes)
Report
1. Tertiary cybersecurity education curricula need to align with the demand coming from the cybersecurity industry. 2. Consumer organisations and consumer protection organisations have a role to play in showing the (lack of) security of ICT systems, devices and services. 3. What are the societal impacts of ubiquitous IoT devices, insecurity by design and the impact of quantum computing in the near future?
1. Join the Cybersecurity Hub and develop the cybersecurity curriculum of the future: https://qrco.de/is3ccyberhub 2.The kick off meeting for consumer organisations is early in 2025. 3. IS3C starts its research into the societal and political impact of the potential impact of quantum computing in combination with ubiquitous IoT systems and devices. The report is presented in Lillestrom.