Check-in and access this session from the IGF Schedule.

IGF 2024 WS #103 Aligning strategies, protecting critical infrastructure

    Organizer 1: Timea Suto, 🔒International Chamber of Commerce
    Organizer 2: Nan Schechter, USCIB
    Organizer 3: Whitney Jolivet, Digital Agency of Japan

    Speaker 1: Rene Summer, Private Sector, Western European and Others Group (WEOG)
    Speaker 2: Ms Robyn Greene, Director of Privacy and Public Policy, Meta
    Speaker 3: Francesca bosco, Civil Society, Western European and Others Group (WEOG)
    Speaker 4: Julia Rodriguez, Government, Latin American and Caribbean Group (GRULAC
    Speaker 5: Mike Latza, Regional Security Officer EMEA, Mastercard (TBC)

     

     

    Additional Speakers
    • Mr Wouter Kobes, Standardisation Advisor, Netherlands Standardisation Forum
    • Mr Chris Buckridge, Senior Strategy Advisor, Global Forum on Cyber Expertise (GFCE)
    • Ms Robyn Greene, Director of Privacy and Public Policy, Meta
    • Mr Mike Latza, Regional Security Officer EMEA, Mastercard (TBC)

    Speakers bios

    Mr Rene Summer, Director Government and Industry Relations, Ericsson Group (keynote speaker)

    Rene Summer is the Director of Government and Industry Relations at Ericsson Group, focusing on ICT public policy areas such as cyber norms, 5G security, privacy, and cross-border data flows. He is also responsible for analysing the internal political landscape and geopolitical trends impacting Ericsson. Joining Ericsson in 2001, Rene transitioned to public policy in 2009 after working in various Business and Market Units, where he specialized in market analysis, forecasting, and business intelligence. He has extensive international policy experience, engaging with policymakers across multiple jurisdictions and actively participating in several trade associations. Rene holds an MSc in International Business and Finance from the University of Reading, UK, with expertise in Business Strategy and Economic Policy.

    Ms Julia Rodriguez Acosta, Permanent Mission of El Salvador to the United Nations

    Julia Rodriguez Acosta is a Minister Counsellor at the Permanent Mission of El Salvador to the United Nations. With expertise in disarmament, international security, and cybersecurity, she plays a pivotal role in shaping policies and discussions at the UN related to these critical issues.

    Mr Wouter Kobes, Standardisation Advisor, Netherlands Standardisation Forum

    Wouter Kobes is a Standardisation Advisor at the Netherlands Standardisation Forum, part of the Dutch government. In this role he focuses on internet and cyber security standardization. His background lies in public administration and computer science, and he has experience working on cyber related issues in both the public and private sector.

    Mr Chris Buckridge, Senior Strategy Advisor, Global Forum on Cyber Expertise (GFCE)

    Chris Buckridge joined the GFCE Secretariat as a consultant in 2023. An independent consultant and analyst in Internet governance and digital policy, he has over two decades of experience with Regional Internet Registries, starting at APNIC in 2003 and moving to the RIPE NCC in 2006. At the RIPE NCC, he focused on public policy and Internet governance, collaborating with organizations like the International Telecommunication Union and the United Nations. In 2015, Chris was part of the Australian government delegation for the WSIS+10 review. He has served on the EuroDIG Association Board since 2016 and joined the UN Internet Governance Forum’s Multistakeholder Advisory Group in 2021, completing his final term in 2024. In 2023, he began a three-year term on the ICANN Board of Directors. Chris holds a Bachelor of Arts from the University of Queensland in Australia.

    Ms Francesca Bosco, Chief Strategy and Partnerships Officer, The Cyber Peace Institute

    Francesca is the Chief Strategy and Partnerships Officer at the Cyber Peace Institute, with over 15 years of experience in international law and human rights from her work with the UN and WEF. She specializes in action-oriented research, capacity building, and technical assistance in human rights, justice, peace, and security. Her expertise includes countering cybercrime, misinformation, and the misuse of technology, focusing on the risks and opportunities of emerging technologies like artificial intelligence. Francesca leads initiatives to enhance digital resilience and promote diversity and inclusion, particularly for vulnerable organisations in developing countries to support the SDGs. At the Cyber Peace Institute, she fosters multistakeholder cooperation among civil society, academia, corporations, philanthropy, and public institutions to mitigate cyberattack impacts and promote sustainable cyber peace.

    Ms Robyn Greene, Director of Privacy and Public Policy, Meta

    Robyn Greene leads Meta’s global privacy policy efforts on cross-border data flows and government access to data. She oversees policy development, research, and coalition building on critical internet governance issues, including Meta’s strategies regarding EU-US data transfers and global data localization requirements. Before joining Meta, Robyn spent five years at New America’s Open Technology Institute as Senior Policy Counsel and Government Affairs Lead, where she focused on policy and legislative proposals related to surveillance and cybersecurity. She also worked at the ACLU's Washington Legislative Office, developing similar policy analyses. Additionally, Robyn served as a subject matter expert on the Data Privacy and Integrity Advisory Committee at the Department of Homeland Security, advising on facial recognition technology. Robyn has testified before Congress on cyber threat information sharing and published the largest publicly available study on US Intelligence Community Section 702 compliance violations. Her work has appeared in prominent media outlets, including the Washington Post, Politico, Lawfare, and Just Security.

    Mr Mike Latza, Regional Security Officer EMEA, Mastercard

    Mike Latza is the Regional Chief Security Officer for Mastercard in Eastern Europe, the Middle East, and Africa, based in Dubai. He is responsible for safeguarding Mastercard's critical assets and fostering trust in the cyber domain to secure a cashless future in the region. Before this role, Mike served for eight years as a Special Agent in the U.S. State Department Diplomatic Security Service, working in various locations across the Middle East and Africa. He also served as a U.S. Army Engineer officer in Iraq and Afghanistan. Mike holds the Certified Protection Professional designation from the American Society for Industrial Security, the Certified Information Security Manager certification from ISACA, and a Bachelor of Arts in International Relations from the University of Dayton, Ohio.

    Moderator

    Timea Suto, Private Sector, Eastern European Group

    Online Moderator

    Whitney Jolivet, Private Sector, African Group

    Rapporteur

    Nan Schechter, Private Sector, Western European and Others Group (WEOG)

    Format

    Roundtable
    Duration (minutes): 90
    Format description: A Round Table format is best-placed for the type of cross-sector, collaborative session that we envisage. It will be optimal for establishing an atmosphere that ensures both participants and panellists can engage in fruitful discussion, and that they can do so on equal footing through a seating arrangement conducive to multi-person dialogue. To allow time for in-depth discussion and also accommodate a constructive Q&A section to address the questions, feedback and thoughts of the audience, 90 minutes is the most suitable timeframe for the session.

    Policy Question(s)

    1. What are the barriers and cross-border challenges that hinder interoperability and effective coordination against evolving cyber threats to critical infrastructures and essential services? 2. How can public-private partnerships be optimised to address the challenges in safeguarding critical infrastructures and essential services? 3. What are the current industry best practices that can be elevated to strengthen cyber-resilience?

    What will participants gain from attending this session? Participants will gain a comprehensive understanding of the fundamental importance of protecting critical infrastructure in the digital age. They will grasp the interconnected nature of cyber risks and their potential impact on global stability and security. They will understand the multifaceted challenges and barriers involved in safeguarding critical infrastructure, and the ways to overcome them through tangible examples from experts from across governments and industry. Attendees will also learn about the challenges posed by divergent definitions and requirements for critical infrastructure protection, as well as the necessity of international collaboration and harmonized efforts. Ultimately, attendees will leave equipped with the knowledge and tools necessary to contribute effectively to the protection of critical infrastructures and the advancement of cybersecurity worldwide.

    Description:

    Digital transformation is now an intrinsic part of every country’s development, creating enormous opportunities and enabling everything from distance learning to economic advances in logistics, manufacturing, and agriculture, as well as societal advances such as improvements to health care, education and other public services. However, the rapidly expanding centrality of cyberspace in our everyday lives also increases its potential for risk. These vulnerabilities are even more worrisome in the case of critical infrastructures and essential services, which are crucial for the well-being of societies, for preserving the public order and security of nations. Ensuring trust in the digital economy requires the protection of the availability, integrity, confidentiality of these most essential infrastructures and services to ensure resilience. Furthermore, in an increasingly interconnected world, the significance of critical infrastructure protection extends across borders to a global scale. With shared dependencies and potential cross-border impacts, a breach in one region can impact another. Harmonised efforts to set a baseline to protect critical infrastructure are crucial for fostering international collaboration, resilience against emerging threats, and ensuring the stability of the interconnected systems that underpin the modern world globally. However, divergent global definitions of critical infrastructure and essential services, and contradictory requirements pose challenges for international cooperation, coordination to decrease cyber threats and the development of effective risk mitigating solutions. In this session experts from across stakeholder groups and regions will discuss how efforts can be aligned to set a baseline for the protection of the cybersecurity of critical infrastructures and foster international collaboration, resilience against emerging threats, and ensure the stability of the interconnected systems that underpin the modern world globally. Starting from the premise that cybersecurity is a shared responsibility, discussions will aim to bring recommendations on how all stakeholders could effectively work together to mitigate risks and curb cyber threats.

    Expected Outcomes

    The session will present an overview of substantive challenges and barriers to safeguarding critical infrastructure and essential services. Specific outputs will include a comprehensive report of best practices and interoperable policy recommendations that will enable a cyber-resilient sustainable future.

    Hybrid Format: Prior to the session: to ensure speakers and attendees get the most out of the session, regardless of their chosen way of participation, organizers will make use of the session’s page on the IGF website and social media channels to share preparatory material and kick-start a dialogue. A preparation call will be organised for all speakers, moderators and co-organisers so that everyone has the chance to meet and prepare for the session. During the session: the moderators are experienced in animating multistakeholder discussions and will complement each other in merging onsite and online speakers and attendees. Onsite participants will be encouraged to connect to the online platform to stay informed and engage with discussions in the chat. Following the session: moderators will encourage participants to make use of the IGF website and social media channels to share further comments and contribute to the session’s report.

    Key Takeaways (* deadline at the end of the session day)
    The interconnected digital space creates immense opportunities for the development, but is tied with increased risks in cyberspace, particularly in the protection of critical infrastructure and essential services.
    There is a need for harmonised global efforts to protect critical infrastructure, necessitating multistakeholder and international collaboration for effective risk mitigation.
    Cybersecurity is a shared responsibility, and there is a need for stakeholder alignment to enhance public-private partnerships and leverage industry best practices to strengthen cyber resilience.
    Call to Action (* deadline at the end of the session day)
    Establish a global baseline for protecting critical infrastructure through enhanced international collaboration, and shared definitions on critical infrastructure and essential services.
    A cooperative and coordinated multistakeholder approach is the best means to exchange best practices, optimise public-private partnerships, build a baseline cybersecurity standards, that mitigate cyber threats effectively.