Hi everyone,
This Thursday in Guadalajara, the Internet Governance Forum (IGF) will
conduct a meeting of the Best Practices Forum on cybersecurity, which
has been documenting issues in multistakeholder cooperation on
cybersecurity.
A draft outcome document is published for public comment here:
https://www.intgovforum.org/review/2016-igf-best-practice-forums-bpfs-draft-outputs-as-of-2-november/2016-igf-bpf-cybersecurity-draft-output-version-1/
The deadline for input is this Thursday, December 8th. This year, there
was more input from civil society than during the previous iterations.
However, I wanted to post it to liberationtech to broaden awareness, as
a lot of great comments came from list participants last year. If you
plan to comment but have limited time, the following outcome statements
under "Part 3: dialogue/contributions and recommendations for way
forward" are most worthwhile to review:
* The involvement of government, private sector, civil society and
other stakeholders in handling cybersecurity was stressed as fundamental
in terms of sharing best practices, sharing results of critical
assessments and identifying globally accepted standards of
cybersecurity. All stakeholders must understand, respect and trust each
other's expertise and competences.
* It was emphasized that to many today, the word "cybersecurity" is
often loaded with context, and many organizations associate it with
government decision making, or commercial security solutions. Within the
IGF, it was said, there is an opportunity to redefine cybersecurity as a
common goal between all stakeholders, and to work towards finding a
common understanding about what productive cooperation and collaboration
might look like.
* It was said that the term "cybersecurity" can mean very different
things to different stakeholders depending upon the context in which
it's being used. (national security; public security; enterprise
security; incidence response; personal security; protection against
large scale data breaches and cyber crime/online crime; uncertainties
about how our data is being used; surveillance and other online threats,
etc.)
* There was broad agreement that the roles and responsibilities of
stakeholders are evolving in making the Internet a secure and safe place
for people to socialize and conduct business. It is clear that security
is no longer just the purview of governments and that it is increasingly
a multistakeholder imperative.
* Evolving understandings of cybersecurity make efforts to ensure the
Internet is a secure and safe place an important focus of policy that
requires input from multiple stakeholders. Starting from a dominant
technical perspective of cybersecurity and focusing on protecting
information infrastructure, debates around cybersecurity have rapidly
broadened, bringing in many issues from cybercrime to secure access
policies to data ethics and human rights under its banner.
* There was general consensus within the BPF around the notion that
cybersecurity initiatives should be built on democratic,
multistakeholder processes, ensuring the meaningful and accountable
participation of all stakeholders, including governments, the private
sector, civil society, the technical community, the academic community
and users.
* It's imperative to promote more robust, effective and timely
information-sharing, cooperation and coordination among cybersecurity
stakeholders at the national, regional and international levels.
Cooperation and collaboration is key in cybersecurity, not only to avoid
duplicate work and analysis, but also in respect to less mature
entities, being able to profit from the experience and expertise of
others and as such develop faster thereafter.
* Within the CSIRT community, automating information exchange where
possible, and ensuring CSIRT's ability to process information at an
increasing pace is extremely important. CSIRT's can often be resource
constrained in terms of qualified analysts, and allowing them to focus
on harder problems that require expert review is critical. However, it
is important to clarify that prior to any automated exchange taking
place, it is crucial for stakeholders to set expectations around how the
data will be used. Sharing indicators may not be helpful if they are not
used correctly, or are used for different purposes than intended. While
there are typically many technical means of addressing a security
incident, it is most important that goals are aligned and expectations
are clearly set.
* For CSIRTs to effectively work with each other, or other peers within
the community, trust is a crucial requirement. Trust is typically not
established through legal agreements, but through a history of working
with each other. Developing trust is easiest when the objectives of both
organizations align. When both organizations have as goal to remediate
the incident and restore operations, they both see value in the
information exchange.
* _There is a need for more civil society involvement in cybersecurity
debates in all countries, and in particular in developing countries.
Furthermore and in parallel with increased participation, more
opportunities for education and awareness raising among civil society
groups on issues of cybersecurity should be supported. For cybersecurity
cooperation and collaboration to be enhanced globally - and particularly
in global south countries - the first step is to create a level playing
field in terms of knowledge, skills and capacity for engagement._
Thanks in advance, and feel free to reach out to me should you have any
questions.
Cheers,
Maarten--
Liberationtech is public & archives are searchable on Google. Violations of
list guidelines will get you moderated:
https://mailman.stanford.edu/mailman/listinfo/liberationtech. Unsubscribe,
change to digest, or change password by emailing moderator at
compa...@stanford.edu.
