Call for public input, July 2022
We are currently researching the growing gap between the skills of young people graduating from tertiary studies and the expectations of employers in the tech and cybersecurity industry, and we're interested in hearing your views. We kindly invite you to fill out our survey in English, French or Polish. The deadline is 15 August.
The survey has been developed by the IGF's Internet Standards, Security and Safety Coalition (IS3C). It aims to establish where the gaps are and possible solutions, as well as to find out more about current good practice in this area around the world. To do this we need your views, knowledge and expertise.
We hope you can assist us in getting a clear picture of the current playing field by filling in this questionnaire. An analysis of results will be made available at www.is3coalition.org in September 2022, in the lead up to a series of workshops bringing together academia and industry.
If you know colleagues interested in this topic, then please share this survey with them.
Janice Richardson, Chair of WG2 of the IS3C
Wout de Natris , IS3C Cordinator
https://forms.gle/5cgeRjz29r1ZKTWE8 - Polish version
https://forms.gle/BzGZmmT2iJqkLRat8 - French version
https://forms.gle/Dna6nSeiKMFY11cP9 - English version
Motto: Making the Internet more secure and safer
At the IGF in Katowice, the Dynamic Coalition on Internet Standards, Security and Safety announced its name change into Internet Standards, Security and Safety Coalition (IS3C). It remains an IGF Dynamic Coalition that brings together key stakeholders from the technical community, civil society, government policymakers, regulators, and corporate and individual adopters, with the shared goal of making online activity and interaction more secure and safer by achieving more widespread and rapid deployment of existing Internet standards and ICT best practices.
Internet and ICT security is an issue that is high on the agenda of governments, industry and individuals alike. The COVID-19 pandemic has brought into sharp focus the rapid increase in society’s dependency on the Internet, communications technologies and networks, the interconnectivity of devices, and the vast array of online services, networks and applications that permeate all social and economic sectors, and on which every aspect of daily life, including our health and financial welfare, increasingly rely.
It is also widely recognised that many Internet-related products and services are increasingly vulnerable to security threats and the spread of online harms and criminal misuse. However, if relevant security-related standards and best practices are more effectively adopted and deployed worldwide, these risk can be reduced significantly. This will foster greater trust in the Internet and its related digital technologies and applications and the positive social and economic benefits of these transformative technologies for sustainable development will be fully realised for communities worldwide.
The IS3C aims to ensure that standards and best practices play their full role in addressing these cybersecurity challenges through establishing the conditions for their wider, more effective and more rapid adoption by key decision-takers throughout the standards implementation chain in both the public and private sectors.
This can be achieved only if there is a shared commitment by stakeholders worldwide in a new comprehensive and strategic approach.
The IS3C has established a work programme that i) brings the critical security supply and demand factors together; and ii) proposes the best options for the deployment of key standards and best practices on both sides, in the form of policy recommendations and practical guidance. These outcomes will be presented as IGF policy recommendations for dissemination to policymakers and decision-takers worldwide.
Establishment of IS3C working groups in the first phase of its workplan.
Following the launch of the Dynamic Coalition on Internet Standards, Security and Safety at the IGF in 2020, three working groups were established.
Working Group 1: Security by design
The IS3C membership agreed that promoting security by design should be a key objective for the coalition and it was decided to focus in the first phase of its work on security by design of the Internet of Things (IoT). Other security by design topics would be selected following the conclusion of the working group’s proposals relating to IoT.
Research has confirmed that there is a large gap between the theory of security and the daily practice of IoT security. The working group is focussed on identifying the solutions needed to close this gap. The first results will be reviewed and published after the 2021 IGF in an open process of consultation with stakeholders worldwide.
Working Group 2: Education and skills
A major factor undermining the development of a common culture of cybersecurity is that students graduating from tertiary ICT-related educational programmes often lack the skills that business and society as a whole need in order to understand the benefits of security-related Internet standards and ICT best practices. In order for ICT security to be better understood, it has to be integrated into tertiary ICT educational curricula, at all levels. This may result in the structural development of ICT(-related) products and services that include cyber security Internet standards and ICT best practices. The coalition’s Working Group 2 has therefore the following goals:
- To detect and resolve cyber security skill gaps in tertiary ICT education curricula;
- To encourage tertiary educational institutions to include in their ICT curricula the essential skills, knowledge and understanding of security- related Internet standards and ICT best practices, building on current best practices, in order to bring tertiary education in line with emerging workforce requirements;
- To strengthen collaboration between educational decision-takers and policy makers in governments and industry in order to align tertiary ICT curricula with the requirements of our cyber future;
- To ensure effective collaboration between key stakeholders in order to keep tertiary ICT educational materials in step with new technologies and standards and prevent new skills gaps from developing.
WG 2 Mission Statement | June 2021
Working Group 3: Procurement and supply chain management and the business case
The focus of the third IS3C working group is the opportunity to promote the business case for cybersecurity through the inclusion of security-related technical standards in public sector procurement contracts and in supply chain management practice in the private sector. Research has shown that this would be a major driver for the adoption and implementation of security-related standards. Organisations , governments, industry and business users generally can demand secure by design ICT-related products and services by stipulating requirements in their contracts for specific standards and adherence to current best practices.
WG 3 Mission Statement | June 2021
The next phase of IS3C in 2022
The three IS3C working groups are currently defining research proposals that will be published on the IS3C website and it is expected that the research programmes will conclude in early 2022.
The timeline for the next phase of the coalition’s work is as follows:
- Submission of IS3C report to the UN IGF in Katowice with inputs from the three Working Groups, including progress report and initial draft recommendations for consultation.
- Discussion of proposed outcomes during the IS3C session at the UN IGF in Katowice. Conclusions and next steps included in the summary of UN IGF outcomes and disseminated to all national and regional IGFs, relevant institutions, IGPs and NGOs. The IGF session will also review the working group structure in line with agreement of the workplan’s next steps in 2022.
- Progress report provided at open consultation meeting of IGF’s Multi-stakeholder Advisory Group.
- Finalisation of implementation and deployment strategies in consultation with key stakeholders including government administrations, parliamentarians and private sector decision-takers.
- Progress Report submitted to open consultation meeting of IGF’s Multi-stakeholder Advisory Group.
- IS3C members meet to take decision on whether to undertake a further phase of follow-up work in 2022-23 or to dissolve the coalition after the 2022 IGF.
- IS3C submits its second report to the IGF in Addis Ababa.
- Progress or final report provided at open consultation meeting of IGF’s Multi-stakeholder Advisory Group.
Potential future Working Groups
It is possible to establish new IS3C working groups on the additional issues (new or mentioned below) relating to the adoption of security-related standards following stakeholder consultations during and following IGF 2021 in Katowice. Those interested in constituting a new working group can contact the IS3C’s leadership.
Identified policy issues for the Dynamic Coalition
The following topics have been identified for research at the start of the IS3C but have not been taken up.
- Assessing the value of involving non-technical stakeholders in standards development and accreditation processes through i) extending invitations to participate; ii) establishing a liaison system; and iii) providing explanations in non-technical language of why the urgent deployment of finalised and agreed standards is necessary and beneficial.
- Assessing the importance of consumer protection testing.
- Assessing the need for a fair system of faming, naming and shaming.
- Assessing the value of global testing of ICT products and services and a vulnerability reporting modus to ensure their security and safety.
Mailing list address: firstname.lastname@example.org
Subscribe to the mailing list: http://intgovforum.org/mailman/listinfo/dc-isss_intgovforum.org
- Yuri Kargapolov | Ukraine. Academia/private sector
- Sávyo Vinicius de Morais | Brazil. Academia/technical community
- Raymond Mamattah | Ghana. Education/civil society
- Janice Richardson | Australia. Education/private sector
- Mallory Knodel | United States. Civil society
- Annual Report 2021 (January 2022)
- DC-ISSS governance document (April 2021)
- Annual Report 2020
- The final report of the IGF’s Pilot Project in 2018-19 entitled Setting the standard for a more secure and trustworthy Internet explained the reasons for the slow and limited deployment of these standards, and identified the key decision-takers in society that as points of pressure would be able to accelerate the processes of deployment globally.
The Report presented a range of recommendations and solutions that on the demand side would ensure that the right decisions are taken within large organisations relating to the deployment of these standards. On the supply side, the Report recommended leaders in the ICT and Internet industry should integrate security-enhancing standards and best practice in their products and services.
Wout de Natris – denatrisconsult[at]hotmail.nl
Mark Carvell – markhbcarvell[at]gmail.com