[Bp_cybersec_2016] Proposal for the cybersecurity BPF goal and topic

Ilishebo Michael ilishebo at gmail.com
Tue Jun 21 02:31:16 EDT 2016 

Maarten,

Well elaborated and I hope we go for this suggested route...



*Michael L. Ilishebo,*


*Kitwe, Zambia*

*Mobile Contacts:*




*+260965361255+260977361255+260955361255*

*Social Media Handles*

*Twitter: @ilishebo*

*Skype: michael.ilishebo*




*"walk a mile,for a while,with a smile"*

On Tue, Jun 21, 2016 at 3:04 AM, Maarten Van Horenbeeck <maarten at first.org>
wrote:

> Hi everyone,
>
> Earlier this week, at the FIRST conference in Seoul, some of us had a
> discussion around opportunities for focus in this BPF. We wanted to propose
> a way forward of getting this BPF to contribute most to the wider
> multi-stakeholder community.
>
> Reviewing the outcomes of the spam and CSIRT Best Practices Forums over
> the last two years, we believe the cybersecurity BPF would most benefit
> from addressing cooperation between stakeholder groups as a topic.
>
> One of the lessons we learned during our work on the BPF on “Computer
> Security Incident Response Teams” was that it attracted a fairly narrow
> audience, mostly engineers working on technical issues. While CSIRT teams
> in most cases find agreement within their community, there were significant
> communication issues when engaging with other stakeholder groups, in
> particular policy makers, civil society, but also law enforcement and even
> industry.
>
> During the BPF, we managed to gain consensus on what makes the community
> more effective at communicating.
>
> We believe that the community would benefit from having a
> multi-stakeholder discussion, including each of the major IGF stakeholder
> groups, on how to engage and communicate with each other on cyber security
> issues. This would support the Internet Governance Principles laid out at
> the NETmundial Statement, that recognize that "Effectiveness in addressing
> risks and threats to security and stability of the Internet depends on
> strong cooperation among different stakeholders".
>
> More concretely, this process would consist of:
>
>    - Defining the typical roles and responsibilities of each of the
>    stakeholder groups in making the internet a secure and safe place for
>    people to socialize and conduct business;
>
>
>    - Identifying the typical communication mechanisms between stakeholder
>    groups to discuss cybersecurity related concerns;
>
>
>    - Collecting a set of successful case studies on existing
>    communication between stakeholder groups that has helped improve
>    cybersecurity.
>
>
> In order to be effective, we will need to recruit an appropriate number of
> representatives from each stakeholder group that have an interest in
> participating. During the CSIRT BPF, we had significant success reaching
> out 1:1 to stakeholders, and inviting them to participate in our meeting in
> Brazil. We’d propose a similar step to gain acceptance.
>
> Today, the word “cybersecurity” is often loaded with context, and many
> organizations associate it with government decision making, or commercial
> security solutions. Within the IGF, we have an opportunity to redefine
> cybersecurity as a common goal between all stakeholders, and getting to a
> good definition of what cooperation should look like.
>
> The final product paper could, just as the BPF on CSIRT did, help to
> inform each of the constituencies on the roles of other stakeholders, and
> identify appropriate methods of communicating and discussing difficult
> security issues.
>
> We're happy to discuss this proposal further during the next call.
>
> Best regards,
>
> Andrew Cormack,
> *Jisc*Adli Wahid, *FIRST*
> Cristine Hoepers, *CERT.br/NIC.br*
> Peter Cassidy, *Anti-Phishing Working Group (APWG)*
> Maarten Van Horenbeeck, *FIRST*
> Serge Droz, *FIRST*
>
> _______________________________________________
> Bp_cybersec_2016 mailing list
> Bp_cybersec_2016 at intgovforum.org
> http://intgovforum.org/mailman/listinfo/bp_cybersec_2016_intgovforum.org
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://intgovforum.org/pipermail/bp_cybersec_2016_intgovforum.org/attachments/20160621/d46da48b/attachment.htm>

More information about the Bp_cybersec_2016 mailing list