[Bp_cybersec_2016] Proposal for the cybersecurity BPF goal and topic

[Jerome Athias]

Hi

I think that it is a good direction to take while cybersecurity is
borderless
A good example I've seen over the past few years is Cyber Threat
Intelligence sharing, with OASIS CTI TC. It involves big players from both
public and private sectors, and various industry sectors, and big vendors,
and exchanges and integrates feedbacks and requirements regarding laws and
regulations from various continents

On Tuesday, 21 June 2016, Maarten Van Horenbeeck <maarten at first.org> wrote:

> Hi everyone,
>
> Earlier this week, at the FIRST conference in Seoul, some of us had a
> discussion around opportunities for focus in this BPF. We wanted to propose
> a way forward of getting this BPF to contribute most to the wider
> multi-stakeholder community.
>
> Reviewing the outcomes of the spam and CSIRT Best Practices Forums over
> the last two years, we believe the cybersecurity BPF would most benefit
> from addressing cooperation between stakeholder groups as a topic.
>
> One of the lessons we learned during our work on the BPF on “Computer
> Security Incident Response Teams” was that it attracted a fairly narrow
> audience, mostly engineers working on technical issues. While CSIRT teams
> in most cases find agreement within their community, there were significant
> communication issues when engaging with other stakeholder groups, in
> particular policy makers, civil society, but also law enforcement and even
> industry.
>
> During the BPF, we managed to gain consensus on what makes the community
> more effective at communicating.
>
> We believe that the community would benefit from having a
> multi-stakeholder discussion, including each of the major IGF stakeholder
> groups, on how to engage and communicate with each other on cyber security
> issues. This would support the Internet Governance Principles laid out at
> the NETmundial Statement, that recognize that "Effectiveness in addressing
> risks and threats to security and stability of the Internet depends on
> strong cooperation among different stakeholders".
>
> More concretely, this process would consist of:
>
>    - Defining the typical roles and responsibilities of each of the
>    stakeholder groups in making the internet a secure and safe place for
>    people to socialize and conduct business;
>
>
>    - Identifying the typical communication mechanisms between stakeholder
>    groups to discuss cybersecurity related concerns;
>
>
>    - Collecting a set of successful case studies on existing
>    communication between stakeholder groups that has helped improve
>    cybersecurity.
>
>
> In order to be effective, we will need to recruit an appropriate number of
> representatives from each stakeholder group that have an interest in
> participating. During the CSIRT BPF, we had significant success reaching
> out 1:1 to stakeholders, and inviting them to participate in our meeting in
> Brazil. We’d propose a similar step to gain acceptance.
>
> Today, the word “cybersecurity” is often loaded with context, and many
> organizations associate it with government decision making, or commercial
> security solutions. Within the IGF, we have an opportunity to redefine
> cybersecurity as a common goal between all stakeholders, and getting to a
> good definition of what cooperation should look like.
>
> The final product paper could, just as the BPF on CSIRT did, help to
> inform each of the constituencies on the roles of other stakeholders, and
> identify appropriate methods of communicating and discussing difficult
> security issues.
>
> We're happy to discuss this proposal further during the next call.
>
> Best regards,
>
> Andrew Cormack,
> *Jisc*Adli Wahid, *FIRST*
> Cristine Hoepers, *CERT.br/NIC.br*
> Peter Cassidy, *Anti-Phishing Working Group (APWG)*
> Maarten Van Horenbeeck, *FIRST*
> Serge Droz, *FIRST*
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://intgovforum.org/pipermail/bp_cybersec_2016_intgovforum.org/attachments/20160621/7b9666c8/attachment.htm>