[Bpf-cybersecurity] BPF Cybersecurity meeting
Ben Wallis (CELA)
bewallis at microsoft.com
Mon Feb 24 13:43:58 EST 2020
Dear BPF Cybersecurity
Thanks to those who participated in the meeting last Wednesday and also for ideas and suggestions that have been sent to Maarten and to the list since then.
A report of the meeting has been uploaded to the BPF webpage - https://www.intgovforum.org/multilingual/filedepot_download/4904/1995. There is also a recording of the meeting here - https://intgovforum.zoom.us/rec/play/tZ0uc7r7_T83G4GdsASDAKN_W42_Jvqs0CZL-aBenRrmUXAHZwX3N7cXZuTik-S0FfnSbzn4QlW33bWf?continueMode=true.
As next steps, our lead expert Maarten van Horenbeeck will circulate by the start of next week a detailed written proposal for how to organize the work in 2020. It will take into account ideas made at the meeting and via the list since the meeting, and will be open to comments.
Ben
From: Ben Wallis (CELA) <bewallis at microsoft.com>
Sent: Tuesday, February 18, 2020 7:15 AM
To: bpf-cybersecurity at intgovforum.org
Cc: Wai Min Kwok <kwok at un.org>
Subject: Re: [Bpf-cybersecurity] BPF Cybersecurity meeting
Dear BPF Cybersecurity
As per my email below, we are holding the first BPF Cybersecurity call of the year tomorrow, Wednesday 19th February, at 16:00 UTC (details below and attached).
The majority of the meeting will be devoted to discussing the scoping out of the work in 2020, and I have added some details to item 3 of the agenda below. You will also have seen the separate email that Maarten just sent to the list with some thoughts to offer ahead of the discussion.
Before that item, we will have a brief update on the UN processes, and are happy to have Wai Min Kwok, from the UN Department for Economic and Social Affairs (DESA). DESA is the UN agency which oversees the IGF, and Wai Min presented the 2019 work of IGF on cybersecurity, including the BPF 2019 report, at last week’s UN OEWG meeting. Here is the statement that was presented (https://www.intgovforum.org/multilingual/filedepot_download/8395/1978<https://nam06.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.intgovforum.org%2Fmultilingual%2Ffiledepot_download%2F8395%2F1978&data=02%7C01%7Cbewallis%40microsoft.com%7Cded1a404c29941578de708d7b4855038%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C637176358136322053&sdata=ZZbIWIzLm9pwFy4iDi4gfhO7mMiP4VeOh5wBBCdykrw%3D&reserved=0>), along with the Informal Paper provided to the OEWG (https://unoda-web.s3.amazonaws.com/wp-content/uploads/2020/02/igf-cybersecurity-oewg-feb2020.pdf<https://nam06.safelinks.protection.outlook.com/?url=https%3A%2F%2Funoda-web.s3.amazonaws.com%2Fwp-content%2Fuploads%2F2020%2F02%2Figf-cybersecurity-oewg-feb2020.pdf&data=02%7C01%7Cbewallis%40microsoft.com%7Cded1a404c29941578de708d7b4855038%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C637176358136322053&sdata=FcgoWaJmE68l%2B4qi%2BXk8lyeEqbZye77550MZviSnZ0o%3D&reserved=0>).
Agenda
1) Introduction
2) Update and discussion on UN initiatives (OEWG, GGE) (Wai Min Kwok, UN Department for Economic and Social Affairs)
3) BPF 2020 - Exploring best practices in relation to recent international cybersecurity initiatives (Maarten van Horenbeeck, lead expert)
- Selection of an additional set of agreements
- Norms assessment
- Discuss and identify differences in norms-making processes
Ben
From: Ben Wallis (CELA) <bewallis at microsoft.com<mailto:bewallis at microsoft.com>>
Sent: Monday, February 10, 2020 11:30 AM
To: bpf-cybersecurity at intgovforum.org<mailto:bpf-cybersecurity at intgovforum.org>
Subject: [Bpf-cybersecurity] BPF Cybersecurity meeting
Dear BPF Cybersecurity
As announced below, the attached proposal for a Best Practices Forum on Cybersecurity was approved by the IGF’s Multistakeholder Advisory Group (MAG) and we can now begin work. I am therefore writing to announce that the first meeting will take place at 16:00 UTC on Wednesday 19th February. A calendar invitation is attached and the meeting details are also pasted at the end of this message.
The first meeting (agenda below) will be dedicated to introducing the approved proposal for the 2020 BPF Cybersecurity, and discussion how we should scope out and organize the work (item 3). We will also touch briefly on the UN initiatives (item 2).
If you are not able to attend the virtual meeting, you are welcome to send me written comments by COB Monday 17th February, about how we should scope out and organize the work set out in the attached proposal which was approved. I will collate any comments received and circulate them on Tuesday 18th February ahead of the meeting.
Kind regards
Ben
Agenda
1) Introduction
2) Update and discussion on UN initiatives (OEWG, GGE) (Wim Degezelle, BPF consultant and (Maarten van Horenbeeck, lead expert)
3) BPF 2020 - Exploring best practices in relation to recent international cybersecurity initiatives (Maarten van Horenbeeck, lead expert)
***
Best Practice Forums is inviting you to a scheduled Zoom meeting.
Topic: BPF Cyber Meeting 1 2020
Time: Feb 19, 2020 04:00 PM Universal Time UTC
Join Zoom Meeting - https://intgovforum.zoom.us/j/783659268<https://nam06.safelinks.protection.outlook.com/?url=https%3A%2F%2Fintgovforum.zoom.us%2Fj%2F783659268&data=02%7C01%7Cbewallis%40microsoft.com%7Cded1a404c29941578de708d7b4855038%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C637176358136332047&sdata=5UuBH5%2Bs60GNKWCpJm6EtmnWNKzIyUbhjMOkwzW2EHU%3D&reserved=0>
Meeting ID: 783 659 268
One tap mobile
+16699006833,,783659268# US (San Jose)
+19292056099,,783659268# US (New York)
Dial by your location
Find your local number: https://intgovforum.zoom.us/u/aTXcOFYNY<https://nam06.safelinks.protection.outlook.com/?url=https%3A%2F%2Fintgovforum.zoom.us%2Fu%2FaTXcOFYNY&data=02%7C01%7Cbewallis%40microsoft.com%7Cded1a404c29941578de708d7b4855038%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C637176358136332047&sdata=zyp8Cg8kxb0mvXGEi0Zj4DV%2FRzgqZBNB8WJ3gzzwxgA%3D&reserved=0>
+1 669 900 6833 US (San Jose)
+1 929 205 6099 US (New York)
+44 131 460 1196 United Kingdom
+44 203 051 2874 United Kingdom
+44 203 481 5237 United Kingdom
+90 216 900 1866 Turkey
+90 216 900 2606 Turkey
+41 31 528 09 88 Switzerland
+41 43 210 70 42 Switzerland
+46 8 4468 2488 Sweden
+46 850 539 728 Sweden
+34 84 368 5025 Spain
+34 917 873 431 Spain
+82 2 6022 2322 Korea, Republic of
+82 2 6105 4111 Korea, Republic of
+27 87 551 7702 South Africa
+386 1600 3102 Slovenia
+386 1888 8788 Slovenia
+421 233 056 888 Slovakia
+421 233 418 515 Slovakia
+65 3158 7288 Singapore
+65 3165 1065 Singapore
+7 495 283 9788 Russian Federation
+7 812 426 8988 Russian Federation
+40 31 630 1088 Romania
+40 37 170 0418 Romania
+351 308 804 188 Portugal
+351 308 810 988 Portugal
+48 22 307 3488 Poland
+48 22 398 7356 Poland
+51 1 707 5788 Peru
+51 1 730 6777 Peru
+507 833 9588 Panama
+47 2396 0588 Norway
+47 7349 4877 Norway
+64 4 886 0026 New Zealand
+64 9 884 6780 New Zealand
+31 20 241 0288 Netherlands
+31 20 794 0854 Netherlands
+52 229 910 0061 Mexico
+52 554 161 4288 Mexico
+356 2776 1777 Malta
+356 2778 1288 Malta
+60 3 3099 2229 Malaysia
+60 3 9212 1727 Malaysia
+352 2786 1188 Luxembourg
+352 2786 4277 Luxembourg
+370 3799 9260 Lithuania
+370 5214 1488 Lithuania
+371 6303 1808 Latvia
+371 6303 1888 Latvia
+81 3 4578 1488 Japan
+81 524 564 439 Japan
+39 020 066 7245 Italy
+39 069 480 6488 Italy
+972 3 978 6688 Israel
+972 55 330 1762 Israel
+353 1 653 3895 Ireland
+353 6 163 9031 Ireland
+36 1 408 8456 Hungary
+36 1 701 0488 Hungary
+30 211 198 4488 Greece
+30 231 118 0599 Greece
+49 30 5679 5800 Germany
+49 69 7104 9922 Germany
+995 3224 73988 Georgia
+995 7067 77954 Georgia
+33 1 7037 9729 France
+33 7 5678 4048 France
+358 3 4109 2129 Finland
+358 9 4245 1488 Finland
+372 660 1699 Estonia
+372 880 1188 Estonia
+503 2113 9088 El Salvador
+503 2136 6444 El Salvador
+1 829 947 9220 Dominican Republic
+1 829 956 2188 Dominican Republic
+45 32 71 31 57 Denmark
+45 89 88 37 88 Denmark
+420 2 2888 2388 Czechia
+420 5 3889 0161 Czechia
+357 2 200 0888 Cyprus
+357 2 505 4777 Cyprus
+385 1300 0988 Croatia
+385 1777 6333 Croatia
+57 1 508 7702 Colombia
+57 2 620 7388 Colombia
+56 23 210 9066 Chile
+56 41 256 0288 Chile
+1 647 558 0588 Canada
+359 2 492 5688 Bulgaria
+359 3 257 1633 Bulgaria
+55 11 4680 6788 Brazil
+55 21 3958 7888 Brazil
+32 2 290 9360 Belgium
+32 2 588 4188 Belgium
+973 1619 7601 Bahrain
+973 1619 8488 Bahrain
+43 670 309 0165 Austria
+43 72 011 5988 Austria
+61 2 8015 6011 Australia
+61 8 7150 1149 Australia
+54 112 040 0447 Argentina
+54 341 512 2188 Argentina
+54 343 414 5986 Argentina
Meeting ID: 783 659 268
From: Ben Wallis (CELA)
Sent: Thursday, January 16, 2020 9:30 AM
To: bpf-cybersecurity at intgovforum.org<mailto:bpf-cybersecurity at intgovforum.org>
Subject: RE: [Bpf-cybersecurity] BPF Cybersecurity 2020 proposal
Dear BPF Cybersecurity
I am happy to report that the Multistakeholder Advisory Group (MAG) approved the continuation of BPF on Cybersecurity (and of the other three existing BPFs) at its meeting this week.
I will therefore consult with my co-facilitator, Markus, and the BPF lead expert, Maarten, on next steps to enable us to kick off the work of BPF Cybersecurity 2020 in the coming weeks. Stand by for more information!
It is also important to be aware that the MAG expressed a concern with regards to the BPFs generally (including, but not specifically about, the BPF on Cybersecurity). There is concern about a possible assumption that BPFs should and would just continue to exist indefinitely.
The MAG will address this concern by establishing a working group to review the process for proposing and approving BPFs.
The group will be facilitated by Markus Kummer and will report back by the end of the year with recommendations that can inform the MAG Chair and the MAG about how to approach a call for BPFs in 2021. This could include the criteria by which the MAG can decide how to select the topics which should be the subject of BPFs.
The exercise will generally consider how the BPF ecosystem works, including a review of the process and the format of proposals in future years. It will also look into ideas which came out of the MAG discussion that BPFs need to be time-bound, and should have clear objectives, annual targets and a final output objective. It was also suggested that BPFs could request a multiyear mandate as long as they have annual targets and outputs. BPFs could also be asked to provide ideas for how the work could progress beyond the BPF at the end of its mandate, including whether it might evolve into something else, like a Dynamic Coalition or some other kind of multiyear intersessional workstream.
I will share the recommendations of this working group when it reports at the end of the year. The recommendations will of course have a bearing on whether / how any proposal for a BPF Cybersecurity is drafted, but for now we are obviously just focused on kicking off the work just approved for 2020 and making that a success.
Kind regards
Ben
Ben Wallis
Regulatory Policy Analyst
Microsoft Corporation
Connectivity and Internet Governance
bewallis at microsoft.com<mailto:bewallis at microsoft.com>
T: [+1] 425-706-9254
[Description: cid:image002.png at 01CD8523.3C20E230]
From: Ben Wallis (CELA) <bewallis at microsoft.com<mailto:bewallis at microsoft.com>>
Sent: Wednesday, January 8, 2020 12:10 PM
To: bpf-cybersecurity at intgovforum.org<mailto:bpf-cybersecurity at intgovforum.org>
Subject: [Bpf-cybersecurity] BPF Cybersecurity 2020 proposal
Dear BPF Cybersecurity
The IGF Secretariat has asked that any proposals for Best Practice Forums in 2020 be sent to the Multistakeholder Advisory Group (MAG) this week, ahead of the MAG meeting next week, where a decision is planned on which BPFs to take forward this year.
Thanks to all those who responded to Maarten’s email below with thoughts about work for the BPF in 2020. These have been incorporated in the attached document, which I am sharing as a heads-up (rather than seeking comments) before I send it to the MAG tomorrow.
As you will see, the proposal is to continue looking at norms, including new ones launched after we decided what to analyse in 2019 (e.g. Contract for the Web) or being further worked on this year (e.g. OEWG, GGE). However, we recognise that the breadth of last year’s work limited the possibility to go into depth, so one of the evolutions this year would be to select a few sets of norms and look into them in greater detail.
The main additional development would be to create a workstream looking at how norms are assessed. As part of this, we would incorporate a multidisciplinary angle by bringing in experts from other strands of social science, where norms have been dominant forms of rulemaking, to see what learnings could be applied in the areas of cybersecurity.
I will circulate the proposal to the MAG later today, and present it in person at the MAG meeting next week (14-16 January). I will then report back to the BPF on any decisions made by, or feedback from, the MAG with regard to a potential BPF on Cybersecurity in 2020.
Ben
BPF Cybersecurity Co-Facilitator
From: Maarten Van Horenbeeck <maarten at first.org<mailto:maarten at first.org>>
Sent: Sunday, December 15, 2019 6:13 PM
To: bpf-cybersecurity at intgovforum.org<mailto:bpf-cybersecurity at intgovforum.org>
Subject: [EXTERNAL] [Bpf-cybersecurity] Potential topics should the BPF on Cybersecurity be renewed in 2020
Hi everyone,
When the 2020 Multistakeholder Advisory Group (MAG) meets for the first time in mid-January, we expect a discussion will take place about which Best Practice Forums should be approved for 2020, and the specific topics they should cover.
Together with Markus and Ben, I wanted to get some initial conversation going on what the BPF could most contribute in 2020.
One potential direction which some people raised in personal discussion in Berlin, was to continue down the path we are on - with the OEWG and the UNGGE both meeting in 2020; and with new agreements such as the "Contract for the Web" having been launched just in November, the topic of norms implementation is bound to continue to be of interest. We could continue to monitor these changes, and update our learnings to bring more people along.
A second topic, as raised by Mallory in our last call in a slightly different context, is to take a closer look at norms assessment. As one of the key findings in our report this year, civil society has taken a leading role here, but there are other initiatives that assess whether norms are being adhered to, are being violated, or are being contested. Perhaps taking a closer look at these spaces from a multi-stakeholder perspective can add a fair amount of value.
Before we start working on a proposal, I wanted to ask you all for your thoughts, as BPF participants, on areas where you think we can add value - or which ones do not. Please feel free to reply to this thread or reach out directly.
Thanks in advance for sharing your thoughts; and for the great engagement this year.
Best regards,
Maarten
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://intgovforum.org/pipermail/bpf-cybersecurity_intgovforum.org/attachments/20200224/c3b250a9/attachment.htm>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image001.png
Type: image/png
Size: 2314 bytes
Desc: image001.png
URL: <http://intgovforum.org/pipermail/bpf-cybersecurity_intgovforum.org/attachments/20200224/c3b250a9/attachment.png>
More information about the Bpf-cybersecurity
mailing list