You are here

BPF Cybersecurity



Best Practice Forum Cybersecurity

exploring best practices in relation to international cybersecurity initiatives


The three BPF workstreams finalized their workplans and kicked-off in small teams. 

If you're interested in joining one of the teams, please contact the BPF coordinating team.


Workstream 1:  Identify new agreements and recent developments since last year

Work stream 1 focuses on identifying new agreements that appeared since last year. We intend to review only on those agreements that are strictly norms-focused (so to not look into instruments of hard law). Specifically interesting would be to identify any new norms related to healthcare cybersecurity, given COVID-19.

  • Reviewing new agreements and perform last year’s mapping exercise on both the new agreements and to capture any new developments in relation to agreements reviewed last year;
  • Identify a core set of agreements we want to retain for a more detailed review;
  • Develop a targeted Call for Contributions to gain further input on these selected agreements;
  • Initiate the Call for Contributions and process results;
  • Update last year’s research paper with new learnings about implementation regarding these core agreements.

WS1 update (22 July 2020) : link 


Workstream 2:  Understanding and documenting methods of norms assessment

This work stream focuses on understanding the role of assessment in norms setting and how assessment contributes to whether they are truly adhered to. In addition, we’ll take a look at other disciplines outside of cyber, and see how we can learn from normative principles as governance in other contexts.

Specifically interesting would be to identify any assessment related to healthcare cyber norms, given COVID-19: for instance, states calling out malicious cyber behavior affecting healthcare, indicating a norm may be present.

  • Identify forms of norms assessment which already exist in cyber, for instance by looking at publications and statements by states and non-state actors around adherence to a norm.
  • Identify methods of norms assessment in other disciplines;
  • Evaluate how these may apply to the principles we deal with in cyberspace.


Workstream 3:  Outreach to widen participation in the BPF

We’ve identified for a few years now that we need wider participation, and given the growth of interest in the BPF, this is a good year to dedicate some effort to outreach and engagement - specifically focused on government and private sector, which have historically been underrepresented in our group.

  • Identify potential new participants in government, private sector and other stakeholder groups.
  • Have a special focus on identifying participants from the youth constituency;
  • Reach out to these potential participants and motivate them to contribute to the BPF.



Participation in the work of the BPF Cybersecurity is free and open to all interested. Participants are expected to respect the IGF Code of Conduct .

Subscribe to this BPF mailing list:

For general inquiries on the BPF Cybersecurity please contact [email protected] .


BPF Coordinating team

  • Ben Wallis, MAG BPF Facilitator
  • Markus Kummer, BPF Co-facilitator
  • Maarten Van Horenbeeck, BPF Lead expert
  • John Hering, Lead Workstream 1
  • Mallory Knodel, Lead Workstream 2
  • Sheetal Kumar, Lead Workstream 3
  • Wim Degezelle, Consultant IGF Secretariat

contact [email protected]


BPF Activities 



معلومات الاتصال

United Nations
Secretariat of the Internet Governance Forum (IGF)

Villa Le Bocage
Palais des Nations,
CH-1211 Geneva 10

igf [at] un [dot] org
+41 (0) 229 173 678