IGF 2018 WS #381 Global Approaches to IoT Security

Subtheme(s): 

Organizer 1: Government, African Group
Organizer 2: Technical Community, African Group
Organizer 3: Government, African Group

Speaker 1: Souleymane DIALLO, Government, African Group
Speaker 2: Constance Bommelaer, Technical Community, Western European and Others Group (WEOG)
Speaker 3: Alpha Abdoulaye THIAM, Government, African Group

As we move towards a world of smart homes and cities, we’ll face a growing set of challenges. Projections for the impact of the Internet of Things (IoT) on the Internet and the global economy are impressive, forecasting explosive growth in the number of IoT devices and their use in a wide variety of new and exciting applications. However, while these devices may offer huge benefits to our lives and economies, users must be able to trust that their privacy and security are protected when interacting with the IoT.

Poorly secured IoT devices and services can serve as entry points for cyberattacks, compromising sensitive data and threatening the safety of individual users. Attacks on infrastructure and other users, fueled by networks of poorly secured IoT devices, can affect the delivery of essential services such as healthcare and basic utilities, put the security and privacy of others at risk, and threaten the resilience of the Internet globally.

It is critical that security of IoT devices be considered from the beginning of the design phase in order to prevent attacks. If creators wait until an attack has already taken place to consider security concerns, it will be too late.

In Canada, the Internet Society is addressing this issue through a year-long initiative, the Canadian Multistakeholder Process – Enhancing IoT Security. This project is a collaborative effort with Innovation, Science and Economic Development, the Canadian Internet Registration Authority, CANARIE, and CIPPIC to develop recommendations for a set of norms and/or policies to secure IoT in Canada. This project could easily be duplicated around the globe, leading to a more secure Internet of Things for everyone.

In Senegal, ISOC in collaboration with the Ministry of Telecommunications and Digital Economy and other partners is exploring the structure of an IoT framework for Senegal. The project is exploring IoT priorities and opportunities in catalyzing socio-economic development.

The French government is beginning to address IoT security by creating an IoT working group. This group will work with a variety of stakeholder groups to create a proposal for policies that would improve IoT security in France.

This session will provide a unique opportunity for comparative learning on how the MS model can be utilized in two varying contexts but addressing a critical Internet issue, “enhancing IoT Security”. This may provide some insights in utilizing the MS model in address critical Internet issues in both developed and developing world. The session will also highlight the best practices learned and consensus reached as a result of this year-long process to make IoT more secure in Canada, Senegal, and France.

Format: 

Round Table - 90 Min

Interventions: 

Speakers will include representatives from several of the partner organizations for the Enhancing IoT Security project, as well as IoT security experts, government officials, and civil society groups. Panelists come from Europe, Africa, and North America and each brings a different perspective and area of expertise to the conversation. This will lead to a more balanced and comprehensive conversation.

Diversity: 

Panelists will include men and women from Africa, Europe, and North America working in government agencies, civil society, and the technical sector.

This round table discussion will give participants the opportunity to hear more about enhancing IoT security in Canada, France, and Senegal and will look at how each country has approached the problem differently. The session will begin with a ten-minute overview of how each country’s IoT security project has progressed, including best practices learned, what remains to be done, what stakeholders are involved, and suggested next steps. The majority of this session will offer a facilitated discussion among virtual and in-person participants.

Discussion Facilitation: 

Moderate will prep all speakers ahead of time and ask meaningful questions. She will encourage audience participation and engagement throughout. The online moderator will actively include online participants by monitoring the live stream and Twitter and answering questions posted there just as we answer the in-person questions. The moderator will leave at least 30 minutes for audience questions.

Online Participation: 

Online monitor will monitor the livestream, any online comments, and Twitter to ensure that all relevant online questions are addressed. She will read the questions and comments out loud at the event and ask the panelists to respond.