BPF Cybersecurity

IGF2020 

Best Practice Forum Cybersecurity

exploring best practices in relation to international cybersecurity initiatives

Workstream 1:  Identify new agreements and recent developments since last year

Work stream 1 focuses on identifying new agreements that appeared since last year. We intend to review only on those agreements that are strictly norms-focused (so to not look into instruments of hard law). Specifically interesting would be to identify any new norms related to healthcare cybersecurity, given COVID-19.

• Reviewing new agreements and perform last year’s mapping exercise on both the new agreements and to capture any new developments in relation to agreements reviewed last year;
• Identify a core set of agreements we want to retain for a more detailed review;
• Develop a targeted Call for Contributions to gain further input on these selected agreements;
• Initiate the Call for Contributions and process results;
• Update last year’s research paper with new learnings about implementation regarding these core agreements.

Workstream 2:  Understanding and documenting methods of norms assessment

This work stream focuses on understanding the role of assessment in norms setting and how assessment contributes to whether they are truly adhered to. In addition, we’ll take a look at other disciplines outside of cyber, and see how we can learn from normative principles as governance in other contexts.

Specifically interesting would be to identify any assessment related to healthcare cyber norms, given COVID-19: for instance, states calling out malicious cyber behavior affecting healthcare, indicating a norm may be present.

• Identify forms of norms assessment which already exist in cyber, for instance by looking at publications and statements by states and non-state actors around adherence to a norm.
• Identify methods of norms assessment in other disciplines;
• Evaluate how these may apply to the principles we deal with in cyberspace.

Workstream 3:  Outreach to widen participation in the BPF

We’ve identified for a few years now that we need wider participation, and given the growth of interest in the BPF, this is a good year to dedicate some effort to outreach and engagement - specifically focused on government and private sector, which have historically been underrepresented in our group.

• Identify potential new participants in government, private sector and other stakeholder groups.
• Have a special focus on identifying participants from the youth constituency;
• Reach out to these potential participants and motivate them to contribute to the BPF.

Participate

Participation in the work of the BPF Cybersecurity is free and open to all interested. Participants are expected to respect the IGF Code of Conduct .

Subscribe to this BPF mailing list:
http://intgovforum.org/mailman/listinfo/bpf-cybersecurity_intgovforum.org

For general inquiries on the BPF Cybersecurity please contact [email protected] .

BPF Coordinating team

• Ben Wallis, MAG BPF Facilitator
• Markus Kummer, BPF Co-facilitator
• Maarten Van Horenbeeck, BPF Lead expert
• John Hering, Lead Workstream 1
• Mallory Knodel, Lead Workstream 2
• Sheetal Kumar, Lead Workstream 3
• Wim Degezelle, Consultant IGF Secretariat

contact [email protected]

BPF Activities 

• The three BPF workstreams finalized their workplans and kicked-off in small teams. They are expected to present drafts to the BPF by mid July.
• Virtual meeting I  (Wednesday 19 February) - meeting report
• The outline proposal for the continuation of the BPF Cybersecurity in 2020 was developed following feedback on the BPF mailing list in December and approved by the Multistakeholder Advisory Group (MAG).
• Statement on the IGF and Cybersecurity to the Open-ended Working Group on developments in the field of information and telecommunications in the context of international security - Second substantive session (13 February) - Informal Paper submitted by the IGF Secretariat to the UN OEWG (February 2020).