IGF 2020 WS #241 Covid19 Cybersecurity Information & Analysis Sharing

Subtheme

Organizer 1: Florian Pennings, Microsoft
Organizer 2: magdalena wrzosek, NASK Research Institute
Organizer 3: Caroline Groene, Microsoft
Organizer 4: Ben Meany, Microsoft

Speaker 1: magdalena wrzosek, Government, Western European and Others Group (WEOG)
Speaker 2: Evangelos Ouzounis, Intergovernmental Organization, Western European and Others Group (WEOG)
Speaker 3: Eneken Tikk, Civil Society, Western European and Others Group (WEOG)
Speaker 4: Annemarie Zielstra, Government, Western European and Others Group (WEOG)
Speaker 5: Florian Pennings, Private Sector, Western European and Others Group (WEOG)

Moderator

Florian Pennings, Private Sector, Western European and Others Group (WEOG)

Online Moderator

Caroline Groene, Private Sector, Western European and Others Group (WEOG)

Rapporteur

Ben Meany, Private Sector, Western European and Others Group (WEOG)

Format

Panel - Auditorium - 60 Min

Policy Question(s)

• What lessons can we learn from existing cybersecurity policy frameworks (such as the EU NIS Directive, national legislation, or even CBMs on cybersecurity at the OSCE) regarding public private cyber information/analysis sharing? • What are best practices regarding operational cybersecurity cooperation within critical infrastructure environments that can serve as baselines for policy recommendations? • What is the importance of harmonizing cybersecurity cooperation methodologies and models around the globe (taxonomy, regulation, incident response)? • What role do intergovernmental institutions, international organizations, governments, and industry have in common regarding threat and information sharing? • What is the most constructive method or model to enable public and private stakeholders to cooperate, identify and implement the right parameters for operational and tactical cybersecurity cooperation?

The core issue this session and its speakers will aim to address is how to bridge the gaps in regional and global cooperation on cybersecurity information and analysis sharing. Cybercriminal and state sponsored activity targeting critical infrastructures (such as healthcare facilities) does not respect borders, rule of law, nor any one national authority, not even during a pandemic. In recognition of malign activities in times of global crisis as a 'shared responsibility' that the international community's competent authorities must address, this session hopes to encourage increased sharing of threat information and analysis by public cybersecurity authorities by exploring existing and new models for information and analysis sharing.

SDGs

GOAL 9: Industry, Innovation and Infrastructure
GOAL 16: Peace, Justice and Strong Institutions

Description:

The Covid-19 health crisis has exposed both the challenges of and the need for cybersecurity information and analysis sharing, at a regional and global level. Faced with an international crisis that knows no national borders, it is paramount that the global cybersecurity community responds efficiently, effectively and cohesively based on the principles of multistakeholderism. This is, and will continue to be, a shared challenge, and requires from us a shared approach, based on cooperation and coordination. Cybersecurity is global and heavily depends on cooperation. The objective of this session is to clarify the different positions on cybersecurity threat information and analysis sharing in our digital society, specifically in the aftermath of the Covid-19 outbreak. Through discussion, different views from public and private stakeholders, a baseline of shared interests and common objectives will be identified that can be used to serve as a recommendation to the IGF (public/governmental) stakeholders for consideration when developing cybersecurity strategies and policies. The session will hear from multistakeholder participants coming from industry, Government, Cybersecurity cooperation experts and academia, who will engage in a moderated discussion to identify best practices to approach shared challenges and to draw up responses to the policy questions highlighted below.

Expected Outcomes

The session seeks to identify a set of shared objectives, common interests and goals in cybersecurity information and analysis sharing. We will also seek to define a set of recommendations to public and private institutions on how to better cooperate and coordinate on a international level to respond to global crises, such as that faced with the Covid-19 pandemic. The shared objectives and identification of common interests (to be discussed in session) will subsequently lead to draft recommendations to be integrated into the post-session report, to be made available on the IGF 2020 website.

This session will hear from a range of participants coming from Industry, academia, public authority and civil society backgrounds. Following the various interventions of invited speakers, the onsite moderator will open the floor to onsite attendees to ask their burning questions. The onsite moderator will restrict the number of questions from onsite attendees, to ensure the online moderator can select several questions coming from online attendees of the workshop. The onsite moderator will ensure attendees’ questions (both off and online) are respected and responded to. This session is as much about helping attendees understand the dynamics within the topic as much as allowing for an equal and fair discussion between attendees and panellists.

Relevance to Internet Governance: The proposed session would contribute broadly to the concept of shared principles, norms, rules and programmes. The overarching objectives of the proposed session specifically set out to recommend best practices on how, in particular, industry, government and civil society can share information and analysis and how they can learn from one another. Ultimately, this is about how we as a society of cybersecurity experts from industry, government and civil society can promote a safer online and offline space for citizens across the globe.

Relevance to Theme: The IGF aligns well with Microsoft strategy and advocacy for multi-stakeholderism. It is regarded as the main forum to discuss internet governance issues and solutions at a global level with all relevant stakeholders. In 2020 ‘Trust’ is one of the 4 Thematic tracks and invites participants to propose session around topics like: Cybersecurity best practices; Norms; Cyber-crime; Cyber-attacks; Capacity development; Confidence-building measures; IoT; Domain Name System; DNS abuse; DNS security; Internet protocols; Encryption; Global routing security; Human rights; Digital safety; Child online safety; CSAM; Hate speech; Extremist content; Terrorism; Social media platforms; Freedom of expression online; Disinformation; Fake news; Deepfakes; Democracy; Elections; Hacking. A discussion on the topic of cybersecurity information and analysis sharing, particularly in the relation to the Covid-19 outbreak (a global healthcare crisis affecting us all) helps us to identify best practices and outline some necessary steps to develop 'Trust'. The INternet Governance Forum is indeed the best forum in which to hold such discussions.

Online Participation

 

Usage of IGF Official Tool.