IGF 2023 WS #529 Defending Critical Infrastructure from Cyber Attacks

Organizer 1: Harisa Shahid, NetMission.Asia
Organizer 2: Paribhasha Pradhan, Islington College
Organizer 3: Romia Lasmin, University of the West of England, Bristol

Speaker 1: Hidekazu HARA , Technical Community, Asia-Pacific Group
Speaker 2: Farooq Hafiz, Private Sector, Asia-Pacific Group
Speaker 3: Namra Naseer, Civil Society, Asia-Pacific Group
Speaker 4: Upadhyay Abhishek , Government, Asia-Pacific Group


Harisa Shahid, Technical Community, Asia-Pacific Group

Online Moderator

Romia Lasmin, Technical Community, Western European and Others Group (WEOG)


Paribhasha Pradhan, Private Sector, Asia-Pacific Group


Panel - 60 Min

Policy Question(s)

A. How can developing countries with limited resources protect their essential infrastructure against cyber attacks?
B. How can loopholes of existing cybersecurity frameworks be improved for better protection?
C. How can existing loopholes in cybersecurity laws be eradicated to prevent the legal system from exploitation in cybercrimes?
D. What should be the role of multiple stakeholders on a national level for protection from cyber attacks in developed, developing & least developing countries?
E. How does definition and work of internet governance cover scope of cybersecurity?
F. How can public-private partnerships be leveraged to enhance cybersecurity capabilities for critical infrastructure protection?

What will participants gain from attending this session? After attending this panel session:
Participants will be able to differentiate between existing and emerging cyber threats
Participants will be able to understand the role of multistakeholder model in threat prevention and threat response
Participants will be able to learn about latest trends & best industry practices in the field of cybersecurity
Participants will understand the role of internet governance in cybersecurity
Participants will learn on how to develop cybersecurity aware teams across organisations.
Participants will learn in depth about existing and emerging cybersecurity frameworks


Over the years the number of cyber attacks have increased in direct proportion to the volume of digitalization on critical infrastructure.One of the biggest examples is the 2021 ransomware attack on the Colonial Pipeline in the United States where a ransomware attack disrupted the pipeline's operations, causing fuel shortages and price hikes in several states. According to the 2022 report by IBM Security The average cost of a data breach for critical infrastructure organisations studied was USD 4.82 million — USD 1 million more than the average cost for organisations in other industries. The IC3 received 870 complaints that indicated organisations belonging to a critical infrastructure sector were victims of a ransomware attack. Of the 16 critical infrastructure sectors, IC3 reporting indicated 14 sectors had at least 1 member that fell victim to a ransomware attack in 2022. This includes both the state owned infrastructure and privately owned infrastructure which are under threat. The word infrastructure highlights entities like data centres-that store critical and personal information of masses, electricity grids, airports & other transportation networks, commercial centres and telecommunication setups. Cyber attacks can directly undermine the economy of a country and the safety of her people. It has led to identification of gaps in existing cybersecurity practices and there is a stronger demand for better safeguards against external and unauthorised penetration. Understanding of modern cybersecurity trends, industry standards and best practices is highly necessary and significant in developing comprehensive policies for protection of critical infrastructure.

Expected Outcomes

1. A summary report of the key findings and recommendations from the session, to be disseminated through the IGF website and social media channels.
2. A policy brief outlining the key challenges and opportunities for enhancing cybersecurity in the context of sustainable development, to be shared with relevant stakeholders, including policymakers, civil society organisations, and industry representatives.
3. A roadmap for future collaboration and cooperation among stakeholders on cybersecurity issues related to sustainable development, to be presented at the IGF closing ceremony and shared with relevant stakeholders after the event.

Hybrid Format: We will incorporate various strategies. Moderators will ensure that participants are given equal opportunities to speak and participate. We will make use of the technical tools provided. It can be made more interactive with VR to create a virtual conference space that online attendees can access to engage with onsite attendees and participate in discussions.
Participants will be encouraged to ask questions using the chat features provided. Online tools like Kahoot or Mentimeter will be used to engage the audience and gather feedback. Collaborative note-taking using Google Docs and Mural will also help to ensure that all attendees have access to important information and can interactively contribute to the session.
As complementary online tools we will use social media platforms like Twitter or LinkedIn to create a real-time conversation around the session where attendees will share their thoughts, ask questions, and engage with each other using a common hashtag.