European national perspectives on securing critical information infrastructure
- Albania IGF
- Croatia IGF
- Estonia IGF
- Georgia IGF
- German IGF
- Netherlands IGF
- Ukraine IGF
European national perspectives on securing critical information infrastructure
(To agree on cybersecurity as topic for discussion is the result of a consultation process as it was agreed during the NRI Assembly taking place at EuroDIG in Tallinn in June 2017).
Session format and timing
The session will be 90 minutes long in total. It will be a co-moderated discussion among national security experts and the audience. Should the room setting allow, the session will have a round table format. Speakers will be invited to provide their perspective on the national approach and co-moderators will constantly engage with the audience (onsite and online); not only via an open mic but also by using interactive tools. The session will be concluded by the key messages of the discussion, to be delivered by rapporteurs.
Content of the session
Cybersecurity in all of its facets has consistently topped the agendas of the NRIs in Europe for the past two years. This was the outcome of a review of hot topics among NRIs in Europe. (See the compilation of hot topics discussed in Europe).
During the session, the co-organizers will provide an overview of national subtopics as they have been discussed within Europe, find out where the commonalities lie and where are the differences, and suggest the ways to bridge divergences in approaches.
We will discuss the following questions:
Defining what are the critical assets to be secured at the national level, and what are the methodologies to prevent them?
What are the local challenges?
How to build trust between all stakeholders?
How can/do the National Internet Governance Initiatives facilitate and support collaborative, multistakeholder solutions to address these local challenges?
The content is under development, and its progress can be tracked here.
Marina Kaljurand, Chair of the Global Commission on the Stability of Cyberspace (GCSC) (Estonia IGF)
Nato Goderdzishvili, Ministry of Justice of Georgia, senior consultant in e-government and cyber security (Georgia IGF)
Dick Schoof or Elly van den Heuvel from the Dutch Cyber Security Council (Netherlands IGF)
Vanessa Berning, Auke Pals (Netherlands Youth IGF)
Other European security experts [TBD]
Isabel Skira, German IGF
Relevance of the issue
It has become conventional wisdom that cybersecurity is a global problem that requires a global response. In reality, however, there are differences in approaches to the protection of critical infrastructure at the local and regional levels, especially with regard to the role of the government, the need for regulatory intervention, and the definition and scope of what constitutes critical infrastructure, to name but a few. The compilation of hot topics clearly shows the diversity of cybersecurity-related issues discussed within one region (Europe).
>>Find more information further below under Additional Background
Interventions/Engagement with participants (onsite and online)
The session will be interactive, and the audience will be included in the session via open mic and with the help of co-moderators. The co-moderators will not only engage the audience, but also use tools such as word clouds, online surveys, and other interactive tools to collect inputs before and during the session. On these additional tools co-organizers will agree over the session development process.
Geographical, Stakeholder and Gender Diversity
Europe is not unified in terms of the issues, resources and possible solutions and we can find different UN regional Groups / WEOG and Non-WEOG (developing economies) in this region. However with more than 20 active and independent European Internet Governance Initiatives, we would like to showcase the existing substantive diversity on how to approach the issue of cybersecurity within the European region. Each NRI is of a multistakeholder nature and this will be reflected in the Org Team as well as in the session. Gender diversity exist among the speakers already.
Tatiana Tropina, EuroDIG cybersecurity Subject Matter Expert Cyber (SME)
Vladimir Radunovic, DiploFoundation [tbc]
Michael Oghia, YOUthDIG cybersecurity Focal Point
Nick Wenban-Smith, UK IGF
Online participation logistics
We are in contact with national IGFs that cannot send representative to IGF 2017, and we will ensure that they can raise their voice via remote participation channels.
This session will have an online moderator, that will communicate with the onsite co-moderators in order to ensure equal participation of online participants. In addition, activities have been taken toward some of the national IGFs to organize dedicated remote hubs. Through hubs, many communities will participate at this session. The online moderator will ensure that the interventions coming from hubs are prioritised.
EuroDIG as the regional forum will be the facilitator of this session, by bringing together independent NRIs from the region to discuss and exchange. We consider the preparatory process as an integral part of the discussion during the session.
We welcome the opportunity to hold a collaborative session, and we truly believe that this format of collecting input has great potential to enhance the bottom-up process in shaping the IGF programme.
VOLUNTARY INFORMATION / RESOURCES FOR PROPOSERS
Link with the Sustainable Development Goals
(8), 9, 11
CONNECTING WITH IGF INTERSESSIONAL GROUPS
Best Practice Forums
Our aim is to add a national perspective to the expert discussion and not to repeat or duplicate other sessions.
Connecting with International or Other Relevant Organizations
If you are interested in involving in your workshop any of the numerous organizations or subject matter experts based in Geneva (UN Agencies, NGOs, academia, think tanks, etc.), please indicate your interest above. Please find a selection of such organizations at: http://dig.watch/igf2017
For comprehensive information on “International Geneva” please consult: http://www.geneve-int.ch/whos-who
At your request we may provide assistance, in cooperation with the Swiss authorities, in identifying suitable contacts within those organizations.
Additional Background Paper (Optional)
Thematic input from the Netherlands: we have a lot of discussion in the Netherlands, after years of 'ignoring' the serious threats, cyber security is top of mind now, but there is a risk of too much top-down approach and control. When cyber threats such as IOT botnets become manifest, the common reflex is to start initiatives to deal with the situation at hand. But as it turns out a generic, bottom-up approach towards threat mitigation is much more effective. We have to look for comprehensive methodologies for control in complex value chains and start creating a 'fabric for cyber resilience'. Elements are information security baselines, standardization of assurance frameworks and -reports and therefore more applicable for multiple users. Coordinated and structural efforts of multiple stakeholders: government, science, law enforcement, not for profit organizations, internet companies and technology vendors already shows that this approach works. And it provides a basis for dealing with new types of cyber threats.
A Dutch Cyber Security Council (CSR), an independent advisory, body gives advice on its own initiative and in response to requests from the cabinet. In addition, the CSR monitors the execution of the National Cyber Security Strategy. The Council is made up of representatives from public and private parties.
Additional Reference Document Link (Optional)
NATO Cooperative Cyber Defence Centre of Excellence - “Defending the Core: Proceedings of the 9th International Conference on Cyber Conflict, 2017 - https://ccdcoe.org/sites/default/files/multimedia/pdf/CyCon_2017_book.p…;
George C. Marshall European Center of Security Studies - Publications - http://www.marshallcenter.org/mcpublicweb/en/nav-publications-overview-…
Global Commission on the Stability of Cyberspace (GCSC) - https://cyberstability.org/