You are here

BPF Cybersecurity

BPF on Cybersecurity - Exploring best practices in relation to recent international cybersecurity initiatives


Latest : Statement on the IGF and Cybersecurity to the Open-ended Working Group on developments in the field of information and telecommunications in the context of international security - Second substantive session (13 February) - Informal Paper submitted by the IGF Secretariat to the UN OEWG (February 2020). 


IGF2020 BPF on Cybersecurity


The outline proposal for the continuation of the BPF Cybersecurity in 2020 was developed following feedback on the BPF mailing list in December and approved by the Multistakeholder Advisory Group (MAG): 

Part 1:  continue identifying new agreements, their relative scope, and update the research paper to include this new work. The analysis will continue look for horizontal / overlapping commitments (those appearing in more than one initiative) as well as for initiative- specific commitments (which only appear in one).

Part 2: 

  • Selecting a small set of agreements on which we will perform a Call for Contributions to collect additional best practices on their implementation. We realized that the 2019 work could have been more successful if it was more clearly targeted, and we will therefore select a small number of agreements from within those reviewed in 2020 in order to gain additional input on this targeted sub-set of agreements.

  • Identify methods of norms assessment, as implemented by different stakeholder groups. Norms assessment includes mechanisms to determine whether a particular norm is adhered to, or if violations are identified and assessed.

  • Evaluate the difference between norms-making between government stakeholders, and norms-making between and / or within other communities, in particular the private sector. We expect to draw on the BPF’s 2016 work, in which we identified roles & responsibilities, to determine what norms are most important to be implemented or endorsed by a specific group.

BPF Activities 

Participate in the BPF

Participation in the work of the BPF Cybersecurity is free and open to all interested. Please subscribe to the mailing list to keep track of the latest developments. Subscribe to this BPF mailing list:

For general inquiries on the BPF Cybersecurity please contact [email protected] .



IGF2019 BPF on Cybersecurity

The 2019 edition of the Best Practice Forum on Cybersecurity  explored best practices in relation to recent International Cybersecurity Initiatives. The BPF analysed existing initiatives such as the Paris Call, the GCSC’s Six Critical Norms Towards Cyber Stability, the UN OEWG and GGE, and collected and shared best practices around the implementation of suggested measures. 

BPF  Report 2019

IGF2019 BPF Cybersecurity final output


I. Introduction to the BPF on Cybersecurity

II. Norms and Expected Behaviour in Cyberspace 

III. Cybersecurity Agreements

IV. Turning Cybersecurity Agreements into Actions

V. Review of Cybcersecurity Agreements



BPF Cybersecurity workshop at IGF2019

Wednesday 27 November, IGF2019, Berlin, Germany

Meeting agendaSession reportVideo & transcript


About the BPF Cybersecurity 



Preparatory process

Draft output

The draft BPF Cybersecurity report, published October 2019, combines the background analysis of cybersecurity agreements by a group of subject-experts with the input received through the BPF's Call for Input. The BPF invited feedback on the report and organized a session at the IGF2019 in Berlin.  

The Final IGF2019 BPF Cybersecurity report will soon be published. This report will include further feedback received on the draft as well as reflect insights and discussions from the BPF workshop at IGF2019 in Berlin.

Feedback on the draft report (update 3 Dec)

Contributions in response to the Call for contributions (updated 12 Nov)


Call  for  Contributions

The IGF2019 BPF Cybersecurity launched a call for contributions to collect input and best practice examples from the stakeholder community.

deadline: the BPF accepts contributions and input on a rolling basis. Contributions received by Sept 20 will be included in the draft BPF report published before the IGF meeting. Contributions after Sept 20 will be posted on this website and serve as input for the BPF discussions before and at IGF2019 in Berlin. They will be incorporated in the final BPF output report. More details on the call for contributions and its questionnaire can be found here .

Background document 

The BPF Cybersecurity is focusing on international agreements and initiatives on cybersecurity. The main objective of this year's effort is to identify best practices related to the implementation, operationalization, and support of different principles, norms, and policy approaches contained in these international agreements/initiatives by individual signatories and stakeholders.

For a better understanding of the types of agreements we are investigating, we recommend reading the background paper published in July and available here (.pdf) . The paper provides an overview of international agreements and initiatives by focusing on the (i) identification of spaces for agreement, (ii) assessment of the state of existing agreements and (iii) next steps for implementation.


Background paper to the IGF Best Practices Forum on Cybersecurity

Participate in the BPF

Participation in the work of the BPF Cybersecurity is free and open to all interested. Please subscribe to the mailing list to keep track of the latest developments.

For general inquiries on the BPF Cybersecurity please contact [email protected] .


Intended work plan for 2019

  • Meeting I on scoping the work of the BPF  -  March 12 / 20
  • Development of initial research papers by team volunteers  -  late March to early May
  • Meeting II to review the research papers, take any resulting decisions and begin scoping the public Call for Contributions  -  early May
  • Launch call for contributions  -  early/mid May (with deadline mid July)
  • Outreach to specific actors, e.g. signatories to agreements being explored, governments, other key stakeholders  -  starting mid May
  • Drafting of the BPF report and engagement with the BPF where needed to broaden input  -  mid July to late August
  •  Meeting III to discuss the draft BPF report and planning the BPF session at IGF 2019
  • Publish the draft report for community input ahead of IGF 2019  -  by 8th October (6 weeks before IGF 2019)

Meeting Summaries and Announcements:

IGF Code of Conduct 

Contact Information

United Nations
Secretariat of the Internet Governance Forum (IGF)

Villa Le Bocage
Palais des Nations,
CH-1211 Geneva 10

igf [at] un [dot] org
+41 (0) 229 173 411