This is now a legacy site and could be not up to date. Please move to the new IGF Website at

You are here

BPF Cybersecurity

IGF 2021 

Best Practice Forum Cybersecurity

on the use of norms to foster trust and security


The BPF Cybersecurity 2021 on the use of norms to foster trust and security, intends to take a deeper look at the drivers of cyber norms and test these norms concepts against historical Internet events, to better understand how speficic norms can be effective at mitigating adverse cybersecurity events.  (MAG Agreed BPF proposal )


The BPF is inviting participants to its three workstreams 'Mapping cybersecurity agreements', 'Testing norms concepts against Internet events', and 'BPF outreach and cooperation with other IGF initiatives'.  (see below for a description of workstreams and their work plan).  

Contact [email protected] if you wish to join one of the work streams.

The work streams will regularly update on their work on the mailing list and the scheduled BPF CS Update meetings (see dates below).

Subscribe to the BPF Cybersecurity mailing list and join the regular BPF updates (see dates below) to stay informed of the BPF's progress and activities . 



  • Thursday, 29 April, 15:00 UTC, BPF Kick-off meeting, slide deckrecording (passcode @D?Aj771 )
  • Thursday, 1 July, 6:00 UTC, BPF Update meeting, slide deck, recording (passcode Me$*Un2S )
  • Thursday, 19 August, 15:00 UTC, BPF Update meeting, agenda, recording (passcode u9X3YU$n )
  • next meeting Thursday, 14 October, 6:00 UTC, BPF Update meeting, register
  • 10 December, BPF workshop during the IGF 2021 in Katowice 

*work sessions of the BPF's workstreams will be organised on a need-basis inbetween the scheduled updates, and announced on the BPF mailing list.

  • BPF update to the IGF Open Consultation & MAG meeting, 29 Sept (slide deck)
  • BPF update to the IGF Open Consultations & MAG meeting, 22 June (slide deck)
  • BPF update, NRI Assembly, EuroDIG, 28 June, (slide deck)

Preparatory process

draft BPF Workstreams and deliverables 

Workstream 1:  Update the BPF's mapping of agreements

Deliverable:  publish a research paper

During 2021, we intend to take a deeper look at the drivers of cyber norms. These may include concerns raised by internet users, security incidents, and other events. We plan to take a closer look at which ideas behind the norms have shown continuity during various incidents and stages of problematic behavior.


Workstream 2:  Testing norms concepts against Internet events

Deliverable:  discuss which core ideas behind the normative agreements had the most continuity through various incidents at the BPF meeting in December.

Research question: how would specific norms have been effective at mitigating adverse cybersecurity events?

Work package 1: List of significant historical cybersecurity events

Identify criteria to select major historical cybersecurity events (including adverse events such as incidents) that are representative of cybersecurity issues, and that in some cases may have informed norms development.

Work package 2: Analysis and background brief for each historical cybersecurity event

Review the selected events, and evaluate from the BPF’s prior reports, as well as other published research and reports, whether or how cyber norms have been successful at mitigating their adverse effects. We’ll also include how those events may have supported norms implementation, or expanded the scope of an existing norm.

Work package 3: Qualitative research that includes the voices of those affected by cybersecurity events

Participant interviews with incident responders and victims of historical cybersecurity events will be analysed and presented in order to understand their first-hand perception of the applicable norms and their response to the research question, “how would specific norms have been effective at mitigating adverse cybersecurity events?”


Workstream 3:  BPF outreach and cooperation with other IGF initiatives

The United Nations Secretary-General's Roadmap for Digital Cooperation, para 93, envisages a strengthened IGF, including by better integrating programme and intersessional policy development work to support other priority areas outlined in the report.

Work package 1: Drive engagement and participation in the BPF

Engage with stakeholders to drive engagement and participation in the BPF, including outreach to other IGF community activities, such as the National and Regional IGFs, the Dynamic Coalitions, Policy Networks.

Work package 2: Better integrate BPF work in the IGF Programme and activities

Actively explore synergies and opportunities to integrate the BPF's work in the overall IGF programme and to contribute to other IGF activities.



BPF Coordinating team

  • MAG BPF Facilitator: Ms Hariniombonana Andriamampionona
  • BPF Co-facilitator: Mr Markus Kummer
  • BPF Lead expert: Mr Maarten Van Horenbeeck
  • Lead Workstream 1: Mr John Hering
  • Lead Workstream 2: Ms Mallory Knodel
  • Lead Workstream 3: Ms Sheetal Kumar, Mr Markus Kummer
  • Consultant IGF Secretariat: Mr Wim Degezelle

contact [email protected]



Participation in the work of the BPF Cybersecurity is free and open to all interested. Participants are expected to respect the IGF Code of Conduct .

Subscribe to this BPF mailing list:

For general inquiries on the BPF Cybersecurity please contact [email protected] .



Related work on norms by the BPF Cybersecurity 





Información de Contacto

United Nations

Secretariat of the Internet Governance Forum (IGF)

Villa Le Bocage

Palais des Nations,
CH-1211 Geneva 10


Tel.: +41 (0) 229 175 778