Cybersecurity revisited, or are best practices really best? – WS 05 2016: Difference between revisions

From EuroDIG Wiki
Jump to navigation Jump to search
(24 intermediate revisions by 5 users not shown)
Line 35: Line 35:


== Further reading ==  
== Further reading ==  
The Internet Society's guide to Collaborative Security: http://www.internetsociety.org/collaborativesecurity
[http://www.internetsociety.org/collaborativesecurity The Internet Society's guide to Collaborative Security]


== People ==  
== People ==  
Name, institution, country of residence
*'''Focal Point''' : Robin Wilton, Internet Society, UK
*'''Focal Point'''  
Focal points take over the responsibility and lead of the session organization. Focal points are kindly requested to observe [http://www.eurodig.org/get-involved/organising-a-session/#jfmulticontent_c2865-1 EuroDIG's session principles]. Focal points work in close contact and cooperation with the programme director.
*'''Key participants'''
*'''Key participants'''
'''Until 15 May 2016.'''
:* Prof. Ian Brown, Oxford Internet Institute, UK
Key participants (workshop) are experts willing to provide their knowledge during a session – not necessarily on stage. Key participants should contribute to the session planning process and keep statements short and punchy during the session. Panellist (plenary) will be selected and assigned by the org team, ensuring a stakeholder balanced dialogue also considering gender and geographical balance.  
:: Prof. Brown is an accomplished researcher and expert in cybersecurity policy and technology issues. He is a Principal Investigator for the Global Cybersecurity Capacity Centre at Oxford Martin School.
Panellists should contribute to the session planning process and keep statements short and punchy during the session.
:* Nigel Hickson, ICANN, UK
Please provide short CV’s of the participants involved in your session at the Wiki or link to another source.  
:: Nigel is ICANN's Vice President for UN and IGO engagement, and is responsible for ICANN's public policy at the European level.
*'''Moderator'''
:* Lea Kaspar, Global Partners Digital, "rootless cosmopolitan"
'''Until 15 May 2016.'''
:: Lea is Head of Programmes and International Policy at Global Partners Digital - she works at the intersection of international affairs, digital communications, and human rights.
The moderator is the facilitator of the session at the event. Moderators are responsible for including the audience and encouraging a lively interaction among all session attendants. Please make sure the moderator takes a neutral role and can balance between all speakers.
:* Alexandru Frunza, Council of Europe, France
*Please provide short CV of the moderator of your session at the Wiki or link to another source.
:: Alexandru has an impressive law-enforcement background in both theory and practice, having served in drug-trafficking and cybercrime enforcement and in public prosecutors' offices.  
*'''Remote moderator'''
*'''Moderator''':
'''Until 15 May 2016.'''
::Olaf Kolkman, Internet Society, Netherlands and departure lounges [https://www.internetsociety.org/who-we-are/staff/mr-olaf-kolkman (brief biography)]
The remote moderator is in charge of facilitating participation via digital channels such as WebEx and social medial (Twitter, facebook). Remote moderators monitor and moderate the social media channels and the participants via WebEX and forward questions to the session moderator.
:: Dr. Tatiana Tropina, Max Planck Institute for Foreign and International Criminal Law, Germany [https://www.mpicc.de/en/home/tropina.html (brief biography)]
Please contact the EuroDIG secretariat if you need help to find a remote moderator.
*'''Remote moderator''': Fotjon Kosta, Ministry of Energy and Industry, Albania
*'''Org team'''  
*'''Org team'''  
Organising team is a group of people shaping the session. Every interested individual can become a member of an organising team (org team).
Nertil Berdufi, "Hena e Plote" BEDER University, Albania
*'''Reporter'''
*'''Reporter''': '''TBC'''  
'''Until 15 May 2016.'''  
The reporter will take notes during the session and formulate 3 to 5 bullet points that:  
The reporter takes notes during the session and formulates 3 (max. 5) bullet points at the end of each session that:  
#are summarised on a slide and  presented to the audience at the end of the session  
#are summarised on a slide and  presented to the audience at the end of each session  
#relate to the session and to European Internet governance policy
#relate to the particular session and to European Internet governance policy
#are forward looking and propose goals and activities that can be initiated after EuroDIG (recommendations)
#are forward looking and propose goals and activities that can be initiated after EuroDIG (recommendations)
#are in (rough) consensus with the audience
#are in (rough) consensus with the audience
#are to be submitted to the secretariat within 48 hours after the session took place
#are to be submitted to the secretariat within 48 hours after the session took place
Please provide short CV of the reporter of your session at the Wiki or link to another source and contact the EuroDIG secretariat if you need help to find a reporter.


== Current discussion ==
== Current discussion ==
Line 78: Line 74:
ws5@eurodig.org
ws5@eurodig.org


== Remote participation ==
== Video record ==
[https://www.youtube.com/watch?v=RLroN6Ij4vs See the video record in our youtube channel]


 
== Transcript ==
== Final report ==   
[[Transcript: Cybersecurity revisited, or are best practices really best?]]
Deadline 2016
== Messages ==   
* People tend to cluster together and collaborate within trusted communities, because with a trusted relationship something can be done. How to broaden this cooperation by binding with other clusters/communities?
* We need to collaborate to get things done, and the essential point is then to create trust between stakeholder groups: successful examples were when battling spam and cooperation between CERTS and LEA’s. It can be done.
* Diplomatic communities (with a so called ’military tradition’) and technical communities often mean something completely different when talking about security. There is a massive gap. But they are talking to each other and there certainly is an intention to continue the dialogue.
* How to keep the different ‘clusters’ open, where issues are discussed? More transparency is necessary when it comes public-private-partnerships: all stakeholders should (be able to) participate.
* There is a multitude of platforms and initiatives working on cybersecurity, all spending money and doing capacity building: but are they indeed open and transparent, and what effect do they have and how to bring them together? This is an open question…


== Session twitter hashtag ==   
== Session twitter hashtag ==   
Hashtag: #EuroDIGsec
Hashtag: #eurodig16 #EuroDIGsec


[[Category:Sessions]][[Category:Sessions 2016]][[Category:Security 2016]][[Category:Security]]
[[Category:Sessions]][[Category:Sessions 2016]][[Category:Security 2016]][[Category:Security]]

Revision as of 07:43, 15 August 2016


Please use your own words to describe this session. You may use external references, websites or publications as a source of information or inspiration, if you decide to quote them, please clearly specify the source.


To follow the current discussion on this topic, see the discussion tab on the upper left side of this page

Session teaser

This session is about good practice in cybersecurity, but we want to hear your case studies too: do they give you a warm fuzzy feeling, or a cold prickly feeling?

There’s an elephant in the room, but that’s OK… we’ve got it under surveillance.

Session description

It’s clear that cybersecurity threats can cross national boundaries; can cybersecurity defences? What are the challenges in doing so, and is anyone addressing them successfully?

Technologically, the direction of travel seems clear: it is easier to collect, share and process personal data than ever before, and to do so in greater quantities. Whole sectors of the economy are based on that principle. But how much does the technology improve our security, and how much does it erode our privacy?

And that elephant in the room: are cybersecurity concerns being used to undermine our fundamental rights?

OK - let’s acknowledge that cybersecurity has many stakeholders, and their interests often conflict. Is there a collaborative approach that can lead to better outcomes for all?

Keywords

Cybersecurity ; Best Practice ; Privacy ; Risk ; Collaborative Security

Format

The key message here is: please come ready to take part.

This topic reaches into the lives of all of us: we want to hear your perspective and, above all, your examples of good (and not so good) practice.

  • Moderator's opening remarks, to set context
  • Questions and best practice examples from the audience
  • Comment and responses from the panellists
  • Interactive Q&A (everyone)
  • Moderator's wrap-up and the "Wishing Tree"

Further reading

The Internet Society's guide to Collaborative Security

People

  • Focal Point : Robin Wilton, Internet Society, UK
  • Key participants
  • Prof. Ian Brown, Oxford Internet Institute, UK
Prof. Brown is an accomplished researcher and expert in cybersecurity policy and technology issues. He is a Principal Investigator for the Global Cybersecurity Capacity Centre at Oxford Martin School.
  • Nigel Hickson, ICANN, UK
Nigel is ICANN's Vice President for UN and IGO engagement, and is responsible for ICANN's public policy at the European level.
  • Lea Kaspar, Global Partners Digital, "rootless cosmopolitan"
Lea is Head of Programmes and International Policy at Global Partners Digital - she works at the intersection of international affairs, digital communications, and human rights.
  • Alexandru Frunza, Council of Europe, France
Alexandru has an impressive law-enforcement background in both theory and practice, having served in drug-trafficking and cybercrime enforcement and in public prosecutors' offices.
  • Moderator:
Olaf Kolkman, Internet Society, Netherlands and departure lounges (brief biography)
Dr. Tatiana Tropina, Max Planck Institute for Foreign and International Criminal Law, Germany (brief biography)
  • Remote moderator: Fotjon Kosta, Ministry of Energy and Industry, Albania
  • Org team

Nertil Berdufi, "Hena e Plote" BEDER University, Albania

  • Reporter: TBC

The reporter will take notes during the session and formulate 3 to 5 bullet points that:

  1. are summarised on a slide and presented to the audience at the end of the session
  2. relate to the session and to European Internet governance policy
  3. are forward looking and propose goals and activities that can be initiated after EuroDIG (recommendations)
  4. are in (rough) consensus with the audience
  5. are to be submitted to the secretariat within 48 hours after the session took place

Current discussion

See the discussion tab on the upper left side of this page.

Conference call. Schedules and minutes

  • dates for virtual meetings or coordination calls
  • short summary of calls or email exchange
  • be as open and transparent as possible in order to allow others to get involved and contact you
  • use the wiki not only as the place to publish results but also to summarize and publish the discussion process

Mailing list

ws5@eurodig.org

Video record

See the video record in our youtube channel

Transcript

Transcript: Cybersecurity revisited, or are best practices really best?

Messages

  • People tend to cluster together and collaborate within trusted communities, because with a trusted relationship something can be done. How to broaden this cooperation by binding with other clusters/communities?
  • We need to collaborate to get things done, and the essential point is then to create trust between stakeholder groups: successful examples were when battling spam and cooperation between CERTS and LEA’s. It can be done.
  • Diplomatic communities (with a so called ’military tradition’) and technical communities often mean something completely different when talking about security. There is a massive gap. But they are talking to each other and there certainly is an intention to continue the dialogue.
  • How to keep the different ‘clusters’ open, where issues are discussed? More transparency is necessary when it comes public-private-partnerships: all stakeholders should (be able to) participate.
  • There is a multitude of platforms and initiatives working on cybersecurity, all spending money and doing capacity building: but are they indeed open and transparent, and what effect do they have and how to bring them together? This is an open question…

Session twitter hashtag

Hashtag: #eurodig16 #EuroDIGsec