People are what ultimately hold the Internet together. The Internet’s development has been based on voluntary cooperation and collaboration. Cooperation and collaboration remain the essential factors for the Internet’s prosperity and potential.
Collaborative Security
Collaborative Security is an approach that is characterized by five key elements:
- Fostering confidence and protecting opportunities: The objective of security is to foster confidence in the Internet and to ensure the continued success of the Internet as a driver for economic and social innovation.
- Collective Responsibility: Internet participants share a responsibility towards the system as a whole.
- Fundamental Properties and Values: Security solutions should be compatible with fundamental human rights and preserve the fundamental properties of the Internet — the Internet Invariants.
- Evolution and Consensus: Effective security relies on agile evolutionary steps based on the expertise of a broad set of stakeholders.
- Think Globally, Act Locally: It is through voluntary bottom-up self-organization that the most impactful solutions are likely to reached.
Examples of Collaborative Security in Action
A Multistakeholder Effort to Reduce Spam – The Case of Brazil (2005 – )
CGI.br put together an anti-spam Task Force (CT-Spam) made up of stakeholders and through a large number of positive and coordinated actions have been successful in lowering the amount of spam originating on Brazilian networks.
Mutually Agreed Norms for Routing Security (MANRS)
(2014 – )
In early 2014, a group of network operators began working to gather the wider community to improve the security and resilience of the global routing system. Today, two categories of participants (network operators and IXPs) set a baseline of actions to take to better secure the global routing ecosystem. Together, we provide crucial fixes to reduce the most common routing threats.
Canadian IoT Security Project (2018)
Year-long process to develop recommendations for a set of norms and/or policies to secure IoT in Canada. The Internet Society partnered with Innovation, Science and Economic Development, the Canadian Internet Registration Authority, CANARIE, and CIPPIC to host the first of several multistakeholder meetings on the security of IoT devices on April 4, 2018 in Ottawa, Canada.
Internet Infrastructure Security Guidelines for Africa: A joint initiative of the Internet Society and the Commission of the African Union (2017)
The first ever Internet Infrastructure Security Guidelines for Africa were created with contributions from regional and global Internet infrastructure security experts, government and CERT representatives, and network and ccTLD DNS operators, and in that spirit emphasize the importance of a collaborative security approach.
OECD Security Guidelines – Digital Security Risk Management (2015)
The adoption of this Recommendation by the OECD Council in September 2015 was the successful result of a multi-stakeholder process initiated in 2012 by the OECD Working Party on Security and Privacy in the Digital Economy (SPDE) to review the 2002 Recommendation of the Council concerning Guidelines for the Security of Information Systems and Networks: Towards a Culture of Security.
Global Conference on Cyberspace (2011 – )
A global biannual conferences where international leaders, policymakers, industry experts, think tanks, cyber wizards etc gather to deliberate on issues and challenges for optimally using cyber space. GCCS was launched with a view to establish internationally agreed ‘rules of the road’ for behavior in cyberspace, and create a more focused and inclusive dialogue between all those with a stake in the internet (governments, civil society and industry) on how to implement them.
Global Commission on the Stability of Cyberspace (2017 – )
The Global Commission on the Stability of Cyberspace (GCSC) is helping to promote mutual awareness and understanding among the various cyberspace communities working on issues related to international cybersecurity. The Commission comprises 26 prominent Commissioners representing a wide range of geographic regions as well as government, industry, technical and civil society stakeholders with legitimacy to speak on different aspects of cyberspace.
In November 2017 GCSC Commissioners issued a ‘Call to Protect the Public Core of the Internet‘. The declaration urges state and non-state actors to avoid activity that would intentionally and substantially damage the general availability or integrity of the “public core” of the Internet.
Global Forum on Cyber Expertise (2015 – )
The Global Forum on Cyber Expertise (GFCE) is a global platform for countries, international organizations and private companies to exchange best practices and expertise on cyber capacity building.
Unsolicited Communications Enforcement Network (UCENet) (2004 – )
UCENet membership includes representatives from the government regulatory and enforcement community and interested industry members. Through annual meetings and bimonthly teleconferences, members stay connected and share information that is critical for any organization engaged in anti-spam regulation and enforcement.
Chilean National Cybersecurity Policy
The Chilean National Cybersecurity Policy was developed by the Chilean government in collaboration with Chilean stakeholders. The Policy provides a roadmap for the Chilean Government’s approach to cybersecurity for the near future, including both objectives and steps towards achieving them. The Policy acknowledges the important role of non-governmental stakeholders, stating: “The country needs to strengthen its work in this field, taking into consideration the special challenges faced in terms not only of the technical conditions, and the global nature and decentralised character of the network, but also regarding its political scope, and with a system of Internet governance including multiple stakeholders where the private sector and civil society have a special role.”
Resources
-
Collaborative Security: An approach to tackling Internet Security issues
NOTE: – A set of PowerPoint slides explaining Collaborative Security is available for use in presentations. Executive Summary People are…
-
A policy framework for an open and trusted Internet
This policy framework provides an approach for addressing the complexities of building trust in an open environment such as…
Related News
Internet Society and UNESCO Offer a Capacity Building Program for Judges
Trust is vital to the future of the Internet. The best way to build it is to let a…
Collaborative Governance Leaders, Canada, and Senegal Exchange Notes on IoT Security Frameworks
Canada and Senegal partners are meeting for a comparative learning exchange on developing robust Internet of Things (IoT) Security…
The Cybersecurity Tech Accord Fits Squarely in the Collaborative Security Approach
Last week at RSA, more than 30 global companies came together to sign the Cybersecurity Tech Accord “to protect…
Kathy Brown’s Op-Ed in the Hill Times: Canada’s Unique Opportunity to Lead the Future of the Internet
Kathy Brown, CEO of the Internet Society, recently penned an Op-Ed for Canada’s the Hill Times calling for a…
Meltdown and Spectre: Why We Need Vigilance, Upgradeability, and Collaborative Security
Today’s news about the Meltdown and Spectre CPU vulnerabilities highlight the critical need for vigilance, upgradeability and the collaborative…
There is No Perimeter in IoT Security
The Internet of Things (IoT) is not just a device connected to the Internet – it is a complex,…