IGF 2017 WS #15 Learnings from Multistakeholder Collaborations in Cybersecurity Response and Capacity Building

    Short Title
    Multistakeholder Collaborations in Cybersecurity Response

    Proposer's Name: Mr. Jong Hyuk Ro
    Proposer's Organization: Microsoft Korea
    Co-Proposer's Name: Mr. Wan S. Yi
    Co-Proposer's Organization: Korea Internet & Security Agency
    Co-Organizers:
    Mr. Jong Hyuk Ro, Private Sector, Microsoft
    Mr. Wan S. Yi, Government, Korea Information & Security Agency

    Format

    Session Format: Panel - 90 Min

    Agenda

    Agenda:

    Length of session: 90 minutes

    Presentation by panelists (Part I – 35 minutes, 7 minutes per panelist):

    Expert from Oman will present on the experience in partnership with KISA on a project to establish Security Operation Center (SOC) including the education/training program offered in Korea

    Mr. Charles Mugisha from Rwanda will present on the experience in partnership with KISA on a project to establish Cyber Forensic Center including the education/training program offered in Korea

    Ms. Jung Hee Kim from KISA will present on the status and prospect of threat information sharing with other countries, including the training center established in Nicaragua for training officials from Latin American countries and the Cybersecurity Alliance for Mutual Progress (CAMP).

    Dr. Jianping Wu from China will present on the structure of cybersecurity human resources development in China. This person may also discuss China’s experience in helping countries build capacity building in general and in cybersecurity as the world’s largest contributor for developing countries.

    Ms. Jing De Jong-Chen from Microsoft Corp will present on the experience from working with national governments/CERTs around the world and the desired framework of partnership among key stakeholders.

    Direct questions to each panelist (Part II - Total time 30 minutes)

    Expert from Oman:

    • What were the key difficulties and benefits from the cooperation project with KISA or other countries to improve information security readiness?
    • What are the key difficulties in cooperating with other counties’ CERTs in responding to incidents? How do you solve them?

    Mr. Charles Mugisha:

    • What were the key difficulties and benefits from the cooperation project with KISA or other countries to improve information security readiness?
    • What are the key difficulties in cooperating with other counties’ Certs in responding to incidents? How do you solve them?

    Ms. Jung Hee Kim:

    • From the experience in sharing information and training officials from other governments, what do government members really want from the global cybersecurity companies in responding to incidents?
    • How can both the government and private sector work together to maximize the potential benefits?

     Dr. Jianping Wu:

    • Governments of China, Japan, and Korea invite government officials from developing countries and offer cyber security training programs. What are some ways to avoid redundancy and implement effectively? What is your thought about the possibility of jointly developing training programs, exchanging curricula, contents, and trainers?

    Ms. Jing De Jong-Chen:

    • Based on your working experience with Korea and other government, how is Microsoft addressing the need to expand cooperation with governments of countries around the world as threats in cyber space may originate from any country, whether developed or developing?
    • In what areas MS is focusing on at the moment to work and support other governments?

    Questions from audience and online participants to each panelist (Total time 25 minutes):  

    The Moderator will invite the audience to ask questions. He will also select and ask questions on behalf of the online participants. Time allowing, moderator will ask additional questions, based on the preceding discussion.

    * The time allocation is only provisional. Moderator will invite and encourage as much participation from the audience as allowable and orchestrate the use of 90 minutes appropriately.

    Content of the Session:
    Internet Governance issue:
    The Internet depends on multi-stakeholder governance involving concerted efforts by governments, businesses, technical communities, and civil society. In the same manner, cybersecurity requires collaboration among the key players in public and private sectors, including national governments, computer incident/emergency response teams (CIRTs/CERTs), and technology companies. Regional and global cooperation among organizations is no longer a matter of choice. In this concerted effort to promote cybersecurity and safety, global technology companies are in a unique position as the maker and the operator of the cyberspace as well as the frontline and the first responders to cyber threats and attacks.

    The purpose of this workshop is to share the perspectives and learnings of the cybersecurity experts from government, industry and academia regarding the current state and future prospect of their efforts in addressing cybersecurity in country and internationally as well as promoting global partnership. 

    Korea Internet & Security Agency (KISA) is the central player of this workshop. Based on its accumulated knowledge and experience over the years as the national CERT of Korea, KISA has had opportunities to work with national governments in other continents, including those of Oman and Rwanda, contributing to establishing and operating national CERTs. KISA also has maintained good relationships with cybersecurity experts in Chinese government/CERT and academia. KISA and Microsoft have worked closely for more than 15 years, sharing information to support one another in protecting people and organizations in cyber space from threats and attacks.

    The workshop will be an opportunity for the audience as well as speakers to develop a comprehensive understanding about (i) the workings of national CERTs; (ii) coordinating collaboration among national and regional CERTs; (iii) collaboration among CERTs and global companies in addressing the challenges to protecting security and privacy in cyberspace; and (iv) building cybersecurity capacity and development talent. This process will be reinforced with audience participation in the form of comments and Q&As.  

    The participants are expected to take away the insights shared and lessons learned, which would contribute to addressing their own challenges and, eventually, promoting international cooperation for Internet governance. 

    Session Format:

    The session will take a form of panel in which speakers will share experience and lessons learned in addressing cybersecurity independently and in partnership with key stakeholders including CERTs and businesses, perspectives about the future of cyberspace as well as the partnership among stakeholders.

    One-third (1/3) of the time will be allotted to audience and online participants for Q&A. However, the time allocation is only provisional. Moderator will invite and encourage as much participation from the audience as allowable and orchestrate the use of 90 minutes appropriately. 

    Speakers:

    Government (Moderator): Dr. Wan S. Yi, Korea Internet & Security Agency (Asia; male)
    Government (Speaker): Ms. Jung Hee Kim, Korea Internet & Security Agency (Asia; female)
    Government (Speaker): Oman*
    Government (Speaker): Mr. Charles Mugisha, IT Operational Division Manager, Rwanda Development Board (Africa; male)
    Technical Community (Speaker): Dr. Jianping Wu, Tsinghua University (Asia; male)
    Private Sector (Speaker): Ms. Jing De Jong-Chen, Microsoft Corp (North America; female)

    * Unfortunately, the representative from Oman would not be joining.

    Agenda:
    Length of session: 90 minutes

    Presentation by panelists (Part I – 35 minutes, 7 minutes per panelist):

    Expert from Oman will present on the experience in partnership with KISA on a project to establish Security Operation Center (SOC) including the education/training program offered in Korea

    Mr. Charles Mugisha from Rwanda will present on the experience in partnership with KISA on a project to establish Cyber Forensic Center including the education/training program offered in Korea

    Ms. Jung Hee Kim from KISA will present on the status and prospect of threat information sharing with other countries, including the training center established in Nicaragua for training officials from Latin American countries and the Cybersecurity Alliance for Mutual Progress (CAMP).

    Dr. Jianping Wu from China will present on the structure of cybersecurity human resources development in China. This person may also discuss China’s experience in helping countries build capacity building in general and in cybersecurity as the world’s largest contributor for developing countries.

    Ms. Jing De Jong-Chen from Microsoft Corp will present on the experience from working with national governments/CERTs around the world and the desired framework of partnership among key stakeholders.

    Direct questions to each panelist (Part II - Total time 30 minutes)

    Expert from Oman:

    • What were the key difficulties and benefits from the cooperation project with KISA or other countries to improve information security readiness?
    • What are the key difficulties in cooperating with other counties’ CERTs in responding to incidents? How do you solve them?

    Mr. Charles Mugisha:

    • What were the key difficulties and benefits from the cooperation project with KISA or other countries to improve information security readiness?
    • What are the key difficulties in cooperating with other counties’ Certs in responding to incidents? How do you solve them?

    Ms. Jung Hee Kim:

    • From the experience in sharing information and training officials from other governments, what do government members really want from the global cybersecurity companies in responding to incidents?
    • How can both the government and private sector work together to maximize the potential benefits?

     Dr. Jianping Wu:

    • Governments of China, Japan, and Korea invite government officials from developing countries and offer cyber security training programs. What are some ways to avoid redundancy and implement effectively? What is your thought about the possibility of jointly developing training programs, exchanging curricula, contents, and trainers?

    Ms. Jing De Jong-Chen:

    • Based on your working experience with Korea and other government, how is Microsoft addressing the need to expand cooperation with governments of countries around the world as threats in cyber space may originate from any country, whether developed or developing?
    • In what areas MS is focusing on at the moment to work and support other governments?

    Questions from audience and online participants to each panelist (Total time 25 minutes):  

    The Moderator will invite the audience to ask questions. He will also select and ask questions on behalf of the online participants. Time allowing, moderator will ask additional questions, based on the preceding discussion.

    Relevance of the Session:

    In an increasingly more connected world on the verge of the digital transformation heralded by the technological advancement in artificial intelligence and cloud computing, cybersecurity has become an integral part of the economic, social, and cultural changes in people’s lives. Protecting security and privacy of users and critical infrastructure goes hand in hand with Internet governance. The Internet will not be sustainable without the sufficient assurance of security.

    Tag 1: Cybersecurity
    Tag 2: Multistakeholder Cooperation
    Tag 3: Digital Geneva Convention

    Interventions:
    Each speaker’s views/perspectives/expertise are critical to achieving the purpose of this workshop, which is to share with the audience a comprehensive experience of independent and collective effort in addressing the challenges surrounding cybersecurity via presentations and Q&As. Therefore, all speakers will be given equal opportunity to speak.

    Diversity:
    The organizers of the workshop planned to highlight the global nature of cybersecurity partnership by staging representatives of various stakeholders from different geographies (Asia, Middle East, Africa, and North America). Ethnic diversity and gender diversity has been considered in speaker choices. Efforts will be made to introduce new and/or different perspectives in discussions. 

    Onsite Moderator: Wan S. Yi

    Online Moderator: Jong Hyuk Ro

    Rapporteur: Alex Yudong Yang

    Online Participation:
    Online Moderator will be designated to guide online participants make comments and raise questions prior to and during the workshop, especially during the Q&A. Moderator will be instructed to communicate frequently with Online Moderator to ensure online participation. 

    Discussion facilitation:
    Seating: Speakers will be seated at the front of the room and participants will be seated in a class room style. Microphones will be provided to the audience during Q&A.

    Media: PowerPoint slides will be projected to help audience grasp the key messages and takeaways.

    Preparation: Organizers of the workshop will set up conference call(s) for all speakers in advance of the workshop to provide opportunity to meet with each other and prepare for the workshop.

    Moderator: Director Wan S. Yi of KISA is an expert in cybersecurity policy and international cooperation, who has 20+ years of experience in international multi-stakeholder discussions as moderator as well as speaker. He will give every participant, including online participants, equal opportunity to intervene during Q&A in close cooperation with the Online Moderator, who will encourage and facilitate participation by online participants.

    Conducted a Workshop in IGF before?: No
    Link to Report: 

    Session Report (* deadline 9 January) - click on the ? symbol for instructions

    IGF 2017 Workshop Report: WS15

    - Session Title: Learnings from Multistakeholder Collaborations in Cybersecurity Response and Capacity Building
    - Date: 21th Dec 2017
    - Time: 9:00 am - 10:30 am
    - Session Organizer: Jong Hyuk Ro/Microsoft
    - Rapporteur/Notetaker: Alex Yudong Yang/Microsoft
    - List of Speakers and their institutional affiliations
    1. (On-site Moderator) Dr. Wan W. Yi, Director, Korea Internet & Security Agency (KISA), Korea
    2. (Speaker) Ms. Jung Hee Kim, Director, Cyber Threat Intelligence Center, KISA, Korea
    3. (Speaker) Mr. Charles Mugisha, IT Operational Division Manager, Rwanda Development Bord, Rwanda
    4. (Speaker) Dr. Jianping Wu, Professor, Tsinghua University, China
    5. (Speaker) Ms. Jing De Jong-Chen, General Manager, Global Security Strategy, Microsoft Corp
    - If there were presentations during the session, please provide a 1-paragraph summary for each Presentation
    1. Ms. Jung Hee Kim from KISA presented on the status and prospect of sharing threat intelligence with other countries, including the training center established in Nicaragua for training officials from Latin American countries and the Cybersecurity Alliance for Mutual Progress (CAMP). She also emphasized the importance of information/knowhow sharing and cooperation with other stakeholder from private sector like Microsoft and Google in term of enhancing cybersecurity capacity.
    2. Mr. Charles Mugisha from Rwanda introduced their best practices in cybersecurity capacity building. As one of the example of international cooperation, he shareed the experience in partnership with KISA on a project to establish Cyber Forensic Center including the education/training program offered in Korea.
    3. Dr. Jianping Wu from China explained and recommended the structure of cybersecurity human resources development in China. He also discussed China’s experience in helping countries build capacity in term of talent cultivation in cybersecurity as the world’s largest contributor for developing countries.
    4. Ms. Jing De Jong-Chen from Microsoft Corp presented on cybersecurity and trust building. She shared her experience from working with national governments/CERTs around the world and the desired framework of partnership among key stakeholders. She also mentioned the Critical Infrastructure Protection in today’s complex environments, stating that the international collaboration among government and private sectors and NGO will play much more important role. In addition, Ms. Jing De Jong-Chen talked about Microsoft’s plan to work with KISA to offer cybersecurity education to women in Korea as part of Microsoft’s commitment to gender equality and inclusion.
    - Please describe any Participant suggestions regarding the way forward/potential next steps/key takeaways:(3 paragraphs)
    1. Moderator Dr. Yi asked Mr. Mugisha from Rwanda about the details of the big cybersecurity incident in Rwanda last year, and what sort of supports Rwanda received from international cooperation. Mr. Mugisha describes the context of the incident, mentioning that the information and supports from KISA are very supportive.
    2. A participant from the floor asked about Korean government strategy on international cooperation with private sector. Dr. Yi and Ms. Kim from KISA each offered answers. Both of them pointed out the importance of international cooperation. Korea government is willing to cooperation more with international organizations such as the World Bank and large global company like Microsoft.
    3. Another participant from the floor asked about the Chinese government’s attitude toward multi-stakeholder methodology. A Director from CNCERT, who was participating as audience, answered that the Chinese government was making a great deal of effort in facilitating multi-stakeholder methodology in such areas as information sharing. He added that multi-stakeholder methodology was becoming more and more important in protecting cyberspace, which is a consensus accepted by all the governments around the world including the Chinese government.
    4. An online participant commented that Microsoft did not provide security patches for Windows XP during WannaCrypt incident that affected users and asked for explanation. Ms. De Jong-Chen mentioned it was a big challenge for tech company to deal with aged products. However, with respect to the WannaCrypt incident, Microsoft had done its best to support those customer as much as possible, including providing security patch for the Windows XP users.

    Gender Reporting Questions
    - Estimate the overall number of the participants present at the session: 50+ including online participants (Speaker Mr. Charles Mugisha and 3 other participants)
    - Estimate the overall number of women present at the session: 15+
    - To What extent did the session discuss gender equality and/or women’s empowerment?: In term of talent cultivation and capacity building.
    - If the session addressed issues related to gender equality and/or women’s empowerment, please provide a brief summary of the discussion: Regarding women cybersecurity capacity building, the perspective is comparatively weak both by general public and women themselves. If such a situation continuous in the near future, women may be the weakest-link in term of gender in general. Public-private partnership is also important to help build awareness about opportunities for women in cybersecurity and make trainings available, such as a plan for Microsoft and KISA to work together to offer cybersecurity education to women in Korea. //