Session
Dynamic Coalition on the Internet of Things and Internet Standards, Security and Safety Coalition
Roundtable
Duration (minutes): 60
Format description: During the open session there is usually a good number of newcomers, next to a core of people that have been supporting the DC IoT and IS3C for multiple years, and invited experts. For each of the points on the agenda we foresee (1) short introduction; (2) invited panel reaction; (3) free flow with all participants in the room. A round table setup works best as people can interact better, rather than "wait for their turn", and 60 minutes helps ensure we can properly address a number of the key points that have been coming up, successively.
When we consider future challenges, new national cybersecurity policies in various countries have started addressing IoT security more directly:
- European Union: The EU has introduced the Cyber Resilience Act, which imposes mandatory cybersecurity requirements for digital products, including IoT devices, covering their entire lifecycle from design to disposal. This act aims to standardize IoT security across the EU and ensure that manufacturers comply with stringent cybersecurity standards.
- United States: The US continues to advance its IoT security framework under various initiatives, including expanding IoT security labeling programs to help consumers understand and compare the cybersecurity protections of different IoT devices. This is part of broader efforts to enhance national IoT security as part of the country's cybersecurity strategy.
- Global Perspective: Various countries are adopting or updating their cybersecurity frameworks to address IoT security explicitly. For example, the NIS2 Directive in the EU, which will be fully transposed into national law by October 2024, expands the scope of cybersecurity rules to cover more sectors, including those that heavily rely on IoT systems.
These developments highlight the global movement towards more robust IoT security, with new regulations and policies being implemented to address the growing risks associated with the proliferation of connected devices. The Security issues strongly relate to the data management issues related to confidentiality and privacy, and all this needs to take into account the challenges and opportunities offered by emerging technologies such as Artificial Intelligence and Quantum computing.
Agenda:
Introduction and Common Ground (5 mins)
Speakers: Wout de Natris (DC IS3C) and Maarten Botterman (DC IoT)
Panel 1: Current IoT Security developments Mini Panel (10 + 5' Open Floor)
Speaker 1 – Renee Roland (FCC) on the USA initiative towards secure IoT with a focus on labelling and certification to empower users to make smarter choices. – and the need to work towards international mutual recognition of standards
Speaker 2: Nicolas Fiumarelli (Chair, IS3C WG1) on the results of a global comparison of IoT Security related policies, regulations ad standards.
Panel 2: IoT Data Governance and Privacy (10 + 5' Open Floor)
Speaker 1: Jonathan Cave (Alan Turing Institute, Warwick University, DC IoT) addressing the data governance issues that relate to IoT – acknowledging that many live data related to persons are collected, and through analysis may be relatable to people.
Speaker 2: Nicolas Fiumarelli (Chair, IS3C WG1) on the results of a global comparison on IoT data privacy related policies and regulations.
Panel 3: IoT Governance and Emerging Technologies: Quantum & AI - Mini Panel (10 + 5' Open Floor)
Speaker 1: Elif Kiesow Cortez (Chair, IS3C WG3) explaining the need to ensure Quantum Proof Encryption (QPC) in IoT environments forfuture-proofing against emerging threats relating to relating to IoT devices and IoT ecosystems.
Speaker 2: Maarten Botterman (Chair, Global Forum of Cyber Expertise WG E on Emerging Technologies, DC IoT) highlighting the importance of awareness and capacity building with regards to ensure continued justified trust in the use of IoT environments in towards the future.
Preliminary conclusions and next steps (5 mins)
All participants are invited to share their input and comments via email after the session, as preparations for IGF2025 require rapid follow up to the results of this meeting.
Maarten Botterman, ICANN Board; GNKS Consult; DC IoT Chair; Netherlands; Jonathan Cave, University of Warwick, Alan Turing Institute, DC IoT; UK; Dan Caprio, Providence Group, DC IoT; USA; Wout de Natris, de Natris Consult, DC IS3C Chair; Netherlands Shane Tews, Logan Circle Strategies, former DC IoT Chair, Nicolas Fiumarelli, Chair, IS3C WG1, Elif Kiesow Cortez, Chair, IS3C WG9
Maarten Botterman is an independent policy advisor on information society matters. He is currently ICANN Board Member, Global Forum for Cyber Expertise WG on Emerging Technologies Chair, and Chair of the IGF Dynamic Coalition on the Internet of Things.
Wout de Natris is an internet governance consultant at De Natris Consult based in the Netherlands. He is e.g. the community manager for the new international community for the Dutch Platform Internetstandards around the internet.nl tool and coordinator of the IGF Dynamic Coalition Internet Standards, Security and Safety Coalition (IS3C).
Renée Roland serves as Special Counsel for the Federal Communications Commission’s Public Safety and Homeland Security Bureau, responsible for addressing a number of spectrum policy, cybersecurity and emergency management issues. Ms. Roland currently serves as a taskforce co-chair of the Cybersecurity Forum for Independent and Executive Branch Regulators, and leads the implementation of the Cybersecurity Labeling for Internet of Things program (U.S. Trust Mark) for the Commission.
Nicolas Fiumarelli is a Computer Engineer who graduated from the University of the Republic of Uruguay, working as a Software and Networks Engineer at the Regional Internet Registry for Latin America and Caribbean (LACNIC) since 2012. He is also Chair of IS3C WG1 on IoT Security.
Dr. Jonathan Cave is a GNKS Consult Associate, Senior Fellow in Economics at Warwick University, Economist Member of the UK Regulatory Policy Committee and Fellow at the Alan Turing Institute (Digital Ethics Research Group and Ethics Advisory Committee).
Dr. Elif Kiesow Cortez is a research fellow at Stanford Law School and collaborates with the Stanford Institute for Human-Centered AI. Elif works in designing governance mechanisms for responsible and ethical deployment of technology. She is also Chair of IS3C WG9 on Emerging Technologies.
Maarten Botterman
Wout de Natris
Jonathan Cave, Nicolas Fiumarelli
2. Zero Hunger
3. Good Health and Well-Being
6. Clean Water and Sanitation
7. Affordable and Clean Energy
8. Decent Work and Economic Growth
9. Industry, Innovation and Infrastructure
11. Sustainable Cities and Communities
12. Responsible Production and Consumption
13. Climate Action
14. Life Below Water
15. Life on Land
Targets: - Goal 2 End hunger (specifically 2.3 and 2.4): IoT is already used today to improve crops; - Goal 3. Ensure healthy lives (specifically 3.6 and 3.9): IoT is already today essential for traffic management and environmental warning systems; - Goal 6 Water and sanitation (specifically 6.3; 6.4; 6.5; and 6.6): IoT as become an important part of water management: preventing dumping, alerting in case of hazardous chemicals and materials in the water, and distributing water efficiently; - Goal 7 access to energy (specifically 7.2 and 7.3): for instance sensors and switches that manage energy collection and distribution, detect failures, and increasingly also allow two-way energy streaming and local production; - Goal 8 Economic growth and jobs (specifically 8.2 and 8.3): with modest investments, first steps towards IoT enabled solutions become possible. This does not only allow entrepreneurship and start-ups to take place with minimal resources, it also potentially brings IoT applications to where solutions need to be provided; - Goal 9 Resilient infrastructure and sustainable industry: sustainability comes with feedback loops, and IoT networks are very well suited to provide this feedback, automatically, based on measurements in the system; - Goal 11 Sustainable cities and settlements (specifically 11.4, 11.5, 11.6, 11.7) Networks of monitoring systems and sensors will be able to detect natural disasters building up. Partly, autonomous protection systems can be build in (like closing dams). Monitoring also helps in keeping public spaces safer Cities around the world have started to experiment with IoT applications in many ways, ranging from intelligent waste collection to smart lighting, city bikes on subscription basis to smart traffic management systems and alerts for unhealthy pollution levels; - Goal 12: Sustainable consumption and production (specifically 12.5 and 12.6): feedback loops that become possible thanks to the use of tags and sensors in materials. Maintenance when needed, as indicated by the object that may require maintenance, such as cars, industrial machines, etc.; - Goal 13, 14 and 15 Sustainable environment related: measuring and feedback loops;