Multistakeholder Approaches to Cybersecurity Awareness

3 September 2014 - A Workshop on Other in Istanbul, Turkey

Brief substantive summary of the workshop and presentation of the main issues that were raised during the discussions

The session was designed to be a highly interactive discussion among not only the discussants but also audience members. We were able to achieve this by limiting presentations and directly engaging the audience resulting in over 20 people speaking and sharing their experience with implementing multistakeholder approaches to Cyber Security Efforts.

Daria Catalui kicked off the session with an overview of the approach taken by the European Network Information Security Agency. Two key take away from her presentation were 1) To get the message out about cyber awareness you need to make your materials available for any organization to use in their own efforts. 2) Using “multipliers” – groups who have networks of networks can help you reach a very broad and diverse audience in an efficient manner. Jacqueline Beauchere shared Microsoft’s successful experience with collaborative public – private partnerships. She also stressed the importance of having a single actionable message such as “Stop. Think. Connect”. Other discussants shared their experiences based upon their unique background and perspectives – Jayantha Fernando spoke about the role of Governments, Subi Chaturvedi shared her experience in rolling out a Stop. Think. Connect. campaign in India; Adli Wahid shared the perspective from CERTs ; and Yurie Ito shared a similar CERT perspective but with a focus on Internet Healthiness.

A wide ranging discussion followed with representatives from various governments, civil society organizations and private sector, participants sharing their insights and asking for more information on how to possibly kick start a similar effort in their region. After the session, there was significant networking and exchanging of contact information for follow on activity.

Conclusions drawn from the workshop and possible follow up actions

When implementing a public-private partnership approach to cybersecurity, there are a few elements you should consider:

1) While having a centralized resource database of materials can be helpful, there needs to be the opportunity for localization of the materials. This not only helps address cultural issues but also technological issues (e.g. primary web access via mobile as opposed to traditional fixed internet).

2) It helps if organizations can leave their differences at the door. There can sometimes be tension between the various parties in the multistakeholder model in approaching these issues. In order to be successful, these differences need to be suppressed and focus needs to be place on the objective. This also helps build trust between participants. An “honest broker” can drive cooperation and build strategies between partners with potentially competing agents and interests.

3) The use of “multipliers” is a key element to success. This helps rapidly spread the message in a very efficient manner.

4) There has to be a shared responsibility between various parts of the multistakeholder community that will drive ownership of the single actionable message.

Estimation of the overall number of participants present at the workshop

80

Estimation of the overall number of women present at the workshop

about half of the participants were women

Extent to that the workshop discuss gender equality and/or women’s empowerment

it was not seen as related to the workshop’s theme and was not raised

A brief summary of the discussions in case that the workshop addressed issues related to gender equality and/or women’s empowerment

N/A

Reported by

Tiffany Barrett