Evolving cyber assurance across societies and supply chains

12 Nov 2015 14:00h - 15:30h

Event report

The panel of senior level experts considered the major drivers, relevant international standards, and requirements for better cyber assurance, including key functions for new Internet Governance.

The panel was moderated by Patrick Curry, The British Business Federation Authority (BBFA), who provided a brief introduction to cyber assurance in supply chains. According to his view supply chains are scaling up because businesses are introducing more and more devices. Curry emphasised the crucial role of federated trust models which were adopted e.g. in the air traffic management.

This introduction was followed by legal baseline insight by Christian Hawellek, Leibniz University Hannover, who reminded the attendees that while the technical part of the Internet is more or less homogenous, the consistent legal framework is still missing.

The panellists Sally Long, The Open Group, and Andrew Purdy, Huawei Technologies, identified existing standards to address some of the areas mentioned above, including The Open Group’s Open Trusted Technology Provider Standard (O-TTPS) which focuses on product integrity and supply chain security. It has been approved as a Publically Available Specification (PAS) by International Organization for Standardization (ISO).

Professor Joseph Cannataci, MAPPING project coordinator and UN Special Rapporteur on the right to privacy, introduced the MAPPING project and its three thematic focus areas of Internet Governance, Privacy and Intellectual Property Rights.

Cannataci outlined the interconnection between the project’s focus areas and assurance in supply chain. He observed that despite the fact that the term “trust” is amongst the most frequently mentioned keywords at the IGF 2015, only a few sessions were looking at technical standards and testing frameworks to create trust.

In the discussion the panellists focused on critical success factors for cyber assurance, such as commitment to security and privacy, product integrity, usefulness of cybercrime conventions and standards recognition by law. Hawellek expressed his view that the legal culture in Europe has been ignorant of the existence of standards.

 

By Radek Bejdak

 

Session Analytics

Session analytics on Digital Watch are produced from computational text-mining and statistical modeling of the IGF session raw transcripts.

 

Figure 1 24

Figure 2 24

Figure 7 17

Figure 3 25

Figure 4 22

Figure 5b 6

Figure 6a1 23

Figure 6c 6

Figure 6d 17

All analytics are produced from DiploFoundation’s Text-Analytical Framework (DTAF).