[Privsec] Cybersecurity conference in June [ RESENDING]

[Ralf Bendrath]

Hi all,

Robert Guerra schrieb:
> As you can see (way below) i've been exchanging a few emails with 
> Richard Shaw at the ITU who's the person organizing the Cybersecurity 
> conference this may.
Very good news, Robert. Thanks for this!!!

> There is interest to participate and form part of the planning group -
>  this is good. In terms of next steps ,  i'd like to ask the chairs and
>  WG for instructions as to how to proceed next.
I hope the whole group has an interst in following up on this, not just
the chairs. ;-)

> I.  It seems an offer has been extended for a member of civil society 
> to form part of the conference planning/coordinating committee.
> recommendation: WE Need to  come up with a name and an alternate for 
> this
Any volunteers?
Would be good if this person can also go to the meeting in Geneva
his/herself. I probably can't be there due to other duties in my
university job.
What is more important: The person we send there has to make sure this
whole group is informed and involved all the time. So it should be a
liaison function, not a representation function.

> II. As we've known all along, they are open to have civil society 
> speakers there. We are being asked to propose specific names for one or
>  more of the broad themes of the meeting.
I'd like to be able to also add topics to the meeting, like "privacy
aspects of cybersecurity measures" and so on.

> recommendation: a. we  need to come up with 2-3 names for each of the
> themes (listed below) ASAP
Can we try to have preliminary a list of speakers suggestions until the
end of this week?

> b. check to see who's available (so far Bruce and Gus have confirmed 
> they are are free)
That should be done by the end of next week then.

> c. submit the names to Richard Shaw.
I can send an official mail as coordinator of the PSWG to Robert Shaw now,
in which I express our interest, and inform him about our procedures. But 
it would be good to have a liaison person ready for this contact. Again: 
Any volunteers?

Robert, did you hear anything about travel funding?

On the themes:

> 1. information sharing of national approaches

> 2. good practices and guidelines;
This could be someone from the CERTs or from FIRST, I guess. Any names?

> 3. developing watch, warning and incident response capabilities; 
David Crochemore?

> 4. harmonizing national legal approaches and international legal 
> coordination; 
Gus? This is really something for people from the recently founded "policy
laundering" project. :-)

> 5. technical standards;
Anybody familiar with ISO or other standards on security?
Or: We could send somebody who is questioning the technical / standards
approach.  I know EPIC did some work on P3P and other "privacy" standards,
and also we know the critique of TCPA and the likes, but what about other
security standards? Do they talk about TCPA or professional educational
standards like CISSP?

> 6. privacy, data and consumer protection; a. b. c. Interest expressed:
Ok, here we go. Can we get a high-level speaker from PI or EPIC here?
Simon Davies or Marc Rotenberg as the bosses? Your thoughts?

> 7. providing assistance to developing economies.
Here, our new Kuwaiti members could maybe talk about their experiences and
needs. Qusai and Abdullateef, what do you think?

Another approach would be to add a grassroots dimension here and let
Robert present Privaterra's work on the ground in developing countries.

Also: Deborah Hurley has told me that the Tunisian cyber security agency
is interested in foreign assistance to set up a CERT. Are there any best
practices we are aware of? Or general criteria we as civil society would
have here? (I think of Human Rights aspects now. Rikke?)

What about Bruce Schneier? We should suggest him for an opening keynote 
speech, shouldn't we?

Ok, my quick thoughts on this.

Please send your ideas ASAP!

Best, Ralf