Trying to remove cyber security risks from the growing world of connected things is not an easy task. That said, there’s no time like World Consumer Rights Day to give Canada a shout out for its global leadership to champion a safer digital future for all.
Recognizing the need to secure the Internet of Things (IoT), the Internet Society, in partnership with the Ministry of Innovation Science and Economic Development (ISED), the Canadian Internet Registration Authority (CIRA), Canadian Internet Policy and Public Interest Clinic (CIPPIC), and CANARIE, led a voluntary multistakeholder process to develop a broad-reaching policy to ingrain security at the core of innovation in Canada.
Over the past year, we led a series of meetings with business leaders, technical experts, government representatives, civil society, and academia to discuss challenges and recommend the best ways to address them. We gathered feedback through in-person and online attendance. Collectively, these efforts, combined with well-rounded research and documentation, formed the Canadian Multistakeholder Process for Enhancing IoT Security.
Rather than a top-down, government-imposed regulatory model, our multistakeholder approach helped us balance roles and contributions among the group. By working in a way that includes feedback from all participants, we are developing IoT security frameworks that will be more resilient and flexible as technology evolves. IoT security is complex, and this bottom-up, organic process will help us develop a solid yet flexible strategy to address existing and potential challenges and issues. As a result, the approach continues to be fluid in nature, and is being defined and refined through discussion with stakeholders.
As a result of this process, I am pleased to announce the recent release of the multistakeholder group’s draft report on securing the Internet of Things, which is now open for comment.
To tackle the key issues surrounding IoT security, the Canadian Multistakeholder Process formed three sub-groups, including the Network Resiliency Working Group (NRWG), the Device Labelling and Trustmarks Working Group (DLTWG), and the Consumer Education Working Group (CEWG). Each had a different mandate of issues to address and produced preliminary conclusions and recommendations.
Do you have ideas on how to help make sure security is at the heart of our connected future? If so, I invite you to comment on the draft report. We’ll be accepting responses until 11:59:59pm on March 29, 2019.
What’s needed:
A complete comment should include:
- Some level of agreement with the conclusions of the three working groups.
- If you disagree with any of the conclusions, please say why and provide concrete information to support your opinion.
- Any additional resources that this group, and other Canadian stakeholders, should consider.
- Your assessment of what conclusions should be prioritized as the main recommendations.
- Your view of how the overall report should be framed in terms of audience, themes, Canada’s role in the global conversation, or any other suggestions.
- A willingness and/or capacity to contribute to this work going forward.
To submit, please send your comments as a PDF along with the name of the submitting individual or organization to Katie Jordan at [email protected]
The Internet Society would like to thank all individuals and organizations who participated in this process so far. We look forward to continuing this dynamic national conversation on IoT security to help shape a safer connected future for all Canadians.