Session
Roundtable
Duration (minutes): 90
Format description: Cybersecurity is an important topic and this open forum will share and gather information on how to secure an organisation by way of procurement policies. This session combines two formats: a tutorial and a knowledge gathering open discussion. 90 Minutes is necessary to a) share current information, followed by Q&A and b) the sharing of other good practices from a range of stakeholders of which many may not be regular IGF participants and will join online. The (hybrid) roundtable format facilitates an open discussion where all participants are equal. To allow for 30 minutes of scene setting and circa 50 minutes of open debate and sharing of experience and information will lead to a maximum result. Not only in gaining knowledge but also by establishing new networks on the important topics of cybersecurity, procurement and Internet standards deployment.
The session is divided in three main topics: cybersecurity, procurement and sustainability. Cybersecurity is at the top of mind of all organisations. Billions are spent on it. This open forum focuses on important causes of unnecessarily low levels of security and will show you the easiest and cheapest way towards a higher level of ICT security. You will learn how existing security-related Internet standards and ICT best practices can contribute to ensuring a higher level of security and how your organization can use this knowledge to its advantage. This open forum is a) an awareness raising session and b) a knowledge gathering session on current good practice all can learn from.
First a short introduction is given on the test tool internet.nl by the Netherlands Standardisation Forum. Internet.nl is an open source test tool which you can use to check whether your internet is up to date by using modern and reliable Internet Standards. After that, a panel discussion will take place, with organisations who already use internet.nl in their country or are striving to use it.This includes the Dutch experience with ICT procurement and mandating procedures for all levels of Dutch government. Finally, internet.nl announces the kick-off of an international cooperation project all organisations using or striving to use internet.nl can join. Participants from governments, industry, technical community, parliamentarians, consumer protection and civil society are invited to join. The session concludes with a segment about sustainability. We discuss the connections between procurement, security, and sustainability by presenting the Dutch National Coalition for Sustainable Digitalisation as a use case. The internet and its infrastructure are a rapidly growing factor in environmental sustainability as the use of (rare) materials and energy usage result in emissions and usage of clean drinking water. Digitalisation can be both a cause for concern and offer a path forward on complex topics that can be greatly improved or sped up by the advantages of digitalisation. The Dutch National Coalition for Sustainable Digitalisation offers a view on both perspectives, and clearly outlines how the use of sustainable practices in procurement also assists security goals for organisations.
The session ends with a wrap up by the rapporteur and moderator connecting the dots between procurement, security, and sustainability.
As we intend to actively invite individuals and organisations, who are not regular IGF participants, a well-functioning online environment is of the essence. The onsite and online moderator therefore will operate on an equal footing. A successful hybrid format is important to reach the goals this session has. Both online interventions and the chat will be extensively used. Both moderators will prepare the sessions together, allowing for integration of both kinds of participants. We do not intend to use online tools.
🔒Netherlands Standardisation Forum
Annemieke Toersen, Netherlands Standardisation Forum, Western Europe and others
Wout de Natris, DC-IS3C coordinator, Western Europe and others
Dorijn Boogaard, ECP, Western Europe and others
Coen Wesselman, ECP, Western Europe and others
Wout de Natris (moderator), DC-IS3C coordinator, Western Europe and others
Wouter Kobes, Netherlands Standardisation Forum, Western Europe and others
Hannah Boute, Dutch National Coalition for Sustainable Digitalisation, Western Europe and others
Rachel Kuijlenburg, Logius (cohesive ICT infrastructure to public service), Western Europe and others
Panellists
Annemieke Toersen, Netherlands Standardisation Forum, Western Europe and others
Steven Tan, Team Lead Safer Internet Cyber Security Agency of Singapore, Asia
Gilberto Zorello, NIC.BR, Latin America and Caribbean
Daishi Kondo, Osaka Metropolitan University, Asia
Wout de Natris (DC-IS3C coordinator)
Dorijn Boogaard (ECP)
Coen Wesselman (ECP)
9. Industry, Innovation and Infrastructure
12. Responsible Production and Consumption
16. Peace, Justice and Strong Institutions
Targets: ICTs are developed and manufactured by the ICT industry. These forms of innovation must come to the market with the security of all end users in mind. Currently it is at best an afterthought after the first incidences have occurred. Cybersecurity has to lie at the heart of our evermore digitizing world. When governments and larger organisations start to procure ICTs secure by design, based on the principles shared in this workshop, the internet environment as a worldwide critical infrastructure will become far more secure and less prone to incidents and harm (SDG 9). This workshops shows on the one hand the responsibility of industry for a responsible production by delivering ICTs secure by design, so that on the other hand end users can consume their ICTs with less risks for attacks (SDG 12). This will aid economic development because online platforms and services become more secure and safer. It will also provide a more peaceful and inclusive use of the internet and thus assist the goals underneath SDG 16 to flourish.
Report
1. The Netherlands Internet Standards Platform (Internet.nl) announced the kick-off of an international community in 2025 to exchange experiences and plans on promoting modern internet (security) standards and with test tools (based on or similar to Internet.nl).
2. Countries must work together to build a critical mass of demand for modern Internet standards (security) and sustainability requirements to push (often large, international and powerful) digital vendors/suppliers to implement them.
3. To procure better internet and digital services organizations must have sufficient knowledge of and insight into modern internet standards and sustainability requirements.
- Website: https://en.internet.nl
- Dashboard: https://dashboard.internet.nl
- Open source code: https://github.com/internetstandards
- General questions about internet.nl: [email protected]
2. Add sustainability and modern internet standards into requirements to procure better internet and digital services. Connect to the NL Coalition for Sustainable Digitalization, Logius and NL Standardisation Forum for insights.
During this Open Forum we have seen several participants sharing insights on their activities, results and future plans for a open, free, secure and sustainable internet.
Introduction of Internet.nl tool and international community
Wouter Kobes from the Netherlands Standardisation Forum and Internet.nl introduced everyone present to the Internet.nl tooling and reporting. The tooling has the goal to make transparant if modern internet (security) standards are in place, to make organisations aware that these standards have to implemented, and to give implmentation guidance.
Wouter announced the Internet.nl International Community to all present, and made the call to visit Github to use the open source code and join the community by reaching out to [email protected].
Panel on modern internet (security) standards
The session continued with a panel containing Annemieke Toersen from the Netherlands Standardisation Forum, Gilberto Zorello from NIC.br, Steven Tan from CSA Singapore and Daishi Kondo from Osaka Metropolitan University.
Annemieke Toersen shared how the Dutch organization build a critical mass of countries and organizations that has encouraged vendores to adopt modern internet standards (like Microsoft has done with DANE and DNSSEC in 2024).
Gilberto Zorello shared that Brazil has chosen to stimulate standards from a middle to up and down strategy, and that they use internet.nl code on top.nic.br to stimulate adoption. A lot of work is still needed, but Brazil has seen very promising improvement in the adoption of IPV6, DNSSEC, HTTPS and other standards.
Steven Tan presented how CSA Singapore operates and has setup a rating system with its own Internet Hygiene Portal (similar to Internet.nl) as a technical base and a developing list of standards. A clear shift is being observed where internet providers and companies are moving to offering 100% compliant services to clients.
Daishi Kondo presented on the first steps and challenges ahead to use Internet.nl for measurements in Japan.
Procurement and sustainability
Hannah Boute from the Dutch Coalition for Sustainable Digitalization shared how the coalition operates, and why public private cooperation is important to strive for. Looking at digitalization in combination with sustainability means that it needs measurement, actionable insights and categorization. In compliance with legislation the coalition focuses on three defined scopes of emissions. Scope 1: direct emissions from own processes and properties, Scope 2: indirect emissions from procured services and materials, Scope 3: indirect emissions that are outside of controlled environment.
Rachel Kuijlenburg gave an insight into the relation between procurement, sustainability, security at Logius, the digital government service of the Netherlands Ministry of the Interior and Kingdom Relations (BZK). Rachel showed the developing policy frameworks that assist procurement professionals to utilise sustainability requirements in their processes. Logius focuses on energy efficiency, emissions free, CO2-neutral and circular digital government.
Questions from the audience
Person from Liberia present in Riyadh:
Ø What can we in Liberia do to use internet.nl on our own domain with national TLD? How can we make sure other countries can do the same?
Answer by Wouter Kobes:
- You can reuse the internet.nl code, and build your own testing tool.
- You can use the internet.nl website, and get direct results to report
- Connect with the international community and ask for assistance
Added by Steven Tan:
- CSA Singapore has build a developing list of standards, and started reporting on it. He advised to start building a developing international list of internet standards, and testing for them would be very helpful.
Person from the USA present in Riyadh:
Ø Are there any use-cases from organisations from the US that have used internet.nl code?
Answered by Wouter Kobes:
- Not to my knowledge.
Added by Coen Wesselman:
- During the Obama Presidency the people responsible for government websites have made these 100% compliant on internet.nl, and tested these regularly. See: https://en.internet.nl/site/whitehouse.gov/3082081/
Question asked by person in the chat:
Ø What is the focus of the international community announced today?
Answered by Wout de Natris:
- The community brings together the organisations and governments outside of the Netherlands using internet.nl (and similar tools) in ways that fit their needs best. The goal is to share knowledge, improve the services, build a critical mass, and collectively look at the path forward.