WASHINGTON – The U.S. Commerce Department’s Internet Policy Task Force (IPTF) announced today it is seeking public input on potential topics addressing key cybersecurity issues facing the digital economy that could be best addressed by a consensus-based multistakeholder process.
In a request for comment (RFC), the IPTF has asked for input on which topics would be most conducive to discussion by a wide range of stakeholders, including Internet service providers, software developers, security vendors, equipment manufacturers, mobile application developers, cloud and content providers, vulnerability researchers, civil liberties advocates, digital infrastructure owners, digital economy experts, and others. The National Telecommunications and Information Administration (NTIA) helps lead the IPTF along with the National Institute of Standards and Technology (NIST), the U.S. Patent and Trademark Office (USPTO) and the International Trade Administration (ITA).
The initiative will complement other federal initiatives aimed at improving cybersecurity including NIST’s Cybersecurity Framework, the National Cybersecurity Center of Excellence, the National Initiative for Cybersecurity Education (NICE) and the National Strategy for Trusted Identities in Cyberspace (NSTIC).
“While other federal cybersecurity efforts have largely focused on securing critical infrastructure, the initiative being launched today expands outside this orbit in hopes of improving security and user trust in the digital economy while also promoting U.S. innovation,” said Assistant Secretary of Commerce for Communications and Information and NTIA Administrator Lawrence E. Strickling.
Some of the potential topics suggested in the RFC include the vulnerability disclosure process, botnet notice and mitigation, web security, managed security services, measures to combat malware and malvertising, and the Internet of things. Those seeking to provide input will have 60 days to submit comments after the RFC is published in the Federal Register.
The multistakeholder approach can be a nimble, effective way to develop policies related to quickly developing technology. NTIA, which has championed the multistakeholder approach to preserve a free and open Internet and to enhance consumer privacy, will be convening the multistakeholder meetings in collaboration with other IPTF partners. NTIA encourages participation from a broad range of stakeholders throughout the country, and will convene meetings both inside and outside the Washington, D.C. area. The first meeting is expected to take place this summer.
In 2010, the IPTF began reviewing the relationship between cybersecurity and the pace of innovation. It released a “green paper” in 2011 that examined cybersecurity challenges facing those industry sectors that are not considered to be critical infrastructure.