Click here to load reader

ITU Cybersecurity Capabilities

  • View

  • Download

Embed Size (px)

Text of ITU Cybersecurity Capabilities

1. Building Cybersecurity Capacity Tomas Lamanauskas Head, Corporate Strategy Division 25 March 2015 2. Committed to Connecting the World 2 The importance of Cybersecurity From industrial age to information societies - Increasing dependence on the availability of ICTs - Number of Internet users growing constantly (now 40% of worlds population) Statistics and reports show that cyber-threats are on the rise - The likely annual cost to the global economy from Cybercrime is estimated at more than $455 billion (Source: McAfee Report on Economic Impact of Cybercrime, 2013). Developing countries most at risk as they adopt broader use of ICTs - E.g. Africa leading in Mobile-broadband penetration: almost 20% in 2014- up from less than 2% in 2010 (Source: ITU ICT Statistics) 3. Committed to Connecting the World 3 Need for building cybersecurity capacity 4. Committed to Connecting the World 4 5. Committed to Connecting the World Coordinated Response Need for a multilevel response to the cybersecurity challenges International Cooperation frameworks and exchange of information Harmonization of legislation and best practices at regional level National strategies and policies National response capabilities Country level capacity building and training International Regional National 5 6. Committed to Connecting the World New Generation Cybersecuri- ty Policy National Priority A holistic approach Enhanced Coordina- tion Public- Private Coopera- tion Internatio- nal Coopera- tion Funda- mental Values Source: OECD 6 7. Committed to Connecting the World Emerging Policy Trends Multistake- holder Dialogue Economic Aspects Flexible Approach Sovereignty Considera- tions Source: OECD 7 8. Committed to Connecting the World 8 ITU and Cybersecurity 9. Committed to Connecting the World 9 150 years of experience in ICTs 150th Anniversary celebrated in May 2015 ITU is based in Geneva, Switzerland 193 Member States and 700 Sector Members (including Industry and Civil Society), Academia and Associates Organized in three Sectors: Radiocommunication (ITU-R) Standardization (ITU-T) Development (ITU-D) 10. Committed to Connecting the World ITU and Cybersecurity 2003 2005 WSIS entrusted ITU as sole facilitator for WSIS Action Line C5 Building Confidence and Security in the use of ICTs 2007 ITU Secretary-General launched the Global Cybersecurity Agenda (GCA). A framework for international cooperation in cybersecurity 2008 - 2010 ITU Membership endorsed the GCA as the ITU-wide strategy on international cooperation. In 2008 the Child Online Protection Initiative was launched, as an international and multistakeholder collaborative framework fostering the protection of children online 10 11. Committed to Connecting the World National Strategies Multistakeholder National Collaboration CIRTs Information & best practice sharing Public-Private Partnerships Measuring capabilities Elaborating Standards Protecting vulnerable groups Regional & International Cooperation 11 Source: 10-Year WSIS Action Line C5 Report (2014) 12. Committed to Connecting the World 12 National Strategies Developing comprehensive and efficient National Cybersecurity Strategies is fundamental for building a secure ICT ecosystem. ITU together with its partners helps countries organize Child Online Protection Strategy Framework workshops to assist national stakeholders in planning and deploying an effective and practical approach to COP at a national level. 13. Committed to Connecting the World 13 14. Committed to Connecting the World 14 Cybersecurity Strategy Model 15. Committed to Connecting the World 15 101 National CIRTs Worldwide National CIRTs for enhancing global resilience Need to fill the gaps 16. Committed to Connecting the World 16 National CIRT Programme Assess existing capability of/need for national cybersecurity mechanisms On-site assessment through meetings, training, interview sessions and site visits Form recommendations for plan of action (institutional, organizational and technical requirements) Implement based on the identified needs and organizational structures of the country Assist with planning, implementation, and operation of the CIRT. Continued collaboration with the newly established CIRT for additional support Capacity Building and trainings on the operational and technical details Exercises organized at both regional and international levels Help enhance the communication and response capabilities of the participating CIRTs Improve overall cybersecurity readiness in the region Provide opportunities for public-private cooperation 17. Committed to Connecting the World 17 ITUs National CIRT Programme Assessments conducted for 61 countries Implementation completed for 9 countries Cyprus, Burkina Faso, Cte d'Ivoire, Ghana, Kenya, Montenegro, Tanzania, Uganda, Zambia Implementation in progress for 6 countries Barbados, Burundi, Gambia, Jamaica, Lebanon, Trinidad and Tobago 9 cyber drills conducted with participation of over 90 countries Organized in Myanmar, Jordan, Bulgaria, Uruguay, Oman, Lao P.D.R., Turkey, Peru, Zambia 18. Committed to Connecting the World Objective The Global Cybersecurity Index (GCI) measures and ranks each nation states level of cybersecurity development in five main areas: Legal Measures Technical Measures Organizational Measures Capacity Building National and International Cooperation Goals - Promote cyberesecurity strategies at a national level - Drive implementation efforts across industries and sectors - Integrate security into the core of technological progress - Foster a global culture of cybersecurity 18 Final Global and Regional Results 2014 are on ITU Website Next iteration in progress 19. Committed to Connecting the World 19 Cyberwellness Country Profiles Factual information on cybersecurity achievements on each country based on the GCA pillars 194 profiles to date Live documents e.g. 20. Committed to Connecting the World 20 Enhancing Cybersecurity in Least Developed Countries project Aims at supporting the 49 Least Developed Countries in strengthening their cybersecurity capabilities. How Assessment for selected key government ministries & subsequent solutions provision Capacity building through training of trainers, workshops,.. Customised guidelines on legislation, regulation and technologies End Result protection of their national infrastructure, including the critical information infrastructure, thereby making the Internet safer and protecting Internet users serve national priorities and maximize socio-economic benefits in line with the objectives of the World Summit on the Information Society (WSIS) and the Millennium Development Goals (MDGs). We are only as secure as our weakest link Implemented in 4 countries Different stages of planning/implementation in 15 more 21. Committed to Connecting the World Child Online Protection Initiative Key Objectives: Identify risks and vulnerabilities to children in cyberspace Create awareness Develop practical tools to help minimize risk Share knowledge and experience Partners: - 10 international organizations - 34 civil society organizations - 13 private sector organizations 21 22. Committed to Connecting the World 22 Key COP Activities Elaboration of COP Guidelines for parents, children, policy makers and industry New! Updated version of the COP Guidelines for Industry with the contribution of several partners (UNICEF, GSMA, Sony, Facebook, The Walt Disney Company and EBU) COP National Strategy Framework ITU together with its partners helps countries organize Child Online Protection Strategy Framework workshops to assist national stakeholders in planning and deploying an effective and practical approach to COP at a national level. Child Online Protection Challenge Educating children by presenting an interactive platform where children, parents and educators can engage in fun activities to learn more about the risks that the children face on the Internet and how these risks can be averted. Council Working Group on Child Online Protection (CWG-COP) Multi-stakeholder open platform, where 193 Member States and other stakeholders exchange views and promote work on the subject matter 23. Committed to Connecting the World Economic Impact of Standardization Adds 0.3% - 1% to the GDP Source: European Commission ITU-T Study Group 17 Security Over 300 standards (ITU-T Recommendations) relevant to security Key areas of current work: Cybersecurity Child Online Protection Security architectures and frameworks Countering spam Identity management Security of applications and services for the Internet of Things, web services, social networks, cloud computing and Big Data Standardization 23 24. Committed to Connecting the World World Conference on International Telecommunications (WCIT-12) WCIT-12 set the ground for international cooperation on certain cybersecurity- related matters Article 6, ITRs: Security and robustness of networks Article 7, ITRs: Unsolicited bulk electronic communications 24 25. Committed to Connecting the World 25 New edition 2014: ITU Publication on UNDERSTANDING CYBERCRIME: Phenomena, Challenges and Legal Response The Guide serves to help developing countries better understand the implications related to the growing cyber-threats and assist in the assessment of the current legal framework and in the establishment of a sound legal foundation. Publications COMBATTING CYBERCRIME: TOOLS AND CAPACITY BUILDING FOR EMERGING ECONOMIES Joint project among several partners under the coordination of the World Bank to build capacity in developing countries in the policy, legal and criminal justice aspects of the combat against cybercrime 26. Committed to Connecting the World 26 Capacity building initiatives, joint consultations and more. Best practices in cybercrime legislations, joint technical a

Search related