Cyber Security @ ITU. By Tomas Lamanauskas, ITU

Similar documents
Council 2014 Geneva, 6-15 May 2014

ITU. Carla Licciardello Policy Analyst Carla.licciardello@itu.int.

Regional Seminar on Cyber Preparedness ITU s work in Cybersecurity and Global Cybersecurity Index (GCI)

Cybersecurity: Taking Stock and Looking Ahead

ITU GLOBAL CYBERSECURITY AGENDA AND CHILD ONLINE PROTECTION. International Telecommunication Union

Cybersecurity for ALL

The global challenge

Overview of ITU Cybersecurity Activities

As global mobile internet penetration increases the cybercrime and cyberterrorism vector is extended

International Training Program 2011 ITU Global Cybersecurity Agenda

NGN Migration Strategies and Access Modernization. 26 May 2011 Dhaka

Expert Meeting on CYBERLAWS AND REGULATIONS FOR ENHANCING E-COMMERCE: INCLUDING CASE STUDIES AND LESSONS LEARNED March 2015

ALL ALL. rsecurity. Cybersec. for ITU s Work for a Safer World. International Telecommunication Union

Developing and Enhancing Cyber Security Capabilities in the Region. Khaled Gamo Technology Advisor Ministry of communication and informatics

Harmonizing cyberlaws and regulations: the experience of the East African Community CTO Cybersecurity Forum April 2013 Yaoundé, Cameroon

Cybersecurity Global status update. Dr. Hamadoun I. Touré Secretary-General, ITU

Global Cybersecurity Agenda (GCA) A framework for international cooperation

Cyber Stability 2015 Geneva, 09 July African Union Perspectives on Cybersecurity and Cybercrime Issues.

Cybersecurity Initiatives

Breakout Session B: Cyber Security and Cybercrime Trends in Africa

2. Cyber legislation harmonization process in Central Africa

ITU National Cybersecurity/CIIP Self-Assessment Tool

Cybersecurity Governance

Kenya s Presentation to CAFRAD Conference of ICT Security and Defence Experts Tangier, Morocco, June 2014

African Internet Governance Forum (AfIGF) Girma Dessalegn - AfIGF Secretariat

Critical Information Infrastructure Protection A perspective & Reality from the Commonwealth

Commonwealth Approach to Cybergovernance and Cybersecurity. By the Commonwealth Telecommunications Organisation

PROPOSAL 20. Resolution 130 of Marrakesh on the role of ITU in information and communication network security

Harmonising Cyber Security Across the Caribbean: CTU Initiatives & Activities

CYBERSECURITY INDEX OF INDICES

Cyber security Country Experience: Establishment of Information Security Projects.

The Geneva Protocol on Cybersecurity and Cybercrime

ITU Global Cybersecurity Agenda (GCA)

INTERNATIONAL TELECOMMUNICATION UNION

Declaration of Principles of the World Summit. Tunis in 2005 adopted by Heads of States and Governments stated that:

Executive Director Centre for Cyber Victim Counselling /

ITU Regional Cybersecurity Forum 2008 Lusaka, Zambia

Day 3-24 April Day 2-23 April 2013

Cybersecurity in the Commonwealth: Setting the Stage

ITU Cybersecurity Work Programme to Assist Developing Countries

National Cyber Security Strategy of Afghanistan (NCSA)

Multilateral Legal Responses to Cyber Security in Africa: Any Hope for Effective International Cooperation?

REPUBLIC OF GHANA MINISTRY OF COMMUNICATIONS. Ghana National Cyber Security Policy & Strategy

USTTI UNITED STATES TELECOMMUNICATIONS TRAINING INSTITUTE. Global Growth through Communications Sharing

National Cybersecurity Management System: Framework, Maturity Model and Implementation Guide

Building National and Regional Cybersecurity Competences through the UbuntuNet Alliance NRENS

The Role of AFREXIMBANK in Promoting Factoring in Africa

CYBER SECURITY LEGISLATION AND POLICY INITIATIVES - UGANDA CASE

UNDERSTANDING THE CONCEPT OF CYBER SECURITY

How To Write An Article On The European Cyberspace Policy And Security Strategy

What legal aspects are needed to address specific ICT related issues?

2013 ITU survey on measures taken to raise awareness on cybersecurity

(BDT) BDT/POL/CYB/Circular

Michael Yakushev PIR-Center, Moscow (Russia)

Expert Meeting on CYBERLAWS AND REGULATIONS FOR ENHANCING E-COMMERCE: INCLUDING CASE STUDIES AND LESSONS LEARNED March 2015

STRENGTHENING MARITIME SECURITY IN WEST AND CENTRAL AFRICA

Internet Society (ISOC)

Mobile Money Services: legal and regulatory challenges The experience of the East African Community

Making our Cyber Space Safe

Promoting a cyber security culture and demand compliance with minimum security standards;

National Cyber Security Policy -2013

Third Parliamentary Forum on Shaping the Information Society

ITU NATIONAL CYBERSECURITY STRATEGY GUIDE

How To Understand And Understand The European Priorities In Information Security

Objectives, Achievements, Challenges and Opportunities

Promoting Cyber security in Africa.

Corporate Overview Creating Business Advantage

INFORMATION ECONOMY REPORT 2015: Unlocking The E-commerce Potential For Developing Countries

REPORT OF THE CHAIRMAN OF HLEG. To ITU Secretary-General, Dr. Hamadoun I. Touré. Chief Judge Stein Schjølberg,

Africa Cyber Security Market by Solution, by Service, by Verticals, by Country - Global forecast to 2020

Fourth Parliamentary Forum on Shaping the Information Society The Triple Challenge of Cyber-Security: Information, Citizens and Infrastructure

ECOWAS COUNTER-TERRORISM STRATEGY AND IMPLEMENTATION PLAN Draft Dr Deo Barakamfitiye

SRO-EA s Cyber security Initiatives in Eastern Africa

REPUBLIC OF GHANA MINISTRY OF COMMUNICATIONS. Ghana National Cyber Security Policy & Strategy

Cyber Security Strategy of Georgia

Cloud Security Standards. Aziza Al Rashdi Director, Cyber Security Professional Services Oman National CERT Information Technology Authority

G-77/HLCST/2002/4 Status of Cooperation among Developing Countries in Information and Communication Technologies (ICTs)

Annex 2 to Resolution 71 Working Document of PROPOSED DRAFT STRATEGIC PLAN FOR THE UNION FOR

VALLETTA DECLARATION ON THE INTERNATIONAL INSTITUTE FOR JUSTICE AND THE RULE OF LAW FOUNDATION

FINANCIAL INCLUSION OF YOUTH

(Intercontinental CityStars Hotel, Cairo, Egypt, May 9 11, 2016)

A Global Protocol on Cybersecurity and Cybercrime

The internet and digital technologies play an integral part

Cyber security Indian perspective & Collaboration With EU

Towards defining priorities for cybersecurity research in Horizon 2020's work programme Contributions from the Working Group on Secure ICT

ASEAN s Cooperation on Cybersecurity and against Cybercrime

Information Communication Technology (ICT) and the Environment

National Cyber Security Strategy

ITU -D. on Current and Future Needs and Priorities in a Converged, Competitive Telecommunication/ ICT Environment

A COMPREHENSIVE INTER-AMERICAN CYBERSECURITY STRATEGY: A MULTIDIMENSIONAL AND MULTIDISCIPLINARY APPROACH TO CREATING A CULTURE OF CYBERSECURITY

DECLARATION STRENGTHENING CYBER-SECURITY IN THE AMERICAS

IMPLICATIONS OF OVERLAPPING MEMBERSHIP ON THE EXPECTED GAINS FROM ACCELERATED PROGRAM FOR ECONOMIC INTEGRATION (APEI)

How the World Conference on International Telecommunications (WCIT) Impacts VoIP

Microsoft s cybersecurity commitment

Cyber Security ( Lao PDR )

OAS CYBER SECURITY INITIATIVE. Global Forum on Cyber Expertise (GFCE)

Policy Brief. Tackling the challenges of cybersecurity in Africa. 1. Introduction

Theme II: CREATING, PROMOTING AND SUSTAINING AN INNOVATIVE ENVIRONMENT: Funding, Tax and Other Incentives for Promoting Innovation

Public Policy Meeting, Legal Issues on Cyber Security in Africa Dakar, Senegal November 2009

HIPCAR. Electronic Transactions: Model Policy Guidelines & Legislative Texts

Transcription:

Cyber Security @ ITU By Tomas Lamanauskas, ITU

ITU Overview Founded in 1865 UN Specialized Agency for ICTs HQs in Switzerland 4 Regional Offices & 7 Area Offices 193 Member States; 750 Sector Members and Associates 66 Academia Members ITU-D Promoting the availability and application of ICTs for socio-economic development. ITU-T Developing international ICT standards ITU-R Managing the international radio-frequency spectrum and satellite orbit resources

CYBERSECURITY: A GLOBAL ISSUE Global losses due to cybercrime 500 billion USD annually (Source: McAfee, CSIS) Hundreds of millions of people directly affected every year 500 USD: Corporate email hacking service (per mailbox) 0,15-25 USD: Weekly/ Monthly antimalware evasion service Crimeware 3-150 USD: SMS spamming services per 100-10,000 messages Cybercriminals becoming more skilled both at penetrating organizations and at avoiding detection 130 USD: Facebook and Twitter hacking service as a service 5 USD: Fullz (full personal info sheet) Cybercrime tools and services available to anyone at low rates 97 USD: Hacking tools for Gmail and other email accounts Source: Trend Micro Ltd.

ITU & CYBERSECURITY 2005 WSIS named ITU as sole facilitator for WSIS Action Line C5: Building Confidence and Security in the use of ICTs 2007 ITU Secretary-General launched the Global Cybersecurity Agenda (GCA): A framework for international cooperation in cybersecurity

GLOBAL CYBERSECURITY AGENDA

147 PARTICIPATING MEMBERS 5+ CIRT IMPLEMENTATIONS 55+ CYBER DRILL PARTICIPATING COUNTIES 50+ CYBERSECURITY ASSESSMENT 2000+ CYBERSECURITY PRACTITIONERS TRAINED 300+ CERTIFIED PROFESSIONALS Source: IMPACT

REGIONAL AND SPECIAL SUPPORT ITU-IMPACT Arab Regional Cyber Security and Innovation Centre hosted by Oman CERT covering some 22 Arab countries Memorandum of Understanding (MoU) with the Nigerian Communication Commission to set up a Regional Cybersecurity Centre in Nigeria (July 2013) ITU project for Enhancing Cybersecurity in Least Developed Countries (LDCs) following 3 main pillars: Policy-level assistance Capacity building efforts Equipment and software distribution

HIPSSA PROJECT Harmonization of the ICT Policies in Sub-Saharan Africa Sub-regional programs: 1) East Africa 2) Central Africa 3) Southern Africa 4) West Africa Regional Outcomes on Cybersecurity ECOWAS cybersecurity guidelines ECCAS Model Law / CEMAC Directives on Cybersecurity SADC model law on data protection/ e- transactions/cybercrime In-Country Technical Assistance

HIPCAR PROJECT In collaboration with: Caribbean Community (CARICOM) Secretariat Caribbean Telecommunication union (CTU) Key Achievements - Regional Model Policies and Regulations ICT legislative framework covering information society issues: e.g. Model Policy Guidelines & Legislation texts on cybercrime and cybersecurity, privacy and data protection etc. Telecommunication Acts In-Country Technical Assistance

ICB4PAC PROJECT Pacific Region Key Achievements Regional Knowledge-based Reports (e.g. on Cybercrime) In-Country Technical Assistance

Global Cybersecurity Index Objective The Global Cybersecurity Index (GCI) aims to measure and rank each nation state s level of cybersecurity development in five main areas: Legal Measures Technical Measures Organizational Measures Capacity Building National and International Cooperation Goals Promote cyberesecurity strategies at a national level Drive implementation efforts across industries and sectors Integrate security into the core of technological progress Foster a global culture of cybersecurity Expected delivery of the full index - Q4 2014

Results: Arab States Global Cybersecurity Index A total of 22 countries were analyzed in the regional index for the Arab States Rank Country Index 1 st Oman 0.765 2 nd Morocco 0.559 3 rd Egypt & Tunisia 0.500 Source:

Child Online Protection Initiative ITU launched the Child Online Protection (COP) Initiative in 2008 within the GCA framework aimed at bringing together partners from all sectors of the global community to ensure a safe and secure online experience for children everywhere. Key Objectives of COP (COP) Identify risks and vulnerabilities to children in cyberspace Create awareness of the risks and issues through multiple channels Develop practical tools to help governments, organizations and educators minimize risk Share knowledge and experience while facilitating international strategic partnership to define and implement concrete initiatives 13

COP Guidelines Developed in cooperation with COP partners, is the first set of guidelines addressing different stakeholders. Available in the six UN languages ITU-UNICEF Consultation open until 20 December 2013: http://www.businesshumanrights.org/documents/itu-unicef-ict-guidelines-consultation

ITU-T Study Group 17 - Security Coordinates security-related work across all ITU-T Study Groups Over 70 standards (ITU-T Recommendations) focusing on security Deals with a broad range of standardization issues Key areas of current work Cybersecurity Child Online Protection Security architectures and frameworks Countering spam Identity management Security of applications and services for the Internet of Things, web services, social networks, cloud computing and Big Data

WORLD CONFERENCE ON INTERNATIONAL TELECOMMUNICATIONS (WCIT- 12) WCIT-12 set the ground for international cooperation on cybersecurity matters Article 6, ITRs: Security and robustness of networks Article 7, ITRs: Unsolicited bulk electronic communications

Collaborations UNODC ITU and the United Nations Office on Drugs and Crime (UNODC) working together under an MoU, since May 2011, in assisting Member States to mitigate the risks posed by cybercrime. Seoul (2011) Coorganized Asia-Pacific Regional Workshop on Fighting Cybercrime Panama, Kenya (2012): Worked together to revise cybersecurity policies and strategies as well as assessing capacity building needs INTERPOL Cooperation agreement with IMPACT signed in November 2012. Exchange of information and expertise, as well as enhancement of both organizations knowledge base in the field of cybersecurity. Working together in performing cybersecurity assessments

Collaborations CTO ITU partnership with the Commonwealth Telecommunication Organization (CTO) to facilitate the establishment of COP National Frameworks for 6 countries - Nigeria, Ghana, Sierra Leone, Gambia, Mauritius and Cameroon AFRICAN UNION ITU has contributed to the draft of the African Union Convention on Cybersecurity

Collaborations WORLD BANK Working with ITU under an MoU. ITU-World Bank: Assisting Bhutan in the implementation of a Computer Incidence Response Team (CIRT) in Bhutan. ITU-World Bank- World Economic Forum-Interpol: Worked closely for the support of the conference Global Cybersecurity Cooperation: Challenges and Visions in Azerbaijan (Baku, 2-3 December 2013) PRIVATE SECTOR Partnerships with the private sector (including ITU Sector Members): Symantec, Kaspersky Labs, (ISC)², ABI Research, Trend Micro etc.

UN-Wide Framework on Cybersecurity & Cybercrime Developed by ITU and UNODC along with 33 UN Agencies Focuses on the external efforts of UN entities concerning Member States Endorsed by the United Nations System Chief Executives Board for Coordination (CEB) at its Second Regular Session meeting on 25 November 2013

UN-Wide Framework on Cybersecurity & Cybercrime Purpose Enhanced UN agency coordination More efficient and effective response mechanisms Specialized policy development based on a set of principles

Basic Principles Principle 1: Deal with Cyber incidents in a holistic manner taking into account the various facets, including the technical and international cooperation aspects Principle 2: Respond to needs within the agencies respective mandates and collaborate/complement as necessary Principle 3: Respect the principles of the rule of law and human rights Principle 4: Focus on assisting Member States to take evidencebased action

Basic Principles Principle 5: Foster a whole-of-government response Principle 6: Aim to strengthen relevant formal and informal mechanisms for international cooperation Principle 7: Strengthen cooperation between government institutions and private sector enterprises

Coordinated Response Need for a multilevel response to the cybersecurity challenges International Cooperation frameworks Exchange of information and knowledge Regional Harmonization of legislation and best practices Pooling of resources National Strategies, policies, legislative and regulatory frameworks Response capabilities Country level capacity building and training

Potential for Collaboration Awareness Frameworks Standards Capacity Building and Knowledge Sharing

THANK YOU Tomas Lamanauskas Head, Corporate Strategy Division (CSD) Strategic Planning and Membership Department (SPM) e-mail : Tomas.Lamanauskas@itu.int

2024 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information