Cybersecurity ITU Carla Licciardello Policy Analyst Carla licciardelloitu
Cybersecurity @ ITU Carla Licciardello Policy Analyst Carla. licciardello@itu. int www. itu 150. org
Where are we coming from… Specialized agency of the UN for telecommunications and ICTs
Some more info about ITU
What we are talking about ?
Everyone if affected
Committed to Connecting the World The importance of Cybersecurity • Security is about subjectively perceived threats/risks. • From industrial age to information societies - Increasing dependence on the availability of ICTs Number of Internet users growing constantly (now 40% of world’s population) • Statistics and reports show that cyber-threats are on the rise - The likely annual cost to the global economy from Cybercrime is estimated at more than $455 billion (Source: Mc. Afee Report on Economic Impact of Cybercrime, 2013). • Developing countries most at risk as they adopt broader use of ICTs - E. g. Africa leading in Mobile-broadband penetration: almost 20% in 2014 - up from less than 2% in 2010 (Source: ITU ICT Statistics) • Need for building cybersecurity capacity - Protection is crucial for the socio-economic wellbeing of Source: a Symantec 2015 Internet Security Threat Report 6 country in the adoption of new technologies
Committed to Connecting the World Handling Cyber Security – over the years Ministry of Finance Ministry of Foreign Affairs Ministry of Interior Ministry of Telecommunic ations/ICTs Ministry of Telecommunications/ ICTs Ministry of Education Ministry of Health Ministry of Defense … 7
Committed to Connecting the World Multitude of “Global” processes/forums: Sample Snapshot ISO/IEC ITU Study Groups and forums OHCHR forums UN Governmental Group of Experts UNODC forums IAEA forums Internet Governance Forum The London process HRC forums UNESCO forums UNGA Discussions in various committees OASIS Global Forum On Cyber Expertise Wuzhen Summit UN Governmental Group of Experts Annual Garmish Forum World Economic Forum processes East West Institute Annual Summits 8
Committed to Connecting the World WSIS Action Line C 5 : Building confidence and security in the use of ICTs 2003 – 2005 WSIS entrusted ITU as sole facilitator for WSIS Action Line C 5 2007 ITU launched the Global Cybersecurity Agenda (GCA). A framework for international cooperation in cybersecurity 9
Committed to Connecting the World ITU’s Role as a Technical Agency – Building Trust in Networks Neutral Global Convener Technical Assistance / Capacity Building Developing Technical Standards Serving as a Global Knowledge Base 10
Committed to Connecting the World Holistic Approach- Five areas of action Technical/Proce dural Measures Legal Measures - Legal Measures Strategy Adequate and harmonized legal frameworks - Organizational Structures National Cybersecurity Goals and Framework International Cybersecurity Standards Secure Government Infrastructure Global Technical Collaboration Capacity Building - Cybersecurity Skills and Training - Culture of Cybersecurity - Cybersecurity Innovation - Government Coordination National Focal Point National CIRT Public-Private Partnerships International Cooperation - Enhanced collaboration (multistakeholder, Bi/Multi lateral) - Inter-Agency Collaboration 11
Committed to Connecting the World 12
Committed to Connecting the World ITU National CIRT Programme: National CIRTs - first line of cyber-response ITU is working with Member States to facilitate the deployment of capabilities to build capacity at national and regional level, in addition to establishing National Computer Incident Response Teams (CIRTs). • • CIRT assessments conducted by ITU in 65 countries CIRTs currently in operation and established with the support of ITU in 11 countries CIRT projects under execution with ITU in 4 countries 11 cyber drills conducted by ITU with participation of over 100 countries 92 Countries with no CIRTs 13
Committed to Connecting the World ITU Study Groups § A platform for information exchange between ITU Member States and Sector Members (industry, academia etc. ) § ITU-T Study Group 17 : Security Ø Standardization work on cybersecurity; Over 300 standards (ITU-T Recommendations) relevant to security Ø ITU-T Study Groups 5 and 20 Ø Smart Cities & Io. Ts and Security § ITU-D Study Group 2 Ø Question 3/2: Securing information and Communication networks: Best practices for developing a culture of Cybersecurity 14
Child Online Protection (COP) Initiative Children’s use of the internet* • • More than one in three 3 -4 year-olds use the internet 91% of children live in households with internet access A greater proportion of children aged 12 -15 own smartphones than adults Risks and evidence: Cyberbullying, Sexual images/sexting, Grooming and Harmful content and much more… Working together to maximize impact * OECD countries Small group of entities • Building the partnership network 34 Partners … Working together on project-basis • Joining forces to develop and implement an action plan today • Setting the global vision for child online protection • Enhancing synergies to achieve our goals The Child Online Protection (COP) Initiative Tools and Guidelines Capacity Building and Education Laws and Legislations Technology Solutions Awareness and Advocacy
Committed to Connecting the World Building a global multistakeholder partnership Founding Member and Co-initiator of CSIRT Maturity initiative Best practices in cybercrime legislations, joint technical assistance to Member States, information sharing Tap into expertise of globally recognized industry players and accelerate info sharing with ITU Member States Collaboration on Study Group 2 Question 3 and in Cyberdrills Collaboration with ABI Research – The Global Cybersecurity Index (GCI) Capacity building initiatives, joint consultations and more. Collaboration with FIRST – To share best practices on computer incident response, engage in joint events, facilitate affiliation of national CIRTS of Member States Collaboration with Member States – Regional Cybersecurity Centres Joint activities to combat the proliferation of SPAM 8 JUNE 2015 : Mo. U to jointly enhance Cybersecurity capacity in the ECOWAS region 16
Committed to Connecting the World UN-wide cooperation mechanisms UN-wide Framework on Cybersecurity and Cybercrime (2013) Ø Developed by ITU and UNODC together with 33 UN Agencies. Ø Enables enhanced coordination among UN entities in their response to concerns of Member States regarding cybercrime and cybersecurity UN System Internal Coordination Plan on Cybersecurity and Cybercrime (2014) Ø Developed through close coordination of different UN agencies/bodies building on the UN-wide Framework on Cybersecurity and Cybercrime upon request by the UN Secretary-General, Mr. Ban Ki-moon Ø Designed as a guide to improve the internal coordination activities of the UN system organizations on related matters 17
Are we far from this ?
19 www. itu. int/cybersecurity www. itu 150. org Thank You cybersecurity@itu. int itu 150. org
- Slides: 19