Internet Governance Forum - PowerPoint PPT Presentation

About This Presentation
Title:

Internet Governance Forum

Description:

These trends are increasingly true in many emerging and ... interrelations for a telecommunication network security system Information security ... – PowerPoint PPT presentation

Number of Views:272
Avg rating:3.0/5.0
Slides: 51
Provided by: pyx78
Category:

less

Transcript and Presenter's Notes

Title: Internet Governance Forum


1
  • Forum on Next Generation Network Standardization
  • Colombo, Sri Lanka, 7-10 April 2009

ITU Global Cybesercurity Agenda and ITU-T SG17
activities on Cybersecurity

Paolo Rosa Head, Workshops and Promotion
Division Telecommunication Standardization
Bureau
2
ITU Cybersecurity activities
WSIS Action Line C.5Building Confidence and
security in the use of ICTs http//www.itu.int/wsi
s/c5/index.html
ITU Global Cybersecurity AgendaFramework for
international cooperation in Cybersecurity
ITU Cybersecurity GatewayInformation resource
on Cybersecurity
3
Strategic direction
Cybersecurity one of the top priorities of the
ITU
  • WSIS Action Line C5, Building confidence and
    security in use of ICTs
  • A fundamental role of ITU, following the World
    Summit on the Information Society (WSIS) and the
    2006 ITU Plenipotentiary Conference is to build
    confidence and security in the use of ICTs.
  • At the WSIS, world leaders and governments
    designated ITU to facilitate the implementation
    of WSIS Action Line C5, Building confidence and
    security in the use of ICTs.
  • In this capacity, ITU is seeking consensus on a
    framework for international cooperation in
    cybersecurity to reach a common understanding of
    cybersecurity threats among countries at all
    stages of economic development.

4
Strategic direction II
  • Plenipotentiary Resolution 130 (2006),
    Strengthening the role of ITU in building
    confidence and security in the use of information
    and communication technologies Instructs
    Director of TSB to intensify work in study
    groups, address threats vulnerabilities,
    collaborate, and share information
  • Plenipotentiary Resolution 149 (2006), Study of
    definitions and terminology relating to building
    confidence and security in the use of information
    and communication technologies - Instructs
    Council to study terminology

5
Strategic Direction III
  • WTSA-08 Resolution 50, Cybersecurity Instructs
    Director of TSB to develop a plan to undertake
    evaluations of ITU-T existing and evolving
    Recommendations, and especially signalling and
    communications protocol Recommendations with
    respect to their robustness of design and
    potential for exploitation by malicious parties
    to interfere destructively with their deployment
  • WTSA-08 Resolution 52, Countering and combating
    spam Instructs relevant study groups to
    develop, as a matter of urgency, technical
    Recommendations, including required definitions,
    on countering spam
  • WTSA-08 Resolution 58, Encourage the creation of
    national Computer Incident Response Teams,
    particularly for developing countries instructs
    the Director of TSB, in collaboration with the
    Director of BDT to identify best practices to
    establish CIRTs to identify where CIRTs are
    needed to collaborate with international experts
    and bodies to establish national CIRTs to
    provide support, as appropriate, within existing
    budgetary resources to facilitate collaboration
    between national CIRTs, such as capacity building
    and exchange of information, within an
    appropriate framework

6
Cybersecurity Cyberspace
7
Draft new ITU-T Rec.X1205Overview of
Cybersecurity
  • Cybersecurity collection of tools, policies,
    guidelines, risk management approaches, actions,
    training, best practices, assurance and
    technologies that can be used to protect the
    cyberspace against relevant security risks such
    as unauthorized access, modification, theft,
    disruption, or other threats
  • Cyberspace the cyber environment including
    software, connected computing devices, computing
    users, applications/services, communications
    systems, multimedia communication, and the
    totality of transmitted and/or stored information
    connected directly or indirectly to the Internet.
    It includes hosting infrastructures and isolated
    devices

8
Changing nature of cyberspace
Source Presentation materials at ITU workshop on
Ubiquitous Network Societies, April 2005.
9
Threats in cyberspace
  • Inherited architecture of the Internet was not
    designed to optimize security
  • Constant evolution of the nature of cyberthreats
  • Low entry barriers and increasing sophistication
    of cybercrime
  • Constant evolution in protocols and algorithms
  • Loopholes in current legal frameworks
  • Introduction of Next-Generation Networks (NGN)
  • Convergence among ICT services and networks
  • Network effects risks far greater
  • Possibility of anonymity on the Internet
  • Absence of appropriate organizational structures
  • Internationalization requires cross-border
    cooperation
  • Vulnerabilities of software applications

10
Attackers, hackers and intruders(generally users
cannot be trusted)
  • Taxonomy of security threats
  • Unauthorized illegal access insufficient
    security measures autent./author/unprotected
    passwords
  • IP spoofing assume a trusted host identity,
    disable host, assume attackers identity, access
    to IP addresses)
  • Network sniffers read source and destination
    addressess, passwords,data
  • Denial of Service (DoS) connectivity, network
    elements or applications availability
  • Bucket brigade attacks messages
    interception/modificat.
  • Back door traps placed by system developers /
    employees /operating system/created by virus
  • Masquerading accessto the network as false
    legitimate personnel
  • Reply attacks read authentication information
    from messages
  • Modification of messages without detection
  • Insider attacks legitimate users behave in
    unauthorized way, needed perdiodical auditing
    actions, screening of personnel, hardware and
    software

11
Challenges Policy
  • Lack of relevant cybercrime and anti-spam
    legislation
  • Establish where none
  • Base model law needed (which is separate ITU
    initiative)
  • Modify existing cybercrime/spam laws where needed
    to reflect botnet-related crime
  • Capacity building for regulators, police,
    judiciary
  • Training existing officials may be supplemented
    by co-opting or active recruitment of technical
    experts
  • Weak international cooperation and outreach
  • Participation in local, regional and
    international initiatives
  • Engagement of relevant government, regulators,
    law enforcement with peers and other stakeholders
    around globe
  • Targeted outreach to countries and stakeholders
    known to be particularly vulnerable to cybercrime

12
The Global Cybersecurity Agenda (GCA)
Launched in May 2007 by the ITUs
Secretary-General, Dr. Hamadoun Touré on World
Telecommunication and Information Society Day
GCA a ITU framework for international
cooperation aimed at proposing strategies for
solutions to enhance confidence and security in
the use of ICTs, built on existing national and
regional initiatives, avoiding duplication and
encouraging e collaboration
17 May 2007, International Herald Tribune
9 July 2007 UN Secretary-General Historic visit
to ITU
13
Global Cybersecurity Agenda Framework for
International Cooperation in Cybersecurity
Leveraging expertise for international
consensus On a Global level, from government,
international organizations to industry For a
Harmonized approach to build synergies between
initiatives Through Comprehensive strategies on
all levels in 5 work areas
14
ITUs Global Cybersecurity Agenda Global
Strategic Report
  • Legal Measures
  • International investigations depending
  • on reliable means of cooperation
  • and effective harmonization
  • of laws
  • Technical and Procedural Measures
  •  Organizational Structures
  • Capacity Building
  • International Cooperation

15
Current GCA Projects
Curbing Cyberthreats IMPACT Partnership with the
International Multilateral Partnership Against
Cyber-Threats (IMPACT)  
Child Online Protection COP The Child Online
Protection (COP) initiative in partnership with
organizations from around the world
16
ITU-IMPACT Collaboration
IMPACT is the physical home for the GCA,
providing expertise and facilities for all ITU
Member States to address global cyber-threats
17
Child Online Protection (COP) Internet Governance
Forum Action for Global Cybersecurity
  • An unique initiative bringing together partners
    from all sectors of the international community
    with the aim of creating a safe online experience
    for children everywhere.
  • Key Objectives
  • Identify the main risks and vulnerabilities to
    children in cyberspace
  • Create awareness of the risks and issues through
    multiple channels
  • Develop practical tools to help governments,
    organizations and educators minimize risk
  • Share knowledge and experience while facilitating
    international strategic partnerships to define
    and implement concrete initiatives

18
The High Level Segment (Council)
  • Held on the opening of the ITU council meetings
  • Participation of Ministers
  • Questions addressed
  • Greatest cyberthreats faced worldwide
  • Key elements to formulate national strategies and
    to prevent cybercrime
  • Role of governments in promoting a cibersecurity
    culture
  • Highest priority activities to address current
    and emerging cyberthreats

19
ITU-T SG 17 SecurityResponsible for studies
relating to security including cybersecurity,
countering spam and identity management. Also
responsible for the application of open system
communications including directory and object
identifiers, and for technical languages, the
method for their usage and other issues related
to the software aspects of telecommunication
systems.
  • Study Group 17 is the lead study group in the
    ITU-T for security responsible for
  • Coordination of security work
  • Development of core Recommendations
  • Most of the other study groups have
    responsibilities for standardizing security
    aspects specific to their technologies, e.g.,
  • SG 2 for TMN security
  • SG 9 for IPCablecom security
  • SG 13 for NGN security
  • SG 16 for Multimedia security

20
ICT security standards roadmap
  • Part 1 contains information about organizations
    working on ICT security standards
  • Part 2 is database of existing security standards
    and includes ITU-T, ISO/IEC JTC 1,IETF, IEEE,
    ATIS, ETSI and OASIS security standards
  • Part 3 is a list of standards in development
  • Part 4 identifies future needs and proposed new
    standards
  • Part 5 includes Security Best Practices

http//www.itu.int/ITU-T/studygroups/com17/ict/
21
  • ITU-T SG 17 structure
  • Working Party 1 Network and information security
  • Q 1 Telecommunications systems security project
  • Q 2 Security architecture and framework
  • Q 3 Telecommunications information security
    management
  • Q 4 Cybersecurity
  • Q 5 Countering spam by technical means

Forum on Next Generation Network
Standardization Colombo, Sri Lanka, 7-10 April
2009
21 of 37
22
  • ITU-T SG 17 structure (cont.)
  • Working Party 2 Application security
  • Q 6 Security aspects of ubiquitous
    telecommunication services
  • Q 7 Secure application services
  • Q 8 Telebiometrics
  • Q 9 Service oriented architecture security

Forum on Next Generation Network
Standardization Colombo, Sri Lanka, 7-10 April
2009
22 of 37
23
  • ITU-T SG 17 structure (cont.)
  • Working party 3 Identity management and
    languages
  • Q 10 Identity management architecture and
    mechanisms
  • Q 11 Directory services, Directory systems, and
    public-key/attribute certificates
  • Q 12 Abstract Syntax Notation One (ASN.1),
    Object Identifiers (OIDs) and associated
    registration
  • Q 13 Formal languages and telecommunication
    software
  • Q 14 Testing languages, methodologies and
    framework
  • Q 15 Open Systems Interconnection (OSI)

Forum on Next Generation Network
Standardization Colombo, Sri Lanka, 7-10 April
2009
23 of 37
24
  • Core Security Recommendations
  • Strong ramp-up on developing core security
    Recommendations in SG 17
  • 14 approved in 2007
  • 27 approved in 2008
  • 56 under development for approval this study
    period
  • Subjects include
  • Architecture and Frameworks ? Web services ?
    Directory
  • Identity management ? Risk management ?
    Cybersecurity
  • Incident management ? Mobile security ?
    Countering spam
  • Security management ? Secure applications ?
    Telebiometrics
  • Ubiquitous Telecommunication services ? SOA
    security
  • Ramping up on
  • ? Traceback ? Ubiquitous sensor networks
  • Collaboration with others on many items

Forum on Next Generation Network
Standardization Colombo, Sri Lanka, 7-10 April
2009
24 of 37
25
  • Challenges
  • Addressing security to enhance trust and
    confidence of users in networks, applications and
    services
  • Balance between centralized and distributed
    efforts on developing security standards
  • Legal and regulatory aspects of cybersecurity,
    spam, identity/privacy
  • Address full cycle vulnerabilities, threats
    and risk analysis prevention detection
    response and mitigation forensics learning
  • Uniform language for security terms and
    definitions
  • Effective cooperation and collaboration across
    the many bodies doing cybersecurity work within
    the ITU and with external organizations
  • Keeping ICT security database up-to-date

Forum on Next Generation Network
Standardization Colombo, Sri Lanka, 7-10 April
2009
25 of 37
26
  • SG 17 Security Project 1/3
  • (Major focus is on coordination and outreach)
  • Security coordination
  • ISO/IEC/ITU-T Strategic Advisory Group Security
  • Oversees standardization activities in ISO, IEC
    and ITU-T relevant to security provides advice
    and guidance relative to coordination of security
    work and, in particular, identifies areas where
    new standardization initiatives may be warranted.
  • Portal established
  • Workshops conducted
  • Global Standards Collaboration
  • ITU and participating standards organizations
    exchange information on the progress of standards
    development in the different regions and
    collaborate in planning future standards
    development to gain synergy and to reduce
    duplication. GSC- 13 resolutions concerning
    security include
  • GSC-13/11 Cybersecurity
  • GSC-13/04 Identity Management
  • GSC-13/03 Network aspects of identification
    systems
  • GSC-13/25 Personally Identifiable Information
    Protection

Forum on Next Generation Network
Standardization Colombo, Sri Lanka, 7-10 April
2009
26 of 37
27
SG 17 Security Project 2/3 (Major focus is on
coordination and outreach)
  • Security coordination (cont.)

Cybersecurity Rapporteur group adopted a focussed
action plan including outreach and collaboration
with other organizations addressing cybersecurity
and infrastructure protection. Basic needs to
identify and effecting lines of communication
among all these organizations. Address the
needs of countries with lack in resources and
part of the global network cybersecurity and
vulnerability mosaic.
Forum on Next Generation Network
Standardization Colombo, Sri Lanka, 7-10 April
2009
27 of 37
28
SG 17 Security Project 4/4
  • Security Compendium
  • Includes catalogs of approved security-related
    Recommendations and security definitions
    extracted from approved Recommendations
  • Security Standards Roadmap
  • Includes searchable database of approved ICT
    security standards from ITU-T and others (e.g.,
    ISO/IEC, IETF, ETSI, IEEE, ATIS)
  • ITU-T Security Manual
  • Assisted in its development

29
  • Security standardization strategy

1. Assure the continued relevance of security
standards by keeping them current with
rapidly-developing telecommunications
technologies and operators trends. (in
e-commerce, e-payments, e-banking, telemedicine,
fraud-monitoring, fraud-management, fraud
identification, digital identity infrastructure
creation, billing systems, IPTV, Video-on-demand,
grid network computing, ubiquitous networks,
etc.). 2. Give attention to the issue of trust
between network providers and communication
infrastructure vendors, in particular, in terms
of communication hardware and software security.
Forum on Next Generation Network
Standardization Colombo, Sri Lanka, 7-10 April
2009
29 of 37
30
  • Identity Management Overall objectives
  • a security enabler by providing trust in the
    identity of both parties to an e-transaction
  • a very important capability for significantly
    improving security and trust
  • 3. provides Network Operators an opportunity to
    increase revenues by offering advanced
    identity-based services
  • 4. ITU-Ts IdM work on global trust and
    interoperability of diverse IdM capabilities in
    telecommunications focused on leveraging and
    bridging existing solution

Forum on Next Generation Network
Standardization Colombo, Sri Lanka, 7-10 April
2009
30 of 37
31
  • Recommendations in progress
  • First IdM Recommendations for ITU-T SG 17
  • X.1250, Capabilities for global identity
    management trust and interoperability
  • X.1251, A framework for user control of digital
    identity
  • And one Supplement approved
  • Supplement to X.1250-series, Overview of IdM in
    the context of cybersecurity
  • Many additional IdM Recommendations are under
    development (specially IdM terms and definitions)

Forum on Next Generation Network
Standardization Colombo, Sri Lanka, 7-10 April
2009
31 of 37
32
Survey of developing countries ICT security needs
  • Questionnaire initiated May 2008
  • Key Results
  • The overall level of concern about cyber security
    is high
  • There is a high level of interest in the
    possibility of obtaining advice and/or assistance
    on ICT security from the ITU
  • The ITU needs to do better in promoting its ICT
    security products
  • Details of analysis at
  • http//www.itu.int/dms_pub/itu-t/oth/0A/0D/T0A0D00
    00180001PDFE.pdf

33
Challenges
Addressing security to enhance trust and
confidence of users in networks, applications and
services
  • With global cyberspace, what are the security
    priorities for the ITU with its government /
    private sector partnership?
  • Balance between centralized and distributed
    efforts on developing security standards
  • Legal and regulatory aspects of cybersecurity,
    spam, identity/privacy
  • Address full cycle vulnerabilities, threats
    and risk analysis prevention detection
    response and mitigation forensics learning
  • Uniform definitions of cybersecurity terms and
    definitions
  • Effective cooperation and collaboration across
    the many bodies doing cybersecurity work within
    the ITU and with external organizations
  • Keeping ICT security database up-to-date
  • There is no silver bullet for cybersecurity

34
Some useful web resources
  • ITU Global Cybersecurity Agenda (GCA)
    http//www.itu.int/osg/csd/cybersecurity/gca/
  • ITU-T Home page http//www.itu.int/ITU-T/
  • Study Group 17 http//www.itu.int/ITU-T/studygroup
    s/com17/index.asp
  • e-mail tsbsg17_at_itu.int
  • LSG on Security http//www.itu.int/ITU-T/studygrou
    ps/com17/tel-security.html
  • Security Roadmap http//www.itu.int/ITU-T/studygro
    ups/com17/ict/index.html
  • Security Manual http//www.itu.int/publ/T-HDB-SEC.
    03-2006/en
  • Cybersecurity Portal http//www.itu.int/cybersecur
    ity/
  • Cybersecurity Gateway http//www.itu.int/cybersecu
    rity/gateway/index.html
  • ITU-T Recommendations http//www.itu.int/ITU-T/pu
    blications/recs.html
  • ITU-T Lighthouse http//www.itu.int/ITU-T/lighthou
    se/index.phtml
  • ITU-T Workshops http//www.itu.int/ITU-T/worksem/
    index.html

35
  • Thank you!
  • Paolo Rosa
  • paolo.rosa_at_itu.int

Forum on Next Generation Network
Standardization Colombo, Sri Lanka, 7-10 April
2009
35 of 37
36
  • ADDITIONAL SLIDES

37
ITU GCA main goals
  • Elaboration of strategies to
  • develop a model cybercrime legislation globally
    applicable, interoperable with existing national
    / regional legislative measures
  • create national and regional organizational
    structures and policies on cybercrime
  • establish globally accepted minimum security
    criteria and accreditation schemes for software
    applications and systems
  • create a global framework for watch, warning and
    incident response to ensure cross-border
    coordination of initiatives
  • create and endorse a generic and universal
    digital identity system and the necessary
    organizational structures to ensure the
    recognition of digital credentials for
    individuals across geographical boundaries
  • develop a global strategy to facilitate human and
    institutional capacity-building to enhance
    knowledge and know-how across sectors and in all
    the above-mentioned areas
  • advice on potential framework for a global
    multi-stakeholder strategy for international
    cooperation, dialogue and coordination in all the
    above-mentioned areas.

38
Initiatives
  • ITUs Global Cybersecurity Agenda housed in new
    centre in Malaysia
  • The International Multilateral Partnership
    Against Cyber Threats (IMPACT) headquarters in
    Cyberjaya (Kuala Lumpur) to focus on
    strengthening network security 20 March 2009
  • ITUs Telecommunication Development Bureau (BDT)
    will facilitate the deployment of IMPACT
    services, such as the Global Response Centre,
    which aims at providing state-of-the-art
    cybersecurity capabilities for ITU Member States
    to strengthen network security worldwide.

39
  • ITU-T SG 17 structure

Recommendations under development in WP1
Guidelines on security of the individual information service for operators ? Architecture of external interrelations for a telecommunication network security system ? Information security governance framework ? Information security management framework for telecommunications ? Requirement of security information sharing framework ? Abnormal traffic detection and control guideline for telecommunication network ? Frameworks for botnet detection and response ? Digital evidence exchange file format ? Guideline on preventing malicious code spreading in a data communication network? Mechanism and procedure for distributing policies for network security ? Framework for countering cyber attacks in SIP-based services? Traceback use cases and capabilities ? Framework for countering IP multimedia spam ? Functions and interfaces for countering email spam sent by botnet ? Technical means for countering spam Interactive countering spam gateway system ? Technical means for countering VoIP spam
Forum on Next Generation Network
Standardization Colombo, Sri Lanka, 7-10 April
2009
39 of 37
40
ITU-T SG 17 structure
Recommendations under development in WP2
? Functional requirements and mechanisms for secure transcodable scheme of IPTV ? Key management framework for secure IPTV services ? Algorithm selection scheme for SCP descrambling ? SCP interoperability scheme ? Security requirement and framework for multicast communication ? Security aspects of mobile multi-homed communications ? Security framework for ubiquitous sensor network ? USN middleware security guidelines ? Secure routing mechanisms for wireless sensor network ? SAML 2.0 ? XACML 2.0 ? Security requirements and mechanisms of peer-to-peer-based telecommunication network ? Management framework for one time password based authentication service ? Security framework for enhanced web based telecommunication services ? Telebiometrics issues
Forum on Next Generation Network
Standardization Colombo, Sri Lanka, 7-10 April
2009
40 of 37
41
  • ITU-T SG 17 structure

Recommendations under development in WP3
? Baseline capabilities for enhanced global identity management trust and interoperability ? A framework for user control of digital identity Entity authentication assurance ? Extended validation certificate Common identity data model ? Framework architecture for interoperable identity management systems ? IdM terms and definitions ? Security guidelines for identity management systems ? Criteria for assessing the level of protection for personally identifiable information in identity management ? Guideline on protection for personally identifiable information in RFID applications ? Object identifier resolution system ? UML profile for ASN.1 ? Information technology reference model issues ? SDL issues ? Message sequence chart (MSC) issues ? User requirements notation (URN) issues ? Testing and test control notation issues
Forum on Next Generation Network
Standardization Colombo, Sri Lanka, 7-10 April
2009
41 of 37
42
  • Business use of telecommunications/ICT top
    security standards
  • The report will consist of summary sheets for
    analysed top security standards
  • ? Status and summary of standards ? Who does the
    standard affect? ? Business benefits ?
    Technologies involved ? Technical implications
  • ITU-T SG 17 seeks comment on the work activity
    from the ITU-D and other standards development
    organizations. Specifically, your views on the
    following would be appreciated
  • Do you agree that this work activity would be
    useful to organizations and/or DC/CETs planning
    to deploy telecommunications/ICT security
    systems?
  • Does your organization have existing information
    that may be related to this work activity or that
    may be used to progress this work?
  • Does your organization have contact with DC/CETs
    that may further elaborate on their needs and
    detail the information they may find most useful
    to capture in the activity output?
  • Does your organization have any suggestions to
    provide additional detail regarding the proposed
    summary sheet elements or criteria to select
    standards?
  • Would your organization be willing to assist the
    ITU-T SG 17 in progressing this work?
  • ITU-T SG 17 welcomes your consideration and your
    response on this matter.

Forum on Next Generation Network
Standardization Colombo, Sri Lanka, 7-10 April
2009
42 of 37
43
The High Level Segment HLEG
  • Held on the opening of the ITU council meetings
  • Participation of Ministers
  • Questions addressed
  • Greatest cyberthreats faced worldwide
  • Key elements to formulate national strategies and
    to prevent cybercrime
  • Role of governments in promoting a cibersecurity
    culture
  • Highest priority activities to address current
    and emerging cyberthreats

44
HLS 2008 Sessions on Cybersecurity II
  • Managing cyberthreats through harmonized
    policies and organizational structures
  • Objective to examine how cyberthreats can be
    detected and managed effectively through
    harmonized policies and improved organization
    structures.
  • The absence of effective institutions to deal
    with cyber-attacks is a major issue. Some
    countries have established specific agencies with
    watch, warning and incident response
    capabilities. Other countries prefer to promote
    capacity to deal with cyber-incidents within
    existing law enforcement agencies. What lessons
    can be learned from the experience of different
    countries? And how can cooperation and the flow
    of information between national institutions be
    improved?

45
High-Level Segment (HLS) of Council 2008 Geneva,
12-13 November 2008
  • Designed to provide Ministers and Councillors
    with an opportunity to exchange views on issues
    of strategic importance to the Union and on
    emerging trends in the sector. This year,
    speakers offered their perspectives on Climate
    Change and Cybersecurity.
  • Inaugurated by two Heads of State, H.E. Mr Paul
    Kagame, President of Rwanda, and H.E. Mr Blaise
    Compaoré, President of Burkina Faso, as well as
    by United Nations Secretary-General Mr Ban
    Ki-moon via video message.
  • Attended by some 400 participants, 21 Ministers,
    Ambassadors and heads of regulatory organizations
    and UN agencies.

46
HLS 2008 Sessions on Cybersecurity 1/2
  • Managing cyberthreats through harmonized
    policies and organizational structures
  • Objective to examine how cyberthreats can be
    detected and managed effectively through
    harmonized policies and improved organization
    structures.
  • Addressing the technical and legal challenges
    related to the borderless nature of cybercrime
  • Objective to consider how the technical and
    legal challenges associated with cybercrime can
    best be addressed.

47
HLS 2008 Sessions on Cybersecurity 2/2
  • Be Safe Online A Call to Action
  • Objective What can be done and what should be
    done to protect our most valuable resource our
    children?
  • ITU Global Cybersecurity Agenda Towards an
    International Roadmap for Cybersecurity
  • Objective How the framework and expert proposals
    developed within the GCA can help countries
    promote cybersecurity.

48
HLS 2008 Sessions on Cybersecurity III
  • Addressing the technical and legal challenges
    related to the borderless nature of cybercrime
  • Objective to consider how the technical and
    legal challenges associated with cybercrime can
    best be addressed.
  • Threats to cybersecurity are global in nature.
    Cybercriminals can strike at will, exploiting
    technical vulnerabilities and legal loopholes
    through cross-border operations that show no
    respect for geographical boundaries or
    jurisdictional borders. This makes it difficult
    for any single national or regional legal
    framework to address cyberthreats effectively.
    What are the major challenges countries face in
    fighting cybercrime? How can countries deal with
    these challenges?

49
HLS 2008 Sessions on Cybersecurity IV
  • Be Safe Online A Call to Action
  • Objective What can be done and what should be
    done to protect our most valuable resource our
    children?
  • The most vulnerable Internet users online are
    children. In industrialized countries, as many as
    60 of children and teenagers use online
    chatrooms regularly, and evidence suggests that
    as many of three-quarters of these may be willing
    to share personal information in exchange for
    online goods and services. In some countries, as
    many as one in five children may be targeted by a
    predator or paedophile each year. These trends
    are increasingly true in many emerging and
    developing countries as well.

50
HLS 2008 Sessions on Cybersecurity V
  • ITU Global Cybersecurity Agenda Towards an
    International Roadmap for Cybersecurity
  • Objective How the framework and expert proposals
    developed within the GCA can help countries
    promote cybersecurity.
  • There are many valuable national and regional
    initiatives underway to promote cybersecurity.
    However, the growing global cyberthreats need a
    global basis on which they can be addressed. On
    17 May 2007, the ITU Secretary-General Dr.
    Hamadoun Touré launched the Global Cybersecurity
    Agenda (GCA) as a framework for international
    cooperation to promote cybersecurity and enhance
    confidence and security in the information
    society. The GCA seeks to encourage collaboration
    amongst all relevant partners in building
    confidence and security in the use of ICTs.
Write a Comment
User Comments (0)
About PowerShow.com