James Ennis, Department of State, USA ITU-D Question 22/1 Rapporteur Five Organizing Elements Developing & Obtaining Agreement on a National Cybersecurity Strategy Establishing National Government – Industry Collaboration Deterring Cybercrime Creating National Incident Management Capabilities: Watch, Warning, Response, & Recovery Promoting a National Culture of Cybersecurity Developing & Obtaining Agreement on a National Cybersecurity Strategy Create awareness at the national policy level cybersecurity issues, national action, & international cooperation Develop a national strategy to enhance cybersecurity reduce risks & effects of disruptions Participate in international efforts to promote national prevention of incidents: preparation, response, recovery. Establishing National Government – Industry Collaboration Develop public-private collaborative relationships to manage risk and protect cyberspace Articulate the value proposition Identify roles and responsibilities Develop mutual trust Provide mechanism for developing consensus between a variety of perspectives, equities, & knowledge Deterring Cybercrime Enact & enforce a comprehensive set of laws relating to cybersecurity & cybercrime Establish and modernize supporting criminal law, procedures, and policies Regional initiatives, mutual assistance Establish or identify national cybercrime investigative units Understanding of cybercrime legal issues among prosecutors, judges, & legislators Creating National Incident Management Capabilities Develop coordinated national cybersecurity response system Prevention, detection, deterrence, response, & recovery Establish a government focal point Bring together all elements of government, operators, & equipment vendors Participate in information sharing mechanisms Watch, warning, response Develop, test, exercise response plans & protocols Promoting a National Culture of Cybersecurity Promote cybersecurity within Government, as well as private sector, civil society, & individuals Security of e-Government Multi-disciplinary, multi-stakeholder approach Education Regional & international cooperation New Work for Question 22 Expand on the Best Practices Report dealing with national strategy; public/private partnerships; national incident management capability; culture; & protection against spam malware & other cyberthreats. Develop course materials for analysis of national strategies and planning hands-on training programs. Develop country case studies. Develop a framework to be pursued and implemented under BDT Programme 2 for increasing awareness by developing countries regarding cybersecurity. UNGA Res 64-211 Creation of a global culture of cybersecurity Member States to use a voluntary self-assessment tool to highlight areas for further action in CII protection Taking stock of cybersecurity needs and strategies Stakeholder roles & responsibilities Policy processes & participation Public-private cooperation Incident management & recovery Legal frameworks Developing a global culture of cybersecurity