Add to collection(s) Add to saved
  1. Engineering & Technology
  2. Computer Science
  3. Information Security

BEST PRACTICES FOR ORGANIZING NATIONAL CYBERSECURITY EFFORTS James Ennis US Department of State

advertisement

ITU-T Workshop on

“New challenges for Telecommunication

Security Standardizations"

Geneva, 9(pm)-10 February 2009

BEST PRACTICES FOR ORGANIZING

NATIONAL CYBERSECURITY EFFORTS

James Ennis

US Department of State

International

Telecommunication

Union

Geneva, 9(pm)-10 February 2009

ITU-D Q22/1: History

Created by World Telecommunication

Development Conference (WTDC) in

2006 (Doha)

Five meetings: September 2006,

May 2007, September 2007, April

2008, September 2008

Next meeting: April 6-7, 2009

Geneva, 9(pm)-10 February 2009

International

Telecommunication

Union

2

ITU-D Q22/1: Mandate(1)

Survey, catalogue, describe, and raise awareness of:

Principal issues facing national policymakers in building a culture of cybersecurity

Principal sources of cybersecurity information and assistance

Successful best practices employed by national policy-makers to organize for cybersecurity

Unique challenges faced by developing countries

Geneva, 9(pm)-10 February 2009

International

Telecommunication

Union

3

ITU-D Q22/1: Mandate (2)

Examine best practices for watch, warning, & incident response & recovery

Geneva, 9(pm)-10 February 2009

International

Telecommunication

Union

4

What Does Cybersecurity

Apply to?

Applies to cyberspace: electronic information & communication systems & the information they contain

Geneva, 9(pm)-10 February 2009

International

Telecommunication

Union

5

What is Cybersecurity

Supposed to Do?

Prevent damage from: denial of service attacks malware (viruses, worms, trojan horses)

Prevent exploitation from:

Spyware, fraud (phishing, identity theft)

Restore systems after attacks

Geneva, 9(pm)-10 February 2009

International

Telecommunication

Union

6

Why is Cybersecurity Important?

Today, all critical sectors of economy rely on IP networks for transacting business, government services, etc.

IP networks, not designed to be secure, face increasing numbers of cyber attacks of increasing sophistication.

To maximize the value IP networks can add to a national economy, they must be reliable, secure, & trusted.

International

Geneva, 9(pm)-10 February 2009 Telecommunication

Union

7

Five Keys to a Good National

Cybersecurity Program

A national strategy

Government & industry collaboration

Sound legal foundation to fight cybercrime

National incident management capability

National awareness of the importance of cybersecurity

Geneva, 9(pm)-10 February 2009

International

Telecommunication

Union

8

A National Strategy (1)

Government needs to understand importance of cybersecurity for national economy

Economic impact of cybersecurity attacks is severe: 2003 estimates

USD13B (worms & viruses),

USD226B (all forms of overt attack)

Does not include macro-economic costs

Geneva, 9(pm)-10 February 2009

International

Telecommunication

Union

9

A National Strategy (2)

National strategy should have an international component

Cyberattacks are borderless

National cybersecurity achieved only when international cybersecurity is achieved

Countries have a mutual economic interest in working together to achieve global cybersecurity

Geneva, 9(pm)-10 February 2009

International

Telecommunication

Union

10

Collaboration between Government and Industry

Government – industry collaboration on cybersecurity important:

Industry owns most of the IP network infrastructure

Industry has expertise to find solutions to cyber incidents

Industry usually first to know

Industry knows what can & cannot be done

Geneva, 9(pm)-10 February 2009

International

Telecommunication

Union

11

A Sound Legal Foundation to

Fight Cyber Abuses

Enact & enforce comprehensive set of laws on cybersecurity & crime

WSIS (Tunis agenda): “…develop necessary legislation for the investigation and prosecution of cybercrime, noting existing frameworks; for example, UNGA

Res 55/63, 56/121, & regional initiatives such as the Council of Europe Convention on Cybercrime.”

Geneva, 9(pm)-10 February 2009

International

Telecommunication

Union

12

National Incident Management:

Watch, Warning, Response & Recovery

Governments need to develop government-wide system to counter cyber-attacks

National Computer Security Incident

Response Team, N-CSIRT

N-CSIRT roles

Information sharing

Development of procedures, controls, tools to protect government systems

Geneva, 9(pm)-10 February 2009

International

Telecommunication

Union

13

National Awareness of Importance of

Cybersecurity

Many vulnerabilities result from users’ poor cybersecurity awareness

Government & the culture of cybersecurity

E-government

Education & training

Financial assistance and incentives

Research & development

Guidance on privacy issues

Role of international/regional forums

Geneva, 9(pm)-10 February 2009

International

Telecommunication

Union

14

Q22/1 Draft Report

Two Annexes to the draft report provide introductions to concepts of

SPAM and Identity Management

Annex A: SPAM & Associated Threats

Annex B: Identity Management

A third Annex contains extensive references to materials on each of the five keys to a successful national cybersecurity program.

Geneva, 9(pm)-10 February 2009

International

Telecommunication

Union

15

Question 22 Status

Draft report (revision 2) at http://www.itu.int/md/D06-SG01-C-

0146/en (TIES required)

We invite you to participate in the

April 2009 meeting of Q22 & to contribute to the development of the report to improve its usefulness for national administrations

Geneva, 9(pm)-10 February 2009

International

Telecommunication

Union

16

Download
advertisement