Overview of ITU - D Activities Related to Cybersecurity and Critical Information
advertisement
Overview of ITU-D Activities Related to Cybersecurity and Critical Information Infrastructure Protection ITU Regional Cybersecurity Forum for Asia-Pacific 15-18 July 2008 Brisbane, Australia Christine Sund <christine.sund(at)itu.int> ICT Applications and Cybersecurity Division Telecommunication Development Bureau International Telecommunication Union International Telecommunication Union Introduction to ITU International organization where governments and private sector coordinate global telecommunication networks and services Founded in 1865, ITU is the oldest specialized agency in the UN system 191 Member States, 900+ Sector Members & Associates ITU Headquarters in Geneva, 11 regional/area offices, 760 staff / 80 nationalities Website: www.itu.int/ 16 July 2008 2 ITU Mission Maintain and extend international cooperation in telecommunications Provide technical and policy assistance to developing countries Harmonize actions of Member States and promote cooperation between Member States and Sector Members Instigator and manager of the World Summit on the Information Society (WSIS) held in two phases 16 July 2008 3 Setting the Context In the 21st century, growing dependency on information and communications technologies (ICTs) that span the globe; Rapid growth in ICTs and dependencies led to shift in perception of cybersecurity threats in mid-1990s; Growing linkage of cybersecurity and critical information infrastructure protection (CIIP); A number of countries began assessment of threats, vulnerabilities and explored mechanisms to redress them; But most countries have not formulated or implemented a national strategy for cybersecurity or CIIP; In parallel with national consideration, move to international political agenda. 16 July 2008 4 Is Cybersecurity/CIIP Important? Net Outage – February 2008 16 July 2008 5 ITU Development Sector (ITU-D) Work in Cybersecurity Background and Mandate From ITU Plenipotentiary Conference (Antalya, 2006): ¾ Resolution 130: Strengthening the role of ITU in building confidence and security in the use of information and communication technologies From World Telecommunication Development Conference (Doha, 2006): ¾ ITU-D Study Group 1 Question 22/1 ¾ Resolution 45 ¾ Cybersecurity part of Programme 3 managed by ITU-D ICT Applications and Cybersecurity Division ITU-D Cybersecurity Activities Focused around Two Main Pillars ITU-D Study Group 1 Question 22/1: Securing information and communication networks: Best practices for developing a culture of cybersecurity ¾ Developing a Framework for Organizing National Cybersecurity Efforts ITU-D Programme 3 ITU Cybersecurity Work Programme to Assist Developing Countries ¾ Close synergies exist between the two pillars 16 July 2008 6 Overview of ITU-D Programs & Initiatives WTDC 2006 The World Telecommunication Development Conference (WTDC Doha, 2006) adopted Doha Declaration including: e.g., Six Programs Centres of Excellence Programme 1:Regulatory reform Programme 2:Technologies and telecom network development Programme 3:E-strategies and e-services/applications and cybersecurity Programme 4:Economics & finance incl. costs and tariffs Programme 5:Human Resource Development Programme 6:Special program for least developed countries (LDC) Special Initiatives Private sector initiatives: promotion & partnership Gender & youth initiatives Assistance to indigenous peoples, communities, and people with disabilities Regional Initiatives (RIs) 5 for each of the16 five JulyITU’s 2008 geographic region 7 ITU Cybersecurity Work Programme to Assist Developing Countries Most countries have not yet formulated or implemented national strategies for cybersecurity and/or Critical Information Infrastructure Protection (CIIP) ITU-D Work Programme scopes a set of high level assistance activities Also scopes detailed activities and initiatives planned to be implemented by the ITU Development Sector’s ICT Applications and Cybersecurity Division together with Member States, private and public sector partners, and other regional and international organizations More details about the ITU-D Cybersecurity Work Programme to Assist Developing Countries can be found at: www.itu.int/ITU-D/cyb/cybersecurity/docs/ itu-cybersecurity-work-programme-developing-countries.pdf 16 July 2008 8 Cybersecurity Work Programme to Assist Developing Countries: High Level Elements Assistance related to Establishment of National Strategies/Capabilities for Cybersecurity and Critical Information Infrastructure Protection (CIIP) Assistance related to Establishment of Appropriate Cybercrime Legislation and Enforcement Mechanisms Assistance related to Establishment of Watch, Warning and Incident Response (WWIR) Capabilities Assistance Related to Countering Spam and Related Threats 16 July 2008 Assistance in Bridging the Security- Related Standardization Gap between Developing and Developed Countries Establishment of an ITU Cybersecurity/CIIP Directory, Contact Database and Who’s Who Publication Cybersecurity Indicators Fostering Regional Cooperation Activities Information Sharing and Supporting the ITU Cybersecurity Gateway (www.itu.int/cybersecurity/gateway) Cybersecurity Related Outreach and Promotion of Related Activities 9 Activities Related to Cybersecurity Best Practices 16 July 2008 10 ITU-D Study Group Question 22/1 Q.22/1: Study Group Question was adopted at World Telecommunication Development Conference (WTDC) 2006: Securing information and communication networks: best practices for developing a culture of cybersecurity Calls for Member States and Sector Members to create a report on best practices in the field of cybersecurity Four-year study cycle Pointer to Q.22/1 activities and progress can be found at www.itu.int/ITU-D/cyb/cybersecurity/ 16 July 2008 11 ITU-D Q.22/1: Purpose To survey, catalogue, describe and raise awareness of: ¾ The principal issues faced by national policy makers in building a culture of cybersecurity ¾ The principal sources of information and assistance related to building a culture of cybersecurity ¾ Successful best practices employed by national policy-makers to organize for cybersecurity ¾ The unique challenges faced by developing countries To examine best practices for watch, warning, and incident response and recovery capabilities 16 July 2008 12 Q22.1 Draft Report (v. April 2008) Identifies 5 key elements for a good national cybersecurity programme: ¾ A national cybersecurity strategy; ¾ Collaboration between Government and Industry; ¾ A sound legal foundation to deter cybercrime; ¾ A national incident management capability; and ¾ A national awareness of the importance of cybersecurity through promoting a culture of cybersecurity. 16 July 2008 13 Thousands of Existing Initiatives and Actors Involved 16 July 2008 14 ITU Cybersecurity Framework National Strategy Culture of Cybersecurity Incident Management Capabilities 16 July 2008 Government Industry Collaboration Deterring Cybercrime 15 ITU Cybersecurity Framework MERIDIAN National Strategy ITU ENISA African Union UN ISO CERT CIP World Bank 16 July 2008 OAS/ CITEL ETHZ CIIP Handbook APEC-TEL European Union OECD Arab League GCC 16 ITU Cybersecurity Framework CIPMA (AUS) NICC (SINGAPORE) National Strategy Cybersecurity Industry Alliance ENISA (EU) National Forums ITU 16 July 2008 ISA (MYS) MAAWG Government Industry Collaboration WITSA ICC APEC-TEL European Union OECD MS-ISAC (USA) Sector ISACs 17 ITU Cybersecurity Framework OAS/ REMJA National Strategy G8 Group of States UNODC Government Industry Collaboration National Justice Ministries Council of Europe Interpol APEC European Union UN GCC Deterring Cybercrime Arab League ASEAN 16 July 2008 18 ITU Cybersecurity Framework FIRST National Strategy CERT-CC TF-CSIRT ENISA European Government CERTs Group 16 July 2008 National CERTs/ CSIRTs APCERT OAS/ CICTE Incident Management Capabilities Government Industry Collaboration Deterring Cybercrime International Watch and Warning Network 19 ITU Cybersecurity Framework ITU WiredSafety.org OECD National Strategy WSIS C.5 UNGA SUSI Culture of Cybersecurity ENISA EU InSafe OnGuard Online Get Safe Online 16 July 2008 Government Industry Collaboration NetSmartz Get Net Wise Incident Management Capabilities Deterring Cybercrime Cyber Peace Initiative 20 ITU Efforts to Support the Framework and National Implementation Efforts Reference material and training resources Toolkits including ITU National Cybersecurity/CIIP Self-Assessment Toolkit Regional Cybersecurity Forums ¾ ¾ ¾ ¾ ¾ ¾ ¾ ¾ August 2007: Vietnam October 2007: Argentina November 2007: Cape Verde February 2008: Qatar June 2008: Australia August 2008: Zambia October 2008: Bulgaria 2009: Tunisia and others… 16 July 2008 21 Specific Activities: Some Examples 16 July 2008 22 National Strategies/Capabilities for Cybersecurity and CIIP Establishment of National Frameworks for Cybersecurity & CIIP National Cybersecurity/CIIP Readiness Self-Assessment Toolkit ¾ Pilot tests in selected countries Regional Cybersecurity Forums on Frameworks for Cybersecurity and CIIP Online Experts Forum to Help Developing Countries Develop Capacity Toolkit for Promoting a Culture of Cybersecurity (2008) Online Training Modules for Cybersecurity Awareness and Solutions References: ¾ www.itu.int/ITU-D/cyb/cybersecurity/projects/readiness.html ¾ www.itu.int/ITU-D/cyb/cybersecurity/strategies.html ¾ www.itu.int/ITU-D/cyb/events/ 16 July 2008 23 16 July 2008 24 Establishment of Appropriate Cybercrime Legislation and Enforcement Mechanisms Regional Capacity Building Activities on Cybercrime Legislation and Enforcement Understanding Cybercrime Publication: undergoing editing, will be published later in 2008 ITU Toolkit for Cybercrime Legislation (2008) References ¾ www.itu.int/ITU-D/cyb/cybersecurity/legislation.html 16 July 2008 25 16 July 2008 26 Establishment of Watch, Warning and Incident Response (WWIR) Capabilities Assistance to Developing Countries related to Establishment of Watch, Warning and Incident Response (WWIR) Capabilities Computer Security Incident Response Team (CSIRT) Primer and Survey Computer Security Incident Response Team (CSIRT) Toolkit Inventory of Watch, Warning and Incident Response Capabilities by Region Standard Reporting Format for Fraudulent Online Activities (with e-crime extensions) (2008-2009) References ¾ www.itu.int/ITU-D/cyb/cybersecurity/wwir.html 16 July 2008 27 16 July 2008 28 Information Sharing through Enhancing the ITU Cybersecurity Gateway Enhancement of the ITU Cybersecurity Gateway Establishment of an ITU Cybersecurity/CIIP Directory Establishment of an ITU Cybersecurity/CIIP Contact Database Establishment of Annual Who’s Who in Cybersecurity/CIIP Publication Establishment of an Annual ITU Cybersecurity Publication ITU Cybersecurity Fellowship Programme for Developing Countries References ¾ www.itu.int/cybersecurity/gateway/ 16 July 2008 29 Countering Spam and Related Threats Survey on Anti-Spam Legislation Worldwide (underway) Botnet Mitigation Toolkit for Developing Countries ¾ Pilot Projects for Implementation of Toolkit (Malaysia) Joint Activities for StopSpamAlliance.org Study on Financial Aspects of Spam and Malware (with ITU-T Study Group 3) Translation of Message Anti-Abuse Working Group Best Practices Docs ¾ ¾ ¾ ¾ ¾ Code of Conduct MAAWG - Managing Port25 BIAC-MAAWG Best Practices Expansion Document Anti-Phishing Best Practices for ISPs and Mailbox Providers MAAWG Sender BCP Version 1.1 & Executive Summary References ¾ www.itu.int/ITU-D/cyb/cybersecurity/spam.html 16 July 2008 30 ITU Botnet Mitigation Package Framework for national botnet related policy, regulation and enforcement Multi-stakeholder international cooperation and outreach ¾ Phase 1 (2007): Downloadable toolkit/guidelines for ITU Member States ¾ Phase 2 (2008/2009): Targeted national/regional assistance initiatives 16 July 2008 31 ITU Study on Financial Aspects of Network Security: Malware and Spam Malware and spam are converging: spam is used to expand and sustain botnets, which are, in turn, used to send spam Negative and positive financial effects ¾ Costs for individuals, organizations, nations ¾ Benefits for legal but also illegal players This ITU study aims to document the state of knowledge of these financial aspects of cybersecurity 16 July 2008 32 16 July 2008 33 Summary of Desired Outcomes of this Regional Cybersecurity Forum 16 July 2008 34 Explaining the ITU National Cybersecurity Framework To identify major cybersecurity actors in a country, their roles and means of coordination, interaction, and cooperation… 16 July 2008 35 ITU Cybersecurity Framework (cont’d) Including those who: ¾ Lead government interagency efforts on cybersecurity and provide operational guidance; ¾ Interact with the private sector with regards to cybersecurity whether for cybercrime, incident management, or technical and policy development; ¾ Develop and enforce laws related to cybersecurity; ¾ Coordinate action related to the prevention of, preparation for, response to, and recovery from cyber incidents; and, ¾ Promote a national culture of cybersecurity, including awareness-raising for individuals, small businesses and other users. 16 July 2008 36 More Information ITU-D ICT Applications and Cybersecurity Division: ¾ ITU-D Cybersecurity Overview: ¾ www.itu.int/itu-d/cyb/cybersecurity/ Study Group Q22/1: Report On Best Practices For A National Approach To Cybersecurity: A Management Framework For Organizing National Cybersecurity Efforts: ¾ www.itu.int/itu-d/cyb/ www.itu.int/ITU-D/cyb/cybersecurity/docs/itu-draft-cybersecurity-framework.pdf ITU National Cybersecurity/CIIP Self-Assessment Toolkit: ¾ www.itu.int/ITU-D/cyb/cybersecurity/projects/readiness.html ITU-D Cybersecurity Work Programme to Assist Developing Countries: Regional Cybersecurity Forums: • ¾ www.itu.int/ITU-D/cyb/cybersecurity/projects/botnet.html \ Information on ITU Global Cybersecurity Agenda (GCA): ¾ www.itu.int/ITU-D/cyb/events/ Botnet Mitigation Toolkit: ¾ www.itu.int/ITU-D/cyb/cybersecurity/docs/itu-cybersecurity-work-programmedeveloping-countries.pdf www.itu.int/gca/ Details on Cybersecurity Activities Undertaken by ITU: ¾ www.itu.int/cybersecurity/ 16 July 2008 37 International Telecommunication Union Committed to Connecting the World For additional information do not hesitate to contact me at: christine.sund(at)itu.int 16 July 2008 38
