Committed to Connecting the World

Cyber Security: Collaboration

Antigua and Barbuda23 March 2017

Mr. Cleveland Thomas Area Office Representative for the

Caribbean Region

Committed to Connecting the World

ITU-D: ITU’s Development Sector fostersinternational cooperation and solidarity in thedelivery of technical assistance and in the creation,development and improvement oftelecommunication/ICT equipment and networksin developing countries.

ITU: A Brief Overview

193 Member States

567 Sector Members

159 Associates

104 Academia

ITU-R: ITU’s Radio-communication Sector globally managesradio-frequency spectrum and satellite orbits that ensuresafety of life on land, at sea and in the skies.

ITU-T: ITU's Telecommunication Standardization Sectorenables global communications by ensuring thatcountries’ ICT networks and devices are speaking thesame language.

Headquartered in Geneva,

4 Regional Offices

7 Area Offices.

A specialized agency of the UN with focus on Telecommunication / ICTs

Founded in 1865

1

Today, the use of Information and Communication Technologies (ICTs) is the key to access to the

information society

Personal communication

Entertainment

On-line public services

Real-time Information

Social and professional

networks

Databases

Media

Social media

Libraries

4

Committed to Connecting the World

2

The importance of Cybersecurity

Larger attack surface- Increasing dependence on the availability of

ICTs

- Number of Internet users growing constantly(now 40% of world’s population)

- 1.5M Cybercrime victims per day

- 64M URL suspectCybercrimes are on the rise

- The likely annual cost to the global economyestimated at more than $455 billion

- A fourfold increase in the number of banking/finance-related malware Android platformfrom 2014Q1 to 2014Q4.

Malware remains the most Dominant Cyberthreat – more than 7 M in one ¼

21% victims of social crime

Sources : ITU MIS 2014 report, Symantec (2014), McAfee (2014), Trend Micro (2015)

Committed to Connecting the World

Cybercrime5 Groups :

• Intrusive Offences

• Copyright and trademark-related offences

• Computer-related offences

• Combination offences

• Content-related offences

Source :https://en.wikipedia.org/wiki/International_cybercrime

Committed to Connecting the World

ITU and Cybersecurity

2003 – 2005

WSIS entrusted ITU as sole facilitator for WSIS Action Line C5

“Building Confidence and Security in the use of ICTs”

2007

ITU Secretary-General launched the Global Cybersecurity Agenda (GCA).A framework for international cooperation in

cybersecurity

2008 - 2010

ITU Membership endorsed the GCA as the ITU-wide strategy on international cooperation.

In 2008 the Child Online Protection Initiative was launched, as an international and multistakeholder collaborative framework

fostering the protection of children online3

Committed to Connecting the World

• ITU National Cybersecurity Strategy Guide• Global Cybersecurity Index• Cyberwellness Profiles • Technical assistance and projects in LDCs• Elaboration of Best Practices at ITU-D SG 2 Q3/2• Regional Cybersecurity Workshops• Training for high-level Member State officials

4. Capacity Building

Global Cybersecurity Agenda (GCA)

• National CIRT deployment and cooperation• Regional Cybersecurity Centres• Regional and International Cyber Drills

3. Organizational Structures

5. International Cooperation

• ITU’s Child Online Protection Initiative• Collaboration with other IGOs and Private Sector• UN-wide Coordination Mechanisms

• ITU Cybercrime Legislation Resources• Publication on Understanding Cybercrime: A Guide for

Developing Countries (new edition: November 2014)• HIPSSA, HIPCAR, ICB4PAC Projects (executed with EU)• MoU with UNODC for assistance to Member States

1. Legal Measures

• ITU Standardization Work: ITU-T SG 17• ITU-R recommendations on security • ICT Security Standards Roadmap • ITU-T JCA on COP

2. Technical and Procedural Measures

GCA: From Strategy to Action

4

We count on the support of several partners…

International Organizations

Private Sector

Civil Society

Int’l Organizations CollaborationBest practices in cybercrime

legislations, joint technical

assistance to member states,

information sharing.

10

Capacity Centre of the University of Oxford

on cybersecurity capacity building

initiatives such as the Centre’s

cybersecurity capacity maturity model

where ITU’s experience with the Global

Cybersecurity Index has been injected and

more recently on the National CIRT

programme.

Collaboration with FIRST – To share best

practices on computer incident response,

engage in joint events, facilitate affiliation

of national CIRTS of member states.

Int’l & Private Sector CollaborationThe mission of the ISOC is to promote

the open development, evolution, and

use of the Internet for the benefit of all

people throughout the world.

11

Tap on expertise of globally recognized

industry players and accelerate information

sharing with ITU member states.

Nuix is contributing in ITU-D Study Group 2

Question 3 “Securing information and

communication networks: Best practices

for developing a culture of cybersecurity”.

Nuix is also collaborating with ITU on

Cyberdrills.

Committed to Connecting the World

Objective

The GCI aims to measure the level of commitment of each nation in cybersecurity in five main areas:

- Legal Measures

- Technical Measures

- Organizational Measures

- Capacity Building

- National and International Cooperation

Goals

- Promote cybersecurity strategies at a national level

- Drive implementation efforts across industries and sectors

- Integrate security into the core of technological progress

- Foster a global culture of cybersecurity

5

105 countries have responded

Final 2014 Results are on ITU Website

Next iteration in progress

Global Cybersecurity Index (GCI)

Committed to Connecting the World

18

Cyberwellness Country Profiles

Factual information on cybersecurity achievements on each country based on the GCA pillars

195 country profilescurrently

Live documents –Countries invited to assist in maintaining the information up to date

cybersecurity@itu.int

GCI 2014

Reports

• 2014 Results for Americas Region (LA&C)

• CYBERWELLNESS PROFILE UNITED STATES (USA)

• CYBERWELLNESS PROFILE ANTIGUA AND BARBUDA (A&B)

Committed to Connecting the World

6

GCI 2014 World distribution

Committed to Connecting the World

7

GCI 2014 World comparison

Committed to Connecting the World

8

Asia & Pacific CIS Europe

The AmericasArab StatesAfrica

Regional Comparison

Committed to Connecting the World

&

24

1. United States of America 0.824

2. Canada 0.794

3. Australia 0.765

3. Malaysia 0.765

3. Oman 0.765

4. New Zealand 0.735

4. Norway 0.735

5. Brazil 0.706

5. Estonia 0.706

5. Germany 0.706

5. India 0.706

5. Japan 0.706

5. Republic of Korea 0.706

5. United Kingdom 0.706

Global cyber readiness rankingGCI Interactive Comparison Tool

Committed to Connecting the World

11

International Cooperation frameworks and exchange of

information

Harmonization of policies, legal frameworks and good practices at

regional level

National strategies and policies

National response capabilities

Country level capacity building and training

International

Regional

National

Need for a Coordinated Response

Need for a multi-level response to the cybersecurity challenges

Committed to Connecting the World

Cooperation in The Region

Yearly Cybersecurity Workshops and Cyberdrill to build cooperation and offer training to experts of CIRTs/CERTs of the region.• CIRT : Barbados, Jamaica and Trinidad and Tobago.• First Applied Learning for Emergency Response Teams

26-28 August 2013Montevideo-Uruguay

• Second Applied Learning for Emergency Response Teams8-10 September 2014Lima-Peru

• Regional Forum on Cyber security and Third Cyberdrill Applied Learning for Emergency Response Teams

3-5 August 2015Bogota - Colombia

• Cybersecurity Week from the Center of the World27 June to 1 July 2016Quito - Ecuador

• Americas Cybersecurity Regional Symposium26 to 29 September 2017Montevideo - Uruguay

12

Committed to Connecting the World

Cooperation with Other Organizations

Cybersecurity is an international borderless issue, therefore co-organization and cooperation is critical to align efforts among all stakeholders.

We add efforts with several regional institutions:

• The Inter-American Committee against Terrorism (CICTE) of the Organization of American States (OAS)

• The Latin America and Caribbean Network Information Centre (LACNIC)

• The Internet Society (ISOC)

• The global Forum for Incident Response and Security Teams (FIRST)

• The Internet Corporation for Assigned Names and Numbers (ICANN)

ITU has several public and private partners around the world.

Through the ITU Study Groups main world wide cybersecurity companies and stakeholders meet up to work towards improving Cybersecurity.

13

Committed to Connecting the World

Some Best Practices

• In the Asia Pacific region, JPCERT/CC helped form APCERT (Asia Pacific Computer Emergency Response Team) and provides a secretariat function for APCERT.

• Globally, as a member of the Forum of Incident Response and Security Teams (FIRST), JPCERT/CC cooperates with the trusted CSIRTs worldwide.

• International Strategy on Cybersecurity - j-initiative for Cybersecurity• International cooperation with US, EU, Israel, South America• UNGGE, G8, OECD, APEC, NATO, ASEAN collaboration• Meridian and International Watch and Warning Network• Signatory to the Budapest Convention• Ministry of Defense Information Sharing programs

• METI Cybersecurity Information Sharing Partnership Japan (J-CSIP)

Japan

• Intra-Agency Cooperation is done through the High-Tech Crime Unit of the Dutch Police Services Agency (KLPD) and through the National Cyber Security Centre (NCSC). The NCSC collects information on ICT security and advises organizations on security.

• The services offered by the NCSC derive most of their added value from the cooperation between public and private parties.

• NCSC concentrates mainly on those parties which are crucial for society, the so-called vital sectors: energy companies, the telecommunications and the financial sector.

• Participants from the government in the NCSC PPPs include the Ministries of Security and Justice, Economic Affairs, Agriculture and Innovation, the Interior and Kingdom Relations, Foreign Affairs and Defence, Public Prosecution Service, the General Intelligence and Security Service and the National Police Services Agency.

Netherland

• In 2013, the e-Governance Academy of Estonia and the e-Government Center of the Republic of Moldova implemented a cyber security project with 3 main components:

• The first component consists in developing a Cyber Security Roadmap for Moldovan government institutions

• The second component consists in developing minimum requirements for digital information security for government institutions, or what governments should do in order to secure digital information

• The third component is more general, raising awareness among government officials and Moldovan citizens on current risks and threats in relation to cyber security

Moldova

14

The Child Online Protection (COP) Initiative aims at bringing together partners from all sectors of the global community to

ensure a safe and secure online experience for children everywhere.

Objectives

• Identify risks and vulnerabilities to children in cyberspace;

• Create awareness of the risks and issues through multiple channels;

• Develop practical tools to help governments, organizations and educators minimize risk; and

• Share knowledge and experience while facilitating international strategic partnership to define and implement concrete initiatives

Online Platform of Case Studies

Committed to Connecting the World

15

Recommendations (some of them)

• Do not take things for granted; have an open mind; do not assume you are the first undertaking this work; most of the work is already out there, use it instead of criticizing it

• Adopt a logical sequence, for instance

intra-agency - inter-agency (nation as-a-whole) -regional - international

• Identify key foundation work to start with, as quick win to get management support and buy-in, for instance

CSIRT/CIRT establishment

National cybersecurity strategy

Nationwide exercise (such as cyberdrill)

Committed to Connecting the World

16

How to apply them

Outreach and information sharing activities with international partners as integral part of any National Cybersecurity Strategy (NCS).

• NCS should acknowledge the importance of international cooperation;

• Progressive programs to formalize international trusted relationships and

information sharing mechanisms through multilateral agreements and

organizations including technical topics (measures, mechanism, CERT, …)

• Plan to outline how to manage international collaboration across multiple

strategic areas (e.g. law enforcement, incident response, and R&D)

• Complement NCS with international strategy to address key areas as

information sharing, mutual support in Incident Detection/Response,

cooperation in fighting cyber crime, Research, training, etc.

Committed to Connecting the World

20

Reference Guide draft structure

Toolkit Description

Strategic Areas to Address

Implementation Guidelines

Development Blueprint

Supporting Material References

• Position relative to other guides• Target Audience• How to Use

• Macro areas that a national strategy should address

• Public vs. confidential areas

• PDCA approach in national terms• Elements relevant to implementation

that should be outlined in the strategy

• Basic project approach for writing or improving a national strategy

• Lessons learned on what to avoid

• Direct links to supporting material to support writing the strategy

• Cross-references to other tools

National Cyber Security Toolkit

REFERENCEGUIDE

2nd edition

Est. 15-20 pages

1

2

3

4

5

Committed to Connecting the World

21

Added value

1

2

34

5

Pragmatic reference guide can be used by all countries, including micro-countries: developed strategies, new strategies under development, …

A nation-neutral toolkit that can be applied globally: Europe, Africa, Americas, Asia Pacific, CIS, Arab States

Measuring improvements: provide best practice indicators to assess improvements over time

ITU Toolkit Value Add

Strengths of the ITU Toolkit

Accompanying evaluation tool:easily identify key areas for improvement and how they can be addressed

Reference to other guidelines/references:link to existing models and evaluation tools

Committed to Connecting the World

ITU Study Groups

A platform for information exchange between ITU Member States and Sector Members (industry & academia)

ITU-D Study Group 2

Question 3/2: Securing information and Communication networks: Best practices for developing a culture of Cybersecurity

ITU-T Study Group 17 : Security

Standardisation work on cybersecurity

22

Committed to Connecting the World

23

Thank You

www.itu.int/cyb

cybersecurity@itu.int