1 / 16

BEST PRACTICES FOR ORGANIZING NATIONAL CYBERSECURITY EFFORTS

ITU-T Workshop on “New challenges for Telecommunication Security Standardizations" Geneva, 9(pm)-10 February 2009. BEST PRACTICES FOR ORGANIZING NATIONAL CYBERSECURITY EFFORTS. James Ennis US Department of State. ITU-D Q22/1: History.

arvid
Download Presentation

BEST PRACTICES FOR ORGANIZING NATIONAL CYBERSECURITY EFFORTS

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. ITU-T Workshop on“New challenges for Telecommunication Security Standardizations"Geneva, 9(pm)-10 February 2009 BEST PRACTICES FOR ORGANIZING NATIONAL CYBERSECURITY EFFORTS James Ennis US Department of State

  2. ITU-D Q22/1: History • Created by World Telecommunication Development Conference (WTDC) in 2006 (Doha) • Five meetings: September 2006, May 2007, September 2007, April 2008, September 2008 • Next meeting: April 6-7, 2009

  3. ITU-D Q22/1: Mandate(1) • Survey, catalogue, describe, and raise awareness of: • Principal issues facing national policy-makers in building a culture of cybersecurity • Principal sources of cybersecurity information and assistance • Successful best practices employed by national policy-makers to organize for cybersecurity • Unique challenges faced by developing countries

  4. ITU-D Q22/1: Mandate (2) • Examine best practices for watch, warning, & incident response & recovery

  5. What Does Cybersecurity Apply to? • Applies to cyberspace: electronic information & communication systems & the information they contain

  6. What is Cybersecurity Supposed to Do? • Prevent damage from: • denial of service attacks • malware (viruses, worms, trojan horses) • Prevent exploitation from: • Spyware, fraud (phishing, identity theft) • Restore systems after attacks

  7. Why is Cybersecurity Important? • Today, all critical sectors of economy rely on IP networks for transacting business, government services, etc. • IP networks, not designed to be secure, face increasing numbers of cyber attacks of increasing sophistication. • To maximize the value IP networks can add to a national economy, they must be reliable, secure, & trusted.

  8. Five Keys to a Good National Cybersecurity Program • A national strategy • Government & industry collaboration • Sound legal foundation to fight cybercrime • National incident management capability • National awareness of the importance of cybersecurity

  9. A National Strategy (1) • Government needs to understand importance of cybersecurity for national economy • Economic impact of cybersecurity attacks is severe: 2003 estimates • USD13B (worms & viruses), • USD226B (all forms of overt attack) • Does not include macro-economic costs

  10. A National Strategy (2) • National strategy should have an international component • Cyberattacks are borderless • National cybersecurity achieved only when international cybersecurity is achieved • Countries have a mutual economic interest in working together to achieve global cybersecurity

  11. Collaboration between Government and Industry • Government – industry collaboration on cybersecurity important: • Industry owns most of the IP network infrastructure • Industry has expertise to find solutions to cyber incidents • Industry usually first to know • Industry knows what can & cannot be done

  12. A Sound Legal Foundation to Fight Cyber Abuses • Enact & enforce comprehensive set of laws on cybersecurity & crime • WSIS (Tunis agenda): “…develop necessary legislation for the investigation and prosecution of cybercrime, noting existing frameworks; for example, UNGA Res 55/63, 56/121, & regional initiatives such as the Council of Europe Convention on Cybercrime.”

  13. National Incident Management: Watch, Warning, Response & Recovery • Governments need to develop government-wide system to counter cyber-attacks • National Computer Security Incident Response Team, N-CSIRT • N-CSIRT roles • Information sharing • Development of procedures, controls, tools to protect government systems

  14. National Awareness of Importance of Cybersecurity • Many vulnerabilities result from users’ poor cybersecurity awareness • Government & the culture of cybersecurity • E-government • Education & training • Financial assistance and incentives • Research & development • Guidance on privacy issues • Role of international/regional forums

  15. Q22/1 Draft Report • Two Annexes to the draft report provide introductions to concepts of SPAM and Identity Management • Annex A: SPAM & Associated Threats • Annex B: Identity Management • A third Annex contains extensive references to materials on each of the five keys to a successful national cybersecurity program.

  16. Question 22 Status • Draft report (revision 2) at http://www.itu.int/md/D06-SG01-C-0146/en (TIES required) • We invite you to participate in the April 2009 meeting of Q22 & to contribute to the development of the report to improve its usefulness for national administrations

More Related