Organization: International Telecommunication Union (ITU)
ITU Open Forum on Cybersecurity
The legal, technical and institutional challenges posed by the issue of cybersecurity are global and far-reaching, and can only be addressed through a coherent strategy taking into account the role of different stakeholders and existing initiatives, within a framework of international cooperation.
The World Summit on the Information Society (WSIS) called upon the ITU to build confidence and security in the use of ICTs. ITU is developing its role through several diverse initiatives in order to promote a culture of cybersecurity, raise awareness of the issues involved, develop tools promoting end-user confidence and provide technical assistance to Member States.
The Forum was chaired by Malcolm Johnson, Director, Telecommunication Standardization Bureau, ITU, who also provided the Opening Remarks.
Listed below are the sessions and the topics discussed.
Session 1: Global Challenges – Global Action
The technical and legal issues associated with cybersecurity are major challenges countries face. This session provided a review of some ITU-led international initiatives that address global challenges in building confidence and security in the use of ICTs. ITU-R has addressed security aspects in several Recommendations to ensure rational, equitable, efficient and economical use of the radio-frequency spectrum by all radiocommunication services.
The broad nature of the Global Cybersecurity Agenda has also resulted in interest from other stakeholders and opportunities for collaboration and cooperation. Such initiatives include support from IMPACT to provide its infrastructure to deliver services such as a Global Response Centre, training and skills development, security assurance, research and international cooperation and the launching of the multi-stakeholder Child Online Protection initiative for joint action to promote the online protection of children worldwide.
Session 2: Cybersecurity Work Programme to Assist Developing Countries
This session provided a review of initiatives aimed at helping developing countries improve their capacity in the cybersecurity area, including providing expertise and managerial support for activities related to cyber legislation (e.g. anti-spam legislative surveys, assessment of national cybercrime legislations) and research on the financial and economic aspects of network security, malware and spam.ITU-D initiatives on working with partners from the public and private sectors on specific cybersecurity/Critical Information Infrastructure Protection (CIIP) to assist developing countries in (a) creating awareness and self-assessment programs, and (b) in setting up watch, warning and incident response capabilities was reviewed during this session.
Session 3: Role of Standardization in Cybersecurity
This session addressed the development and use of standards in Cybersecurity, such as Recommendations in the domains of vendor‑neutral frameworks for automatic notification of security information and updates, guidelines for service providers for addressing malware, framework, technical strategies and technologies for countering spam.ITU-T SG 17 is ITU’s lead Study Group for work on security in the use of ICTs and has approved many Recommendations on security, namely X.1205 (“Overview of cybersecurity”), among many other significant recommendations. Q.17/17 (TSB Circular 91) continues work on Recommendations on technical means for countering spam.
The forum was well attended, and the presentations well received. ITU’s efforts in Cybersecurity were widely appreciated by the audience. Discussions revolved around getting more stakeholders participation in order to further strengthen the global effort towards building confidence and security in the use of ICTs. Several attendees expressed their support and willingness to actively cooperate and contribute to current/future ITU efforts in this area.