11

Cybersecurity & Cybersecurity & Child Online Protection (COP)Child Online Protection (COP)

14-15 February 2012Colombo, Sri Lanka

Eun-Ju Kim, Ph.D.

Regional Director ITU Regional Office for Asia and the Pacific

Key Cybersecurity Challenges Lack of adequate and interoperable national or

regional legal frameworks Lack of secure software and ICT-based applications Lack of appropriate national and global

organizational structures to deal with cyber incidents

Lack of information security professionals, skills within governments, and basic awareness among users

Lack of international cooperation between industry experts, law enforcements, regulators, academia & international organizations, etc. to address a global challenge

Misuse of domain names and numbers etc.

Cybersecurity not seen yet as a cross-sector, multi-dimensional concern. Still seen as a technical/technology problem.

ITU and Cybersecurity

2003 – 2005WSIS entrusted ITU as sole facilitator for WSIS Action Line

C5 “Building Confidence and Security in the use of ICTs”

2007

ITU Secretary-General launched the Global Cybersecurity Agenda (GCA)

A framework for international cooperation in cybersecurity

2008 - 2010

ITU Membership endorsed the GCA as the ITU-wide strategy on international cooperation

GCA and ITU-T Activities

ITU-T Study Group 17 Lead Study Group for Telecommunication Security Mandate for Question 4/17 (Q.4/17): Cybersecurity Provides ICT Security Standards Roadmap ITU-T Cybersecurity Information Exchange Framework (CYBEX): September 2009 ITU-T Security Manual "Security in telecommunications and information

technology”(4th ed.): Scheduled for publication in 2010 Draft summaries of Study Group 17 recommendations Focus Group on Identity Management (IdM) Approved over 100 Recommendations on security for communication Facilitates collaboration among national Computer Incident Response Teams (CIRTs)

WTSA Resolutions ITU WTSA Resolution 50: Cybersecurity (Rev. Johannesburg, 2008) ITU WTSA Resolution 52: Countering and combating spam (Rev. Johannesburg,

2008) ITU WTSA Resolution 58: Encourage the creation of national computer incident

response teams, particularly for developing countries (Johannesburg, 2008)

GCA and ITU-D Activities

Assisting developing countries in bridging the digital divide by advancing the use of ICT-based networks, services and applications, and promoting cybersecurityITU National Cybersecurity Guide

ITU Botnet Mitigation Toolkit

ITU Cybercrime Legislation Resources

ITU-D Study Group Q 22/1 : Securing information and communication networks: best practices for developing a culture of cybersecurity

Assistance in establishing Cybersecurity capabilities and services (e.g. Computer Incidnet Response Teams – CIRTs)

Regional workshops and capacity building activities related to cybersecurity/cybercrime

WTDC Resolutions

•ITU Hyderabad Declaration, Paragraph 13 & 14 (2010)

“13. […] the challenge of building confidence and trust in the availability, reliability, security and use of telecommunications/ICTs [….] can be addressed by promoting international coordination and cooperation in cybersecurity, taking into account, inter alia, the ITU Global Cybersecurity Agenda (GCA), as well as the development of related public policies and elaboration of legal and regulatory measures, including building capacity, to ensure cybersecurity, including online protection of children and women.”

GCA and ITU-R Activities

Establish fundamental security principles for IMT-2000 (3G) networks

Issue ITU-R Recommendation on security issues in network management architecture for digital satellite system and performance enhancements of transmission control protocol over satellite networks

ITU-R Recommendations

Recommendation ITU-R M.1078: Security principles for International Mobile Telecommunications-2000 (IMT-2000)

Recommendation ITU-R M.1223: Evaluation of security mechanisms for IMT-2000

Recommendation ITU-R M.1457: Detailed specifications of the radio interfaces of International Mobile Telecommunications-2000 (IMT-2000)

Recommendation ITU-R M.1645: Framework and overall objectives of the future development of IMT-2000 and systems beyond IMT-2000

Recommendation ITU-R S.1250: Network management architecture for digital satellite systems forming part of SDH transport networks in the fixed-satellite service

Recommendation ITU-R S.1711: Performance enhancements of transmission control protocol over satellite networks

Online Threats to Children

Violence

Pornography Child pornography

Online Fraud

Online Gaming & Addiction

Cyber Bullying

Racism

Child abuse materials

Spam

Phishing attacks

Cyberstalking

Cybergrooming

Anorexia, self-harm or suicide

Disclosure private information

Sexual solicitation

Youth-to-youth cybercrimes

… so many!

7

Threats & Risks

ITU Child Online Protection (COP)

ITU launched the Child Online Protection (COP) Initiative in 2008 within the framework of the Global Cybersecurity Agenda (GCA), aimed at bringing together partners from all sectors of the global community to ensure a safe and secure online experience for children everywhere.

8

Key Objectives of COP

• Identify risks and vulnerabilities to children in cyberspace;

• Create awareness of the risks and issues through multiple channels;

• Develop practical tools to help governments, organizations and educators minimize risk; and

• Share knowledge and experience while facilitating international strategic partnership to define and implement concrete initiatives

COP Guidelines ITU has worked with some COP partners to develop the first set of

guidelines for different stakeholders: Available in the six UN languages (+ more)

9

ITU and Cybersecurity in Asia-Pacific

20072007

Afghanistan, Bangladesh, Bhutan, Maldives, Nepal , Cambodia, Laos, Myanmar, Vietnam

Bhutan

Regional Forum on

Cybersecurity, Vietnam

Pacific CERT

ForumsForums

SeminarsSeminars

20082008 20092009

Regional Forum on

Cybersecurity, Australia

Regional Forum on

Cybersecurity India

Ministerial Sub Theme ABBMN

20102010

CIRT CIRT (CERT)(CERT)

Policy Policy relatedrelated

Indonesia

CLMV Ministerial Sub Theme

20112011

Regional Forum on fighting

Cybercrime, Rep. of Korea

CapacityCapacityBuildingBuilding

Establishment of a training Node (IMPACT) in Asia-Pacific to build capacity

Assistance to Pacific Islands Countries

under the ITU-EC Project

Development of Cybersecurity Strategy Maldives, Lao PDR, Myanmar, Indonesia, Timor Leste

20122012

SecurityCore ITU IMPACT Training Course

Conclusion

11

While it will never be possible to completely remove all risks, drawing together an effective package of policies and practices, infrastructure and technology, awareness and communication can do a great deal to help.

The international cooperation, based on a multi-stakeholder approach and the belief that every organization – whether online or mobile, educator or legislator, technical expert or industry body – has something to contribute.

Moreover, the online world respects neither boundaries nor borders, so creating a safe cyber-environment requires cooperation.

By working together with ITU, all interested stakeholders and countries can achieve this critical international collaboration, confronting child online threats with a dynamic and unified coalition.

Please recognize and utilize country code of South Sudan: +211

ITU : http://www.itu.intITU : http://www.itu.intITU Asia Pacific : ITU Asia Pacific : http://www.itu.int/ITU-D/asp/CMS/index.asp

E mail: sameer.sharma@itu.intE mail: sameer.sharma@itu.int

I

THANK

U