1 / 17

International and Regional Cyber Security Initiatives

International and Regional Cyber Security Initiatives. Michele G. Markoff Coordinator International Critical Infrastructure Protection U.S. Department of State. THE CHALLENGE. Potential consequences of attacks on national and global critical information infrastructures not well understood

moke
Télécharger la présentation

International and Regional Cyber Security Initiatives

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. International and Regional Cyber Security Initiatives Michele G. Markoff Coordinator International Critical Infrastructure Protection U.S. Department of State

  2. THE CHALLENGE • Potential consequences of attacks on national and global critical information infrastructures not well understood • Disruption of key allied infrastructures can have tangible security consequences for the U.S.

  3. THE FORECAST • As reliance on information networks increases, and attacks tools become more sophisticated, potential for devastating damage to critical infrastructures increases • Physical attacks will become more frequent and potentially more disruptive

  4. US GOALS/STRATEGY GOAL: Shape the international environment to reduce the risk to critical US and global information infrastructures on which the US and its allies depend. STRATEGY: Pursue cross-sector bilateral and multilateral cooperation that has tangible benefits to US national security.

  5. ACT NATIONALLY, COOPERATE INTERNATIONALLY All nations need to take systematic domestic and international steps to enhance the security of their networked critical information infrastructures

  6. THE CASE FOR INTERNATIONAL COOPERATION • Going it alone won’t work: We’re only as secure as the least secure among us • Cascading international failures can have national security consequences : Need to address direct and indirect foreign interdependencies • As more nations cross the “digital divide,” threat more unpredictable

  7. MULTIFACETED COLLABORATION • Modernize legal frameworks, enhance law enforcement capabilities, transborder cooperation • Establish a national Point of Contact • Establish 24/7 warning and incident response capability • Inculcate “Culture of cybersecurity” – education and awareness aimed at prevention/security • Understanding that government may lead, but public-private partnership essential

  8. US INVOLVEMENT IN REGIONAL INITIATIVES • G-8 • UN General Assembly Resolutions • Asia Pacific Economic Cooperation Forum (APEC) • Organization of Economic Cooperation and Development (OECD) • Organization of American States (OAS) • UN/ITU – World Summit for the Information Society)

  9. G-8 INITIATIVES • HIGH TECH CRIME GROUP – work is basis for current initiatives in COE, UNGA, APEC, OAS, WSIS 1997 - Cyber Crime principles 2003 - CIP principles

  10. UNGA RESOLUTIONS • 55/63 and 56/121: “Combating the Criminal Misuse of Information Technology” • 57/239: “Creation of a Global Culture of Cybersecurity” • UNGA 58 – US will present resolution based on 2003 G-8 Principles “Protecting Critical Information Infrastructures”

  11. OECD NETWORK SECURITY GUIDELINES • 2002 Update of longstanding network security guidelines - Details how all levels of civil society should implement security in a manner appropriate to their roles • Provides basis for 2002 UNGA Resolution • Currently working on implementation guidelines

  12. ORGANIZATION OF AMERICAN STATES (OAS) • JUNE 2003 - OAS General Assembly Resolution 1939, “Development of an Inter-American Strategy to Combat Threats to Cybersecurity” • Builds on work of 3 OAS committees: telecom, counter-terrorism and legal • Directs the development of a cybersecurity strategy for OAS member states • July 2003 Cybersecurity Conference in Buenos Aires began discussion of strategy

  13. APEC TEL CYBERSECURITY STRATEGY • Developed by APEC Telecommunications and Information Working Group (TEL) • APEC strategy first to commit to concrete steps for regional cybersecurity cooperation • Builds on principles outlined in UNGA Res 55/63) and OECD (Network Security Guidelines) • Approved at APEC Ministerial, October 2002

  14. APEC TEL CYBERSECURITY STRATEGY 2 • Comprehensive and modernized legal frameworks • Cyber incident information-sharing (APCERT) and law enforcement cooperation • Development of IT security and technical guidelines • Strengthening regional public awareness of cybersecurity • Increased training and education opportunities • Examination of wireless security issues

  15. UN/ITU WSIS • World Summit on the Information Society (WSIS) agenda – December 10-12 Geneva - US has introduced language on cyber security, leverages OECD Guidelines and new G-8 principles on cybersecurity - Many unhelpful proposals being submitted - Working to ensure final declaration provides a general guide for the international community – oppose new conventions other than COE

  16. CONCLUSION • No nation will be secure until every nation takes systematic steps to enhance the security of its critical networked information systems and inculcate a culture of cybersecurity in its citizens • All nations need to cooperate internationally, sharing information, experiences and expertise in prevention of cyber attacks, and in prosecution of perpetrators if prevention fails.

  17. CONTACT INFORMATION Michele Markoff Coordinator for International Critical Infrastructure Protection US Department of State (202) 736-4020 email: MarkoffMG@T.State.gov

More Related