1 / 9

ITU-D Question 22 Building Blocks for Organizing National Cybersecurity Efforts

This paper explores the key elements necessary for organizing effective national cybersecurity efforts, including developing a national cybersecurity strategy, establishing government-industry collaboration, deterring cybercrime, creating national incident management capabilities, and promoting a national culture of cybersecurity.

Télécharger la présentation

ITU-D Question 22 Building Blocks for Organizing National Cybersecurity Efforts

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript


  1. ITU-D Question 22Building Blocks for Organizing National Cybersecurity Efforts James Ennis, Department of State, USA ITU-D Question 22/1 Rapporteur

  2. Five Organizing Elements • Developing & Obtaining Agreement on a National Cybersecurity Strategy • Establishing National Government – Industry Collaboration • Deterring Cybercrime • Creating National Incident Management Capabilities: Watch, Warning, Response, & Recovery • Promoting a National Culture of Cybersecurity

  3. Developing & Obtaining Agreement on a National Cybersecurity Strategy • Create awareness at the national policy level • cybersecurity issues, national action, & international cooperation • Develop a national strategy to enhance cybersecurity • reduce risks & effects of disruptions • Participate in international efforts to promote national prevention of incidents: • preparation, response, recovery.

  4. Establishing National Government – Industry Collaboration • Develop public-private collaborative relationships to manage risk and protect cyberspace • Articulate the value proposition • Identify roles and responsibilities • Develop mutual trust • Provide mechanism for developing consensus between a variety of perspectives, equities, & knowledge

  5. Deterring Cybercrime • Enact & enforce a comprehensive set of laws relating to cybersecurity & cybercrime • Establish and modernize supporting criminal law, procedures, and policies • Regional initiatives, mutual assistance • Establish or identify national cybercrime investigative units • Understanding of cybercrime legal issues among prosecutors, judges, & legislators

  6. Creating National Incident Management Capabilities • Develop coordinated national cybersecurity response system • Prevention, detection, deterrence, response, & recovery • Establish a government focal point • Bring together all elements of government, operators, & equipment vendors • Participate in information sharing mechanisms • Watch, warning, response • Develop, test, exercise response plans & protocols

  7. Promoting a National Culture of Cybersecurity • Promote cybersecurity within Government, as well as private sector, civil society, & individuals • Security of e-Government • Multi-disciplinary, multi-stakeholder approach • Education • Regional & international cooperation

  8. New Work for Question 22 • Expand on the Best Practices Report dealing with national strategy; public/private partnerships; national incident management capability; culture; & protection against spam malware & other cyberthreats. • Develop course materials for analysis of national strategies and planning hands-on training programs. • Develop country case studies. • Develop a framework to be pursued and implemented under BDT Programme 2 for increasing awareness by developing countries regarding cybersecurity.

  9. UNGA Res 64-211Creation of a global culture of cybersecurity Member States to use a voluntary self-assessment tool to highlight areas for further action in CII protection • Taking stock of cybersecurity needs and strategies • Stakeholder roles & responsibilities • Policy processes & participation • Public-private cooperation • Incident management & recovery • Legal frameworks • Developing a global culture of cybersecurity

More Related