International Telecommunication Union Geneva, 9(pm)-10 February 2009 BUSINESS USE OF TELECOMUNICATION SECURITY STANDARDS PROJECT Patrick Mwesigwa, Director/Technology & Licensing, Uganda Communications Commission, Vice-Chairman, Study Group 17 ITU-T Workshop on “New challenges for Telecommunication Security Standardizations" Geneva, 9-10 February 2009
International Telecommunication Union Geneva, 9(pm)-10 February Outline of Presentation Background Content of report Contribution to the reports Criteria Financial implication Significance of project Conclusion
International Telecommunication Union Geneva, 9(pm)-10 February Background ITU is sole facilitator of WSIS action Line C5 “Building confidence and security in the use of ICTs” ITU-T SG 17 as the lead study group on telecommunication security is responsible for coordination of security across all study groups SG 17 is proposing a new initiative to prepare an annual report for the IGF “Business use of telecommunication security standards” The report will consist of summary sheets for analysed security standards
International Telecommunication Union Geneva, 9(pm)-10 February Proposed content of summary sheets Status and summary of standards Who does the standard affect? Business benefits Technologies involved Technical implications
International Telecommunication Union Geneva, 9(pm)-10 February Contribution to report The sheets will be prepared by experts mainly from ITU, ISO, ETSI and IETF Report is therefore expected to include information on the most important security standards
International Telecommunication Union Geneva, 9(pm)-10 February Criteria to be applied in developing report Readiness and abilities: security standard contains measures of information security which pertain to the readiness and ability of operators or users to counter security threats Balance of interests: in responding to threats the balance of stakeholder interests should be maintained Cost efficiency: security standards and counter measures will be prioritised according to cost effectiveness and ranked according to their potential impact and their estimated implementation cost Controllability: all standards in the report will be verifiable Variety of implementations: consideration of various implementation options
International Telecommunication Union Geneva, 9(pm)-10 February Financial implication and support Cost of compilation of each security standard (4 pages report) is estimated to cost 4000 CHF ITU is called upon to provide the financial and technical support for this project
International Telecommunication Union Geneva, 9(pm)-10 February Significance of proposed project There exists a number of standards in the field of telecommunications and information security but a standard is only useful if it can be used in the real world of applications Business and governmental bodies need to learn more about standards from their business applications rather than only from a technical point of view By launching this project ITU will provide leadership on WSIS action line C5 not only in preparing the annual report for IGF on information security standardisation processes on business applications but also in supporting procurement strategies for developing countries
International Telecommunication Union Geneva, 9(pm)-10 February Conclusion Given the enormous benefits expected from the project especially to the developing countries, your technical contribution will be crucial for its success
International Telecommunication Union Geneva, 9(pm)-10 February THANK YOU FOR YOUR ATTENTION !