Presentation is loading. Please wait.

Presentation is loading. Please wait.

International Telecommunication Union Developing a Cybersecurity Strategy that Supports National Policy Goals “Regional Arab Forum on Cybersecurity,” Giza.

Published byCali Edes Modified over 10 years ago

Similar presentations

Presentation on theme: "International Telecommunication Union Developing a Cybersecurity Strategy that Supports National Policy Goals “Regional Arab Forum on Cybersecurity,” Giza."— Presentation transcript:

1 International Telecommunication Union Developing a Cybersecurity Strategy that Supports National Policy Goals “Regional Arab Forum on Cybersecurity,” Giza (Smart Village)-Egypt, 18-20 December 2011 Dr. Frederick Wamala (Ph.D), CISSP ®

2 Quotations  “ We are all in this together, by ourselves, ” – Lily Tomlin, American Actress

3 ITU National Cybersecurity Strategy Guide  Cybersecurity is a global issue. Thus, ITU Global Cybersecurity Agenda  Global action is as strong as the most insecure State  “Eating the Elephant”  National goals & interests  We use Ends-Ways-Means strategy reference model  Risk management driven 3

4 ARB Regional Initiative 5: Cybersecurity  2012-2014 Expected Result  Encourage the adoption of national frameworks and coordinated national and regional strategies against Cybercrime in the Arab region  Key Performance Indicators  Number of National Strategies  ITU National Cybersecurity Strategy Guide  The Guide covers issues to consider when devising or reviewing national cybersecurity strategies;  A nationally-led, regionally and globally harmonised effort to build human and institutional capacity to prevent, detect, react and deter cyber threats 4

5 Cybersecurity Strategy Model 5

6 National Cybersecurity Context  Threat to critical national infrastructure  Systems, services and functions vital to public health and safety, commerce, and national security  A national cybersecurity strategy:  Treats cyberspace as a strategic domain  Forms a basis for a national cybersecurity programme  Strategy requires all stakeholders to assume responsibility for and take steps to reduce risk  Executive; Private Sector; Legislature; Judiciary; Law Enforcement; Intelligence; Citizens; Civil Society etc  Universal and national values as guiding principles 6

7 Guiding Principles: Examples  Universal: The UN Declaration of Human Rights  National core values/principles vital to cybersecurity 7

8 Ends – Why Devise National Strategies?  We are a poor developing country with limited connectivity to Internet. Cybersecurity is a problem for OECD countries that have more systems.  The Arab region doesn’t have anything electronic to steal. We predominantly deal in commodities such as oil. So why should we care? 8

9 Ends – Governance 9

10 Ends – National Economy 10

11 Ends – National Security 11

12 HOW: Strategy Elaboration Process 12  A high-level view of the process/Activities

13 National Strategy Elaboration Flowchart  Stage 0: Cybersecurity Strategic Driver  Data leakages; Development plans; Security strategies  Stage 1: Direct and Coordinate elaboration  Select lead agency, agree agenda and terms of reference  Stage 2: Define and Issue Strategy  Publish strategy; Highlight roles and responsibilities  Stage 3: Sector or GCA-pillar specific strategies  Create sector-specific strategies and action plans  Stage 4: Implement Cybersecurity Strategy  Implement sector-specific actions plans; Monitor  Stage 5: Report on Compliance and Efficacy 13

14 Ways – Approaches to Executive Strategy  What actions should we take to achieve the Ends (objectives) of the National Cybersecurity Strategy? 14

15 Ways – Priority 1: Legal Measures  Legacy Measures Strategy  Build capacity to regulate actions in cyberspace  Government Legal Authority  Provide national governments legal authority to run coherent national cybersecurity programmes  Parliamentary Cybersecurity Process  Simplify approach to handling cybercrime legislation  Law Enforcement Governance Framework  Coordinate law enforcement, investigatory, policy and regulatory activities against cybercrime  Global Fight Against Cybercrime 15

16 Priority 2 – Technical and Procedural  Cybersecurity Framework (ISO 27001 – ISMS) 16

17 Example: UK Security Policy Framework 17

18 Example: UK Security Policy Framework 18

19 Priority 3 – Organisational Structures  Cybersecurity Focal Point e.g. DHS; OCSIA 19

20 Priority 4 – Capacity Building  Cybersecurity Skills and Training 20

21 Priority 4 – Capacity Building  Judicial Capacity  Improve judicial capacity to fight cybercrime;  Short-term training and modifying legal curricula  National Culture of Cybersecurity  Government-led holistic effort to develop a national cybersecurity culture e.g. DHS Awareness Month;  Government, business, home and vulnerable users  Cybersecurity Innovation  Enhance knowledge and foster innovation across sectors to defend cyberspace and use opportunities. For example, Federal R&D Program, December 2011 21

22 Priority 5 – International Cooperation  Cybersecurity is a global challenge  A coordinated national and global response required  ITU Global Cybersecurity Agenda  A widely adopted framework for global cooperation  Devise an international cybersecurity strategy  Links all activities under the five GCA pillars  Bi-lateral Agreements in Priority Areas  Allies may formulate focused agreements;  Assurance and monitoring  The goal is to ensure that strategies meet objectives 22

23 Questions? 23 Obtain a copy of the ITU National Cybersecurity Strategy Guide at: http://www.itu.int/ITU-D/cyb/cybersecurity/docs/ITUNationalCybersecurityStrategyGuide.pdf or contact cybmail@itu.intcybmail@itu.int

Download ppt "International Telecommunication Union Developing a Cybersecurity Strategy that Supports National Policy Goals “Regional Arab Forum on Cybersecurity,” Giza."

Similar presentations

EU Presidency Conference Effective policies for the development of competencies of youth in Europe Warsaw, 16-18 November 2011 Improving basic skills in.

EU Presidency Conference Effective policies for the development of competencies of youth in Europe Warsaw, November 2011 Improving basic skills in.
1 Entering through the same door - Universal design put simple Soren Ginnerup Danish Building Research Institute Consultant to the COE group on Universal.

1 Entering through the same door - Universal design put simple Soren Ginnerup Danish Building Research Institute Consultant to the COE group on Universal.
Consultation Process Towards the Post-2015 Framework on Disaster Risk Reduction www.unisdr.org Youcef Ait Chellouche UNISDR AFRICA.

Consultation Process Towards the Post-2015 Framework on Disaster Risk Reduction Youcef Ait Chellouche UNISDR AFRICA.
A Guide to Localizing the Hyogo Framework for Action

A Guide to Localizing the Hyogo Framework for Action
1 A Framework for Common Action around shared goals Presentation by Harald Lossack, GTZ on Behalf of OECD/DAC ENVIRONET PEP Meeting 15 June 2006.

1 A Framework for Common Action around shared goals Presentation by Harald Lossack, GTZ on Behalf of OECD/DAC ENVIRONET PEP Meeting 15 June 2006.
Introduction to VET Quality Assurance in the UK Mark Novels 6 th December 2011 Quality Assurance in Technical and Vocational Education and Skills Study.

Introduction to VET Quality Assurance in the UK Mark Novels 6 th December 2011 Quality Assurance in Technical and Vocational Education and Skills Study.
1 ESA/STAT/AC.219/8 Region-wide Programme to Improve Vital Statistics and Civil Registration Systems prepared by: Margarita F Guerrero, Ph D Regional Adviser.

1 ESA/STAT/AC.219/8 Region-wide Programme to Improve Vital Statistics and Civil Registration Systems prepared by: Margarita F Guerrero, Ph D Regional Adviser.
Best practice for ensuring quality in international statistics - The Principal Global Indicators - Werner Bier, Per Nymand-Andersen European Central Bank.

Best practice for ensuring quality in international statistics - The Principal Global Indicators - Werner Bier, Per Nymand-Andersen European Central Bank.
Developing a programme for the implementation of the 2008 SNA and supporting statistics Meeting on Scaling up the coordination and resources for the implementation.

Developing a programme for the implementation of the 2008 SNA and supporting statistics Meeting on Scaling up the coordination and resources for the implementation.
1 Agenda item 4: Work modalities of the revised ISDR system to support the implementation of Hyogo Framework- Elements to be reviewed in groups- & prepare.

1 Agenda item 4: Work modalities of the revised ISDR system to support the implementation of Hyogo Framework- Elements to be reviewed in groups- & prepare.
Armand Racine Consultant Chemicals Branch

Armand Racine Consultant Chemicals Branch
1 POLICY ON SCIENCE AND TECHNOLOGY BY: M.B. WILLIAMS DIRECTOR, DEPARTMENT OF SCIENCE AND TECHNOLOGY.

1 POLICY ON SCIENCE AND TECHNOLOGY BY: M.B. WILLIAMS DIRECTOR, DEPARTMENT OF SCIENCE AND TECHNOLOGY.
HIPAA Security Presentation to The American Hospital Association Dianne Faup Office of HIPAA Standards November 5, 2003.

HIPAA Security Presentation to The American Hospital Association Dianne Faup Office of HIPAA Standards November 5, 2003.
The Africa Action Plan An IEG Evaluation CSO Forum April 15, 2011.

The Africa Action Plan An IEG Evaluation CSO Forum April 15, 2011.
© Copyright 1998-2001 International Telecommunication Union (ITU). All Rights Reserved page - 1 Alexander NTOKO Project Manager, ITU Electronic Commerce.

© Copyright International Telecommunication Union (ITU). All Rights Reserved page - 1 Alexander NTOKO Project Manager, ITU Electronic Commerce.
The Implementation Structure DG AGRI, October 2005

The Implementation Structure DG AGRI, October 2005
The European Qualifications Framework (EQF)

The European Qualifications Framework (EQF)
Joint presentation by respective units in DGs AGRI, EMPL and REGIO IPA Components III, IV and V: Conditions for successful preparation and absorption of.

Joint presentation by respective units in DGs AGRI, EMPL and REGIO IPA Components III, IV and V: Conditions for successful preparation and absorption of.
1 18/02/2014 2 nd Regional Consultative Meeting for Disaster Risk Reduction in Central Asia Bishkek, 18-19 November Adam Yao, ECHO, Head of Office for.

1 18/02/ nd Regional Consultative Meeting for Disaster Risk Reduction in Central Asia Bishkek, November Adam Yao, ECHO, Head of Office for.
Regional Forum for Europe Broadband: A Pillar of Social and Economic Development 6-7 September 2012 Sheraton Hotel, Tirana Sofie Maddens Toscano ITU Expert.

Regional Forum for Europe Broadband: A Pillar of Social and Economic Development 6-7 September 2012 Sheraton Hotel, Tirana Sofie Maddens Toscano ITU Expert.

Similar presentations

Ads by Google