Recognizing that cybersecurity has global implications that requires regional and international efforts as well as close collaboration between governments and industry, the Forum pressed for each country in the region to develop capabilities using a new ITU Cybersecurity Framework intended to assist in the formulation of national cybersecurity polices and to protect critical information infrastructures.
The ITU Workshop on Frameworks for Cybersecurity and Critical Information Infrastructure Protection (CIIP) was held in Doha, Qatar, 18−21 February 2008 in collaboration with the Qatar Supreme Council of Information and Communication Technology (ictQATAR) and the Qatar Centre for Information Security (Q-CERT). Over 80 representatives from 18 countries in the Arab region as well as key regional organizations including the League of Arab States, Gulf Cooperation Council, and United Nations Economic and Social Commission for Western Asia, participated in the Forum.
Participants at the event recognized that the ITU Cybersecurity Framework offers a useful guide for raising awareness and initiating and/or reviewing national action as it helps to ensure consistency and compatibility of action among nations. The Forum recommended that the Framework and related resources and toolkits be finalized as soon as possible and made available in the six ITU working languages.
“Global interconnectivity creates new interdependencies and risks that need to be managed at national, regional and international levels,” said Mr Sami Al Basheer Al Morshid, Director of ITU’s Telecommunication Development Bureau. “The formulation and implementation by all nations of a national framework for cybersecurity and critical information infrastructure protection represents a significant first step in addressing the challenges arising from globally interconnected ICT infrastructures.”
ITU Cybersecurity Framework
Elements of the ITU Framework that form part of a comprehensive national approach to cybersecurity include:
- Developing a national strategy for cybersecurity
- Establishing government-industry collaboration
- Deterring cybercrime
- Creating national incident management capabilities
- Promoting a culture of cybersecurity
A related resource, the ITU National Cybersecurity Self-Assessment Toolkit was also examined. The toolkit is designed to assist national governments to review and understand their existing national approaches, develop a best practices baseline, identify areas for attention, and prioritize national efforts to address cybersecurity. Participants encouraged each country in the region to use the toolkit to assess their progress at the national level.
During the event, the role of governments in leading national cybersecurity efforts was discussed as well as the critical role of the private sector and other groups in developing policy and law aimed at the implementation and operation of a national cybersecurity strategy.
The Forum stressed the importance of reviewing national cybercrime legislation to address threats in cyberspace. Participants were informed that the Convention on Cybercrime (Budapest, 2001) offers an internationally developed basis for examining existing national cybercrime law and for determining what new substantive, procedural and mutual assistance provisions are needed in national cybercrime law.
The Forum called for a national focal point for cyber-incident management to strengthen watch, warning, investigation, response and recovery. Such a national focal point, typically through the establishment of a national computer security incident response team (CSIRT), would foster collaboration within government, between governments and the private sector, and with international partners.
Discussions were also held on the necessity of promoting a national culture of cybersecurity to ensure that all users, owners and operators of information systems and networks know their responsibilities with regard to security and develop appropriate tools to combat cyber attacks.
Referring to the recent damage to undersea optical cables, said to have been caused by an adrift ship anchor according to the operator FLAG, Mr Al Basheer said that experience is the hardest teacher. “Whatever the cause, whether intentional or not, whether cybercrime or a mundane accident, the lesson we take away is that every nation needs to organize itself to take coordinated action related to the prevention of, preparation for, response to, and recovery from cyber incidents,” said Mr Al Basheer.