SlideShare a Scribd company logo

WSIS C5 Progress, Challenges in ICT Security

Dr Lendy Spires
Dr Lendy Spires

While progress has been made in cybersecurity education, reducing spam, and increasing secure online transactions and incident response capabilities, international cooperation remains fragmented and several challenges remain. Key ongoing challenges include the evolution of technologies and applications, weaknesses in user authentication like passwords, securing the growing Internet of Things, improving detection and response to cyber incidents, developing metrics to measure cybersecurity effectiveness, issues with cloud computing, ensuring child online safety, strengthening the capabilities of national CERT teams, and having more countries develop national cybersecurity strategies. Addressing these challenges will be important for continuing to build confidence and security in ICT use globally.

Internet
1 of 6
Download to read offline
Progress and challenges in the implementation of WSIS Action Line C5: Building confidence and security in the use of ICTs This draft document is for information purposes only. It has been prepared by an external expert and does not necessarily reflect the views of ITU or its Secretariat. 1. Introduction This document presents a brief summary of the progress made in the implementation of Action Line C5 since WSIS (2005), and highlights some emerging trends and related post-2015 potential challenges. 2. Review 2.1 Some of the areas of Action Line C5 that saw good progress are: o Education/Awareness: Most national cybersecurity strategies (and organizational policies) place a particular emphasis on awareness, although these may not have always been followed by the adoption of action plans1. o Fight against SPAM: In the last years, numbers on spam and phishing attacks via traditional routes have fallen. The Estimated Global Email Spam Per Day (in billions) has decreased from 62 in 2010 to 42 in 2011 and to 30 in 20122. Even if total numbers decreased, there is an increase of spam and phishing through social media and through targeted attacks. o Use of electronic documents and transactions: Electronic payment transaction is growing worldwide. For instance, one-third of the world's roughly 280 billion annual non-cash payments occur in Europe—and this number is growing. The number of non-cash transactions increased from 70 billion in 2005 to 91 billion in 2011 and will exceed 175 billion transactions by 20203 o Sharing of best practices: Many activities have been initiated to create best practices at national and international levels, although these are not always shared between public and private organizations. o Incident Response: Many organizations and governments have increased their incident response capabilities. According to ABI Research, the Enterprise Incident Response market is set to see a dynamic growth over the next few years, totalling $14.79 billion by 20174. 1 http://www.oecd.org/sti/ieconomy/cybersecurity%20policy%20making.pdf 2http://www.symantec.com/about/news/resources/press_kits/detail.jsp?pkid=istr-18 3 https://www.atkearney.com/financial-institutions/featured-article/- /asset_publisher/j8IucAqMqEhB/content/winning-the-growth-challenge-in-payments/10192 4 https://www.abiresearch.com/press/enterprise-incident-response-market-booms-to-14bn-
o Security of Online Transactions: In the last several years, the focus on security of online transaction has increased and numerous initiatives have been established in this regard5. 2.2 Some of the areas that, despite current efforts, may not have been sufficiently addressed are: o Cooperation between governments: Many national cybersecurity strategies aim to enhance international cooperation1, emphasizing the socio-economic dimension of cybersecurity. Though, the governments still need to create the right conditions to ensure effective dialogue and cooperation. Some initiatives exist but appear fragmented. o Response to Cybercrime (Public Private Partnership): Cybercrime continues to grow and evolve. Pomenon analysis has reported a 42% increase in the number of cyber attacks in 2012 in US, with organizations experiencing an average of 102 successful attacks per week, compared to 72 attacks per week in 2011 and 50 attacks per week in 20106. The attacks are becoming increasingly sophisticated, and highly focused. Considering the global nature of Internet and that cyberspace is largely owned and operated by the private sector, a close cooperation between both public and private actors is needed to reach a shared situational awareness that can help organizations to understand the real risk and the correct action to be taken to counter cybercrime. o Strengthening the Trust Framework: Increasing the level of trust in digital services, in cybersecurity and creating a trusted environment between public and private organizations are key challenges. The level of citizen trust in digital services and the Internet must be improved. Aware of this, the European Union in its Digital Agenda has identified “Trust and Security” as vital to a vibrant digital society. Furthermore, trust between key actors such as governments and operators is a critical enabler of cooperation on cybersecurity and information sharing, leading to a much more effective protection and incident response capabilities. o Encouraging further development of secure and reliable applications: Application security breach and related incidents due to the exploitation of application-level vulnerabilities are common. A survey study conducted involving 240 North American and European software development and software security influencers has revealed that application security incidents are common and have severe consequences. Many organizations still struggle with the most basic security flaws. Most do not have a holistic or strategic approach to application security and often application development and security teams and goals are not aligned for optimized results7. 3. Developments and challenges Challenge #1: While a few like-minded countries have developed strong cooperation, international cooperation is still quite fragmented. There are around 35 public national cybersecurity strategies and in almost all of them international cooperation is recognized as a critical element. Also, the Draft African Union Convention on the Establishment of a credible legal framework for Cyber security in Africa highlights 5 http://www1.american.edu/initeb/sm4801a/epayment8.htm 6 http://www.ponemon.org/local/upload/file/2012_US_Cost_of_Cyber_Crime_Study_FINAL6%20.pdf 7 http://www.coverity.com/library/pdf/the-software-security-risk-report.pdf
international cooperation as a key element of African national strategies. Despite the relevance given to international cooperation, we have very few examples of proficient partnerships. Europe has been promoting international cooperation since 2006. Still, the European Commission is aware of a “fragmented approach at the European Union (EU) level and the need for stronger political commitment to Internet security efforts and for a strategic and comprehensive approach”8. Also the European Network and Information Security Agency (ENISA) firmly believes that EU cyber cooperation is crucial to “establishing a proficient and coherent approach to Network and Information Security (NIS) and this includes coordination throughout Europe as well as worldwide in both the public and private sectors”9. EU would also like to extend the scope to cross-border cooperation to enhance European capabilities, for example, to “collect and analyse data relating to information security in a cross-border context which could reveal trends that are not visible at present”. There are positive examples in the area of Computer Emergency Response Teams (CERTs) that constitute the best example of cooperation between entities in different countries. Challenge #2: The nature of the Internet and Digital services is evolving at an incredible pace, changing the role of the actors involved. National Telecom operators who used to be the key players in telecommunications are now playing a marginal role, as most of the services are delivered and managed by Over-the-top (OTT) operators. Usually, OTT are large international companies with little presence and traction in the users’ countries. Challenge #3: Passwords are a major vulnerability for the Internet and Digital Economy. Most of the online services rely on Digital identities that are protected by a password. Such security features have been proved to be weak. The number of attacks, incidents, violations, data breaches caused by weak authentication has now reached significant levels. For example, a study conducted by Internet security company BitDefender, has revealed that “over 250,000 user names, email addresses, and passwords used for Twitter sites can easily be found online and that 75% of Twitter username and password samples collected online were identical to those used for email accounts”10. Challenge #4: Adoption of smart devices is increasing constantly and is predicted to reach around 24 billion devices by 2020. There is significant on-going discussion on the “Internet of Things”. Use of smart devices is growing and mobile networks are now an affordable alternative to fixed lines. As Ms. Milanesi, Research Vice President at Gartner said, “in 2016, two-thirds of the mobile workforce will own a smartphone, and 40% of the workforce will be mobile”.11 In a few years almost all users will have access to smart devices, providing the opportunity to use new techniques and services to secure citizens. The evolution to the Internet of Things - in which sensors and actuators embedded in physical objects such as household or office appliances, vehicles, roadways, pacemakers - will further increase the number, type and complexity of smart devices. Mobility is considered one of the key challenges to organizations. A study by Lockheed Martin Cyber Security Alliance revealed that almost 7 out of 10 study participants believe that mobile device management is about the security of the devices12. In response, the industry is beginning to embed security 8 http://www.enisa.europa.eu/activities/Resilience-and-CIIP/cyber-crisis-cooperation/conference/cyber- exercise-conference/presentations/2.%20Conf%20Paris%20-June%202012-%20- %20A.%20RONNLUND%20-EC.pdf 9 EU cyber cooperation the digital frontline 10 http://www.twitip.com/75-use-same-password-for-twitter-and-email-study-finds/ 11 http://www.gartner.com/newsroom/id/2227215 12 http://www.lockheedmartin.com/content/dam/lockheed/data/isgs/documents/LM-Cyber-Security- Transformational-Technologies.pdf
in smart devices. A study by Eurosmart, an international not-for-profit association that represents the voice of the Smart Security Industry for multi-sector applications, confirms the growth of the Smart Security Industry with the shipment of over 7.6 billion Smart Secure Devices in early 2013 as compared to 5.5 billion in 2010.13 Challenge #5: Detection and response are becoming critical aspects of a modern defence approach. As security countermeasures cannot guarantee full security, it is becoming increasingly important to detect and respond to incidents quickly and effectively, re-adapting the countermeasures to block future occurrences of the same attack. According to Ponemon Institute “a slow response to any security incident can be extremely costly –and is getting more expensive every year as attacks become more aggressive and sophisticated.” Over the past two years, Ponemon estimates the average time to resolve a cyber attack has grown to 24 days from 18, with an average cost for participating organizations rising to $591,780 from $415,748 – a 42% increase. This "ticking time bomb" is driving explosive growth in an Enterprise Incident Response market predicted to grow to $14.79 billion by 2017.”14 Challenge #6: Awareness is not enough; it should lead to Informed Action. Promoting awareness is a key element in national strategies and organizational policies. Educating and empowering people and firms to protect themselves online is a key challenge and it is needed to enhance both local and global cybersecurity levels. Awareness however, should be followed by informed action. A successful example is the UK “Get Safe Online” program, the UK government security service to help protect computers, mobile phones and other devices from malicious attack15. Challenge #7: Many governments and organisations have developed best practices that could reduce vulnerabilities and could help better manage cybersecurity incidents. Unfortunately, usually these best practices are not shared and are underused. For example, if governments and operators of Critical Infrastructures would share practices on Threat Analysis, Risk Assessment and Risk Mitigation, this would lead to a better common understanding of the threats and a much more effective integrated defence. A study by the UK government has estimated that “80% or more of currently successful attacks are defeatable by simple best practice, such as updating anti-virus software regularly”16. Also a study of the US State Department has demonstrated a more than 94% reduction in "measured" security risk through the rigorous automation and measurement of the Top 20 Controls17. Challenge #8: Standards could help both governments and the private sector increase their security, identify better solutions and also make international cooperation easier. The Council of Europe has indicated that the adoption of common standards can “remove barriers, safeguard users, protect the environment, ensure interoperability, reduce costs and encourage competition”. Furthermore, a study of the economic impact of standardization in EU has estimated that standardisation adds between 0.3% and 1% to the GDP thereby helping the ICT industry towards the target of contributing 20% of the EU’s GDP by 202018. There are different types of standards such as technical, functional, mandatory, optional and sector-specific. Each of these is the result of knowledge and wisdom acquired on specific cybersecurity aspects that, when shared, can enhance the capabilities of all users. 13 http://www.eurosmart.com/about.html 14 http://www.darkreading.com/management/co3-systems-delivers-security-incident-r/240149362 15 https://www.getsafeonline.org 16 https://www.gov.uk/government/uploads/system/uploads/attachment_data/file/60961/uk-cyber- security-strategy-final.pdf 17 http://www.sans.org/critical-security-controls/ 18 http://www.parlament.gv.at/PAKT/EU/XXIV/EU/12/44/EU_124406/imfname_10415050.pdf
Challenge #9: Few measures/metrics are available for cybersecurity. In technology, what cannot be measured cannot be protected and this is also valid for cybersecurity. There is a general consensus for the need to define better cybersecurity metrics. In an interview in 2009, Reitinger, Deputy Undersecretary of the US Department of Homeland Security’s National Protection and Programs Directorate and Director of the National Cybersecurity Center, believed that better metrics are needed to drive better security practices in the private sector. Currently, the US is developing the “Cybersecurity Framework for improving critical infrastructure” that would also include metrics. A survey reveals that while 75% of respondents state that metrics are ‘important’ or ‘very important’ to a risk-based security program, 53% don’t believe or are unsure that they are used in their organizations in a manner properly aligned with business objectives. In addition, 51% didn’t believe or are unsure that their organizations’ metrics adequately convey the effectiveness of security risk management efforts to senior executives19. Also, even if governments and organizations are aware of the benefits of using metrics, their definition and management are still considered very complex by many. There is a need for better metrics and performance indicators to be developed and shared. Challenge #10: Cloud computing will continue to play a major role in the ICT environment. Cloud technologies have already been adopted by many organizations and their number is expected to increase. According to a Lockheed Martin Cyber Security Alliance survey, at the end of 2012, 39% of responding government IT agencies have planned new investments in cloud computing, while 21% have already invested in cloud solutions. Cloud computing is a big opportunity and will play a major role in tomorrow’s economy. Cloud has been identified as the fourth of twelve disruptive technologies that will transform life, business and the global economy. Its projected potential economic impact (2025) has been estimated at $1.7-6.2 trillion along with a 15-20% potential productivity gain across IT infrastructure, application development, and package software20. At the same time, cloud computing presents cybersecurity issues at different levels - technical, organizational, procedural and legal – that have to be addressed. Challenge #11: The online protection of children is a key challenge in the information society. Kids use technology from an early age and have many chances to socialize online. This, however, exposes them to numerous risks. They can be exposed to inappropriate content or contact, including from potential perpetrators of sexual abuse or violence. Parents, teachers and educators are not sufficiently aware of what happening on the net, and training is not a priority yet. Finally, industry and governments need to proactively promote digital citizenship and help facilitate childrens’ positive use of ICTs. Some countries have already taken important steps to implement a child online protection strategy and these can be considered as best practises. International cooperation and collaboration among different stakeholders is the key to ensuring a safer online environment for children. Challenge #12: Despite many countries having launched their National CERTs, a large number of the CERTs worldwide do not have the right capabilities and tools. As revealed by ENISA’s study, the maturity of national cybersecurity and critical information infrastructure protection (CIIP) strategies and the roles of national/governmental CERTs in these strategies are currently not harmonized between countries and depend strongly on the specific context of a country21. Few 19 http://www.tripwire.com/ponemon/2013/#metrics 20 http://www.mckinsey.com/insights/business_technology/disruptive_technologies 21 http://www.enisa.europa.eu/activities/cert/support/baseline-capabilities
guidelines and resources are available to help countries in establishing their national capabilities aligned with national strategies. Challenge #13: Most countries do not have a National Cyber Security Strategy. EU, African Union and Organization of American States are promoting the definition of National Strategies that address a few common aspects of fighting global threats and include phenomenon that are universally recognized as negative (e.g. child pornography). There is a need for countries to work towards defining their own strategies, basing it on a common set of fundamental aspects. 4. Conclusion The above sections, while reemphasizing that confidence and security are among the main pillars of the Information Society, highlighted the progress made in the implementation of Action Line C5 since 2005 as well as some of the potential challenges beyond 2015.

Recommended

Delusions of-safety-cyber-savvy-ceo
Delusions of-safety-cyber-savvy-ceoDelusions of-safety-cyber-savvy-ceo
Delusions of-safety-cyber-savvy-ceoJoão Rufino de Sales
 
Cyber savvy (2)
Cyber savvy (2)Cyber savvy (2)
Cyber savvy (2)naveen p
 
Online security – an assessment of the new
Online security – an assessment of the newOnline security – an assessment of the new
Online security – an assessment of the newsunnyjoshi88
 
Final cyber risk report 24 feb
Final cyber risk report 24 febFinal cyber risk report 24 feb
Final cyber risk report 24 febmharbpavia
 
As telcos go digital, cybersecurity risks intensify by pwc
As telcos go digital, cybersecurity risks intensify by pwcAs telcos go digital, cybersecurity risks intensify by pwc
As telcos go digital, cybersecurity risks intensify by pwcMert Akın
 
Adrian Ifrim - prezentare - Cyber Security Trends 2020
Adrian Ifrim - prezentare - Cyber Security Trends 2020Adrian Ifrim - prezentare - Cyber Security Trends 2020
Adrian Ifrim - prezentare - Cyber Security Trends 2020Business Days
 
Cosmin Vilcu - Sonicwal - prezentare - Cyber Security Trends 2020
Cosmin Vilcu - Sonicwal - prezentare - Cyber Security Trends 2020Cosmin Vilcu - Sonicwal - prezentare - Cyber Security Trends 2020
Cosmin Vilcu - Sonicwal - prezentare - Cyber Security Trends 2020Business Days
 
IDC Best Practices in Private Sector Cyber Security
IDC Best Practices in Private Sector Cyber SecurityIDC Best Practices in Private Sector Cyber Security
IDC Best Practices in Private Sector Cyber Securityinside-BigData.com
 

Recommended

Delusions of-safety-cyber-savvy-ceo
Delusions of-safety-cyber-savvy-ceoDelusions of-safety-cyber-savvy-ceo
Delusions of-safety-cyber-savvy-ceoJoão Rufino de Sales
 
Cyber savvy (2)
Cyber savvy (2)Cyber savvy (2)
Cyber savvy (2)naveen p
 
Online security – an assessment of the new
Online security – an assessment of the newOnline security – an assessment of the new
Online security – an assessment of the newsunnyjoshi88
 
Final cyber risk report 24 feb
Final cyber risk report 24 febFinal cyber risk report 24 feb
Final cyber risk report 24 febmharbpavia
 
As telcos go digital, cybersecurity risks intensify by pwc
As telcos go digital, cybersecurity risks intensify by pwcAs telcos go digital, cybersecurity risks intensify by pwc
As telcos go digital, cybersecurity risks intensify by pwcMert Akın
 
Adrian Ifrim - prezentare - Cyber Security Trends 2020
Adrian Ifrim - prezentare - Cyber Security Trends 2020Adrian Ifrim - prezentare - Cyber Security Trends 2020
Adrian Ifrim - prezentare - Cyber Security Trends 2020Business Days
 
Cosmin Vilcu - Sonicwal - prezentare - Cyber Security Trends 2020
Cosmin Vilcu - Sonicwal - prezentare - Cyber Security Trends 2020Cosmin Vilcu - Sonicwal - prezentare - Cyber Security Trends 2020
Cosmin Vilcu - Sonicwal - prezentare - Cyber Security Trends 2020Business Days
 
IDC Best Practices in Private Sector Cyber Security
IDC Best Practices in Private Sector Cyber SecurityIDC Best Practices in Private Sector Cyber Security
IDC Best Practices in Private Sector Cyber Securityinside-BigData.com
 
Threat Actors and Innovators - Webinar
Threat Actors and Innovators - Webinar Threat Actors and Innovators - Webinar
Threat Actors and Innovators - Webinar Sparity Inc.
 
2010 6 Things u need 2 know in 2010 Whitepaper Final
2010 6 Things u need 2 know in 2010 Whitepaper Final2010 6 Things u need 2 know in 2010 Whitepaper Final
2010 6 Things u need 2 know in 2010 Whitepaper FinalLarry Taylor Ph.D.
 
INFOGRAPHIC: The Evolution of Data Privacy
INFOGRAPHIC: The Evolution of Data PrivacyINFOGRAPHIC: The Evolution of Data Privacy
INFOGRAPHIC: The Evolution of Data PrivacySymantec
 
idg_secops-solutions
idg_secops-solutionsidg_secops-solutions
idg_secops-solutionsJonny Nässlander
 
Yugo Neumorni - prezentare - Cyber Security Trends 2020
Yugo Neumorni - prezentare - Cyber Security Trends 2020Yugo Neumorni - prezentare - Cyber Security Trends 2020
Yugo Neumorni - prezentare - Cyber Security Trends 2020Business Days
 
Volume2 chapter1 security
Volume2 chapter1 securityVolume2 chapter1 security
Volume2 chapter1 securityat MicroFocus Italy ❖✔
 
RESEARCH PAPER
RESEARCH PAPERRESEARCH PAPER
RESEARCH PAPERTanvi Jindal
 
Heidi
HeidiHeidi
Heidikategat
 
IBM 2015 Cyber Security Intelligence Index
IBM 2015 Cyber Security Intelligence IndexIBM 2015 Cyber Security Intelligence Index
IBM 2015 Cyber Security Intelligence IndexAndreanne Clarke
 
Securing mobile devices_in_the_business_environment
Securing mobile devices_in_the_business_environmentSecuring mobile devices_in_the_business_environment
Securing mobile devices_in_the_business_environmentK Singh
 
Gebm os presentation final
Gebm os presentation finalGebm os presentation final
Gebm os presentation finalsunnyjoshi88
 
Information Security - Hiring Trends and Trends for the Future PDF
Information Security - Hiring Trends and Trends for the Future PDFInformation Security - Hiring Trends and Trends for the Future PDF
Information Security - Hiring Trends and Trends for the Future PDFAlexander Goodwin
 
OSA - Internet Security in India
OSA - Internet Security in IndiaOSA - Internet Security in India
OSA - Internet Security in IndiaDinesh O Bareja
 
Online security – an assessment of the new
Online security – an assessment of the newOnline security – an assessment of the new
Online security – an assessment of the newsunnyjoshi88
 
comm16en01_dafc4
comm16en01_dafc4comm16en01_dafc4
comm16en01_dafc4Filip Stojkovski
 
The 5 Biggest Cybersecurity Trends In 2020 Everyone Should Know About
The 5 Biggest Cybersecurity Trends In 2020 Everyone Should Know AboutThe 5 Biggest Cybersecurity Trends In 2020 Everyone Should Know About
The 5 Biggest Cybersecurity Trends In 2020 Everyone Should Know AboutBernard Marr
 
American Bar Association guidelines on Cyber Security standards
American Bar Association guidelines on Cyber Security standardsAmerican Bar Association guidelines on Cyber Security standards
American Bar Association guidelines on Cyber Security standardsDavid Sweigert
 
KPMG Publish and Be Damned Cyber Vulnerability Index 2012
KPMG Publish and Be Damned Cyber Vulnerability Index 2012KPMG Publish and Be Damned Cyber Vulnerability Index 2012
KPMG Publish and Be Damned Cyber Vulnerability Index 2012Charmaine Servado
 
UK Cyber Vulnerability Index 2013
UK Cyber Vulnerability Index 2013UK Cyber Vulnerability Index 2013
UK Cyber Vulnerability Index 2013Martin Jordan
 
Gsn 2014 digital yearbook of homeland security awards
Gsn 2014 digital yearbook of homeland security awardsGsn 2014 digital yearbook of homeland security awards
Gsn 2014 digital yearbook of homeland security awardsChuck Brooks
 
Beincomp e
Beincomp eBeincomp e
Beincomp eDr Lendy Spires
 
WSIS10 Action Line C7 e-Government Lead Facilitator: UNDESA
WSIS10 Action Line C7 e-Government Lead Facilitator: UNDESAWSIS10 Action Line C7 e-Government Lead Facilitator: UNDESA
WSIS10 Action Line C7 e-Government Lead Facilitator: UNDESADr Lendy Spires
 

More Related Content

What's hot

Threat Actors and Innovators - Webinar
Threat Actors and Innovators - Webinar Threat Actors and Innovators - Webinar
Threat Actors and Innovators - Webinar Sparity Inc.
 
2010 6 Things u need 2 know in 2010 Whitepaper Final
2010 6 Things u need 2 know in 2010 Whitepaper Final2010 6 Things u need 2 know in 2010 Whitepaper Final
2010 6 Things u need 2 know in 2010 Whitepaper FinalLarry Taylor Ph.D.
 
INFOGRAPHIC: The Evolution of Data Privacy
INFOGRAPHIC: The Evolution of Data PrivacyINFOGRAPHIC: The Evolution of Data Privacy
INFOGRAPHIC: The Evolution of Data PrivacySymantec
 
Yugo Neumorni - prezentare - Cyber Security Trends 2020
Yugo Neumorni - prezentare - Cyber Security Trends 2020Yugo Neumorni - prezentare - Cyber Security Trends 2020
Yugo Neumorni - prezentare - Cyber Security Trends 2020Business Days
 
IBM 2015 Cyber Security Intelligence Index
IBM 2015 Cyber Security Intelligence IndexIBM 2015 Cyber Security Intelligence Index
IBM 2015 Cyber Security Intelligence IndexAndreanne Clarke
 
Securing mobile devices_in_the_business_environment
Securing mobile devices_in_the_business_environmentSecuring mobile devices_in_the_business_environment
Securing mobile devices_in_the_business_environmentK Singh
 
Gebm os presentation final
Gebm os presentation finalGebm os presentation final
Gebm os presentation finalsunnyjoshi88
 
Information Security - Hiring Trends and Trends for the Future PDF
Information Security - Hiring Trends and Trends for the Future PDFInformation Security - Hiring Trends and Trends for the Future PDF
Information Security - Hiring Trends and Trends for the Future PDFAlexander Goodwin
 
OSA - Internet Security in India
OSA - Internet Security in IndiaOSA - Internet Security in India
OSA - Internet Security in IndiaDinesh O Bareja
 
Online security – an assessment of the new
Online security – an assessment of the newOnline security – an assessment of the new
Online security – an assessment of the newsunnyjoshi88
 
The 5 Biggest Cybersecurity Trends In 2020 Everyone Should Know About
The 5 Biggest Cybersecurity Trends In 2020 Everyone Should Know AboutThe 5 Biggest Cybersecurity Trends In 2020 Everyone Should Know About
The 5 Biggest Cybersecurity Trends In 2020 Everyone Should Know AboutBernard Marr
 
American Bar Association guidelines on Cyber Security standards
American Bar Association guidelines on Cyber Security standardsAmerican Bar Association guidelines on Cyber Security standards
American Bar Association guidelines on Cyber Security standardsDavid Sweigert
 
KPMG Publish and Be Damned Cyber Vulnerability Index 2012
KPMG Publish and Be Damned Cyber Vulnerability Index 2012KPMG Publish and Be Damned Cyber Vulnerability Index 2012
KPMG Publish and Be Damned Cyber Vulnerability Index 2012Charmaine Servado
 
UK Cyber Vulnerability Index 2013
UK Cyber Vulnerability Index 2013UK Cyber Vulnerability Index 2013
UK Cyber Vulnerability Index 2013Martin Jordan
 
Gsn 2014 digital yearbook of homeland security awards
Gsn 2014 digital yearbook of homeland security awardsGsn 2014 digital yearbook of homeland security awards
Gsn 2014 digital yearbook of homeland security awardsChuck Brooks
 

What's hot (20)

Threat Actors and Innovators - Webinar
Threat Actors and Innovators - Webinar Threat Actors and Innovators - Webinar
Threat Actors and Innovators - Webinar
 
2010 6 Things u need 2 know in 2010 Whitepaper Final
2010 6 Things u need 2 know in 2010 Whitepaper Final2010 6 Things u need 2 know in 2010 Whitepaper Final
2010 6 Things u need 2 know in 2010 Whitepaper Final
 
INFOGRAPHIC: The Evolution of Data Privacy
INFOGRAPHIC: The Evolution of Data PrivacyINFOGRAPHIC: The Evolution of Data Privacy
INFOGRAPHIC: The Evolution of Data Privacy
 
idg_secops-solutions
idg_secops-solutionsidg_secops-solutions
idg_secops-solutions
 
Yugo Neumorni - prezentare - Cyber Security Trends 2020
Yugo Neumorni - prezentare - Cyber Security Trends 2020Yugo Neumorni - prezentare - Cyber Security Trends 2020
Yugo Neumorni - prezentare - Cyber Security Trends 2020
 
Volume2 chapter1 security
Volume2 chapter1 securityVolume2 chapter1 security
Volume2 chapter1 security
 
RESEARCH PAPER
RESEARCH PAPERRESEARCH PAPER
RESEARCH PAPER
 
Heidi
HeidiHeidi
Heidi
 
IBM 2015 Cyber Security Intelligence Index
IBM 2015 Cyber Security Intelligence IndexIBM 2015 Cyber Security Intelligence Index
IBM 2015 Cyber Security Intelligence Index
 
Securing mobile devices_in_the_business_environment
Securing mobile devices_in_the_business_environmentSecuring mobile devices_in_the_business_environment
Securing mobile devices_in_the_business_environment
 
Gebm os presentation final
Gebm os presentation finalGebm os presentation final
Gebm os presentation final
 
Information Security - Hiring Trends and Trends for the Future PDF
Information Security - Hiring Trends and Trends for the Future PDFInformation Security - Hiring Trends and Trends for the Future PDF
Information Security - Hiring Trends and Trends for the Future PDF
 
OSA - Internet Security in India
OSA - Internet Security in IndiaOSA - Internet Security in India
OSA - Internet Security in India
 
Online security – an assessment of the new
Online security – an assessment of the newOnline security – an assessment of the new
Online security – an assessment of the new
 
comm16en01_dafc4
comm16en01_dafc4comm16en01_dafc4
comm16en01_dafc4
 
The 5 Biggest Cybersecurity Trends In 2020 Everyone Should Know About
The 5 Biggest Cybersecurity Trends In 2020 Everyone Should Know AboutThe 5 Biggest Cybersecurity Trends In 2020 Everyone Should Know About
The 5 Biggest Cybersecurity Trends In 2020 Everyone Should Know About
 
American Bar Association guidelines on Cyber Security standards
American Bar Association guidelines on Cyber Security standardsAmerican Bar Association guidelines on Cyber Security standards
American Bar Association guidelines on Cyber Security standards
 
KPMG Publish and Be Damned Cyber Vulnerability Index 2012
KPMG Publish and Be Damned Cyber Vulnerability Index 2012KPMG Publish and Be Damned Cyber Vulnerability Index 2012
KPMG Publish and Be Damned Cyber Vulnerability Index 2012
 
UK Cyber Vulnerability Index 2013
UK Cyber Vulnerability Index 2013UK Cyber Vulnerability Index 2013
UK Cyber Vulnerability Index 2013
 
Gsn 2014 digital yearbook of homeland security awards
Gsn 2014 digital yearbook of homeland security awardsGsn 2014 digital yearbook of homeland security awards
Gsn 2014 digital yearbook of homeland security awards
 

Viewers also liked

WSIS10 Action Line C7 e-Government Lead Facilitator: UNDESA
WSIS10 Action Line C7 e-Government Lead Facilitator: UNDESAWSIS10 Action Line C7 e-Government Lead Facilitator: UNDESA
WSIS10 Action Line C7 e-Government Lead Facilitator: UNDESADr Lendy Spires
 
CFAO Interim Financial Report 2014
CFAO Interim Financial Report 2014 CFAO Interim Financial Report 2014
CFAO Interim Financial Report 2014 Dr Lendy Spires
 
WSIS10 Action Line C7 e-Environment Lead Facilitator: WMO, Co-Facilitators UN...
WSIS10 Action Line C7 e-Environment Lead Facilitator: WMO, Co-Facilitators UN...WSIS10 Action Line C7 e-Environment Lead Facilitator: WMO, Co-Facilitators UN...
WSIS10 Action Line C7 e-Environment Lead Facilitator: WMO, Co-Facilitators UN...Dr Lendy Spires
 
The Economics of the Informal Sector in Solid Waste Management Based on info...
The Economics of the Informal Sector in Solid Waste Management Based on info... The Economics of the Informal Sector in Solid Waste Management Based on info...
The Economics of the Informal Sector in Solid Waste Management Based on info...Dr Lendy Spires
 
Akzo nobel competition_law_compliance_manual_tcm9-16085
Akzo nobel competition_law_compliance_manual_tcm9-16085Akzo nobel competition_law_compliance_manual_tcm9-16085
Akzo nobel competition_law_compliance_manual_tcm9-16085Dr Lendy Spires
 
2014 Ibrahim Index of African Governance: Summary Report
2014 Ibrahim Index of African Governance: Summary Report2014 Ibrahim Index of African Governance: Summary Report
2014 Ibrahim Index of African Governance: Summary ReportDr Lendy Spires
 
A guide for business finance at umsobomvu
A guide for business finance at umsobomvuA guide for business finance at umsobomvu
A guide for business finance at umsobomvuDr Lendy Spires
 
Re technologies cost_analysis-wind_power
Re technologies cost_analysis-wind_powerRe technologies cost_analysis-wind_power
Re technologies cost_analysis-wind_powerDr Lendy Spires
 
2014 Ibrahim Index of African Governance: Data Report
2014 Ibrahim Index of African Governance: Data Report 2014 Ibrahim Index of African Governance: Data Report
2014 Ibrahim Index of African Governance: Data Report Dr Lendy Spires
 
2014 Ibrahim Index of African Governance: Country Profiles
2014 Ibrahim Index of African Governance: Country Profiles2014 Ibrahim Index of African Governance: Country Profiles
2014 Ibrahim Index of African Governance: Country ProfilesDr Lendy Spires
 

Viewers also liked (15)

Beincomp e
Beincomp eBeincomp e
Beincomp e
 
WSIS10 Action Line C7 e-Government Lead Facilitator: UNDESA
WSIS10 Action Line C7 e-Government Lead Facilitator: UNDESAWSIS10 Action Line C7 e-Government Lead Facilitator: UNDESA
WSIS10 Action Line C7 e-Government Lead Facilitator: UNDESA
 
5227107a4
5227107a45227107a4
5227107a4
 
CFAO Interim Financial Report 2014
CFAO Interim Financial Report 2014 CFAO Interim Financial Report 2014
CFAO Interim Financial Report 2014
 
WSIS10 Action Line C7 e-Environment Lead Facilitator: WMO, Co-Facilitators UN...
WSIS10 Action Line C7 e-Environment Lead Facilitator: WMO, Co-Facilitators UN...WSIS10 Action Line C7 e-Environment Lead Facilitator: WMO, Co-Facilitators UN...
WSIS10 Action Line C7 e-Environment Lead Facilitator: WMO, Co-Facilitators UN...
 
Report19
Report19Report19
Report19
 
Cc 2011 final_scores
Cc 2011 final_scoresCc 2011 final_scores
Cc 2011 final_scores
 
The Economics of the Informal Sector in Solid Waste Management Based on info...
The Economics of the Informal Sector in Solid Waste Management Based on info... The Economics of the Informal Sector in Solid Waste Management Based on info...
The Economics of the Informal Sector in Solid Waste Management Based on info...
 
Akzo nobel competition_law_compliance_manual_tcm9-16085
Akzo nobel competition_law_compliance_manual_tcm9-16085Akzo nobel competition_law_compliance_manual_tcm9-16085
Akzo nobel competition_law_compliance_manual_tcm9-16085
 
2014 Ibrahim Index of African Governance: Summary Report
2014 Ibrahim Index of African Governance: Summary Report2014 Ibrahim Index of African Governance: Summary Report
2014 Ibrahim Index of African Governance: Summary Report
 
A guide for business finance at umsobomvu
A guide for business finance at umsobomvuA guide for business finance at umsobomvu
A guide for business finance at umsobomvu
 
Re technologies cost_analysis-wind_power
Re technologies cost_analysis-wind_powerRe technologies cost_analysis-wind_power
Re technologies cost_analysis-wind_power
 
2014 Ibrahim Index of African Governance: Data Report
2014 Ibrahim Index of African Governance: Data Report 2014 Ibrahim Index of African Governance: Data Report
2014 Ibrahim Index of African Governance: Data Report
 
2014 Ibrahim Index of African Governance: Country Profiles
2014 Ibrahim Index of African Governance: Country Profiles2014 Ibrahim Index of African Governance: Country Profiles
2014 Ibrahim Index of African Governance: Country Profiles
 
Uxiiibook 08 ld_cs
Uxiiibook 08 ld_csUxiiibook 08 ld_cs
Uxiiibook 08 ld_cs
 

Similar to WSIS C5 Progress, Challenges in ICT Security

Get Ahead of Cyber Security by Tiffy Issac, Partner EY India
Get Ahead of Cyber Security by Tiffy Issac, Partner EY IndiaGet Ahead of Cyber Security by Tiffy Issac, Partner EY India
Get Ahead of Cyber Security by Tiffy Issac, Partner EY IndiaRahul Neel Mani
 
The National Cyber Security Strategy: Success Through Cooperation
The National Cyber Security Strategy: Success Through CooperationThe National Cyber Security Strategy: Success Through Cooperation
The National Cyber Security Strategy: Success Through CooperationMark Johnson
 
CTO-Cybersecurity-2010-Dr. Martin Koyabe
CTO-Cybersecurity-2010-Dr. Martin KoyabeCTO-Cybersecurity-2010-Dr. Martin Koyabe
CTO-Cybersecurity-2010-Dr. Martin Koyabesegughana
 
Wef risk responsibility_hyperconnectedworld_report_2014
Wef risk responsibility_hyperconnectedworld_report_2014Wef risk responsibility_hyperconnectedworld_report_2014
Wef risk responsibility_hyperconnectedworld_report_2014Silvia Cardona
 
CYBER SECURITY FOR PRIVATE AND DOMESTIC USE -VIKASH SINGH BAGHEL.pdf
CYBER SECURITY FOR PRIVATE AND DOMESTIC USE -VIKASH SINGH BAGHEL.pdfCYBER SECURITY FOR PRIVATE AND DOMESTIC USE -VIKASH SINGH BAGHEL.pdf
CYBER SECURITY FOR PRIVATE AND DOMESTIC USE -VIKASH SINGH BAGHEL.pdfVikashSinghBaghel1
 
The importance of understanding the global cybersecurity index
The importance of understanding the global cybersecurity indexThe importance of understanding the global cybersecurity index
The importance of understanding the global cybersecurity indexShivamSharma909
 
Guideline Thailand Cybersecure Strate Digital Economy
Guideline Thailand Cybersecure Strate Digital EconomyGuideline Thailand Cybersecure Strate Digital Economy
Guideline Thailand Cybersecure Strate Digital EconomySettapong_CyberSecurity
 
Omlis Data Breaches Report - An Inside Perspective
Omlis Data Breaches Report - An Inside Perspective Omlis Data Breaches Report - An Inside Perspective
Omlis Data Breaches Report - An Inside Perspective Omlis
 
Industry program panel - SINCONF ACM
Industry program panel - SINCONF ACMIndustry program panel - SINCONF ACM
Industry program panel - SINCONF ACMchristophefeltus
 
IRJET- Cybersecurity: The Agenda for the Decade
IRJET- Cybersecurity: The Agenda for the DecadeIRJET- Cybersecurity: The Agenda for the Decade
IRJET- Cybersecurity: The Agenda for the DecadeIRJET Journal
 
Combating Cybersecurity Challenges with Advanced Analytics
Combating Cybersecurity Challenges with Advanced AnalyticsCombating Cybersecurity Challenges with Advanced Analytics
Combating Cybersecurity Challenges with Advanced AnalyticsCognizant
 
A Comprehensive Review of Cyber Security, Threats and Cyber Attacks
A Comprehensive Review of Cyber Security, Threats and Cyber AttacksA Comprehensive Review of Cyber Security, Threats and Cyber Attacks
A Comprehensive Review of Cyber Security, Threats and Cyber AttacksIRJET Journal
 
Vincent Ouma Mwando - strong encryption and protection of human rights-the vi...
Vincent Ouma Mwando - strong encryption and protection of human rights-the vi...Vincent Ouma Mwando - strong encryption and protection of human rights-the vi...
Vincent Ouma Mwando - strong encryption and protection of human rights-the vi...Vincent Mwando
 
Your organization is at risk! Upgrade your IT security & IT governance now.
Your organization is at risk! Upgrade your IT security & IT governance now.Your organization is at risk! Upgrade your IT security & IT governance now.
Your organization is at risk! Upgrade your IT security & IT governance now.Cyril Soeri
 

Similar to WSIS C5 Progress, Challenges in ICT Security (20)

Delusions of-safety-cyber-savvy-ceo
Delusions of-safety-cyber-savvy-ceoDelusions of-safety-cyber-savvy-ceo
Delusions of-safety-cyber-savvy-ceo
 
IE_ERS_CyberAnalysisReport
IE_ERS_CyberAnalysisReportIE_ERS_CyberAnalysisReport
IE_ERS_CyberAnalysisReport
 
Get Ahead of Cyber Security by Tiffy Issac, Partner EY India
Get Ahead of Cyber Security by Tiffy Issac, Partner EY IndiaGet Ahead of Cyber Security by Tiffy Issac, Partner EY India
Get Ahead of Cyber Security by Tiffy Issac, Partner EY India
 
The National Cyber Security Strategy: Success Through Cooperation
The National Cyber Security Strategy: Success Through CooperationThe National Cyber Security Strategy: Success Through Cooperation
The National Cyber Security Strategy: Success Through Cooperation
 
CTO-Cybersecurity-2010-Dr. Martin Koyabe
CTO-Cybersecurity-2010-Dr. Martin KoyabeCTO-Cybersecurity-2010-Dr. Martin Koyabe
CTO-Cybersecurity-2010-Dr. Martin Koyabe
 
Wef risk responsibility_hyperconnectedworld_report_2014
Wef risk responsibility_hyperconnectedworld_report_2014Wef risk responsibility_hyperconnectedworld_report_2014
Wef risk responsibility_hyperconnectedworld_report_2014
 
CYBER SECURITY FOR PRIVATE AND DOMESTIC USE -VIKASH SINGH BAGHEL.pdf
CYBER SECURITY FOR PRIVATE AND DOMESTIC USE -VIKASH SINGH BAGHEL.pdfCYBER SECURITY FOR PRIVATE AND DOMESTIC USE -VIKASH SINGH BAGHEL.pdf
CYBER SECURITY FOR PRIVATE AND DOMESTIC USE -VIKASH SINGH BAGHEL.pdf
 
The importance of understanding the global cybersecurity index
The importance of understanding the global cybersecurity indexThe importance of understanding the global cybersecurity index
The importance of understanding the global cybersecurity index
 
Guideline Thailand Cybersecure Strate Digital Economy
Guideline Thailand Cybersecure Strate Digital EconomyGuideline Thailand Cybersecure Strate Digital Economy
Guideline Thailand Cybersecure Strate Digital Economy
 
Omlis Data Breaches Report - An Inside Perspective
Omlis Data Breaches Report - An Inside Perspective Omlis Data Breaches Report - An Inside Perspective
Omlis Data Breaches Report - An Inside Perspective
 
Industry program panel - SINCONF ACM
Industry program panel - SINCONF ACMIndustry program panel - SINCONF ACM
Industry program panel - SINCONF ACM
 
Industry program panel
Industry program panelIndustry program panel
Industry program panel
 
Cyber Readiness Index 2.0
Cyber Readiness Index 2.0Cyber Readiness Index 2.0
Cyber Readiness Index 2.0
 
IRJET- Cybersecurity: The Agenda for the Decade
IRJET- Cybersecurity: The Agenda for the DecadeIRJET- Cybersecurity: The Agenda for the Decade
IRJET- Cybersecurity: The Agenda for the Decade
 
Get Prepared
Get PreparedGet Prepared
Get Prepared
 
Combating Cybersecurity Challenges with Advanced Analytics
Combating Cybersecurity Challenges with Advanced AnalyticsCombating Cybersecurity Challenges with Advanced Analytics
Combating Cybersecurity Challenges with Advanced Analytics
 
A Comprehensive Review of Cyber Security, Threats and Cyber Attacks
A Comprehensive Review of Cyber Security, Threats and Cyber AttacksA Comprehensive Review of Cyber Security, Threats and Cyber Attacks
A Comprehensive Review of Cyber Security, Threats and Cyber Attacks
 
Vincent Ouma Mwando - strong encryption and protection of human rights-the vi...
Vincent Ouma Mwando - strong encryption and protection of human rights-the vi...Vincent Ouma Mwando - strong encryption and protection of human rights-the vi...
Vincent Ouma Mwando - strong encryption and protection of human rights-the vi...
 
Io t whitepaper_5_15_17
Io t whitepaper_5_15_17Io t whitepaper_5_15_17
Io t whitepaper_5_15_17
 
Your organization is at risk! Upgrade your IT security & IT governance now.
Your organization is at risk! Upgrade your IT security & IT governance now.Your organization is at risk! Upgrade your IT security & IT governance now.
Your organization is at risk! Upgrade your IT security & IT governance now.
 

Recently uploaded

Intellectual property rightsand its types.pptx
Intellectual property rightsand its types.pptxIntellectual property rightsand its types.pptx
Intellectual property rightsand its types.pptxBipin Adhikari
 
Call Girls In The Ocean Pearl Retreat Hotel New Delhi 9873777170
Call Girls In The Ocean Pearl Retreat Hotel New Delhi 9873777170Call Girls In The Ocean Pearl Retreat Hotel New Delhi 9873777170
Call Girls In The Ocean Pearl Retreat Hotel New Delhi 9873777170Sonam Pathan
 
Font Performance - NYC WebPerf Meetup April '24
Font Performance - NYC WebPerf Meetup April '24Font Performance - NYC WebPerf Meetup April '24
Font Performance - NYC WebPerf Meetup April '24Paul Calvano
 
PHP-based rendering of TYPO3 Documentation
PHP-based rendering of TYPO3 DocumentationPHP-based rendering of TYPO3 Documentation
PHP-based rendering of TYPO3 DocumentationLinaWolf1
 
Q4-1-Illustrating-Hypothesis-Testing.pptx
Q4-1-Illustrating-Hypothesis-Testing.pptxQ4-1-Illustrating-Hypothesis-Testing.pptx
Q4-1-Illustrating-Hypothesis-Testing.pptxeditsforyah
 
Top 10 Interactive Website Design Trends in 2024.pptx
Top 10 Interactive Website Design Trends in 2024.pptxTop 10 Interactive Website Design Trends in 2024.pptx
Top 10 Interactive Website Design Trends in 2024.pptxDyna Gilbert
 
定制(AUT毕业证书)新西兰奥克兰理工大学毕业证成绩单原版一比一
定制(AUT毕业证书)新西兰奥克兰理工大学毕业证成绩单原版一比一定制(AUT毕业证书)新西兰奥克兰理工大学毕业证成绩单原版一比一
定制(AUT毕业证书)新西兰奥克兰理工大学毕业证成绩单原版一比一Fs
 
办理(UofR毕业证书)罗切斯特大学毕业证成绩单原版一比一
办理(UofR毕业证书)罗切斯特大学毕业证成绩单原版一比一办理(UofR毕业证书)罗切斯特大学毕业证成绩单原版一比一
办理(UofR毕业证书)罗切斯特大学毕业证成绩单原版一比一z xss
 
『澳洲文凭』买詹姆士库克大学毕业证书成绩单办理澳洲JCU文凭学位证书
『澳洲文凭』买詹姆士库克大学毕业证书成绩单办理澳洲JCU文凭学位证书『澳洲文凭』买詹姆士库克大学毕业证书成绩单办理澳洲JCU文凭学位证书
『澳洲文凭』买詹姆士库克大学毕业证书成绩单办理澳洲JCU文凭学位证书rnrncn29
 
『澳洲文凭』买拉筹伯大学毕业证书成绩单办理澳洲LTU文凭学位证书
『澳洲文凭』买拉筹伯大学毕业证书成绩单办理澳洲LTU文凭学位证书『澳洲文凭』买拉筹伯大学毕业证书成绩单办理澳洲LTU文凭学位证书
『澳洲文凭』买拉筹伯大学毕业证书成绩单办理澳洲LTU文凭学位证书rnrncn29
 
SCM Symposium PPT Format Customer loyalty is predi
SCM Symposium PPT Format Customer loyalty is prediSCM Symposium PPT Format Customer loyalty is predi
SCM Symposium PPT Format Customer loyalty is predieusebiomeyer
 
Film cover research (1).pptxsdasdasdasdasdasa
Film cover research (1).pptxsdasdasdasdasdasaFilm cover research (1).pptxsdasdasdasdasdasa
Film cover research (1).pptxsdasdasdasdasdasa494f574xmv
 
办理多伦多大学毕业证成绩单|购买加拿大UTSG文凭证书
办理多伦多大学毕业证成绩单|购买加拿大UTSG文凭证书办理多伦多大学毕业证成绩单|购买加拿大UTSG文凭证书
办理多伦多大学毕业证成绩单|购买加拿大UTSG文凭证书zdzoqco
 
Packaging the Monolith - PHP Tek 2024 (Breaking it down one bite at a time)
Packaging the Monolith - PHP Tek 2024 (Breaking it down one bite at a time)Packaging the Monolith - PHP Tek 2024 (Breaking it down one bite at a time)
Packaging the Monolith - PHP Tek 2024 (Breaking it down one bite at a time)Dana Luther
 
Blepharitis inflammation of eyelid symptoms cause everything included along w...
Blepharitis inflammation of eyelid symptoms cause everything included along w...Blepharitis inflammation of eyelid symptoms cause everything included along w...
Blepharitis inflammation of eyelid symptoms cause everything included along w...Excelmac1
 
Magic exist by Marta Loveguard - presentation.pptx
Magic exist by Marta Loveguard - presentation.pptxMagic exist by Marta Loveguard - presentation.pptx
Magic exist by Marta Loveguard - presentation.pptxMartaLoveguard
 
定制(Lincoln毕业证书)新西兰林肯大学毕业证成绩单原版一比一
定制(Lincoln毕业证书)新西兰林肯大学毕业证成绩单原版一比一定制(Lincoln毕业证书)新西兰林肯大学毕业证成绩单原版一比一
定制(Lincoln毕业证书)新西兰林肯大学毕业证成绩单原版一比一Fs
 
Elevate Your Business with Our IT Expertise in New Orleans
Elevate Your Business with Our IT Expertise in New OrleansElevate Your Business with Our IT Expertise in New Orleans
Elevate Your Business with Our IT Expertise in New Orleanscorenetworkseo
 

Recently uploaded (20)

young call girls in Uttam Nagar🔝 9953056974 🔝 Delhi escort Service
young call girls in Uttam Nagar🔝 9953056974 🔝 Delhi escort Serviceyoung call girls in Uttam Nagar🔝 9953056974 🔝 Delhi escort Service
young call girls in Uttam Nagar🔝 9953056974 🔝 Delhi escort Service
 
Intellectual property rightsand its types.pptx
Intellectual property rightsand its types.pptxIntellectual property rightsand its types.pptx
Intellectual property rightsand its types.pptx
 
Call Girls In The Ocean Pearl Retreat Hotel New Delhi 9873777170
Call Girls In The Ocean Pearl Retreat Hotel New Delhi 9873777170Call Girls In The Ocean Pearl Retreat Hotel New Delhi 9873777170
Call Girls In The Ocean Pearl Retreat Hotel New Delhi 9873777170
 
Font Performance - NYC WebPerf Meetup April '24
Font Performance - NYC WebPerf Meetup April '24Font Performance - NYC WebPerf Meetup April '24
Font Performance - NYC WebPerf Meetup April '24
 
PHP-based rendering of TYPO3 Documentation
PHP-based rendering of TYPO3 DocumentationPHP-based rendering of TYPO3 Documentation
PHP-based rendering of TYPO3 Documentation
 
Q4-1-Illustrating-Hypothesis-Testing.pptx
Q4-1-Illustrating-Hypothesis-Testing.pptxQ4-1-Illustrating-Hypothesis-Testing.pptx
Q4-1-Illustrating-Hypothesis-Testing.pptx
 
Top 10 Interactive Website Design Trends in 2024.pptx
Top 10 Interactive Website Design Trends in 2024.pptxTop 10 Interactive Website Design Trends in 2024.pptx
Top 10 Interactive Website Design Trends in 2024.pptx
 
定制(AUT毕业证书)新西兰奥克兰理工大学毕业证成绩单原版一比一
定制(AUT毕业证书)新西兰奥克兰理工大学毕业证成绩单原版一比一定制(AUT毕业证书)新西兰奥克兰理工大学毕业证成绩单原版一比一
定制(AUT毕业证书)新西兰奥克兰理工大学毕业证成绩单原版一比一
 
办理(UofR毕业证书)罗切斯特大学毕业证成绩单原版一比一
办理(UofR毕业证书)罗切斯特大学毕业证成绩单原版一比一办理(UofR毕业证书)罗切斯特大学毕业证成绩单原版一比一
办理(UofR毕业证书)罗切斯特大学毕业证成绩单原版一比一
 
『澳洲文凭』买詹姆士库克大学毕业证书成绩单办理澳洲JCU文凭学位证书
『澳洲文凭』买詹姆士库克大学毕业证书成绩单办理澳洲JCU文凭学位证书『澳洲文凭』买詹姆士库克大学毕业证书成绩单办理澳洲JCU文凭学位证书
『澳洲文凭』买詹姆士库克大学毕业证书成绩单办理澳洲JCU文凭学位证书
 
『澳洲文凭』买拉筹伯大学毕业证书成绩单办理澳洲LTU文凭学位证书
『澳洲文凭』买拉筹伯大学毕业证书成绩单办理澳洲LTU文凭学位证书『澳洲文凭』买拉筹伯大学毕业证书成绩单办理澳洲LTU文凭学位证书
『澳洲文凭』买拉筹伯大学毕业证书成绩单办理澳洲LTU文凭学位证书
 
SCM Symposium PPT Format Customer loyalty is predi
SCM Symposium PPT Format Customer loyalty is prediSCM Symposium PPT Format Customer loyalty is predi
SCM Symposium PPT Format Customer loyalty is predi
 
Film cover research (1).pptxsdasdasdasdasdasa
Film cover research (1).pptxsdasdasdasdasdasaFilm cover research (1).pptxsdasdasdasdasdasa
Film cover research (1).pptxsdasdasdasdasdasa
 
办理多伦多大学毕业证成绩单|购买加拿大UTSG文凭证书
办理多伦多大学毕业证成绩单|购买加拿大UTSG文凭证书办理多伦多大学毕业证成绩单|购买加拿大UTSG文凭证书
办理多伦多大学毕业证成绩单|购买加拿大UTSG文凭证书
 
Packaging the Monolith - PHP Tek 2024 (Breaking it down one bite at a time)
Packaging the Monolith - PHP Tek 2024 (Breaking it down one bite at a time)Packaging the Monolith - PHP Tek 2024 (Breaking it down one bite at a time)
Packaging the Monolith - PHP Tek 2024 (Breaking it down one bite at a time)
 
Blepharitis inflammation of eyelid symptoms cause everything included along w...
Blepharitis inflammation of eyelid symptoms cause everything included along w...Blepharitis inflammation of eyelid symptoms cause everything included along w...
Blepharitis inflammation of eyelid symptoms cause everything included along w...
 
Magic exist by Marta Loveguard - presentation.pptx
Magic exist by Marta Loveguard - presentation.pptxMagic exist by Marta Loveguard - presentation.pptx
Magic exist by Marta Loveguard - presentation.pptx
 
定制(Lincoln毕业证书)新西兰林肯大学毕业证成绩单原版一比一
定制(Lincoln毕业证书)新西兰林肯大学毕业证成绩单原版一比一定制(Lincoln毕业证书)新西兰林肯大学毕业证成绩单原版一比一
定制(Lincoln毕业证书)新西兰林肯大学毕业证成绩单原版一比一
 
Model Call Girl in Jamuna Vihar Delhi reach out to us at 🔝9953056974🔝
Model Call Girl in Jamuna Vihar Delhi reach out to us at 🔝9953056974🔝Model Call Girl in Jamuna Vihar Delhi reach out to us at 🔝9953056974🔝
Model Call Girl in Jamuna Vihar Delhi reach out to us at 🔝9953056974🔝
 
Elevate Your Business with Our IT Expertise in New Orleans
Elevate Your Business with Our IT Expertise in New OrleansElevate Your Business with Our IT Expertise in New Orleans
Elevate Your Business with Our IT Expertise in New Orleans
 

WSIS C5 Progress, Challenges in ICT Security

  • 1. Progress and challenges in the implementation of WSIS Action Line C5: Building confidence and security in the use of ICTs This draft document is for information purposes only. It has been prepared by an external expert and does not necessarily reflect the views of ITU or its Secretariat. 1. Introduction This document presents a brief summary of the progress made in the implementation of Action Line C5 since WSIS (2005), and highlights some emerging trends and related post-2015 potential challenges. 2. Review 2.1 Some of the areas of Action Line C5 that saw good progress are: o Education/Awareness: Most national cybersecurity strategies (and organizational policies) place a particular emphasis on awareness, although these may not have always been followed by the adoption of action plans1. o Fight against SPAM: In the last years, numbers on spam and phishing attacks via traditional routes have fallen. The Estimated Global Email Spam Per Day (in billions) has decreased from 62 in 2010 to 42 in 2011 and to 30 in 20122. Even if total numbers decreased, there is an increase of spam and phishing through social media and through targeted attacks. o Use of electronic documents and transactions: Electronic payment transaction is growing worldwide. For instance, one-third of the world's roughly 280 billion annual non-cash payments occur in Europe—and this number is growing. The number of non-cash transactions increased from 70 billion in 2005 to 91 billion in 2011 and will exceed 175 billion transactions by 20203 o Sharing of best practices: Many activities have been initiated to create best practices at national and international levels, although these are not always shared between public and private organizations. o Incident Response: Many organizations and governments have increased their incident response capabilities. According to ABI Research, the Enterprise Incident Response market is set to see a dynamic growth over the next few years, totalling $14.79 billion by 20174. 1 http://www.oecd.org/sti/ieconomy/cybersecurity%20policy%20making.pdf 2http://www.symantec.com/about/news/resources/press_kits/detail.jsp?pkid=istr-18 3 https://www.atkearney.com/financial-institutions/featured-article/- /asset_publisher/j8IucAqMqEhB/content/winning-the-growth-challenge-in-payments/10192 4 https://www.abiresearch.com/press/enterprise-incident-response-market-booms-to-14bn-
  • 2. o Security of Online Transactions: In the last several years, the focus on security of online transaction has increased and numerous initiatives have been established in this regard5. 2.2 Some of the areas that, despite current efforts, may not have been sufficiently addressed are: o Cooperation between governments: Many national cybersecurity strategies aim to enhance international cooperation1, emphasizing the socio-economic dimension of cybersecurity. Though, the governments still need to create the right conditions to ensure effective dialogue and cooperation. Some initiatives exist but appear fragmented. o Response to Cybercrime (Public Private Partnership): Cybercrime continues to grow and evolve. Pomenon analysis has reported a 42% increase in the number of cyber attacks in 2012 in US, with organizations experiencing an average of 102 successful attacks per week, compared to 72 attacks per week in 2011 and 50 attacks per week in 20106. The attacks are becoming increasingly sophisticated, and highly focused. Considering the global nature of Internet and that cyberspace is largely owned and operated by the private sector, a close cooperation between both public and private actors is needed to reach a shared situational awareness that can help organizations to understand the real risk and the correct action to be taken to counter cybercrime. o Strengthening the Trust Framework: Increasing the level of trust in digital services, in cybersecurity and creating a trusted environment between public and private organizations are key challenges. The level of citizen trust in digital services and the Internet must be improved. Aware of this, the European Union in its Digital Agenda has identified “Trust and Security” as vital to a vibrant digital society. Furthermore, trust between key actors such as governments and operators is a critical enabler of cooperation on cybersecurity and information sharing, leading to a much more effective protection and incident response capabilities. o Encouraging further development of secure and reliable applications: Application security breach and related incidents due to the exploitation of application-level vulnerabilities are common. A survey study conducted involving 240 North American and European software development and software security influencers has revealed that application security incidents are common and have severe consequences. Many organizations still struggle with the most basic security flaws. Most do not have a holistic or strategic approach to application security and often application development and security teams and goals are not aligned for optimized results7. 3. Developments and challenges Challenge #1: While a few like-minded countries have developed strong cooperation, international cooperation is still quite fragmented. There are around 35 public national cybersecurity strategies and in almost all of them international cooperation is recognized as a critical element. Also, the Draft African Union Convention on the Establishment of a credible legal framework for Cyber security in Africa highlights 5 http://www1.american.edu/initeb/sm4801a/epayment8.htm 6 http://www.ponemon.org/local/upload/file/2012_US_Cost_of_Cyber_Crime_Study_FINAL6%20.pdf 7 http://www.coverity.com/library/pdf/the-software-security-risk-report.pdf
  • 3. international cooperation as a key element of African national strategies. Despite the relevance given to international cooperation, we have very few examples of proficient partnerships. Europe has been promoting international cooperation since 2006. Still, the European Commission is aware of a “fragmented approach at the European Union (EU) level and the need for stronger political commitment to Internet security efforts and for a strategic and comprehensive approach”8. Also the European Network and Information Security Agency (ENISA) firmly believes that EU cyber cooperation is crucial to “establishing a proficient and coherent approach to Network and Information Security (NIS) and this includes coordination throughout Europe as well as worldwide in both the public and private sectors”9. EU would also like to extend the scope to cross-border cooperation to enhance European capabilities, for example, to “collect and analyse data relating to information security in a cross-border context which could reveal trends that are not visible at present”. There are positive examples in the area of Computer Emergency Response Teams (CERTs) that constitute the best example of cooperation between entities in different countries. Challenge #2: The nature of the Internet and Digital services is evolving at an incredible pace, changing the role of the actors involved. National Telecom operators who used to be the key players in telecommunications are now playing a marginal role, as most of the services are delivered and managed by Over-the-top (OTT) operators. Usually, OTT are large international companies with little presence and traction in the users’ countries. Challenge #3: Passwords are a major vulnerability for the Internet and Digital Economy. Most of the online services rely on Digital identities that are protected by a password. Such security features have been proved to be weak. The number of attacks, incidents, violations, data breaches caused by weak authentication has now reached significant levels. For example, a study conducted by Internet security company BitDefender, has revealed that “over 250,000 user names, email addresses, and passwords used for Twitter sites can easily be found online and that 75% of Twitter username and password samples collected online were identical to those used for email accounts”10. Challenge #4: Adoption of smart devices is increasing constantly and is predicted to reach around 24 billion devices by 2020. There is significant on-going discussion on the “Internet of Things”. Use of smart devices is growing and mobile networks are now an affordable alternative to fixed lines. As Ms. Milanesi, Research Vice President at Gartner said, “in 2016, two-thirds of the mobile workforce will own a smartphone, and 40% of the workforce will be mobile”.11 In a few years almost all users will have access to smart devices, providing the opportunity to use new techniques and services to secure citizens. The evolution to the Internet of Things - in which sensors and actuators embedded in physical objects such as household or office appliances, vehicles, roadways, pacemakers - will further increase the number, type and complexity of smart devices. Mobility is considered one of the key challenges to organizations. A study by Lockheed Martin Cyber Security Alliance revealed that almost 7 out of 10 study participants believe that mobile device management is about the security of the devices12. In response, the industry is beginning to embed security 8 http://www.enisa.europa.eu/activities/Resilience-and-CIIP/cyber-crisis-cooperation/conference/cyber- exercise-conference/presentations/2.%20Conf%20Paris%20-June%202012-%20- %20A.%20RONNLUND%20-EC.pdf 9 EU cyber cooperation the digital frontline 10 http://www.twitip.com/75-use-same-password-for-twitter-and-email-study-finds/ 11 http://www.gartner.com/newsroom/id/2227215 12 http://www.lockheedmartin.com/content/dam/lockheed/data/isgs/documents/LM-Cyber-Security- Transformational-Technologies.pdf
  • 4. in smart devices. A study by Eurosmart, an international not-for-profit association that represents the voice of the Smart Security Industry for multi-sector applications, confirms the growth of the Smart Security Industry with the shipment of over 7.6 billion Smart Secure Devices in early 2013 as compared to 5.5 billion in 2010.13 Challenge #5: Detection and response are becoming critical aspects of a modern defence approach. As security countermeasures cannot guarantee full security, it is becoming increasingly important to detect and respond to incidents quickly and effectively, re-adapting the countermeasures to block future occurrences of the same attack. According to Ponemon Institute “a slow response to any security incident can be extremely costly –and is getting more expensive every year as attacks become more aggressive and sophisticated.” Over the past two years, Ponemon estimates the average time to resolve a cyber attack has grown to 24 days from 18, with an average cost for participating organizations rising to $591,780 from $415,748 – a 42% increase. This "ticking time bomb" is driving explosive growth in an Enterprise Incident Response market predicted to grow to $14.79 billion by 2017.”14 Challenge #6: Awareness is not enough; it should lead to Informed Action. Promoting awareness is a key element in national strategies and organizational policies. Educating and empowering people and firms to protect themselves online is a key challenge and it is needed to enhance both local and global cybersecurity levels. Awareness however, should be followed by informed action. A successful example is the UK “Get Safe Online” program, the UK government security service to help protect computers, mobile phones and other devices from malicious attack15. Challenge #7: Many governments and organisations have developed best practices that could reduce vulnerabilities and could help better manage cybersecurity incidents. Unfortunately, usually these best practices are not shared and are underused. For example, if governments and operators of Critical Infrastructures would share practices on Threat Analysis, Risk Assessment and Risk Mitigation, this would lead to a better common understanding of the threats and a much more effective integrated defence. A study by the UK government has estimated that “80% or more of currently successful attacks are defeatable by simple best practice, such as updating anti-virus software regularly”16. Also a study of the US State Department has demonstrated a more than 94% reduction in "measured" security risk through the rigorous automation and measurement of the Top 20 Controls17. Challenge #8: Standards could help both governments and the private sector increase their security, identify better solutions and also make international cooperation easier. The Council of Europe has indicated that the adoption of common standards can “remove barriers, safeguard users, protect the environment, ensure interoperability, reduce costs and encourage competition”. Furthermore, a study of the economic impact of standardization in EU has estimated that standardisation adds between 0.3% and 1% to the GDP thereby helping the ICT industry towards the target of contributing 20% of the EU’s GDP by 202018. There are different types of standards such as technical, functional, mandatory, optional and sector-specific. Each of these is the result of knowledge and wisdom acquired on specific cybersecurity aspects that, when shared, can enhance the capabilities of all users. 13 http://www.eurosmart.com/about.html 14 http://www.darkreading.com/management/co3-systems-delivers-security-incident-r/240149362 15 https://www.getsafeonline.org 16 https://www.gov.uk/government/uploads/system/uploads/attachment_data/file/60961/uk-cyber- security-strategy-final.pdf 17 http://www.sans.org/critical-security-controls/ 18 http://www.parlament.gv.at/PAKT/EU/XXIV/EU/12/44/EU_124406/imfname_10415050.pdf
  • 5. Challenge #9: Few measures/metrics are available for cybersecurity. In technology, what cannot be measured cannot be protected and this is also valid for cybersecurity. There is a general consensus for the need to define better cybersecurity metrics. In an interview in 2009, Reitinger, Deputy Undersecretary of the US Department of Homeland Security’s National Protection and Programs Directorate and Director of the National Cybersecurity Center, believed that better metrics are needed to drive better security practices in the private sector. Currently, the US is developing the “Cybersecurity Framework for improving critical infrastructure” that would also include metrics. A survey reveals that while 75% of respondents state that metrics are ‘important’ or ‘very important’ to a risk-based security program, 53% don’t believe or are unsure that they are used in their organizations in a manner properly aligned with business objectives. In addition, 51% didn’t believe or are unsure that their organizations’ metrics adequately convey the effectiveness of security risk management efforts to senior executives19. Also, even if governments and organizations are aware of the benefits of using metrics, their definition and management are still considered very complex by many. There is a need for better metrics and performance indicators to be developed and shared. Challenge #10: Cloud computing will continue to play a major role in the ICT environment. Cloud technologies have already been adopted by many organizations and their number is expected to increase. According to a Lockheed Martin Cyber Security Alliance survey, at the end of 2012, 39% of responding government IT agencies have planned new investments in cloud computing, while 21% have already invested in cloud solutions. Cloud computing is a big opportunity and will play a major role in tomorrow’s economy. Cloud has been identified as the fourth of twelve disruptive technologies that will transform life, business and the global economy. Its projected potential economic impact (2025) has been estimated at $1.7-6.2 trillion along with a 15-20% potential productivity gain across IT infrastructure, application development, and package software20. At the same time, cloud computing presents cybersecurity issues at different levels - technical, organizational, procedural and legal – that have to be addressed. Challenge #11: The online protection of children is a key challenge in the information society. Kids use technology from an early age and have many chances to socialize online. This, however, exposes them to numerous risks. They can be exposed to inappropriate content or contact, including from potential perpetrators of sexual abuse or violence. Parents, teachers and educators are not sufficiently aware of what happening on the net, and training is not a priority yet. Finally, industry and governments need to proactively promote digital citizenship and help facilitate childrens’ positive use of ICTs. Some countries have already taken important steps to implement a child online protection strategy and these can be considered as best practises. International cooperation and collaboration among different stakeholders is the key to ensuring a safer online environment for children. Challenge #12: Despite many countries having launched their National CERTs, a large number of the CERTs worldwide do not have the right capabilities and tools. As revealed by ENISA’s study, the maturity of national cybersecurity and critical information infrastructure protection (CIIP) strategies and the roles of national/governmental CERTs in these strategies are currently not harmonized between countries and depend strongly on the specific context of a country21. Few 19 http://www.tripwire.com/ponemon/2013/#metrics 20 http://www.mckinsey.com/insights/business_technology/disruptive_technologies 21 http://www.enisa.europa.eu/activities/cert/support/baseline-capabilities
  • 6. guidelines and resources are available to help countries in establishing their national capabilities aligned with national strategies. Challenge #13: Most countries do not have a National Cyber Security Strategy. EU, African Union and Organization of American States are promoting the definition of National Strategies that address a few common aspects of fighting global threats and include phenomenon that are universally recognized as negative (e.g. child pornography). There is a need for countries to work towards defining their own strategies, basing it on a common set of fundamental aspects. 4. Conclusion The above sections, while reemphasizing that confidence and security are among the main pillars of the Information Society, highlighted the progress made in the implementation of Action Line C5 since 2005 as well as some of the potential challenges beyond 2015.