ITU Regional Cybersecurity Forum for Europe and CIS
Forum Agenda
Description: At the start of the 21st century, modern societies have a growing dependency on information and communication technologies (ICTs) that are globally interconnected. This interconnectivity creates interdependencies and risks that must be managed at national, regional and international levels. At the national level, each nation should consider organizing itself to take coordinated action related to the prevention of, preparation for, response to, and recovery from cyber incidents. Such action requires coordination and cooperation among national participants, i.e., those in government, business, and other organizations, as well as individual users who develop, own, provide, manage, service and use information systems and networks. The formulation and implementation of a common national
approach for cybersecurity and critical information infrastructure protection (CIIP) represents a first step in addressing the main challenges arising from globally interconnected ICT infrastructures. At the regional and international level, nations with compatible approaches and interests can engage in cooperation and coordination to further common objectives through mutually beneficial activities.
The forum, one in a series of regional events organized by ITU-D,
was organized in response to Resolution 130: Strengthening the role of ITU in building confidence and security in the use of information and communication technologies (Antalya, 2006) and the 2006 Doha Action Plan establishing ITU-D Study Group Question 22/1: Securing information and communication networks: Best practices for developing a culture of cybersecurity.
MONDAY 06 OCTOBER 2008 |
20:00− |
Welcome Reception at Hotel Metropolitan |
TUESDAY 07 OCTOBER 2008 |
08:00−09:00 |
Meeting Registration and Badging (Online pre-registration required) |
09:00−10:15 |
Meeting Opening and Welcome |
|
Welcoming Address: Plamen Vatchkov, Chairman, State
Agency for Information Technology and Communications (SAITC),
Bulgaria
Opening Remarks: Sami Al Basheer Al Morshid,
Director, Telecommunication Development Bureau, International
Telecommunication Union (ITU) |
10:15−10:30 |
Coffee/Tea Break |
10:30−12:00 |
Session 1: Towards an Integrated Approach for Cybersecurity and Critical Information Infrastructure Protection |
|
Session Description: The necessity of building confidence and security in the use of ICTs, promoting cybersecurity and protecting critical infrastructures at national levels is generally acknowledged. As national public and private actors bring their own perspective to the relevant importance of issues, in order to have a consistent approach, some countries have established cybersecurity/CIIP institutional framework structures while others have used a light-weight and non-institutional approach. This session will review, from a broad perspective, different approaches to such frameworks and their often similar components in order to provide meeting participants with a broad overview of the issues and challenges involved. The session will also present an overview of ITU activities to build confidence and security in the use of ICTs and the ITU National Cybersecurity/CIIP Self Assessment Toolkit.
The toolkit is intended to assist national governments in examining their existing national policies, procedures, norms, institutions, and relationships in light of national needs to enhance cybersecurity and address critical information infrastructure protection.
Session Moderator: Valérie Andrianavaly, Officer, Network and Information Security, DG Information Society and Media, European Commission
Speaker: Mark Sunner, Chief Security Analyst, MessageLabs
Speaker: Alexander Zolotnikov, Chief of Information Security, TransTeleCom
Speaker: Marco Obiso, Adviser, ICT Applications and
Cybersecurity Division, ITU Development Sector (ITU-D)
Speaker: Joseph Richardson, Consultant,
United States of America |
12:00−13:30 |
Lunch |
13:30−15:15 |
Session 2: Promoting a Culture of Cybersecurity |
|
Session Description: Confidence and security in using information and communication technologies are vital for building an inclusive, secure and global Information Society. The continuing changes in the use of ICTs, systems and networks offer significant advantages but also require a much greater emphasis on cybersecurity and critical information infrastructure protection by governments, businesses, other organizations and individual users, who develop, own, provide, manage service and use these networks. Given the interconnected features of ICTs, genuine cybersecurity can only be promoted when all connected stakeholders are aware of the existing dangers and threats and how they can protect themselves online. Government must play a leading role in bringing about a culture of cybersecurity and in supporting the efforts of other participants in this regard. In addition, regional and international cooperation is critical in fostering a global culture of cybersecurity. Session 2 looks closer at the building blocks needed to successfully promote a culture of cybersecurity.
Session Moderator: Janice Richardson, European
Schoolnet and Coordinator, Safer Internet Initiative
Speaker: Christine Sund, Cybersecurity Coordinator, ICT
Applications and Cybersecurity Division, ITU Telecommunication
Development Sector (ITU-D)
Speaker: Ilari Patrick Lindy, Senior Expert, Relations to Industry and International Organisations, ENISA
Speaker: Solange Ghernaouti–Hélie, Professor,
Faculty of Business and Economics, University of Lausanne, Switzerland
|
15:15−15:30 |
Coffee/Tea Break |
15:30−17:00 |
Session 3: Public ― Private Partnerships |
|
Session Description: With privatization, the vast majority of each country’s ICT networks are now owned and operated by the private sector. A key element of a national framework for cybersecurity and CIIP is bringing industry and government together in trusted forums to address common national security challenges. The basis of successful public−private partnerships is trust which is necessary for establishing, developing and maintaining sharing relationships between the private sector and government. Session 3 looks closer at the benefits as well as challenges associated with public−private partnerships.
Session Moderator: Krasimir Simonski, Deputy Chairman, State Agency for Information Technology and Communications (SAITC), Bulgaria
Speaker: Cheri McGuire, Principal Security Strategist,
Trustworthy Computing, Critical Infrastructure Protection Program,
Microsoft
Speaker: Vladimir Radunovic, DiploFoundation,
Malta
Speaker: Victor Minin, Representative, Information Security Association
Speaker: Jody Westby, CEO, Global Cyber Risk, United
States of America
|
17:00−17:15 |
Daily Wrap-Up and Announcements |
19:00− |
Reception hosted by the Chairman of the State Agency for Information Technology and Communications
at the Central Military Club
|
WEDNESDAY 08 OCTOBER 2008 |
09:00−10:15 |
Session 4: Legal Foundation and Enforcement |
|
Session Description: Appropriate national legislation, international legal coordination and enforcement are all important elements in preventing, detecting and responding to cybercrime and the misuse of ICTs. This requires updating of criminal laws, procedures and policies to address cybersecurity incidents and respond to cybercrime. As a result, many countries have made amendments in their penal codes, or are in the process of adopting amendments, in accordance with international conventions and recommendations. Session 4 looks closer at the need for a sound legal foundation and effective enforcement, reviews some of the national legal approaches taken and explores potential areas for international legal coordination efforts.
Session Moderator: Ehab Elsonbaty, Senior Judge, Damanhor Court,
Egypt
Speaker: Henrik Kaspersen, Professor, University of Amsterdam, The Netherlands, Member and Former Chair, Cybercrime
Convention Committee
Speaker: Marco Gercke, Lecturer, University of Cologne,
Germany
Speaker: Matthew Lamberti, Intellectual Property Law
Enforcement Coordinator for Eastern Europe, United States Department of
Justice, United States Embassy in Bulgaria
Speaker: Yavor Kolev, Chief Inspector, Head of Cybercrime
Unit, National Police Service, Bulgaria
|
10:15−10:30 |
Coffee/Tea Break |
10:30−12:00 |
Session 5: Organizational Structures and Incident Management Capabilities |
|
Session Description: A key activity for addressing cybersecurity at the national level requires preparing for, detecting, managing, and responding to cyber incidents through the establishment of watch, warning and incident response capabilities. Effective incident management requires consideration of funding, human resources, training, technological capability, government and private sector relationships, and legal requirements. Collaboration at all levels of government and with the private sector, academia, regional and international organizations, is necessary to raise awareness of potential attacks and steps toward remediation. Session 5 discusses best practices, organizational structures and related standards in the technical, managerial and financial aspects of establishing national, regional and international watch, warning, and incident response capabilities.
Session Moderator: TBD
Speaker: Jacek Gajewski, Secretary General, Central and Eastern European Networking Association (CEENet), Poland and Representative, ENISA
Permanent Stakeholder Group
Speaker: Alexander Zolotnikov, Chief of Information Security, TransTeleCom,
Russian Federation
Speaker: Mauro Vignati, MELANI, Federal Office of
Police, Switzerland
|
12:00−13:30 |
Lunch |
13:30−15:00 |
Session 6: A National Cybersecurity Strategy |
|
Session Description: Increasingly, electronic networks are being used for criminal purposes, or for objectives that can harm the integrity of critical infrastructure and create barriers for extending the benefits of ICTs. To address these threats and protect infrastructures, each country needs a comprehensive action plan that addresses technical, legal and policy issues, combined with regional and international cooperation. What issues should be considered in a national strategy for cybersecurity and critical information infrastructure protection? Which actors should be involved? Are there examples of frameworks that can be adopted? Session 6 seeks to explore in more detail various approaches, best practices, and the key building blocks that could assist countries in establishing national strategies for cybersecurity and CIIP.
Session Moderator: Roumen Trifonov, Secretary, Coordination Council on Information Society, Council of Ministers, Bulgaria
Speaker: Alexander Donos, Director, State
Enterprise, Center for Special Telecommunications, Moldova
Speaker: Valery Konyavskiy, Director, All-Russia Research-and-Development Institute for the Problems of Computing Equipment and Information (VNII PVTI),
Russian Federation
Speaker: Slavcho Manolov, Advisor to the Chairman of SAITC,
Bulgaria
|
15:00−15:15 |
Coffee/Tea Break |
15:15−17:00 |
Session 7: Review and Discussion: Organizing National Cybersecurity/CIIP Efforts |
|
Session Description: This session seeks to review and further discuss the elements required to develop and organize national cybersecurity/CIIP efforts and the related ITU National Cybersecurity/CIIP Self-Assessment Toolkit, identifying some of the main takeaways from the presentations in the different sessions and the country case studies in preparation for the concluding meeting discussions.
|
17:00−17:15 |
Daily Wrap-Up and Announcements |
|
|
THURSDAY 09 OCTOBER 2008 |
09:00−10:30 |
Session 8: Cybersecurity Forensics |
|
Session Description: This session will give an overview of cybersecurity forensics, incident analysis, and best practices for engagement with law enforcement.
Session Moderator: Andrea Ghirardini, Consultant and
Expert on Computer Forensics, United Nations Interregional Crime and
Justice Research Institute (UNICRI)
Speaker: Eugene Nickolov, Doctor of Mathematical
Sciences, Director, National Laboratory of Computer Virology, Bulgaria
Speaker: Ales Zavrsnik, Junior Researcher Associate
Institute of Criminology, Faculty of Law, Slovenia
Speaker: Fredesvinda Insa, Manager, Strategic Development, CYBEX,
Spain
|
10:30−10:45 |
Coffee/Tea Break |
10:45−12:30 |
Session 9: The Economics of Cybersecurity |
|
Session Description: Security flaws are often due to perverse incentives rather than the lack of suitable technical protection mechanisms. Since individuals and companies do not bear the entire costs of cyber incidents, they do not tend to protect their system in the most efficient way. If they did support all the financial consequences, they would have stronger incentives to make their network more secure for the good of all interconnected networks. This session reviews current leading thinking and research on the economics of cybersecurity.
Session Moderator: Roumen Trifonov, Secretary, Coordination Council on Information Society, Council of Ministers, Bulgaria
Speaker: Michel van Eeten, Associate Professor,
School of Technology, Policy and Management, Delft University of
Technology, The Netherlands, “ITU Study on the Financial Aspects of Network Security: Malware
and Spam”
Discussion: The Economics of Cybersecurity
|
12:30−14:00 |
Lunch |
14:00−15:30 |
Session 10: Regional and International Cooperation |
|
Session Description: Regional and international cooperation is extremely important in fostering national efforts and in facilitating interactions and exchanges. Regional and international cooperation is extremely important in fostering national efforts and in facilitating interactions and exchanges. The challenges posed by cyber-attacks and cybercrime are global and far reaching, and can only be addressed through a coherent strategy within a framework of international cooperation, taking into account the roles of different stakeholders and existing initiatives. As moderator/ facilitator for WSIS Action Line C5 dedicated to building confidence and security in the use of ICTs, ITU is discussing with key stakeholders on how to best respond in a coordinated manner to the growing cybersecurity challenges. The ITU Global Cybersecurity Agenda (GCA) provides a platform for dialogue aimed at leveraging existing initiatives, working with recognized sources of expertise in a framework for international cooperation, to elaborate global strategies for enhancing confidence and security in the information society. Session will review some of the ongoing initiatives to further the discussions, in order to identify possible next steps and concrete actions to foster and promote international cooperation for enhanced cybersecurity.
Panelist: Marco Obiso, Adviser, ICT Applications and Cybersecurity Division, ITU Development Sector (ITU-D)
Panelist: Ilari Patrick Lindy, Senior Expert, Relations to Industry and International Organisations, ENISA
Panelist: Alexander Donos, Director, State Enterprise, Center for Special Telecommunications, Moldova and Chairman of the Commission on Information Security under the Coordinating Council, Regional Commonwealth in the Field of Communication (RCC)
Panelist: Matthew Lamberti, Intellectual Property
Law Enforcement Coordinator for Eastern Europe, United States Department
of Justice, United States Embassy in Bulgaria, and Representative, 24/7
High Tech Crime Network
Panelist: Eduard Djanserikov, Head, Information Security Sector, JSC Kyrgyztelecom, Kyrgyz Republic, “Cooperation of Telecom Operators of RCC Participant Countries in the Field of Cybersecurity”
Panelist: Jaroslaw Ponder, Focal Point for Europe, ITU Development Sector (ITU-D)
|
15:30−15:45 |
Coffee/Tea Break |
15:45−16:45 |
Session 11: Wrap-Up, Recommendations and the Way Forward |
|
Session Description: The final session of the meeting reports some of the main findings from the event, and aims to elaborate recommendations for future activities in order to enhance cybersecurity and increase protection of critical information infrastructures in the region.
Session Moderators: Krasimir Simonski, Deputy Chairman, State Agency for Information Technology and Communications (SAITC), Bulgaria and Marco Obiso, Adviser, ICT Applications and Cybersecurity Division, ITU Development Sector (ITU-D)
|
16:45−17:00 |
Meeting Closing |
|
Closing remarks: Plamen Vatchkov, Chairman, State
Agency for Information Technology and Communications (SAITC),
Bulgaria
Closing remarks: Marco Obiso, Adviser, ICT Applications and Cybersecurity Division, ITU Development Sector (ITU-D) |
|
|
|
|