International Telecommunication Union   ITU
Site Map Contact us Print Version
 Monday, 16 February 2009

A new report from ITU, highlights some harsh realities for the global ICT industry. The report, Confronting the Crisis: Its Impact on the ICT Industry, considers how the industry can position itself for recovery in the future.

Confronting the Crisis: Its Impact on the ICT Industry draws on analysis from leading industry experts and international institutions. As the established order is overturned, it says, convergence in the ICT industry will accelerate, with the emergence of new players with new business models. Firms’ ability to weather the economic storm will depend on their ability to invest for the future and explore new opportunities to benefit from the eventual upturn. For an industry founded on innovation, the current turmoil will create openings for nascent ICT companies.

Confronting the Crisis finds that although credit is now less abundant and more expensive, with financing costs for operators on average 3 − 4 per cent higher year-on-year, savvy operators can take advantage of the economic turmoil to reposition their services for the upturn. Funding is still available for players with sound business models, established demand and early projected cash flows. Alternative sources of financing are now needed, with a growing role for government financing and economic stimulus packages.

Many analysts contributing to Confronting the Crisis underlined the need for ICT as vital services and suggested that fixed-mobile substitution and consumers’ decision to switch to mobile telephony may gain momentum in developed markets during a prolonged recession. The report also notes that long project lead times for the satellite industry mean that it has been less affected in the short term, with strong recent growth in demand from developing countries. The financial difficulties facing the private sector could add to pressure for government intervention in the financing of national backbone infrastructure. Governments are already stepping in to diminish the impact on the transition to next-generation networks (NGN), which can carry voice, data and media services simultaneously. Several administrations have announced commitments to invest in their national backbone infrastructure, while others, such as the European Union, have included the roll-out of broadband networks in their economic stimulus packages. Although the financial crisis may delay investment in NGN, it has also led to a widespread reaffirmation of the importance of building advanced telecommunication infrastructure as part of an economic stimulus package.

See the full press release from 16 February 2009.
The report is available for download here.

Monday, 16 February 2009 13:49:33 (W. Europe Standard Time, UTC+01:00)  #     | 
 Tuesday, 09 December 2008

A recent ITU study dedicated to the "Financial Aspects of Network Security: Malware and Spam" (July 2008) reviews some of the current leading thinking and research on the economics of cybersecurity. The full study can be found here.

Security flaws are often due to perverse incentives rather than the lack of suitable technical protection mechanisms. As individuals and companies do not bear the entire costs of cyber incidents, they do not tend to protect their system in the most efficient way. If they did support all the financial consequences, they would have stronger incentives to make their network more secure for the good of all interconnected networks. Measures to improve information security enhance trust in online activities and contribute directly and indirectly to the welfare gains associated with the use of information and communication technologies (ICTs).

However, some expenditure on security is only necessary because of relentless attacks by fraudsters and cyber-criminals that undermine and threaten trust in online transactions. Such costs are not welfare-enhancing but instead a burden on society. Two vectors through which such attacks are carried out are malware and spam. During the past two decades, the production and dissemination of malware has grown into a multibillion dollar business. Damages created by fraudulent and criminal activities using malware and the costs of preventative measures are likely to exceed that number significantly. Malware puts the private and the public sector at risk because both increasingly rely on the value net of information services. Spam and malware have multifaceted financial implications on the costs and the revenues of participants in the ICT value chain. The costs carried by all stakeholders across the value network of information services are affected directly and indirectly by this. But most of the financial flows between the legal and illegal players in the underground cybercrime economy are only partially known. The ITU study is a survey of existing resources and data available when it comes to the economics and financial aspects of cybersecurity.

Access the ITU study on the "Financial Aspects of Network Security: Malware and Spam" (July 2008) here.

Tuesday, 09 December 2008 20:45:48 (W. Europe Standard Time, UTC+01:00)  #     | 
 Tuesday, 19 August 2008

The ITU-D recruited an expert to produce a study report concerning "Electronic Government for Developing Countries", which is intended to help address challenges in formulating e-Government policies. The draft version as of August 2008 is now available online on the ITU-D ICT Applications and Cybersecurity Division (CYB) website.

The purpose of this report is to examine the adoption of e-Government services in countries with developing economies. As the day-to-day business of a public administration is to build on data and information, using the latter is critical to help ensuring its accountability, managing its operations, and to allow its citizens to participate in the country's governance. With the revolutionary changes that ICTs are bringing to our global society, public administrations worldwide continue to develop more sophisticated ways to digitize their operations and practices so that they can offer the public access to government services in more effective and efficient ways.

The seven key recommendations outlined in this report are:

  • Developing a strategic plan to guide e-Government services;
  • Understanding the needs of citizens and of all public administration segments;
  • Using well established system development practices for e-Government services;
  • Creating a learning organization;
  • Developing effective ICT governance mechanisms;
  • Developing ICT capabilities, including human resources capacity building and suitable ICT infrastructure; and
  • Developing an e-Government security and disaster recovery plan.

To continue reading the report and its case studies, click here. More information on ITU-D activities related to ICT applications, click here.

Tuesday, 19 August 2008 14:52:07 (W. Europe Standard Time, UTC+01:00)  #     | 
 Wednesday, 16 April 2008

A presentation on "e-Environment Opportunities for ITU " has been posted online today on the ITU-D ICT Applications and Cybersecurity Division (CYB) website. The presentation was made by Robert Shaw, head of the ICT Applications and Cybersecurity division, for the ICTs and Climate Change Symposium in Kyoto, Japan on 15-16 April 2008. It discusses definitions, the ITU report on "ICTs for e-Environment", background and objectives, environmental issues, trends of ICTs for environment, the effects of ICTs, e-Environment and sustainable development, implications for developing countries, and opportunities for ITU. More relevant information on the ITU activities on climate change website and on the CYB e-Environment website.

Wednesday, 16 April 2008 08:20:36 (W. Europe Standard Time, UTC+01:00)  #     | 
 Tuesday, 01 April 2008

The impact of human activities on the environment – and on climate change in particular – are issues of growing concern confronting life on Earth. Concurrently, information and communication technologies (ICTs) are being rapidly deployed around the world. Although ICTs require energy resources, they also offer opportunities to monitor, learn about and protect the environment, reduce carbon emissions, and mitigate climate change.

A scoping study on using ICTs for environmental matters has been commissioned last year by the ITU's Telecommunication Development Bureau. This ICTs for e-Environment report approaches the issues from a development perspective and is based on consultations with key actors and extensive online research. It documents current activities and initiatives and makes a set of recommendations for strengthening the capacity of developing countries to make beneficial use of ICTs to mitigate and adapt to environmental change, including climate change.

The draft report and an overview presentation are available at ITU's ICT Applications and Cybersecurity Division dealing with e-Environment matters.

For more information about ITU activities relating to climate change, click here.

Tuesday, 01 April 2008 11:30:17 (W. Europe Standard Time, UTC+01:00)  #     | 
 Friday, 22 February 2008

The ITU Regional Cybersecurity Forum ended yesterday following the adoption of the Doha Declaration on Cybersecurity. The ITU Workshop on Frameworks for Cybersecurity and Critical Information Infrastructure Protection (CIIP) was held in Doha, Qatar, 18−21 February 2008 in collaboration with the Qatar Supreme Council of Information and Communication Technology (ictQATAR) and the Qatar Centre for Information Security (Q-CERT). Over 80 representatives from 18 countries in the Arab region as well as key regional organizations including the League of Arab States, Gulf Cooperation Council, and United Nations Economic and Social Commission for Western Asia, participated in the Forum.

"Global interconnectivity creates new interdependencies and risks that need to be managed at national, regional and international levels," said Mr Sami Al Basheer Al Morshid, Director of ITU’s Telecommunication Development Bureau. "The formulation and implementation by all nations of a national framework for cybersecurity and critical information infrastructure protection represents a significant first step in addressing the challenges arising from globally interconnected ICT infrastructures."

During the event, the role of governments in leading national cybersecurity efforts was discussed as well as the critical role of the private sector and other groups in developing policy and law aimed at the implementation and operation of a national cybersecurity strategy. The Forum stressed the importance of reviewing national cybercrime legislation to address threats in cyberspace and called for a national focal point for cyber-incident management to strengthen watch, warning, investigation, response and recovery. Discussions were also held on the necessity of promoting a national culture of cybersecurity to ensure that all users, owners and operators of information systems and networks know their responsibilities with regard to security and develop appropriate tools to combat cyber attacks.

Referring to the recent damage to undersea optical cables, said to have been caused by an adrift ship anchor according to the operator FLAG, Mr Al Basheer said that experience is the hardest teacher. "Whatever the cause, whether intentional or not, whether cybercrime or a mundane accident, the lesson we take away is that every nation needs to organize itself to take coordinated action related to the prevention of, preparation for, response to, and recovery from cyber incidents," said Mr Al Basheer.

Read more of the ITU press release here.

Friday, 22 February 2008 09:46:59 (W. Europe Standard Time, UTC+01:00)  #     | 
 Friday, 15 February 2008

The ITU-D secretariat-based derived base version of the October 2007 draft of the Study Group Q.22/1 Report on Best Practices for a National Approach to Cybersecurity: a Management Framework for Organizing National Cybersecurity Efforts is now available online.

This report provides national administrations with a management framework for addressing cybersecurity at the national level and for organizing and implementing a national cybersecurity strategy. As existing national capabilities vary greatly and threats constantly evolve, the report does not provide a prescriptive approach to securing cyberspace. Rather, the framework describes a flexible approach that can assist national administrations to review and improve their existing institutions, policies, and relationships addressing cybersecurity issues.

Although this report is focused on cybersecurity, we note that protection of physical network assets is an equally important priority. We also note that best practices in cybersecurity should in no way suppress freedom of speech, free flow of information and/or due process of law.

The five key elements outlined in this report are:

  • Developing a National Strategy for Cybersecurity;
  • Establishing National Government–Industry Collaboration;
  • Deterring Cybercrime;
  • Creating National Incident Management Capabilities; and
  • Promoting a National Culture of Cybersecurity.

This document is based on studies underway in the ITU Telecommunication Development Sector’s ITU-D Study Group Question 22/1: Securing information and communication networks: best practices for developing a culture of cybersecurity.

To continue reading the report, click here.
More information on ITU-D activities related to cybersecurity here.

Friday, 15 February 2008 15:34:49 (W. Europe Standard Time, UTC+01:00)  #     | 
 Tuesday, 05 February 2008

A presentation on "ICTs and e-Environment - Overview of BDT Scoping Study for Developing Countries" has been posted online today on the ITU-D ICT Applications and Cybersecurity Division (CYB) website. The presentation is based on the report "ICTs and e-Environment", which provides an overview on the contribution of information and communication technologies (ICTs) and related strategies as tools to assist developing countries in mitigating and adapting to environmental and climate change. The report will be available after final review on the division website.

Tuesday, 05 February 2008 17:32:26 (W. Europe Standard Time, UTC+01:00)  #     | 

A presentation on the "Overview of ITU-D Activities Related to Cybersecurity and Critical Information" has been posted online today on the ITU-D ICT Applications and Cybersecurity Division (CYB) website. The presentation by Robert Shaw, head of the ICT Applications and Cybersecurity division, provides background information on cybersecurity, a case study on the recent Interent outage, key activities of ITU-D, and an outline of the Framework for Organizing a National Approach to Cybersecurity. For more information on CYB's activities involving cybersecurity, visit the division website.

Tuesday, 05 February 2008 11:09:25 (W. Europe Standard Time, UTC+01:00)  #     | 
 Monday, 17 December 2007

A presentation on "Measuring National Cybersecurity Readiness" has been posted online today on the ITU-D ICT Applications and Cybersecurity Division (CYB) website. The presentation by Robert Shaw, head of the ICT Applications and Cybersecurity division, provides background information and resources on cybersecurity, information on related ITU-D activities and initiatives, and other relevant activities. For more information on CYB's activities involving cybersecurity, visit the division website.

Monday, 17 December 2007 17:25:52 (W. Europe Standard Time, UTC+01:00)  #     | 
 Wednesday, 14 November 2007

The Background Information on ITU Botnet Mitigation Toolkit is now available online and may be accessed on the ITU ICT Applications and Cybersecurity (CYB) Division's Botnet page. A Powerpoint presentation of the Project Overview is also available. For more relevant information, visit the CYB website.

Wednesday, 14 November 2007 16:17:51 (W. Europe Standard Time, UTC+01:00)  #     | 
 Monday, 12 November 2007

Microsoft releases the Asia Pacific Legislative Analysis: Current and Pending Online Safety and Cybercrime Laws, a study providing a high-level snapshot of the status of computer security, privacy, spam and online child safety legislation in the Asia Pacific region. Detailed analyses of these laws specific to Australia, China, Hong Kong, India, Indonesia, Japan, Malaysia, New Zealand, The Philippines, Singapore, South Korea, Taiwan, Thailand and Vietnam are also provided in this paper. For more information regarding this document, contact Julie Inman Grant, Regional Director, Corporate Affairs of Internet Safety and Security at Microsoft Asia Pacific. More Cybersecurity Legislation and Enforcement related resources are available at the CYB website.

Monday, 12 November 2007 09:57:14 (W. Europe Standard Time, UTC+01:00)  #     | 
 Friday, 12 October 2007

A presentation on the "ITU Telecommunication Development Sector Cybersecurity/CIIP Initiatives Overview" has been posted online today on the ITU-D ICT Applications and Cybersecurity Division (CYB) website. The presentation provides background information and resources on cybersecurity, information on related ITU-D activities and discussion of case studies. For more information on CYB's activities invovling cybersecurity, visit the division website.

Friday, 12 October 2007 12:54:49 (W. Europe Standard Time, UTC+01:00)  #     | 
 Tuesday, 09 October 2007
 Monday, 24 September 2007

A presentation on the ITU-D Cybersecurity Initiatives was given today, 24 September 2007, by Robert Shaw, head of the ICT Applications and Cybersecurity Division of the Telecommunication Development Sector to the ITU-T Study Group 17. The ITU Cybersecurity Work Programme to Assist Developing Countries, the ITU-D Study Group Question 22/1, the Self-Assessment Toolkit and the ITU Botnet Mitigation Toolkit were discussed among others. More on the ITU-T Study Group 17 here.

Monday, 24 September 2007 15:27:17 (W. Europe Standard Time, UTC+01:00)  #     | 
 Monday, 10 September 2007

The ITU News Nº 7 September-October 2007 edition features in its Cybersecurity Watch the Cybersecurity Work Programme for Developing Countries. The purpose of the Cybersecurity Watch column is to share information on ITU activities and initiatives related to cybersecurity and countering spam. More information on ITU activities in the domain of cybersecurity can be found at here. ITU–D's ICT Applications and Cybersecurity Division has information on its ongoing projects, resources and publications to assist ITU Member States, including an overview of the ITU Cybersecurity Work Programme for Developing Countries, as well as information on the toolkits mentioned in the article at the CYB website. Details on related workshops and other events can be found here.

Monday, 10 September 2007 11:13:43 (W. Europe Standard Time, UTC+01:00)  #     | 
 Tuesday, 04 September 2007

World Information and Communications Development Trends, a presentation by Robert Shaw, head of the ICT Applications and Cybersecurity Division, ITU Telecommunication Development Sector, is now available. It was presented to the Ministry of Information and Communications (MIC) in Hanoi, Viet Nam on 27 August 2007 discussing issues related to transition to new technologies and Next Generation Networks (NGN). For more relevant information, visit the CYB website.

Tuesday, 04 September 2007 13:20:31 (W. Europe Standard Time, UTC+01:00)  #     | 
 Tuesday, 26 June 2007

An ITU commissioned study on a Generic National Framework for Critical Information Infrastructure Protection is now available.

The objective was to outline a possible simple framework that could be of potential interest to developing countries who wished to establish a national Critical Information Infrastructure Protection (CIIP) programme. The framework is modeled after the Swiss Reporting and Analysis Center for Information Assurance (MELANI). The author, Manuel Suter, is from the Crisis and Risk Network (CRN), Center for Security Studies (CSS), ETH Zurich, Switzerland, who produce the International CIIP Handbook: An Inventory and Analysis of National Protection Policies.

The Center for Security Studies previously produced a study for ITU entitled A Comparative Analysis of Cybersecurity Initiatives Worldwide.

This paper has been submitted to ITU-D Study Group Question 22/1: Securing information and communication networks: best practices for developing a culture of cybersecurity for their consideration.

The views expressed in the study are those of the author and do not necessarily reflect the opinions of the ITU or of its membership.

Tuesday, 26 June 2007 20:14:42 (W. Europe Standard Time, UTC+01:00)  #     | 
 Wednesday, 30 May 2007

An electronic version of the 2007 Cybersecurity Guide for Developing Countries is available in English. Non-finalized versions are also available in Arabic, Chinese, French, Russian and Spanish. NB: A printed copy of this publication is available on request.

The 2006 version of the guide is available in English and French.

Wednesday, 30 May 2007 09:45:28 (W. Europe Standard Time, UTC+01:00)  #     |