Committed to connecting the world

Search
Girls in ICT

Programme

ITU Workshop on ICT Security Standardization Challenges for Developing Countries
Geneva, Switzerland, 15-16 Sept. 2014

Contact: tsbworkshops@itu.int

Day 1, Monday 15 September 2014

​08:30- 12:00Registration
​14:00 - 14:30

​Opening Session

Chairman: Zhaoji (George) Lin, SG17 Vice-Chairman, ZTE Corporation, China (P.R.) [ Biography | Speech Presentation ]

The objective of the workshop is to present activities and achievements of standardization on cybersecurity, data protection, trust services and cloud computing, focus in methodology of securing ICT within critical infrastructure, hear a reaction from security industry, address the interests and needs of users, and encourage collaboration between SDOs in security standardization for the special needs of developing countries.

Keynote Speeches

​14:30 - 16:15Session 1: ICT infrastructure development, new security threats and counter-measures

Moderator: Patrick Mwesigwa, SG17 Vice-Chairman, Q2/17 Rapporteur, Uganda [ Biography | Presentation ]

Today the critical role of ICT in virtually all socio-economic activities cannot be over-emphasized. Disruption of the ICT infrastructure can therefore result in disastrous consequences for governments as well as citizens’ social wellbeing. The need to ensure ICT robustness against cyber-attacks remains a key challenge at national as well as global level.

This session will address the current situation of ICT infrastructure development and the challenges such as new security threats and countermeasures including new trends in ICT. The session will highlight best practices in formulation of national strategies, government and industrial collaboration, sound legal formulation to fight cybercrime, national incident capabilities, and importance of rising national awareness on cybersecurity, among other things.

  • Challenges and Successes in the Zambian ICT Security Sector: Mainza Siamubayi Handongwe, Information and Communications University, Zambia [ Biography | Presentation ]
  • Security and business continuity for ICT: a case study by Orange: François Zamora, Orange [ Biography | Presentation ]
  • IoT (Internet of Things) and Security: Mikhail Kader, CISCO, Russian Federation [ Biography | Presentation ]
  • Mitigating online risk for postal e-services: Gustavo Damy, UPU [ Biography | Presentation ]
  • Smart grid security within IEC TC57/WG15: Fernando Alvarez, ABB, Switzerland [ BiographyPresentation ]

Discussion Panel

​16:15 - 16:30Coffee Break
16:30 - 18:15 ​​Session 2: End user security round table from both public and private sectors

Moderator: Koji Nakao, SG17 Vice-Chairman, WP1/17 Chairman, KDDI Corporation, Japan [ Biography | Presentation ]

After a set of presentations that highlight “end user security” in terms of identified security issues and requirements from each presenter’s perspective, a roundtable discussion will explore and identify security requirements/security capabilities required from the end user’s view points and how to utilize security technologies/standards.

Members of the roundtable discussion will cover both public and private sectors such as critical information infrastructure sectors, medical sector, educational sector (university) and telecom/mobile sectors etc.
           
  • Step-up authentication a key enabler of mobile on-line trust- Progress report of ITU-T and OASIS Trust Elevation work: Abbie Barbir, MBNA [ Biography | Presentation ]
  • Lightweight Cryptography for the Connected Car/ITS Security: Shiho Moriai, NICT, Japan [ Biography | Presentation ]  
  • ENISA role in ICT standardization: Slawomir Gorniak, ENISA [ Biography | Presentation ]               
  • Considerations for implementing secure enterprise mobility:  Eileen Bridges, Aetna [ Biography | Presentation ]
  • Identity Based Attestation and Open Exchange Protocol (IBOPS): Prof. Scott Streit, Hoyos Labs [ Biography | Presentation ]
  • Information security and PII for Big Data: Edward Humphreys, ISO/IEC JTC 1/SC 27(WG1 Convenor)  [ Biography | Presentation ]

Discussion Panel


Day 2, Tuesday 16 September 2014

​08:30 - 12:00Registration
​09:00 - 10:45Session 3: Cybersecurity and data protection

Moderator: Sacid Sarikaya, SG17 Vice-Chairman, WP2/17 Chairman, Turkey [ Biography | Presentation ]

Cybersecurity is the collection of tools, policies, security concepts, security safeguards, guidelines, risk management approaches, actions, training, best practices, assurance and technologies that can be used to protect the cyber environment. Widespread use of internet technologies and increasing number of cyber threats make cyber security more important. In this session, representatives from Kenya will share their cyber security experiences and challenges. Also, ITU-T cyber security standards, information exchange techniques, and ITU-D cyber security studies will be presented by the experts.
  • Securing information and communication networks: best practices for developing a culture of cybersecurity: Eliot Lear, Former (acting) ITU-D Q.22/1 Rapporteur, CISCO Systems [ Biography | Presentation ]
  • ITU-T CYBEX standards for Cybersecurity and data protection: Youki Kadobayashi, ITU-T Q4/17 Rapporteur [ Biography | Presentation ]
  • Overview of Kenya’s Cybersecurity Framework: Michael Kamuti Katundu,Information Technology Communications Authority of Kenya CIRT/CC [ Biography | Presentation ]
  • CYBEX implementation in Japan: MyJVN: JVN Security Content Automation Framework and CYBEX collaboration  Masato Terada, Hitachi [ Biography | Presentation ]
  • Validation and Reverse Business Process Documentation of on line services: Maurizio Talamo, Tor Vergata University of Rome [ Biography | Presentation ]

Discussion Panel: All

​10:45 - 11:00 Coffee Break
​11:00 - 12:45Session 4: ICT role in critical infrastructure protection

Moderator: Antonio Guimaraes, SG17 Vice-Chairman, WP4/17 Chairman, Brazil [ Biography | Presentation ]

Critical infrastructure is a term used by governments to describe assets that are essential for the functioning of a society, such as energy, transportation, telecommunication, water supply, agriculture, public health, financial services, etc. Most critical infrastructures rely on Information and Communication Technologies (ICTs), including industrial control systems (ICS), to perform essential functions. This dependency represents potential vulnerabilities and risks to operations. This section will focus in existing ICT security standards, guidelines, methodologies, and practices to enable critical infrastructure providers to achieve the resilience required.
  •  Critical telecommunication infrastructure protection in Brazil: Antonio Guimaraes; Paulo Moura, National Telecommunication Agency, Anatel, Brazil  [ Biography | Presentation ]
  • Critical Information Infrastructure Protection (CIIP): A Commonwealth Perspective: Martin Koyabe, Commonwealth Telecommunication Organization [ Biography | Presentation ]
  • Critical infrastructure protection: standardization to protect critical infrastructure objects: Vyacheslav Zolotnikov, Kaspersky Lab [ Biography | Presentation
  • Security by Design in Smart Grids – A Need to Rethink ICT in Power System Controls: Carsten Strunge, Energinet.dk, Denmark  [Biography | Presentation ]
  • Towards a partnership-based framework for secure ICT infrastructure in developing countries:  Bill McCrum, Telecom Consultant[ Biography | Presentation ]
  • ICT Regulator Role on National Security and Critical Infrastructure Protection: Suliman Alsamhan, Electronic Evidence Supervisor, Communication and Information Technology Commission (CITC), Saudi Arabia [ Biography | Presentation ]

Discussion Panel: All

​12:45 - 14:00 Lunch Break
​14:00 - 15:45Session 5:  Trust services and cloud security

Moderator: Heung Youl Youm, SG17 Vice-Chairman, WP3/17 Chairman, Korea (Republic of) [ Biography | Presentation ]

Cloud computing is a model for enabling service user’s ubiquitous, convenient, on-demand network access to a shared pool of configurable computing resources. Identity management (IdM) is the management of the life cycle and use of identity information. This session will focus on presenting existing ICT security standards, guidelines, and best practices in the area of cloud computing security and identity management to ensure trust services and cloud computing security.
  • Cloud security standardization activities in ITU-T: Huirong Tian, China [ Biography | Presentation ]
  • ITU-T SG17 Identity management (IdM) Progress Report : Abbie Barbir,  ITU-T Q10/17 Rapporteur [ Biography | Presentation ]  
  • X.509 in a changing world: Erik Andersen, Denmark  [ Biography | Presentation ]
  • National ID management system in Korea: Daeseon Choi, Electronics and Telecommunications Research Institute, Authentication Research Section /Leader [ Biography | Presentation ]                  
  • Introduction to ISO 29003 - Identity Proofing: Patrick Curry, British Business Federation Authority (& SC27 WG5) [ Biography | Presentation ]

Discussion Panel:  All

​15:45 - 16:00 ​Coffee Break
​16:00 - 17:45​​Session 6:  Security standardization challenges

Moderator: Herb Bertine (invited) [ Biography | Presentation ]

After a set of presentations that highlight ICT security standardization efforts in international and regional bodies, a roundtable discussion will explore security standardization challenges. Topics will include insights on the benefits and challenges associated with collaboration and cooperation and on challenges associated with ensuring standards will meet the needs of users, especially those in developing countries.

Open Roundtable

  • All speakers plus other organizations present (e.g., CCSA, TTA)
​17:45 - 18:30 ​Closing Panel

Mohammed Elhaj, SG17 Vice-Chairman, Q1/17 Rapporteur, Sudan [ Biography | Presentation ]


Summary and Conclusions:

  • All Session Chairmen

Final Discussions:

  • All

Closing Remarks:

 

 

© ITU All Rights Reserved

Back to top