Ladies and gentlemen,
I am very pleased to be here with you today for this first joint UNITAR-ITU-UNODC session, which has been organized for the diplomatic community here in Geneva as well as for the staff of international organizations.
I hope that it will be a positive experience that we can replicate for other key topics closely linked to ITU and to the UN Agenda.
Ladies and gentlemen,
In the second decade of the 21st century I think it is fair to say that we now live in a hyperconnected world, where almost everyone – and almost every thing – is connected to information and communication technologies, ICTs.
Indeed, there will soon be six billion mobile cellular subscriptions worldwide, and there are already over 2.3 billion people online.
Those numbers will continue to grow, and it is our duty to ensure that ICTs are safe and secure – for the benefit of all the world’s seven billion people.
Unfortunately, hyperconnectivity has not come without risks and disadvantages – and I think we are all well aware of the growing issues of cybersecurity and cybercrime, which already take a huge toll on the global economy:
- In online fraud, identity theft, and lost intellectual property;
- On governments, companies and individuals around the world;
- Inflicting damage on the innocent, on the vulnerable, and on our children.
We need to address these issues, because in the world today everything depends on ICTs – and particularly on the networks which underpin them.
This includes emergency services; water supplies and power networks; food distribution chains; aircraft and shipping; navigation systems; industrial processes and supply chains; healthcare; public transportation; government services; and even our children’s education.
Even the most well-protected organizations and networks are vulnerable – as we can see from the online theft of thousands of files from the Pentagon in March last year.
That particular loss prompted US Deputy Defence Secretary William Lynn to say: “In the 21st Century, bits and bytes can be as threatening as bullets and bombs.”
We are very fortunate in that we have not seen a real cyberwar yet. But we are certainly witnessing a virtual, undeclared war in cyberspace; a war between the undeniable good which comes from being part of the global knowledge society, and the evil which could spoil it all.
Cybersecurity is not just an issue for developed countries.
If we look at the top attack destination countries we see not only the most developed nations, but also emerging economies too, such as Brazil, China, India and Russia.
Interestingly, we are now also seeing the same thing in terms of the top attack source countries – with cybercriminals attacking emerging economies from within, and from outside too.
According to the Cisco Global Threat Report, the number of unique instances of malware attacking companies more than doubled between consecutive quarters last year.
By many estimates, cybercrime is already a business which exceeds a trillion dollars a year.
A recent survey from the Ponemon Institute found that the average annual cost of cybercrime among large-sized organizations reached US$ 5.9 million in 2011, up 56% from 2010 – and that it took an average of 18 days to resolve a cyberattack.
The number of stolen devices being used to perpetrate crimes is rising so fast that one major South American company started a programme to block stolen cell phones in Mexico.
In a world where it is now predicted that there will be 50 billion connected devices by 2020, securing cyberspace has therefore become one of the most critical issues to be tackled on a global scale.
And they need to be tackled on a global scale – because they are global issues!
Ladies and gentlemen,
Cybersecurity and cybercrime affect each and every agency and programme of the United Nations. As we push forward the UN agenda for peace and safety, we must remember that cyberpeace and cybersecurity are part of this.
The UN Chief Executives Board has given high priority to this and has tasked ITU as a lead agency to coordinate within the UN systems’ High Level Committees on Management and Programming, and to report back to the CEB.
We are working together with UNODC and focal points of all CEB members to examine the policy and technology issues of cybersecurity and cybercrime.
We have also officially entered into a partnership with UNODC to assist our Member States in mitigating the risks posed by cybersecurity and cybercrime – through activities such as joint workshops, capacity building, and knowledge sharing.
Last week I was at the World Economic Forum in Davos, and I was very interested to participate in a session dedicated to hyperconnectivity, during which cybersecurity was discussed in some detail.
In particular we looked at the role which can played by the private sector – and I am very pleased to see such good representation from the private sector here in today’s high level panel.
Because in many ways the private sector stands to gain the most from the Internet – and to lose the most from cybersecurity attacks and cybercrime.
At Davos there was a private sector ‘Commitment to Cyber-resilience’ on the table, and I was very pleased to support this.
I also said there – and will say again today – that we would also be happy to see the private sector playing an active role in the ITU-IMPACT initiative, the first truly global multi-stakeholder and public–private alliance against cyberthreats.
ITU-IMPACT already brings together more than 140 countries, and is a very powerful example of the type of success that can be achieved at the international level.
Ladies and gentlemen,
I am firmly convinced that we must now work together to set international policies and standards, and to build an international framework of norms and principles for cybersecurity and cyberpeace.
As a specialized agency, ITU provides a global forum for discussing cybersecurity, and has been entrusted by world leaders to facilitate international dialogue and cooperation.
Within a global framework, the international community could recognize international norms and principles which are aimed at building a common understanding on ways of ensuring peace and stability in cyberspace.
In addition, other recommended actions, such as creating a code of conduct on countries’ use of information technology by countries, could help to create a cybersecurity culture at the international, regional and national levels, and create the possibility of having a harmonized and comprehensive approach to cybercrime.
Let me therefore invite you this afternoon to continue doing what we all do best – which is to work together, listening to all the different stakeholders, and building a better future for all the world’s people.
A world where cyberpeace and cybersecurity replace cyberthreats and cybercrime.