ITU News

Tells you what's happening in Telecommunications around the world

中文  |  Español  |  Français  |  Русский  |  download pdf
                     

Landmark decisions from Guadalajara
Cybersecurity
 
image
Photo credit: Shutterstock
 

Definitions and terminology relating to building confidence and security in the use of information and communication technologies

Resolution 181 (New)

Through this new resolution, the conference approved the definition of cybersecurity as expressed in Recommendation ITU–T X.1205 as follows:

“Cybersecurity is the collection of tools, policies, security concepts, security safeguards, guidelines, risk management approaches, actions, training, best practices, assurance and technologies that can be used to protect the cyber environment and organization and user’s assets. Organization and user’s assets include connected computing devices, personnel, infrastructure, applications, services, telecommunications systems, and the totality of transmitted and/or stored information in the cyber environment. Cybersecurity strives to ensure the attainment and maintenance of the security properties of the organization and user’s assets against relevant security risks in the cyber environment. The general security objectives comprise the following:

  • Availability;

  • Integrity, which may include authenticity and non-repudiation;

  • Confidentiality”.

From now on, this definition will be used in ITU activities that deal with building confidence and security in the use of ICT. The Secretary-General is instructed to bring this resolution to the attention of international organizations and other relevant entities dealing with the security of telecommunication/ICT for their consideration and any required action. The Director of TSB is instructed to report to the Council on any new or revised recommendations adopted by ITU–T that relate to, or affect, cybersecurity-related terminology and definitions or other relevant definitions concerning confidence and security in the use of ICT.

Strengthening the role of ITU in building confidence and security in the use of information and communication technologies

Resolution 130 (Rev. Guadalajara, 2010)

This updated resolution makes many references to recent decisions from other ITU bodies, as well as more recent initiatives such as the Global Cybersecurity Agenda. It resolves that ITU should continue to give this work high priority in accordance with its competences and expertise. The updated resolution draws some lines around areas that are considered “matters of national jurisdiction”. It says that “ITU shall focus resources and programmes on those areas of cybersecurity within its core mandate and expertise, notably the technical and development spheres, and not including areas related to Member States’ application of legal or policy principles related to national defence, national security, content and cybercrime, which are within their sovereign rights”. But as the resolution goes on to underline, this does not exclude ITU from carrying out its mandate to develop technical recommendations designed to reduce vulnerabilities in the ICT infrastructure, nor from providing the assistance that was agreed upon at the World Telecommunication Development Conference in Hyderabad India, in May–June 2010 (WTDC-10).

Indeed, one of the decisions from WTDC-10 was that ITU should assist Member States, in particular developing countries, in the elaboration of appropriate and workable legal measures relating to protection against cyberthreats. The revised resolution instructs the Director of BDT to develop, consistent with the results of WTDC-10, a project for enhancing cooperation on cybersecurity and combating spam in response to the needs of developing countries, in close collaboration with relevant partners.

It instructs the Director of the Telecommunication Standardization Bureau to intensify work within existing ITU–T study groups in order to address existing and future threats and vulnerabilities affecting efforts to build confidence and security in the use of ICT and to facilitate projects deriving from the outcomes of WTSA-08, in particular, Resolution 50 (Rev. Johannesburg, 2008) on cybersecurity and Resolution 52 (Rev. Johannesburg, 2008) on countering and combating spam. He should continue collaboration with relevant organizations with a view to exchanging best practices and disseminating information through joint workshops, training sessions and invitations for written contributions.

The resolution instructs the Secretary-General and the Directors of the Bureaux to continue to review the work done by the three Sectors and by other relevant organizations under the ITU Global Cybersecurity Agenda initiative, as well as other initiatives to address existing and future threats. Based on this review, the Secretary-General will propose an action plan to the Council in order to strengthen the role of ITU in building confidence and security in the use of ICT.

Finally, the resolution invites Member States, Sector Members and Associates to promote the development of educational and training programmes to enhance user awareness of risks in cyberspace.

ITU’s role in child online protection

Resolution 179 (New)

In response to concerns about how best to protect children and youth online, this new resolution seeks to establish a mandate for ITU’s work and activities in this area.

The resolution encourages ITU to continue its Child Online Protection (COP) initiative as a platform to raise awareness and educate people on the dangers of cyberspace. It also requests the ITU Council to continue its Council Working Group on child online protection. It encourages the ITU Secretary-General to coordinate ITU activities with other initiatives at the national, regional and international levels, as well as bringing this resolution to the attention of the United Nations Secretary-General with the aim of increasing the commitment of the UN system to protecting children online.

ITU’s role with regard to international public policy issues relating to the risk of illicit use of ICT

Resolution 174 (New)

Illicit use of information and communication technologies could have a detrimental impact on a country’s infrastructure, national security and economic development. This new resolution, entitled “ITU’s role with regard to international public policy issues relating to the risk of illicit use of information and communication technologies”, calls for action to curb such use. It instructs the Secretary-General to raise awareness of Member States regarding the adverse impact that may result from the illicit use of information and communication resources. He should also take the necessary measures to maintain the role of ITU to cooperate within its mandate with other United Nations bodies in combating the illicit use of ICT.

In this regard, the resolution underlines the importance of the outcomes of the World Summit on the Information Society (WSIS), in particular, the role of ITU as facilitator for WSIS Action Line C5 on building confidence and security in the use of ICT. It recalls that WSIS Action Line C5 stipulates that: “Governments, in cooperation with the private sector, should prevent, detect and respond to cybercrime and misuse of ICT by: developing guidelines that take into account ongoing efforts in these areas; considering legislation that allows for effective investigation and prosecution of such misuse; promoting effective mutual assistance efforts; strengthening institutional support at the international level for preventing, detecting and recovering from such incidents; and encouraging education and raising awareness.

The new resolution goes on to request ITU, in its capacity as facilitator for WSIS Action Line C5, to organize meetings of Member States and relevant ICT stakeholders, including geospatial and information service providers, to discuss approaches to addressing and preventing the illicit application of ICT, while bearing in mind the overall interests of the ICT industry. ITU will also collect best practices from Member States on actions they have taken to prevent the illicit use of ICT.

Member States and relevant ICT stakeholders are invited to pursue dialogue at regional and national levels in order to find solutions to the problem of illicit use of ICT.

 

  Previous Printable version Top email to a friend Next © Copyright ITU News 2019
Disclaimer - Privacy policy