Speech from Mr Houlin Zhao, ITU Deputy Secretary-General

Third Facilitation Meeting on the WSIS Action Line C5
Geneva, Switzerland
22 May 2008

Allow me to begin by welcoming you all to this, the Third Facilitation Meeting for WSIS Action Line C5 organized by ITU. Before I go any further, let me welcome you to ITU and also express my thanks to all those who have taken the time and have made the efforts to be here. I should also thank the Geneva Security Forum for their collaboration with ITU in the agenda for this Third Meeting.


Security and confidence in the use of ICTs are a top priority for the ITU, which is working to address new and emerging challenges to the Information Society, in its mission to connect the world and fulfil everyone’s fundamental right to communicate. The security of ICTs is vital to all modern communication systems, which cannot function without steps to ensure their integrity and reliability. Without security in the use of ICTs, valuable work in other WSIS targets [to introduce ICTs into education, government and healthcare] may be undermined.


By every measure, threats to cybersecurity are growing. According to the latest reports, the misuse of ICTs for criminal purposes is increasing. Cyberattacks are becoming more sophisticated, evolving from direct attacks on infrastructure to more advanced forms of fraud, theft of data and invasions of privacy. Cybercriminals are becoming more organized, extending their operations abroad and legitimizing illegal gains through money laundering. The threats to cybersecurity are clear and growing. If we are to create a future where the dangers created by cybercrime and cyberterrorism are kept to the minimum, if not completely eliminated, it is vital that we become better connected and more organized than the criminals we are fighting.

At the World Summit on the Information Society, world leaders acknowledged the importance of building security and confidence in the use of ICTs and entrusted ITU as sole Facilitator for WSIS Action Line C5 to coordinate the global response to these global challenges.

Cybersecurity is a top priority for ITU. All three Sectors and the General Secretariat have taken actions:

  • ITU-T has established milestone security standards in authentication, access control, confidentiality, integrity and security architecture for end-to-end communication systems.
  • ITU-R continues its work safeguarding quality of service against degradation or denial of service in radiocommunications.
  • ITU-D is developing cybersecurity capacities through its national cybersecurity framework, providing technical assistance and organizing capacity-building forums especially for developing countries, based on international best practices.

And yet, ITU cannot work to resolve these problems alone. Cyberthreats have become an international problem, needing a coordinated international response.

ITU is a unique forum where this international response can be coordinated. ITU responded to its obligations as Facilitator for Action Line C5 by launching the Global Cybersecurity Agenda (GCA) on 17 May 2007 as a pioneering initiative to coordinate the global response to the growing challenges to cybersecurity.


An expert panel of over one hundred leading experts from a wide range of backgrounds has been appointed to advise the Secretary-General on long-term strategies to promote cybersecurity. This High Level Experts Group (HLEG) met for the first time in Geneva on 5 October 2007 to develop concrete strategies to combat cybercrime and promote cybersecurity and is meeting again this week.

What are the key strengths of the GCA?

Firstly, the GCA links existing initiatives and provides an overarching framework for consensus, taking care to avoid duplication. Every GCA member brings their mandate and expertise to the table. In this way, we have created a powerful alliance uniting our strengths and expertise. For example, the work of the Council of Europe's Convention on Cybercrime has been instructive in the legal area; leading software and hardware companies are active in the technical work area; ITU's own work in standardization, Radio-communications and Development has also been very useful in the work of the GCA.


Secondly, the GCA enables cooperation between various stakeholder groups. The GCA has provided a framework where INTERPOL – the global organization for international law enforcement, with 186 member states – is sharing ideas with UNODC, the United Nations Office on Drugs and Crime. Many other stakeholders are involved, including the private sector, APECTEL (Asia Pacific Economic Telecommunications and Information Working Group) and UNITAR (United Nations Institute for Training and Research). By involving leading experts, we can thus facilitate the implementation of the strategies developed because those who can implement them are actively participating in their elaboration.


The GCA has generated significant interest and enjoys the active participation of world-renowned specialists from the private sector, academia, international organizations and government. The High-Level Expert Group held its second meeting yesterday and it was extremely well-attended and the experts are now well-advanced in their strategic proposals to promote cybersecurity.

Over the course of the next two days, we shall review the progress that this initiative has achieved and consider many of the challenges we face.

Today, we are less than 8 years from 2105 and it is important that we carefully assess the current and emerging threats, discuss solutions and agree on how we can collectively work towards meeting the goals of Action Line C5.


Let me take this opportunity to explain briefly, the structure of this meeting.

Session one will review existing cyberthreats and what is being done to stay ahead of new and emerging cyberthreats. Session two will consider civilian cyber-defense and user protection, while session three will look at new and emerging cyber-attacks. Session four will move the discussion on from problems and challenges towards solutions, leading to our review tomorrow of stakeholder activities and who is doing what in regards to promoting cybersecurity.


At the end of this meeting it is important that we arrive at a common understanding on the targets we are aiming at, knowing how we could measure these targets and create the necessary momentum to work collectively towards meeting the Goals of Action Line C5.

ITU is committed to working on all fronts to ensure a safer and more secure online environment. This meeting must make vital progress towards meeting the C5 goals. I trust that over these two days, we can make a valuable assessment of the progress we have made in building security and confidence in the use of ICTs. I look forward to your inputs as to how we can build confidence and security in the use of ICTs.

I should like to thank you for your support to ensure the success of this Action Line in addressing the growing challenges to the safer and more secure use of ICTs in the online world.