Speech from Dr Hamadoun I. Touré, ITU Secretary-General

World Federation of Scientists Meeting
“Advancing the Global Cybersecurity Agenda and Promoting Cyberstatility Globally”
Erice, Italy
20 August 2009

Professor Zichichi,
Distinguished colleagues,
Ladies and gentlemen,
 
It is great pleasure to be here with you in Erice today to discuss cybersecurity – a subject which is not just topical, but also very close to my heart, and a core part of the work we are doing at ITU.

Information and communication technologies have become the keystone of modern society – as essential to development and prosperity as conventional networks like transport, power and water.

High-speed, always-on, broadband access is an increasingly critical platform for business activity of all kinds, as well as for the delivery of services ranging from e-health, e-education and e-government, to entertainment and interpersonal interaction.

It is therefore a great irony – as Barrack Obama has recently pointed out – that “the very technologies that empower us to create and to build also empower those who would disrupt and destroy.”

As we approach the end of the first decade of the 21st century, we increasingly rely on the Internet in every part of our lives; to shop, to do research, to bank, and to participate in the global society.

Cyberspace is now very much part of our common reality – and so are the risks which come with it. Indeed, in confronting cybercrime we have all had to learn a whole new language – a language of malware and spyware, of viruses and Trojan horses, of phishing and botnets.

It is estimated that cybercriminals stole up to a trillion dollars worth of intellectual property from businesses worldwide in 2008, and many millions of individuals have had their privacy violated, have suffered identity theft and have had their hard-earned savings stolen from them.

Governments constantly face cyberattacks – and terrorists increasingly rely not just on their weapons, but on the power of cyberspace technologies like GPS and VoIP to sow destruction. And increasingly women and children are being targeted online by traffickers and paedophiles.

Ladies and gentlemen,

Given the scale of the threat – and the phenomenal harm that can be caused by even a single cyber attack – we cannot rely on ad hoc solutions or hope to survive by strengthening our defences only after attacks have occurred.

No – we must work together, to ensure a coordinated response.

This was clearly recognized by the World Summit on the Information Society in 2005.

As a result, ITU – as the facilitator of WSIS Action Line C5 on Building Confidence and Security in the use of ICTs – took the important step of launching the Global Cybersecurity Agenda, or GCA, in 2007.

Remarkably, given the scale and the global nature of the problem, the GCA is the first truly international strategy to counter cybercrime. Designed as a framework for cooperation and response, it focuses on building partnerships and effective collaboration between all relevant parties.

One of ITU’s greatest strengths is this ability to bring key decision makers together, on an equitable footing, to share expertise and build consensus around critical issues such as these.

And we are most privileged in our endeavours to have the support of global leaders including Nobel Peace Laureate Dr Óscar Arias Sánchez, President of the Republic of Costa Rica, and President Blaise Compaoré of Burkina Faso.

We are also proud to have forged a strong and highly supportive relationship with IMPACT – the International Multilateral Partnership Against Cyber-Threats – which last year culminated in a Memorandum of Understanding that has seen IMPACT’s headquarters in Cyberjaya, Kuala Lumpur, become the physical home of the GCA.

The collaboration between the GCA and IMPACT is the world’s first global public-private initiative against cyberthreats, and provides ITU’s 191 Member States with expertise, facilities, information, and rapid access to resources which allows them to effectively address actual and potential cyberthreats.
The strategic global alliance includes key industry players such as Microsoft and Symantec, as well as F-Secure, Kaspersky Lab and TrendMicro. It also includes world-renowned training institutions such as the EC-Council and the SANS Institute, and more than 20 universities globally have agreed to share their research skills and technical know-how.

IMPACT’s state-of-the-art Global Response Centre has been designed to serve as the world’s foremost cyberthreat resource centre, providing a real-time aggregated early warning system that helps countries quickly identify cyberthreats, and offering expert guidance on effective counter-measures.

It also provides governments with a unique electronic tool to enable authorized cyber-experts in different countries to pool resources and collaborate with each other remotely and securely, helping the global community respond immediately to cyberthreats.

Distinguished colleagues,

The first phase of physical deployment has already been launched in some 30 countries, with further deployment in another 20 countries this year, for a total of 50 countries by the end of 2009.

ITU is also facilitating the establishment of Computer Incident / Computer Emergency Response Teams (known as CIRT/CERT) which are linked to the IMPACT Global Response Centre, in order to provide all 191 ITU Member States with a truly global and interoperable cybersecurity capability.

To promote capacity building, IMPACT also conducts training and skills development programmes delivered in collaboration with leading ICT companies and institutions. At the same time, the organization’s Centre for Security Assurance & Research is working with leading ICT experts to develop global best practice guidelines, creating international benchmarks and acting as an independent, internationally recognized, voluntary certification body for cybersecurity.

Finally, under ITU leadership, IMPACT’s Centre for Policy & International Cooperation is working with partners including governments, UN agencies, regional and international organizations and others to formulate new policies on cybersecurity and help promote the harmonization of national laws relating to cyberthreats and cybercrime.

Complementing IMPACT’s Malaysia-based facilities, ITU also hosts a ‘virtual showcase’ in Geneva, profiling the new early warning system, crisis management capabilities and real-time analysis of global cyberthreats.

And I would like to encourage you all to come to Geneva in the first week of October to see this for yourselves – and to participate in the ITU Telecom World 2009 event, which is the defining event for the global ICT industry.

This year we will be welcoming a number of heads of state and UN agencies as well as global industry leaders, and I am looking forward to seeing them address and debate vital issues such as the role of ICTs in the economic recovery and how the ICT industry will chart the way forward – as well, of course, as cybersecurity.

Ladies and gentlemen,

We are making great progress towards a globally coordinated approach to cybersecurity.

But we also need to recognize the very real dangers being faced by children and young people online, who are often sent out into cyberspace alone and unprotected, simply because their guardians do not fully understand the risks.

That’s why ITU launched the Child Online Protection initiative, a multi-stakeholder coalition under the GCA framework, which was endorsed by Heads of State, Ministers and heads of international organizations from around the world – including Ban Ki-moon, the UN Secretary-General – at the High Level Segment of ITU Council 2008 last November.

To throw the global spotlight on this issue, ITU Members chose ‘Protecting Children in Cyberspace’ as the theme of this year’s World Telecommunication and Information Society Day, which marked the founding of ITU on 17 May 1865.

At the WTISD Awards Ceremony and launch of a year-long Child Online Protection campaign with Interpol, I was pleased to be able to salute the three laureates: former FCC Commissioner Deborah Tate; President Lula of Brazil; and Rob Conway, CEO of the GSM Association.

Distinguished guests,

The Internet cannot continue to flourish as a facilitator of learning, as a platform for telemedicine, as a tool for more efficient and accountable government – or as a key driver of trade and commerce, or as a global communications channel, or as a vital research tool – if users lack faith in its security.

So we need to be sure we have an environment where criminals cannot hide behind legal loopholes and regulatory inconsistencies. Nations with less well-developed ICT legislation should no longer find themselves host to villainous online activities. And all states – from the most prosperous to the most disadvantaged – need to have an effective shield with which to safeguard themselves.

The Global Cybersecurity Agenda aims to create and maintain this environment, and I appreciate the wide support, encouragement and participation we have enjoyed so far.

But there is much still to be done, and we must continue to cooperate and to work together – against the common enemy and for the common good.

Thank you.