2009 ITU Regional Cybersecurity Forum for
Asia-Pacific
“Connecting the World Responsibly”
Forum Agenda
WEDNESDAY 23 SEPTEMBER 2009 |
08:30−09:30 |
Meeting Registration and Badging (Online pre-registration
required) |
09:30−10:15 |
Meeting Opening and Welcoming Address |
|
Sarasvati Vandana, Deep Jyoti Ceremony, and Presentation of
Bouquet to Hon’ble Dignitaries |
10:15−10:35 |
Press
Conference |
10:35−10:50 |
Coffee/Tea Break |
10:50−12:00 |
Session 1: Setting The Stage ― Towards an Integrated Approach
for Cybersecurity and Critical Information Infrastructure
Protection (CIIP) |
|
Session Description:
Confidence and security in using information and communication
technologies are vital for building an inclusive, secure and
global Information Society. The continuing changes in the use of
ICTs, systems and networks offer significant advantages but also
require a much greater emphasis on cybersecurity and critical
information infrastructure protection by governments,
businesses, other organizations and individual users, who
develop, own, provide, manage service and use these networks.
Given the interconnected features of ICTs, genuine cybersecurity
can only be promoted when all connected stakeholders are aware
of the existing dangers and threats and how they can protect
themselves online. Government must play a leading role in
bringing about a culture of cybersecurity and in supporting the
efforts of other participants in this regard. In addition,
regional and international cooperation is critical in fostering
a global culture of cybersecurity. This session shares an
overview of the current cyber-threat landscape and provides an
insight into the challenges faced by countries, businesses and
citizens in managing their every-day lives in this new and
constantly changing environment. |
12:00−13:30 |
Session 2: Mapping the Global Issue with National and Regional
Needs |
|
Session Description:
ITU, through its Global Cybersecurity Agenda (GCA), has put in
place a framework for international cooperation in
cybersecurity, to provide a global platform where all relevant
stakeholders can discuss and work together in order to best
respond in a coordinated manner to the growing cybersecurity
challenges. Each country and region, however, has its own
requirements and needs, that need to be addressed taking in
consideration the national and regional context. ITU is working
with Members States to ensure that specific requirements are
taken into account in order to properly assist. This session
explores some of the main components of the ITU Global
Cybersecurity Agenda, shares insights into how countries are
addressing cybersecurity related challenges within this context,
and explores how a top-down and bottom-up approach can work to
harmonize the overall efforts in order to provide an integrated
and consistent response and assistance to Member States.
|
13:30−14:30 |
Lunch |
14:30−15:45 |
Session 3: Cybersecurity in the National Agenda and Actions to
be Considered in Developing a National Cybersecurity Strategy |
|
Session Description:
The need to build confidence and security in the use of ICTs,
promote cybersecurity and protect critical infrastructures at
the national level is generally acknowledged. As national public
and private sector actors bring their own perspective to the
relevant importance of issues, in order to have a consistent
approach, some countries have established cybersecurity/CIIP
institutional framework structures while others have used a
light-weight and non-institutional approach. What issues should
be considered in a national strategy for cybersecurity and
critical information infrastructure protection? Which actors
should be involved? This session will discuss some of the
elements required to develop and organize national
cybersecurity/CIIP efforts. The session will also introduce the
ITU National Cybersecurity/CIIP Self Assessment Tool which is
intended to assist national governments in examining their
existing policies, procedures, norms, institutions, and
relationships in light of national needs to enhance
cybersecurity and address critical information infrastructure
protection. |
15:45−16:00 |
Coffee/Tea Break |
16:00−17:15 |
Session 4: Promoting a Culture of Cybersecurity through
Innovative Partnerships and Concrete Actions to Foster Regional
and International Cooperation |
|
Session Description:
The
realities of cyberspace make it clear that everyone has to work
together. Responding effectively to cyber-threats requires
resources, know-how and strong investments on capacity
developments; these efforts cannot be undertaken by only one
entity. A key element is bringing the public and the private
sectors together in trusted forums and joint activities, to
address the common cybersecurity challenges and develop solid
capacity building plans. These collaborative efforts should
involve every cyber-user; from citizens to corporations, law
enforcement, and critical infrastructure providers. The basis of
a successful partnership is trust, which is necessary for
establishing, developing and maintaining sharing relationships
between the different parties. Increased regional and
international cooperation is extremely important in fostering
national cybersecurity efforts and in facilitating these
interactions and exchanges. The challenges posed by
cyber-attacks and cybercrime are global and far reaching, and
can only be addressed through a coherent strategy within a
framework of international cooperation, taking into account the
roles of different stakeholders and existing initiatives. As
facilitator for WSIS Action Line C5 dedicated to building
confidence and security in the use of ICTs, ITU is discussing
with key stakeholders on how to best respond in a coordinated
manner to the growing cybersecurity challenges. This session
looks closer at the benefits as well as challenges associated
with innovative and sustainable partnerships for enhanced
cybersecurity, and how joint efforts generate concrete steps
forward. The session also reviews some of the ongoing regional
initiatives to further the discussions, in order to identify
possible next steps and concrete actions to foster and promote
regional and international cooperation for enhanced
cybersecurity. |
17:15−17:30 |
Daily
Wrap-Up and Announcements |
19:00− |
Reception (TBC) |
THURSDAY 24 SEPTEMBER 2009 |
09:30−10:45 |
Session 5: Developing a Legal Foundation and Establishing
Effective Enforcement |
|
Session Description:
Appropriate national legislation, international legal
coordination and enforcement are all important elements in
preventing, detecting and responding to cybercrime and the
misuse of ICTs. This requires updating of criminal laws,
procedures and policies to address cybersecurity incidents and
respond to cybercrime. As a result, many countries have made
amendments in their penal codes, or are in the process of
adopting amendments, taking in consideration existing
international frameworks and recommendations. This session looks
closer at the need for a sound legal foundation and effective
enforcement, reviews some of the national legal approaches taken
and explores potential areas for international legal
coordination efforts. |
10:45−11:00 |
Coffee/Tea Break |
11:00−12:45 |
Session 6: Developing a Legal Foundation and Establishing
Effective Enforcement (Continued) |
|
Session Description:
See above. |
12:45−14:00 |
Lunch |
14:00−15:30 |
Session 7: Defining Sound Organizational Structures and
Developing Incident Management Capabilities |
|
Session Description:
A key activity for addressing cybersecurity requires the
establishment of watch, warning and incident response
capabilities to prepare for, detect, manage, and responding to
cyber incidents through. Effective incident management requires
consideration of funding, human resources, training,
technological capability, government and private sector
collaboration, and legal requirements. Collaboration at all
levels of government and with the private sector, academia,
regional and international organizations, is necessary to raise
awareness of potential attacks and steps toward remediation.
This session discusses best practices, organizational structures
and related standards in the technical, managerial and financial
aspects of establishing national, regional and international
watch, warning, and incident response capabilities. |
15:30−15:45 |
Coffee/Tea Break |
15:45−17:30 |
Session 8: Defining Sound Organizational Structures and
Developing Incident Management Capabilities (Continued) |
|
Session Description:
As above. |
17:30−17:45 |
Daily
Wrap-Up and Announcements |
|
|
FRIDAY 25 SEPTEMBER 2009 |
09:30−11:15 |
Working Group Session 1: Implementing National Watch, Warning
and Incident Response Capabilities |
|
Session Description:
The
purpose of the working group session is to elaborate on the
requirements for establishing watch, warning and incident
response capabilities to prepare for, detect, manage, and
responding to cyber incidents. The working group session will
discuss the ITU-IMPACT Global Response Center (GRC) and related
assistance for building national watch, warning and incident
response capabilities. The GRC can provide the global community
with a real-time aggregated early warning system. This ‘Network
Early Warning System’ (NEWS) can help Member States identify
cyber-threats early on and provide critical guidance on what
measures to take to mitigate them. Through the GRC members can
gain access to specialized tools and systems, including the
‘Electronically Secure Collaborative Application Platform for
Experts’ (ESCAPE). |
11:15−11:30 |
Coffee/Tea Break |
11:30−15:15 |
Working Group Session 2: Drafting Legislation to Criminalize the
Misuse of ICTs
(Parallel Session) |
|
Session Description:
The
purpose of this working group session is to provide countries in
the region with a practical in-depth explanation of the
different components needed for comprehensive legislation and
effective to deter cybercrime and criminalize the misuse of ICTs.
This will include a presentation of the different components
required but more importantly the working sessions will provide
forum participants with a venue to collaborate and get practical
tips and advice for how to go about adapting their current
legislation and/or crafting new cybersecurity-related
legislation. |
12:45−14:00 |
Lunch |
11:30−15:15 |
Working Group Session 3: Developing A National Cybersecurity
Strategy
(Parallel Session) |
|
Session Description:
Each
country needs a comprehensive national strategy and action plan
that addresses technical, legal and policy issues, combined with
regional and international cooperation. What issues should be
considered in a national strategy for cybersecurity? Which
actors should be involved? This working group session will look
closer at the necessary components of such a national strategy
and provide insights into what a possible strategy could look
like. |
15:30−15:45 |
Coffee/Tea Break |
15:45−17:00 |
Working Group Sessions (Continued) |
17:00−17:30 |
Forum
Wrap-Up, Recommendations and the Way Forward |
|
Session Description:
The
final session of the forum reports some of the main findings
from the event and tries to elaborate recommendations for future
activities in order to enhance cybersecurity and increase the
protection of critical information infrastructures in the
region. |
17:30−17:45 |
Meeting Closing |
|
|
 |
|