High Level Segment - Opening speakers - Cybersecurity

عربي | 中文 | Español | Français | Русский

Home : Council Sessions : Council 2007 : High-Level Segment of Council 2007

High Level Segment Statements - Cybersecurity

ITU Secretary-General

Speech by Dr Hamadoun I. Touré, ITU Secretary-General
Geneva, 4 September 2007

Thank you, Mr. Chairman.

A lot has been said by the two Ministers and I would like to thank them for a really very active participation and the work their countries have been doing in the area of cybersecurity already. We have been exchanging with them already on many occasions and I am really delighted that they had the opportunity to come over here. So I will not repeat some of the proposals or comments that they have made so I will keep my comments brief here, but a little bit provocative, so as to really generate a discussion as well.

I would like to say that on May 17th this year, we launched what I will call the Global Cybersecurity Agenda (GCA), which is a multi-stakeholder framework for dialogue. We want to bring onboard international cooperation and leverage a wide range of expertise from governments, industry, international organizations, academia and research institutions to find and propose concrete solutions to the global challenges. We are trying still to find the solutions, the issues to be proposed, because, as the Secretariat, of course, we know that whatever we propose is shot down, so we are not going to propose anything. We will get to have from our Membership and from the experts, what are the key concerns they have and what are the approaches we need to take at the country level, at the regional level or sub-regional level, at the international level as well.

And what framework you would expect to see in terms of cybersecurity – do you want a global MoU? Do you want a global agreement on cybersecurity - same type as we have as in the Nuclear Arms Agreement? As we know, since we started talking about cybersecurity, at least one country’s network has been under attack (Estonia, three months ago). Do you want to see such kind of attacks? How do we avoid them? How do you put in place an international framework that will be, that will enable us to deal with this matter? And ITU being a leader in it, we have been already very much pleased with the authority given to us by the World Summit on the Information Society Action Line C5. Work that is specific to ITU, not anybody else. And knowing the work that has been done in the Standardization Sector, in this area, so how do we approach the issue in ensuring that we meet the expectation of all our Members?

For reaching an international agreement, what are the key challenges we are facing, when we are talking about cybersecurity? We know that there are some issues in cybersecurity that are considered as a crime in one country, are considered as an adult’s freedom of expression, or whatever, in another country. How do we avoid the issue of definitions – of spending numerous time on definition of crime - on what is a crime and what is it not? Now, how do we approach these issues? My suggestion, my humble suggestion, is that we look at those types of crimes that need no definition, because we all agree on them. I am sure, the two Ministers have mentioned paedophilia, child abuses, economic crimes and some other types of crime that are acceptable by everyone. And we know that if we put in place a framework for any of them – from any layer we might be able to tackle – the same framework can be useful for any type of crime that may come up. The most important thing for us is to find a level of comfort for all of our countries to start a real international cooperation in this field. And time is running out. We know that.

Therefore, we cannot afford to spend time in definitions [on what is considered]. Take the example of pornography – it may be a crime in one country, in another, it may not. But at least we may find one type of – one area – where we are all comfortable and we all can have an international agreement combating that and hoping that we can use that same framework - be it an international agreement, be it an MoU, be it an open, I don’t know, whatever type of document that we may open – the definition will depend on the lawyers.

How do we use, also, the technical nature of the ITU to avoid politicizing the cybercrime issues, so that we don’t have ideological fights around this issue and don’t spend too much time on it? Those are the key challenges we have. The organization has had that characteristic of being labeled as a technical organization. If technical can be a good level for us, too - and we know that all the technicians, engineers, can always agree, not like lawyers. All my excuse to the lawyers here in this room. At least we can have a framework where we can all accept to have an international cooperation and capacity-building in that area, so that all countries can be at the same level of readiness. And making sure that every country has the necessary framework at the national level and those frameworks are put in a network so they can communicate and we put in place the necessary capacity-building necessary for that.

We all know that criminals – just like in the conventional world - will always work from the weakest point – they will always use the weakest door to enter a house and we cannot afford to sit down, while we are giving Internet to our children in their bedrooms and sleep, we can sleep safely, in thinking that they are safe, while we know that they can be easily accessed by predators, paedophiles and other types of criminals.

Therefore, there is a need for us to try and find the necessary framework to do that – that is the reason for us to create this Global Cybersecurity Agenda and to create the necessary dialogue, without making it really a controversial issue. We think that this is one area where there is a potential for all us to agree, at least to have a starting point, so that we could have really a true international framework that will enable us to make the world a better place.

We know that there is no development without security, there is no development without peace and we need the cyberspace to be a secure and peaceful place. And we know that this is an area where everyone is concerned. And the best way to win a war, a cyberwar, is to avoid it in the first place. What is true in the conventional world is true in cyberspace; it is only magnified several hundreds or thousands of times in the cyberspace – by speed, by level of access, by geographical boundaries that have no limitations any more. And that is what makes the cyberspace even more precious. How do we preserve the benefit of ICT, while we are still preventing crime?

Thank you, Mr. Chairman.