Output Report on ITU-D Question 3/2 - Securing information and communication networks: Best practices for developing a culture of cybersecurity - Study period 2022-2025
Acknowledgements
Table of contents
Executive summary
Abbreviations and acronyms
Chapter 1 – Promotion of awareness-raising for users and capacity building regarding cybersecurity
     1.1 Cybersecurity awareness-raising
     1.2 Capacity building in cybersecurity education and training
     1.3 Child online protection
Chapter 2 – Cybersecurity assurance practices
     2.1 Approaches to assessing criticality, risks and costs
     2.2 Multistakeholder approaches
     2.3 Evolving regulatory approaches
     2.4 Educating consumers and manufacturers
     2.5 Approaches to international synergy/harmonization and reciprocity agreements
Chapter 3 – CIRT national coordination for the resilience of critical infrastructure and cybersecurity incident response
     3.1 Establishment of CIRTs
     3.2 Role and responsibilities of CIRTs and critical infrastructure
     3.3 Beyond the basics: coordinating for success across borders
     3.4 Establishing coordination centres
Chapter 4 – Approaches and good practices, and collected experiences on the implementation of national cybersecurity strategies and policies
     4.1 Strategic and leadership alignment and policy framework
     4.2 Legal frameworks and governance
     4.3 International collaboration and support
     4.4 Collaborative frameworks and stakeholder engagements
     4.5 Infrastructure development for cybersecurity
     4.6 Capacity building
     4.7 Continuous adaptation to the cyber threat landscape
Chapter 5 – 5G cybersecurity challenges and approaches
     5.1 Overview of 5G cybersecurity
     5.2 Legacy network deployments
     5.3 Standards activities in 5G security
          5.3.1 SDOs active in 5G cybersecurity
          5.3.2 Incorporating standards in regulatory requirements
     5.4 Complementing standards and specifications with proactive cybersecurity measures
          5.4.1 Security considerations at the vendor level
          5.4.2 Security considerations at the operator level
     5.5 Examples of national policies and regulations to secure 5G network
     5.6 Implementation and compliance challenges
     5.7 Need to prioritise investment in educating and training the workforce
     5.8 Beyond 5G: setting the direction for 6G cybersecurity
Chapter 6 – Challenges and approaches to addressing smishing
     6.1 Smishing
     6.2 Approaches taken to combat smishing
          6.2.1 Countries' approaches to combat smishing
          6.2.2 Industry approaches to combat smishing
Conclusions
Annexes
     Annex 1: List of contributions and liaison statements received on Question 3/2
     Annex 2: List and summary of BDT on-going cybersecurity activities