Committed to connecting the world


ITU Workshop on Cybersecurity and Risk Assessments in Practice

​​This workshop took place at ITU Headquarters (ITU Montbrillant building, Room H) in Geneva, Switzerland on Thursday, 26 January 2017, from 14:30- 17:30 in conjunction with the ITU-D Study Group 2 Rapporteur Group meetings, and will preceed the ITU-D Study Group 2 Question 3/2 (Securing information and communication networks: Best practices for developing a culture of cybersecurity) meeting.

In many ways, cybersecurity is about risk management. A key element of risk management is the assessment of risk. For the cyber domain, and despite much scientific and technical work in this area, assessing risks remains an art, particularly at the highest levels. This is due to the very complex nature of cyberspace, the difficulty in assessing vulnerabilities in very large “systems” composed of continually-evolving technology and human processes, the difficulty in assessing the value of digital assets and reputation, and the dynamic nature of cyber threats.

Objective of the workshop
This workshop brought together world experts who shared their knowledge and experience on the practical assessment of cyber risks at the national level, in large organizations, and in critical infrastructure sectors. The workshop also discussed supply chain risks and role of standards for managing cyber risks in organizations.

Topic 1: Top cyber security threats in 2017 and beyond

Topic 2: Methodologies and tools used in the private sector to assess cyber risks in large organizations

Topic 3: Cyber risk assessments in critical infrastructure sectors

Topic 4: Supply Chain Risks

Topic 5: Role of standards and ISO/IEC 27000 series update

Q&A and discussion

Useful references

Agenda, presentations, and other documents

The meeting agenda can be downloaded here.​

​Return to the main ITU-D Study Group 2 page