Information Security Education & Solidarity (ISES) Initiative: Facts, Figures, Models and Implementation

Discussion Background is given first, then content of contributions
This WS in collaboration with IFIP TC3

Background: Internet is global, and in the internet we are electronically all interconnected: We face a Data Tsunami and an according explosion of world-wide stored and exchanged data: Nobody should be excluded from this innovation. Tofoster development of poor region it is an utmost important issue to participate in the next generation of data usage and exchange. The data sciences and its data engineering are crucial for inclusion of all regions in the digital society. Smart applications and technologies require smart citizen in a smart society or – as named by Prof. Seang-Tae Kim from South Korea: smartizen. To manage lowering – or even closing – the gap between advanced and poor regions there is an all-over penetration of all societies and smartizen with secure access to devices and internet required. Unhappily poor regions are flooded today with cheap, partly used, but almost in any case insecure devices. The factors “lack of knowledge”, high priced security and bandwidth to get advantage from free security solution, protection software, and missing knowledge on secure behaviour lead to inacceptable open challenges in information security. And: having security challenges in the global net means having security changes everywhere globally. This means failure in Europe or Africa can have immediate impact on the world: We depend on each other. Against this background, we need urgently to improve the security level in each single location, such that we reach as fast as possible minimum protection goal and standards all-over the world.

1. The ISES Challenge: Why is it important, why now and what is the target?The meaning of ICT Security Policies and Strategies. Implementation models under consideration of diversity, gender issues, wealth & solidarity, education and collaboration.
2. A Socio-technical Modelling Responsibility Authority and Competence for Developing Countries: Socio-technical model that was used to model computer security governance for the United States after the Computer Security Act of 1987 and discuss the strength and weakness of using this model to model capacity build of cyber security in developing countries.
3. IT Security Education and Awareness Programme Proposal for developing countries: The enormous growth of internet and mobile users in combination with lack of ICT Skills and IT Security Awareness leads to wide spread exploitation by cyber criminals.  A structured approach on IT Security Education and Awareness to educate protect themselves by an affordable is discussed.
4. What means the IT Security Challenges in terms of technology for development countries: Rwanda case study Cost of security software, access and indirect cost of "free" security software, e.g. by bandwidth will be discussed. Implementation models for least developed countries needs to be tuned to its network and ICT architecture.
5. Cyber security strategies in Nepal: How to reach international compliance?Least developed and developing countries are vulnerable to cyber-crimes. E.g. Nepal, established first IT policy in 2000 and the computer emergency response team (CERT) has been established April 9, 2015. The implementation of cyber security strategy for reaching international compliance will be controversially discussed.