The Internet is a critical global resource and possibly the greatest virtual environment ever created. Technological advances have connected people, communities and businesses around the world. The rapid expansion of the online-world also brings with it a surge of malicious activities.
Studies have shown that developing countries are the most vulnerable when it comes to cybercrimes and cyber threats. For instance, 70 percent of South Africa’s Internet users have been victim of cybercrimes, according to the 2013 report from Symantec. In the Middle East, cyber-attacks have become a complex security threat for businesses and governmental institutions, especially in the region’s rich oil and gas sector which has experienced a sharp rise in malware attacks. Kaspersky’s Interactive Cyberthreat Map has mapped most states in the Middle East and North Africa as moderately at risk of online infection.
Following the World Summit on the Information Society, heads of state and world leaders have entrusted ITU to take the lead in coordinating international efforts in the field of cybersecurity. ITU regularly collaborates with other UN agencies, key intergovernmental bodies and global cybersecurity-related associations to facilitate an all-inclusive approach to cyber-related issues and improve cross-border cooperation.
Capacity building is one of the most important aspects of ITU’s Global Cybersecurity Agenda. Together with the International Multilateral Partnership Against Cyber Threats (IMPACT), ITU has engaged with its Member States across the world to develop a sustainable and proactive culture of cybersecurity. Until now, ITU-IMPACT has trained more than 1900 cybersecurity professionals and practitioners from 80 countries; and deployed more than 350 scholarships for professional cybersecurity certifications. IMPACT, as the Cybersecurity Centre of Excellence for ITU, has conducted numerous training workshops for ITU Member States.
ITU-IMPACT also delivers significant capacity building results through Computer Incident Response Teams (CIRT) readiness assessment and implementation. CIRT has enabled Member States to train skilled professionals to respond to incidents and vulnerabilities and to provide alerts and warnings. Since 2010, ITU-IMPACT has conducted more than 20 regional CIRT readiness assessments in Africa, which accounts more than 50% of coutries in the region.
For countries with established CIRTs or national Computer Emergency Response Teams (CERTs), ITU-IMPACT has hosted regional cyber drill exercises, known as Applied Learning for Emergency Response Teams (ALERT). It features cyber-attack simulations exercises and workshops on the latest cyber threats, such as botnets, mobile security, and child online protection, for multiple participating countries. Other than maintaining and strengthen international cooperation against cyber threats, ALERT builds advanced national capacity for each government, in order to facilitate further development within the area of national critical information infrastructure.
Globally, ITU-IMPACT has conducted six ALERT exercises that involved more than 60 countries in total, including more than 85% of Arab states. An overwhelming majority (93%) of participants positively commended the cyber drill. Moreover, all participants considered the exercise highly realistic and beneficial. “The ITU-IMPACT ALERT is helping to establish the need for proper contingency plans, improving the familiarity with tools and other related software and communicating the importance of maintaining logs and having adequately trained personnel in place to handle cyber threats,” said Datuk Mohd Noor Amin, Chairman of IMPACT.
ITU has partnered with ABI Research on the Global Cybersecurity Index (GCI) to provide benchmarks of national cybersecurity capabilities and enable member states to learn from best practices. The main objective of GCI is to measure and rank each state’s level of cybersecurity development and readiness in legal, technical and organizational measures, as well as capacity building and cooperation. In addition to promoting government strategies and policy implementations, GCI seeks to integrate security into the core of technological progress and foster a global culture of cybersecurity. Michela Menting, a senior analyst at ABI Research, says “By harnessing existing efforts and integrating them into a comprehensive measurement tool, the GCI represents a significant step in supporting the creation of a global culture of cybersecurity. The index will allow nation states to better address their security needs and to tackle vulnerabilities more effectively.” Until now, GCI survey has received responses from 47 countries, more than one third of total participating countries.
For more information about ITU’s work in Cybersecurity visit, http://www.itu.int/en/ITU-D/Cybersecurity/Pages/default.aspx.
Marco is the Cybersecurity Coordinator at ITU, where he oversees work in the area of global cybersecurity.