IGF 2018 WS #123 Cybersecurity enhancement for the use and harnessing of ICTs

Subtheme(s): 

Other
Sub-theme description: Enhancement for the use and harnessing of ICTs in favour of sustainable development.

Organizer 1: Technical Community, Latin American and Caribbean Group (GRULAC)
Organizer 2: Technical Community, Latin American and Caribbean Group (GRULAC)

Speaker 1: Javier Juarez, Technical Community, Latin American and Caribbean Group (GRULAC)
Speaker 2: Juan Carlos Hernandez Wocker , Technical Community, Latin American and Caribbean Group (GRULAC)
Speaker 3: Victor Manuel Martinez Vanegas, Technical Community, Latin American and Caribbean Group (GRULAC)
Speaker 4: , ,

The Internet has transformed many aspects of our lives; many of these changes are for good. However, the Internet is also a powerful weapon, allowing anyone from a tech-savvy teenager to a State to carry out a cyber-attack. According to Global Risk Report 2018, issued annually by the World Economic Forum, cyber-attacks and data theft are among the most pressing risks that we will face in the next 10 years.

Cybersecurity risks are growing, both in their prevalence and in their disruptive potential. Attacks against businesses have almost doubled in five years, and incidents that would once have been considered extraordinary are becoming more and more commonplace. The financial impact of cybersecurity breaches is rising, and some of the largest costs in 2017 related to ransomware attacks, which accounted for 64% of all malicious emails. Another growing trend is the use of cyberattacks to target critical infrastructure and strategic industrial sectors, raising fears that, in a worst-case scenario, attackers could trigger a breakdown in the systems that keep societies functioning.

Therefore, in order to counteract this type of actions, it is necessary to implement cybersecurity strategies. According to the International Telecommunications Union (ITU), cybersecurity is the collection of tools, policies, security concepts, security safeguards, guidelines, risk management approaches, actions, training, best practices, assurance and technologies that can be used to protect the cyber environment and organization and user’s assets.
Organization and user’s assets include connected computing devices, personnel, infrastructure, applications, services, telecommunications systems, and the totality of transmitted and/or stored information in the cyber environment. Cybersecurity strives to ensure the attainment and maintenance of the security properties of the organization and user’s assets against relevant security risks in the cyber environment. The general security objectives comprise the following:
• Availability
• Integrity, which may include authenticity and non-repudiation
• Confidentiality

In the case of Mexico, in November 2017, the National Cyber Security Strategy was issued as a document that establishes the vision of the Mexican State in this matter, based on the recognition of the importance of information and communication technologies (ICT), as a factor of political, social and economic development of the country. The strategy also recognizes the risks associated with the use of technologies and the growing number of cybercrimes and the need for a cybersecurity culture.

This strategy indicates that the increase in risks, threats and sophisticated computer attacks, the emergence of new forms and techniques to exploit vulnerabilities, as well as the increase of criminal behaviors that are committed through ICT, are circumstances that make cybersecurity a complex issue.

Format: 

Panel - 60 Min

Interventions: 

Based on the above, the proposed panel aims to discuss the threats related to surveillance, privacy, resilience and security associated with the growing digitization, which has caused these risks to become increasingly complex, especially for data circulating through the Internet infrastructures.

The panel also seeks to promote discussion about the digital security of the critical infrastructure and the resilience of the network, as well as addressing issues such as network stability, computer attacks, culture and education about cybersecurity, the development of the culture of security in the user and education or creation of capacities, taking a focus towards sustainable development.

In the light of the above, a group of experts from Africa, Latin America, Middle East, Asia Pacific and Europe, from the academy, government, technical community, private sector and international organizations will debate the next issues:

•The relevance of the ICTs as a factor for the social and economic development.
•The necessity to improve the culture, educations programs and awareness - rising about the cybersecurity.
•The increase of risks, cybernetics attacks and emergence of new technologies to take advantage of the vulnerabilities of the ICTs products.
•The interchange of good practices in cybersecurity.
•The actions aimed to the development, adoption and enhancement of standards and technical criteria in cybersecurity.

Discussion topics will include:

•Education and awareness – rising about Cybersecurity.
•Programmes aimed to provide relevant knowledge and skills.
•Research, development and innovation on ICTs.
•Standardization and technical criteria.
•Legal framework.

Diversity: 

1. Male: Javier Juarez. Federal Telecommunications Institute of Mexico. Technical Community-Latin America and Caribbean.
2.Male. Muataz Elsadig Ishag. Sudan CERT. Government. African Group.
3.Female. Aparajita Bhatt. National Law University Delhi. Civil Society. Asia-Pacific Group.
4.Female Berger Cathleen. Mozilla. Private Sector. Western European and Others Group (WEOG).
5.Male. Abdel-sadek Adel. Arab Center for Cyberspace Research-ACCR. Intergovernmental Organization.

In the current international context, for its part, there are a series of efforts focused on the establishment of international cooperation schemes, recommendations to protect critical infrastructure, standards that reduce the levels of vulnerability of communications, guidelines for the collaboration of all those involved, creation of CSIRTs and establishment of a cybersecurity culture. These are tools that could be useful for all stakeholders to enrich their perspectives with respect to cybersecurity.

Furthermore, as part of the economic agenda inside the different countries the digital transformation and development of ICTs play relevant roles, one important issue to consider in this sense is the need for resilience and better security to mitigate possible disruption of economic and social activities by cybersecurity incidents.

Traditionally understood as breaches of availability, integrity and confidentiality of ICTs and data, cybersecurity incidents are increasingly frequent and sophisticated. They can disrupt the activities of all businesses larger firms, governments and individuals and generate financial and reputational harm.

Discussion Facilitation: 

Panel discussion. The workshop will begin with a brief introduction presented by the moderator who is going to explain the main objective of the panel and the detonator questions over which the panel will be addressed. Panelists will subsequently have 5 minutes to explain their views on the preliminary target points of the panel previously presented by the moderator.

Following these interventions, the moderator will ask the questions to the panelists to initiate a debate between them. Subsequently, the panel will be open to the public so that the audience can participate with comments or questions remotely and in site.

Finally, the moderator will have a few minutes to complete the most important points discussed at the meeting.

Online Participation: 

Online attendees will have a specific time after each intervention to give them the queue, the workshop moderator will have the online participation session open, and will be in close communication with the workshop’s trained online moderator, to make any adaptations necessary as they arise, in order to give online participants opportunity to ask, comment and participate remotely.