Cybersecurity & Child Online Protection (COP)

1. Cybersecurity & Child Online Protection (COP) 14-15 February 2012 Colombo, Sri Lanka Eun-Ju Kim, Ph.D. Regional Director ITU Regional Office for Asia and the Pacific 1

2. Key Cybersecurity Challenges • Lack of adequate and interoperable national or regional legal frameworks • Lack of secure software and ICT-based applications • Lack of appropriate national and global organizational structures to deal with cyber incidents • Lack of information security professionals, skills within governments, and basic awareness among users • Lack of international cooperation between industry experts, law enforcements, regulators, academia & international organizations, etc. to address a global challenge • Misuse of domain names and numbers etc. Cybersecurity not seen yet as a cross-sector, multi-dimensional concern. Still seen as a technical/technology problem.

3. ITU and Cybersecurity 2003 – 2005 WSIS entrusted ITU as sole facilitator for WSIS Action Line C5 “Building Confidence and Security in the use of ICTs” 2007 ITU Secretary-General launched the Global Cybersecurity Agenda (GCA) A framework for international cooperation in cybersecurity 2008 - 2010 ITU Membership endorsed the GCA as the ITU-wide strategy on international cooperation

4. GCA and ITU-T Activities • ITU-T Study Group 17 • Lead Study Group for Telecommunication Security • Mandate for Question 4/17 (Q.4/17): Cybersecurity • Provides ICT Security Standards Roadmap • ITU-T Cybersecurity Information Exchange Framework (CYBEX): September 2009 • ITU-T Security Manual "Security in telecommunications and information technology”(4th ed.): Scheduled for publication in 2010 • Draft summaries of Study Group 17 recommendations • Focus Group on Identity Management (IdM) • Approved over 100 Recommendations on security for communication • Facilitates collaboration among national Computer Incident Response Teams (CIRTs) • WTSA Resolutions • ITU WTSA Resolution 50: Cybersecurity (Rev. Johannesburg, 2008) • ITU WTSA Resolution 52: Countering and combating spam (Rev. Johannesburg, 2008) • ITU WTSA Resolution 58: Encourage the creation of national computer incident response teams, particularly for developing countries (Johannesburg, 2008)

5. GCA and ITU-D Activities • Assisting developing countries in bridging the digital divide by advancing the use of ICT-based networks, services and applications, and promoting cybersecurity • ITU National Cybersecurity Guide • ITU Botnet Mitigation Toolkit • ITU Cybercrime Legislation Resources • ITU-D Study Group Q 22/1 : Securing information and communication networks: best practices for developing a culture of cybersecurity • Assistance in establishing Cybersecurity capabilities and services (e.g. Computer Incidnet Response Teams – CIRTs) • Regional workshops and capacity building activities related to cybersecurity/cybercrime • WTDC Resolutions • ITU Hyderabad Declaration, Paragraph 13 & 14 (2010) • “13. […] the challenge of building confidence and trust in the availability, reliability, security and use of telecommunications/ICTs [….] can be addressed by promoting international coordination and cooperation in cybersecurity, taking into account, inter alia, the ITU Global Cybersecurity Agenda (GCA), as well asthe development of related public policies and elaboration of legal and regulatory measures, including building capacity, to ensure cybersecurity, including online protection of children and women.”

6. GCA and ITU-R Activities • Establish fundamental security principles for IMT-2000 (3G) networks • Issue ITU-R Recommendation on security issues in network management architecture for digital satellite system and performance enhancements of transmission control protocol over satellite networks • ITU-R Recommendations • Recommendation ITU-R M.1078: Security principles for International Mobile Telecommunications-2000 (IMT-2000) • Recommendation ITU-R M.1223: Evaluation of security mechanisms for IMT-2000 • Recommendation ITU-R M.1457: Detailed specifications of the radio interfaces of International Mobile Telecommunications-2000 (IMT-2000) • Recommendation ITU-R M.1645: Framework and overall objectives of the future development of IMT-2000 and systems beyond IMT-2000 • Recommendation ITU-R S.1250: Network management architecture for digital satellite systems forming part of SDH transport networks in the fixed-satellite service • Recommendation ITU-R S.1711: Performance enhancements of transmission control protocol over satellite networks

7. Online Threats to Children Cybergrooming Sexual solicitation Disclosure private information Child abuse materials Child pornography Pornography Threats & Risks Racism Violence Online Fraud Cyberstalking Phishing attacks Cyber Bullying Spam … so many! Youth-to-youth cybercrimes Anorexia, self-harm or suicide Online Gaming & Addiction 7

8. ITU Child Online Protection (COP) • ITU launched the Child Online Protection (COP) Initiative in 2008 within the framework of the Global Cybersecurity Agenda (GCA), aimed at bringing together partners from all sectors of the global community to ensure a safe and secure online experience for children everywhere. • Key Objectives of COP • Identify risks and vulnerabilities to children in cyberspace; • Create awareness of the risks and issues through multiple channels; • Develop practical tools to help governments, organizations and educators minimize risk; and • Share knowledge and experience while facilitating international strategic partnership to define and implement concrete initiatives 8

9. COP Guidelines • ITU has worked with some COP partners to develop the first set of guidelines for different stakeholders: Available in the six UN languages (+ more) 9

10. ITU and Cybersecurity in Asia-Pacific Development of CybersecurityStrategy Maldives, Lao PDR, Myanmar, Indonesia, Timor Leste Policy related Indonesia Bhutan Assistance to Pacific Islands Countries under the ITU-EC Project CapacityBuilding Establishment of a training Node (IMPACT) in Asia-Pacific to build capacity SecurityCore ITU IMPACT Training Course Pacific CERT CIRT (CERT) Afghanistan, Bangladesh, Bhutan, Maldives, Nepal , Cambodia, Laos, Myanmar, Vietnam CLMV Ministerial Sub Theme Forums Seminars Regional Forum on Cybersecurity, Australia Ministerial Sub Theme ABBMN Regional Forum on Cybersecurity, Vietnam Regional Forum on fighting Cybercrime, Rep. of Korea Regional Forum on Cybersecurity India 2008 2009 2010 2011 2007 2012

11. Conclusion • While it will never be possible to completely remove all risks, drawing together an effective package of policies and practices, infrastructure and technology, awareness and communication can do a great deal to help. • The international cooperation, based on a multi-stakeholder approach and the belief that every organization – whether online or mobile, educator or legislator, technical expert or industry body – has something to contribute. • Moreover, the online world respects neither boundaries nor borders, so creating a safe cyber-environment requires cooperation. • By working together with ITU, all interested stakeholders and countries can achieve this critical international collaboration, confronting child online threats with a dynamic and unified coalition. Please recognize and utilize country code of South Sudan: +211 11

12. I THANK U ITU : http://www.itu.int ITU Asia Pacific : http://www.itu.int/ITU-D/asp/CMS/index.asp E mail: sameer.sharma@itu.int