ITU Council 2008: High Level Segment (HLS) - Statement by H.E. Mr. Ivailo Kalfin, Deputy Prime Minister and Minister of Foreign Affairs, Republic of Bulgaria

High-Level Segment (HLS) of Council 2008

Geneva, 12-13 November 2008

Statement by H.E. Mr. Ivailo Kalfin, Deputy Prime Minister and Minister of Foreign Affairs, Republic of Bulgaria

Session 2: Managing cyberthreats through harmonized policies and organizational structures

Your Excellency Mr. President KAGAME
Your Excellency Mr President CAMPAORE,
Dr. Vatchkov, Chairman of Council 2008 and Councillors,
Esteemed Dr. Toure, Secretary General of ITU
Excellencies,
Ladies and Gentlemen,

It is a great honour and pleasure for me to speak at this High Level Segment of the ITU Council, which brings together representatives of the global telecommunication and information technology community.

Crossing the border between the two millennia has marked an unprecedented process of radical changes in the world economy and society. There is no doubt that the rapid development of the information and communication technology sector has significantly contributed to those changes which, in various ways, affect our lives and businesses.

Unfortunately, the antithesis to this positive development – global cybercrime – has rapidly spread all over the world. According to some analysts the annual turnover of the Internet based black economy nowadays has already exceeded 105 billion US dollars and approximates the drug traffic annual turnover.

Cybersecurity no longer threatens only individual citizens and companies. It has become a serious threat to national security, particularly in countries with developed information and communication infrastructures. There is serious danger to critical infrastructures of the financial and banking sector, healthcare, energy, transport, commerce, telecommunications, defense, law enforcement, etc. That is why in a number of countries network and information security is increasingly regarded as an important element of critical information infrastructure protection. A number of developed countries have adopted national strategies and programmes for critical infrastructure protection as well as specific legislation on cyber crime and other misuse of information technology.

The Republic of Bulgaria is also taking serious steps both to develop the relevant legislative framework and the organizational and technological infrastructure to counteract cyber crime and for critical infrastructure protection. In this regard it is worth mentioning the Law on Electronic Document and Electronic Signature, the Law on Personal Data Protection, the Law on Electronic Communications and the more specifically the Regulations thereto for the General Requirements for Operational Compatibility and Information Security.

In spite of the actions taken at the national level, practice has shown again and again,, they are not enough to effectively fight trans-border cyber crime and do not adequately protect the cyber security of the ICT infrastructure, services and applications in our modern globalized world. Therefore, there is an ever growing need for concerted international efforts and cooperation between the entire international community, regardless of size, economic development, culture, legislation models, etc. in order to effectively fight against cyber crime at both the national and international levels.

This pressing requirement has already been recognized within a number of international organizations and institutions. In 2001 the Council of Europe adopted the Convention on Cybercrime with the main purpose to harmonize the national cyber crime penalty law of the member-countries, provide for investigation and prosecution powers for such crime in the national penal procedures and to establish prompt and efficient international cooperation.

The European Network Information Security Agency (ENISA) has also contributed to the EU member-states cooperation in the fight against cyber crime both by various ways of best practice dissemination and the implementation of specific projects by joint international teams.

It is only natural that the International Telecommunication Union (ITU) has a particularly important role to play among the international organizations in establishing a global front against cyber crime. In implementing Resolution 130 of the ITU Plenipotentiary Conference held in 2006 in Antalya, as well as the WSIS (World Summit on Information Society) Action Line C5: “Building Confidence and Security in the Use of ICTs”, on 17 May 2007 the ITU launched the Global Cybersecurity Agenda (GCA). An essential element of the Agenda is the ITU National Cybersecurity/Critical Information Infrastructure (CIIP) Self-Assessment Tool developed as part of a comprehensive Cybersecurity Toolkit to assist ITU Member States on their national approach to cybersecurity and critical information infrastructure protection. We consider both the Global Cybersecurity Agenda and the High Level Expert Group established on the initiative of the ITU Secretary-General, Dr. Hamadoun I. Touré to provide advice on the issues of cybersecurity as an important contribution towards establishing a common approach to the national CIIP measures.

The Republic of Bulgaria actively supports the Global Security Agenda and currently a national self assessment is taking place with participation of representatives of all the relevant stake-holders: the Government, industry, academia, NGOs, etc.

On this occasion we should like to emphasize the highly appreciated role of ITU in its recent cybersecurity activities in the ITU Regions B and C and in particular the organization of ITU Regional Cybersecurity Forum for Europe and the CIS Countries, 7-9 October 2008 in Sofia, Bulgaria, which demonstrated the great potential of regional cooperation against cybercrime. v

The international cooperation on cyber security takes various forms, however, the majority of the measures taken so far are mainly of purely organizational, methodological or recommendation nature.

I take this opportunity to express the opinion of leading Bulgarian specialists that the international organizations should initiate practical action-oriented measures such as the development of an international agreement or charter on shared responsibilities in identifying the sources of attacks against network and information security.

Regarding the geographical location of the Republic of Bulgaria at the cross-roads of different regions, I would like to point out that we realize the role we can have for cybersecurity not only in our country, but also in the region. We consider that we could significantly contribute to the cooperation in this field by our initiative to establish the National Cybersecurity Competence Center with a potential to turn it into a regional center. This way, the Republic of Bulgaria states its support to the ITU Global Cybersecurity Agenda.

Thank you all for your kind attention.