ITU's 160 anniversary

Committed to connecting the world

Partner2Connect

Cybersecurity Workshop

This workshop took place​ at ITU Headquarters (ITU Montbrillant building, Room H) in Geneva, Switzerland on Monday, 18 April 2016, from 14:30- 17:30 and Tuesday, 19 April 2016, from 09:30-12:30 in conjunction with the ITU-D Study Group 2 Rapporteur Group meetings, and followed by​​ the ITU-D Study Group 2 Question 3/2 (Securing information and communication networks: Best practices for developing a culture of cybersecurity) meeting.

​The purpose of the cybersecurity workshop was to share best practices on running national cyberdrills and elaborating national cybersecurity strategies.

Day 1: National Cyberdrills

 

Session 1: Enhancing national cyberdrills through experience sharing

A national cyberdrill enhances the communication and incident response capabilities of all participants at the national level, thus helping ensure an efficient and coordinated effort in mitigating cyber threats and responding to major cyber incidents. A national cyberdrill is typically structured around a fictitious yet realistic geo-political scenario as the background for a set of simulated actions by threat actor(s) to which the participants must respond in accordance with their roles and responsibilities in a coordinated and timely fashion. This panel will highlight recent experiences in conducting such national cyberdrills.

Presentations:

  • General overview, Mr Luc Dandurand, Head of ICT Applications and Cybersecurity Division, ITU/BDT
  • Pan European cyber exercises, Dr Panagiotis Trimintzios, Programme Manager, European Union Agency for Network and Information Security (ENISA)  [Presentation]
  • A detailed view into a real case, Mr Michael Bartsch, Cybersecurity Management Consulting & Training, Deutor [Presentation]
  • Korea’s national cyberdrill experience, Mr Jaesuk Yun, Senior Researcher, Korea Internet & Security Agency, Republic of Korea [Presentation]
  • Malaysia’s national cyberdrill experience, Dr Amirudin Bin Abdul Wahab, Chief Executive Officer, Cybersecurity Malaysia, Malaysia [Presentation]
  • Cyber Storm V overview, Mr Tim McCabe, Deputy NCEPP, NCCIC, US Department of Homeland Security, United States of America, presented by Mr John Foti [Presentation]
  • Practice makes perfect, Mr Erka Koivunen, Cybersecurity Advisor, F-Secure [Presentation]

Panel discussion after presentations

Following the previous sharing of experiences, lessons learned for the efficient and effective planning and conduct of national cyberdrills will be discussed in the context of BDT's activities to support Member States in conducting such exercises.

Moderator: Mr Luc Dandurand, Head of ICT Applications and Cybersecurity Division, ITU/BDT [Presentation]

Panelists: All speakers from the first half of the session

Day 2: National Cybersecurity Strategies elaborated through Good Practices

 

Session 1 : The key ingredients for preparing a comprehensive National Cybersecurity Strategy [and its effective implementation]

Some nations have vested responsibility for cyber security in existing or new agencies and have established national Computer Emergency Response Teams (CERTs). Some nations have begun rolling-out cyber-security awareness campaigns and developed action plans on Critical infrastructure protection Whilst these are vital tactical actions towards improving national cybersecurity, to manage risks associated with the digital assets of a nation, a strategy is needed to combine all efforts into a coherent, comprehensive and sustainable nation-wide approach.

Presentations:

  • NCS cybersecurity partnership, Mr Luc Dandurand, Head of ICT Applications and Cybersecurity Division, ITU/BDT [Presentation]
  • ENISA’s work on strategies, Ms Dimitra Liveri, European Union Agency for Network and Information Security (ENISA) [Presentation]
  • Trust frameworks, Dr Bilel Jamoussi, Chief, Study Groups Department, ITU/TSB [Presentation]
  • How Switzerland deals with cyber threats, Dr. Stefanie Frey, MELANI, Switzerland [Presentation]

Panel discussion after presentations

Moderator: Mr Eliot Lear, Co-Rapporteur, ITU-D SG2 Q3/2

Panelists: All speakers from the session

Session 2: Effective implementation of a National Cybersecurity Strategy

A strategy is of use only when it is aptly translated into an actionable plan which is reviewed and adjusted in line with temporal and situational changes. This process aspect of strategy implementation as well as the results aspect must be done effectively so that a nation can close the cybersecurity gap identified for remediation in its national cybersecurity strategy. The possible ways to measure this effectiveness and assess progress need to be highlighted and understood.

Presentations:

  • Estonia’s experience, Mr Raul Rikk, Head of National Cyber Security Domain, e-Governance Academy, Estonia [Presentation]
  • Paradigm change as part of a cybersecurity strategy, Mr Ammar Alkassar, CEO, Rohde & Schwarz Cybersecurity [Presentation]
  • How to create the national cyber security strategy, Dr Martti Lehto, University of Jyväskylä, Finland [Presentation]
  • Research conducted in cybersecurity strategies, Mr Erik Silfversten, Analyst, Rand Europe [Presentation (Rev.1)]

Panel discussion after presentations      

Moderator: Mr Luc Dandurand, Head of ICT Applications and Cybersecurity Division, ITU/BDT

Panelists: All speakers from the session

Agenda, presentations, and other documents

The meeting agenda can be downloaded here. Presentations and other documents will be available shortly.

 

Useful references

​Main ITU cybersecurity website.

​Return to the main ITU-D Study Group 2 page.

QUICKLINKS

© ITU All Rights Reserved

Back to top