Opening the second Ministerial Roundtable at ITU Telecom World 2018 on the topic of cybersecurity, Brahima Sanou, Director of ITU’s Telecommunication Development Bureau, urged ministers to address the risks of associated with the digital economy – including cybercrime responsible for an estimated economic loss of more than USD660bn in 2017 –without scaring their citizens, saying, “The security, confidence and perception of end users is very important. It is our responsibility to work on the risk of ICTS so that it is seen as something which can be used with confidence. We must mediate the potential risks of ICT users in order to enable us to tap into its full potential for development.”
H. E. Mr. Moustapha Mamy Diaby, Minister of Posts, Telecommunications and the Digital Economy in Guinea pointed out that whilst cyberspace today is unavoidable, and is critical to the development of the new economy, we should consume it in a different fashion, bearing in might its inherent risks much as we bear in mind the side effects of any medicine we take. We must protect ourselves by developing regulations and legislation, working in cooperation at many levels between the state and private sectors, and between the state, academia and research centres, as “without those levels of cooperation it will be very difficult to succeed in fighting against the various threats.”
He also urged ministers to focus on training, education and awareness-raising so that our children can use ICT tools responsibly and “be the first custodians of their own security.” We must work smarter and educate our children, taking action upstream to mitigate the risk of malware and harmful actions, whilst continuing to focus on developing the digital ecosystem and its meaningful use.
H. E. Ms. Ursula G. Owusu Ekuful, Minister of Communications, Ghana, summarized the dilemma at the heart of this session: “We cannot do without digital communications, but how can we do it in a safer way, protecting our digital ecosystem?”
She urged the adoption of a multi-stakeholder approach such as in Ghana, where an inter-ministry committee has been set up to advise on policy, including finance, defence, interior, justice and foreign affairs portfolios. Beneath this is a technical working group comprising experts from the banking sector, intelligence and security agencies, academia, regulator and all other relevant agencies, as the government “recognises that they are the ones who will have to implement in their workplaces whatever policies we undertake, so they have to be involved in the fashioning of the rules of engagement.”
She acknowledged the difficulties of breaking the habit of working in silos within government, and the need to act as apolitically and cross-sectorally as possible to be part of the solution, especially in creating public awareness and establishing effective child on line protection measures.
Additional measures include a cybersecurity centre and an emergency response team, with a focus on digital financial services as a vulnerable sector at the frontline of potential incidents. But she noted, “It is not enough to put up institutional architecture, we also have to work on attitudinal change and utilizing more hygienic cyber practices as individuals.”
H. E. Mr. Ibrahima Guimba Saidou, Minister Special Advisor of the President of Niger republic & CEO of the National Agency of Information Society (ANSI), stressed the need to protect not just data, but people as well, through initiatives such as training and public awareness programmes targeting young people in particular. He explained that the fact that more than 80% of the country is rural can actually be advantageous when disseminating information and education on cybersecurity: “We can go to a small town with a thousand inhabitants, have their attention and make sure that the first time they are exposed to technology, we can share good practices from the very beginning.”
Oman ranks number one in the Arabic region in terms of cybersecurity, explained. Dr. Saoud Humaid Al Shoaili, Director General, Directorate of Communications & Postal Services, outlining a number of intiatives from intelligence services, to centres of cybersecurity and hotlines for child online protection. But government action alone is not enough. “ As we move towards a more digitized world, we become an easy target for attack, “ he said. “Smartness means we have devices developed, controlled and managed by people unknown to us – so ensuring trust is the responsibility of everyone, not just governments but also individuals.”
“The aspect of cooperation and coordination between countries is key,“ emphasized. Andre Müller Borges, Secretary of Telecommunications, Brazil. “This is really is an international issue. Within each country, governments, people and businesses are connected so society as a whole is vulnerable. This connection is not just in countries but among all countries, and we want to foster the free flow of data between countries.” He echoed the session theme of keeping a balance between welcoming the transformation in society in the digital age and acknowledging the inherent risks involved.
“What we are doing is seeking to manage the risks of a disruptive environment, but not prevent that disruption, as it the source of great benefits,” summarized James Cameron, Authority Member, Australian Communications & Media Authority. Government can take the lead in its own digital services and platforms to send an important signal to industry on cybersecurity, but must also engage effectively with industry to work together, learn from each other and drive solutions so that the young and those vulnerable to content can engage confidently in the digital world.
From Indonesia, Farida Dwi Cahyarini, Secretary General, Ministry of Communication and Information Technology, focused on risk mitigation in protecting personal data from attack through legal instruments, on raising awareness of the need for security in the personal digital devices which are such an integral part of daily life, and on dealing with harmful or negative content, announcing that “We have conducted a programme on collaboration in digital literacy and smart digital development.”
Representing the Democratic Republic of Congo, Vincent Ikimba Bongelo, Secretary General, Ministry of Posts, Telecommunications and New Information and Communication Technologies reminded those present of hugely positive impact of new technologies: “For health, agriculture, education and other areas of digital transformation or the fourth industrial revolution, this is very important for the development of countries and offers opportunities for wealth and job creation by encouraging entrepreneurship and innovation among young people.” But there is a need for national strategy or road map to create awareness amongst citizens of cybercrime and its dangers, in particular given the dependency of youth on smart phones and smart tools.
In Kenya, a country combining a youthful population of active digital natives and a world-leading digital finance service in M pesa, creating awareness around cybersecurity, online privacy and data protection is particularly important, said Fatuma Hirsi Mohamed, Principal Secretary, State Department for Broadcasting and Telecommunication.. “Protection of critical e infrastructure for all government institutions to avoid downloads of malware that could affect the whole government system is key”, she continued, emphasising the need to train staff, create awareness and work with different stakeholders in other ministries, security agencies and the judicial system.
Speaking from the operator point of view, Jonas Bogoshi, CEO of Business Connexion Group, highlighted that cybercrime is largely due to the fact that protection of the end users was not fundamental to design in internet systems. “Redesigning the systems with design features to protect the end user is possible – but very expensive “ he said. Creating new standards for future designs with end user protection as a priority is therefore very important.
Cybersecurity measures to address the very real risks of the digital era are essential – and are taken seriously by governments around the world. The key is to balance the enormous socio-economic benefits of the digital age against protection of citizens, businesses and critical national infrastructure. It calls for digital training, awareness-raising, and an attitudinal change within the sector, within governments and on the part of end users. And this will can only be made possible by breaking down silos and working closely together: across ministries, countries, regions and the world.
Launch of National Cybersecurity Strategy Guide
ITU launched the revised National Cybersecurity Strategy Guide, produced in collaboration with 11 partners, at the opening of the Ministerial Roundtable on addressing the risks of a smarter world. The guide aims to assist countries in the development and implementation of national cybersecurity strategies including cyber-preparedness and resilience.
”We have worked on cybersecurity issues for many years as a very important development, “ said ITU Secretary General Houlin Zhao at the launch. “If you talk to the founding fathers of the internet, they will tell you that free communication was the first priority, not security, when developing the internet, so today we need to work to strengthen security functions.” ITU is the trusted facilitator for cybersecurity as an international organisation, and this report forms an important part of its efforts in this arena.
See more on the guide https://www.youtube.com/watch?v=BfFG1pOyFjI
Download the guide https://www.itu.int/dms_pub/itu-d/opb/str/D-STR-CYB_GUIDE.01-2018-PDF-E.pdf