In today’s world, not a day goes by without a serious cyberattack.
As these attacks grow more sophisticated and global, companies and governments must be prepared to protect their systems from a widening array of threats.
That’s why ITU offers a range of services to help countries build their capacity to thwart cyberthreats, including assistance to build national cybersecurity plans, legal and regulatory frameworks and National Computer Incident Response Teams (CIRTs).
One of the latest examples was last month’s training in Vanuatu, in which academic, public and private sector stakeholders from across the Pacific Islands region gathered from 18-22 March for a week’s worth of workshops aimed at bolstering their ability to protect their own nations and the regional community, together.
Some Pacific Island countries have prioritised building CIRTs to drive further development of cybersecurity capacity. ITU is working with these nations to build CIRT capacity and strengthen existing teams to respond to current and emerging cyber threats.
Toward that end, ITU has joined forces with the Oceania Cyber Security Centre (OCSC) from Melbourne, Australia and the Global Cyber Security Capacity Centre (GCSCC) at the University of Oxford and the ITU to assess national cybersecurity capacity maturity for nations in the region, using the Cybersecurity Capacity Maturity Model (CMM).
The CMM assessment identifies gaps and makes recommendations to develop a nation’s cybersecurity capacity, including: national cyber policy and strategy; cyber culture and society; cyber education, training and skills; and cyber legal and regulatory frameworks.
At the invitation of the Office of the Government Chief Information Officer of Vanuatu, the ITU and OCSC undertook an assessment of the Vanuatu Computer Emergency Response Team (CERT), and conducted training workshops with stakeholders to further enhance the nation’s cybersecurity capacity.
This initial assessment will help Vanuatu to document and benchmark current cyber security capacity, to both identity gaps for consideration of investment and enable the measurement of the impact of resulting capacity building activities through a second assessment in the future.
The assessment covered: stronger coordination, collaboration and information sharing between CIRTs and other relevant players; assessment for the national CERT of Vanuatu; Design and implementation plan for strengthening the national CERT; Stocktaking of activities being undertaken in the selected countries by national, regional, and international organizations, and in the region in general; awareness and training workshops aimed at building and strengthening human capacity in cybersecurity-related matters in general and CERTs in particular.
The project is an example of collaboration of ITU academia and is supported by Australia’s Department of Communications and the Arts to assist the establishment and review of CIRTs in Samoa, Tonga, Vanuatu and Papua New Guinea.
The major stakeholders who participated in this project include: ministries, corporations, banking & finance institutions, ICT service providers, Internet service providers, academia, private sector and non-governmental organisations.
In the long term, cooperation will play a vital role in cybersecurity development.
Cybersecurity knowledge should be shared and transferred among various organizations and relevant stakeholders such as central governments, local public authorities, the private sector, academia, civil society, and international organizations.
We are confident that ITU’s cybersecurity activities will help countries, especially the world’s least-developed countries, build their capacity to successfully prevent and defend against cyberattacks.
ITU is addressing the need and importance for countries to establish national computer incident response teams (CIRTs) as well as national cybersecurity strategies by providing them with fundamental tools to establish it.
All these measures serve as a basis to render cyberspace more secure, hence improving socio-economic stability and opportunities for a real, concrete digital transformation.