In today’s world, not a day goes by without a serious cyberattack.
As these attacks grow more sophisticated and global, companies and governments must be prepared to protect their systems from a widening array of threats.
That’s why ITU offers a range of services to help countries build their capacity to thwart cyberthreats, including assistance to build national cybersecurity strategies, National Computer Incident Response Teams (CIRTs) as well as building human capacity through cybersecurity exercises (cyberdrills) and training programmes.
One of the latest examples was a recent mission to Vanuatu, in which academic, public and private-sector stakeholders from across the Pacific Islands region gathered for a week’s worth of workshops and hands-on training aimed at bolstering their ability to protect their own nations and the regional community, together.
Some Pacific Island countries have prioritized building CIRTs to drive further development of cybersecurity capacity. ITU is working with these nations to build CIRT capacity and strengthen existing teams to respond to current and emerging cyber threats.
Toward that end, ITU has joined forces with the Oceania Cyber Security Centre (OCSC) from Melbourne, Australia and the Global Cyber Security Capacity Centre (GCSCC) at the University of Oxford and the ITU to assess national cybersecurity capacity maturity for nations in the region, using the Cybersecurity Capacity Maturity Model (CMM).
“In the long term, cooperation will play a vital role in cybersecurity development.” — Marco Obiso
The CMM assessment identifies gaps and makes recommendations to develop a nation’s cybersecurity capacity, including: national cyber policy and strategy; cyber culture and society; cyber education, training and skills; and cyber legal and regulatory frameworks.
At the invitation of the Office of the Government Chief Information Officer of Vanuatu, ITU and OCSC undertook an assessment of the Vanuatu Computer Emergency Response Team (CERT), and conducted training workshops with stakeholders to further enhance the nation’s cybersecurity capacity between 18-22 March.
This initial assessment will help Vanuatu to document and benchmark current cyber security capacity. It will help to both identity gaps for consideration of investment and to enable the measurement of the impact of resulting capacity building activities through a second assessment in the future.
The assessment covered: the need for coordination, collaboration and information sharing between CIRTs and other relevant players; a review of the national CERT of Vanuatu; design and implementation plan for strengthening the national CERT; stocktaking of activities being undertaken in the selected countries by national, regional, and international organizations, and in the region in general; awareness and training workshops aimed at building and strengthening human capacity in cybersecurity-related matters in general and CERTs in particular.
The project is supported by Australia’s Department of Communications and the Arts to assist the establishment and review of CIRTs in four Pacific countries: Samoa, Tonga, Vanuatu and Papua New Guinea.
The major stakeholders who participated in this project include ministries and other relevant national and governmental agencies, corporations, banking & finance institutions, ICT service providers, Internet service providers, academia, private sector and non-governmental organisations.
In the long term, cooperation will play a vital role in cybersecurity development.
Cybersecurity knowledge should be shared and transferred among various organizations and relevant stakeholders such as central governments, local public authorities, the private sector, academia, civil society, and international organizations.
We are confident that ITU’s cybersecurity activities will help countries, especially the world’s least-developed countries, build their capacity to successfully prevent and defend against cyberattacks.
ITU is addressing the need and importance for countries to establish national computer incident response teams (CIRTs) as well as national cybersecurity strategies by providing them with fundamental tools to establish it.
All these measures serve as a basis to render cyberspace more secure, hence improving socio-economic stability and opportunities for a real, concrete digital transformation.