cybersecurity

www.isoc.gh

Cybersecurity

Internet Governance & Standards Development Workshop, Accra

Edwin A. Opareedwin.opare@isoc.gh

www.isoc.gh

www.isoc.gh

Cybersecurity – The situation

• The Internet was originally designed for use by a closed circle of mainly academics without security concerns.

• They communicated openly and addressed possible security problems informally.

2

www.isoc.gh

Classification of Cybersecurity issues

• Type of action• data interception, data interference, illegal access, spyware,

data corruption, sabotage, denial-of-service, and identity theft

• Type of perpetrator• hackers, cybercriminals, cyberwarriors, and cyberterrorists

• Type targets• individuals, private companies, and public institutions to

critical infrastructures, governments, and military assets.

3

www.isoc.gh

Cybersecurity policy initiatives

• National level• DHS for the United States• MoC for Ghana

• International level• ITU (X.509 ) – PKI• ITU - Global Cybersecurity Agenda(legal measures, policy

cooperation, and capacity building )• The G8 - 24/7(High Tech Crime )• UN General Assembly resolutions on ‘developments in the

field of information and telecommunications in the context of international security’

4

www.isoc.gh

Cybersecurity policy initiatives cont.

• CoE, Convention on Cybercrime, (1 July 2004)• Bilateral arrangements and agreements

• Stanford Draft Convention on Protection from Cyber Crime and Terrorism. This draft recommends the establishment of an international body, named the Agency for Information Infrastructure Protection (AIIP).

5

www.isoc.gh

Cybersecurity - The issues

• Influence of Internet architecture on cybersecurity• DNSSEC

• for ccTLDs• for the root zone in 2010

6

www.isoc.gh

Future development of e-commerce demands a high level of cybersecurity

7

www.isoc.gh

Cybersecurity and privacy

• Will additional cybersecurity measures imply some loss of privacy?

• What regulation should apply to encryption software, which can be used both for the legitimate protection of communication privacy and for the protection of communications of terrorists and criminals?

• Extension of the CoE Convention on Cybercrime to

8