Genislab builds better products and faster go-to-market with Lean project man...
CTO-CybersecurityForum-2010-Richard Simpson
1. A Survey of International Efforts to Combat Cybercrime CTO Cyber-Security Forum London, June 18, 2009 Richard Simpson e-Novation Consulting
2. The Global Internet Economy Worldwide E-Commerce Sales Worldwide e-commerce spending projected to grow at CAGR of 23%, exceeding $8.75 trillion in 2009 The growth of B2B spending is comparably strong at CAGR of 22%, amounting to $7.6 trillion by 2009 Source: IDC, Worldwide Internet Usage and Commerce 2005-2009 Forecast update, April 2007
6. New, more sophisticated and dangerous forms of spam continue to appear, and are increasingly the source of network damage and online fraud
7. Now have a myriad of threats that go well beyond spam
8. phishing, botnets, spyware, computer viruses, & malwareSources: Messaging Anti-Abuse Working Group - MAAWG, 2nd Quarter, 2007; using 510 million mailboxes as a base Sophos Security Threat Report, July 25, 2007
9.
10. Spyware estimated at $100/incident and total damage to US economy is $2.6 billion** Source: Consumer Reports, State of the Net 2006
11. Eroding trust and confidence Users changing their online practices due to security concerns Consumers losing trust in online banking and other services Business costs and concerns are mounting Slowing down investment and innovation
15. 8 Law Enforcement & National Security The G8 High-Tech Crime Subgroup Enhances the abilities of law enforcement and industry to gather information on, prevent, investigate, and prosecute criminal and terrorist acts that make use of computer networks and wireless technologies. Experts drawn from private and public sector Builds upon mutual law enforcement channels (24/7 Contact Network) Shares and expands understanding of investigative techniques International recommendations include: Principles and Action Plan on High-Tech and Computer-related Crime (1997) Recommendations for Tracing Networked Communications Across National Borders in Terrorist and Criminal Investigations (2002) G8 Statement on Data Protection Regimes (2002)
16. 9 Ground Rules for Online Markets Working in concert with the private sector, governments have the primary responsibility to develop and implement a clear and consistent set of legal ground rules for the online marketplace, consisting of civil law remedies and regulatory instruments for: Protecting personal information (privacy) Combating spam and related threats Mandating data breach notification Supporting industry-wide standards for network protection Curtailing offensive content
17. 10 Ground Rules for Online Markets Due to the borderless nature of the online marketplace, domestic laws and policies are heavily dependent on effective arrangements for international cooperation. Current venues for inter-governmental cooperation Organization for Economic Cooperation and Development (OECD) Asia-Pacific Economic Cooperation (APEC) Internet Governance Forum London Action Plan
18. 11 OECD Policy Instruments Guidelines Guidelines on the Protection of Privacy and Transborder Flows of Data and Personal Information (1980) Guidelines for the Security of Information Systems and Networks (2002) Guidelines for Electronic Authentication (forthcoming) Recommendations Recommendation on Cross-Border Co-operation in the Enforcement of Laws against Spam (2006) Recommendation on Cross-Border Co-operation in the Enforcement of Laws Protecting Privacy (forthcoming) Toolkits Anti-Spam Toolkit (2006) Cross-border Privacy Law Enforcement (forthcoming) OECD Ministerial Meeting (17-18 June 2008 Seoul, Korea): The Future of the Internet Economy
19. 12 OECD Forward Work Plan Management of digital identities Guidance for the protection of critical information infrastructures Malware – analytical report and policy guidance Review of Guidelines for the Security of Information Systems and Networks (2002) with a view toward improving international cooperation OECD Ministerial Meeting (17-18 June 2008 Seoul, Korea): The Future of the Internet Economy
20. 13 APEC Initiatives Telecommunications and Information Working Group (TEL) Frameworks and policy guidance for telecommunications and information technologies Capacity building initiatives (e.g. legislative frameworks for cybercrime) Areas of focus include communications infrastructure and cybersecurity The APEC Cybersecurity Strategy aims to: Harmonize legal systems in member states Improve information sharing and cooperation The APEC Strategy to Ensure Trusted, Secure and Sustainable Online Environment aims to: Encourage close information security collaboration between public and private sector entities Identifies key areas that require increased attention and stronger cooperation
21. New forum (est. 2006) for multi stakeholder policy dialogue Supports the United Nations Secretary-General in carrying out the mandate from the World Summit on the Information Society (WSIS) Information and Network security a key focus area Raises awareness across levels Legislative Regulatory Law Enforcement Technological advances 14 Internet Governance Forum (IGF)
22. 15 Private Sector Self--Protection Messaging Anti-Abuse Working Group (MAAWG)
23. Challenge and Response A safe and secure Internet is essential in order to: Maximize the social and economic benefits of the Information society Assure proper functioning of critical information infrastructures Build trust and confidence in e-business and e-government Given the global and interconnected nature of the Internet: International cybercrime policy and law enforcement remains a significant challenge International cooperation is multi-layered: legal, policy, and technological Governments, civil society, public and private stakeholders are working together under the auspices of international fora such as OECD, G8, APEC, and the Internet Governance Forum (IGF) to build a safer and more secure Internet.
28. 19 Information Sources OECD: Committee for Information, Computer and Communications Policy (ICCP)www.oecd.org/sti/security-privacy OECD Ministerial Meeting (17-18 June 2008 Seoul, Korea): The Future of the Internet Economyhttp://www.oecd.org/site/0,3407,en_21571361_38415463_1_1_1_1_1,00.html The G8: High-tech Crime Subgrouphttp://www.g7.utoronto.ca/crime APEC: Telecommunications and Information Working Group (TEL)http://www.apec.org/apec/apec_groups/working_groups/telecommunications_and_information.html Internet Governance Forum (IGF) http://www.intgovforum.org Council of Europe: Convention on Cybercrimehttp://conventions.coe.int/Treaty/Commun/QueVoulezVous.asp?NT=185&CM=8&DF=6/4/2007&CL=ENG Industry Canada: Electronic Commerce Branchhttp://e-ecom.ic.gc.ca