[Chapter-delegates] ITU Speech: Governance Monday: Do We Need a Global Cybersecurity Framework

Sun Jul 21 12:10:04 PDT 2013

+1

John More

On Jul 21, 2013, at 2:19 PM, "Dr. Alejandro Pisanty Baruch" <apisan at unam.mx> wrote:

> Ammar,
> thanks for this note. It underlines some significant problems, at different layers.
> 
> The immediate one is that it shows that the promise of a one-stop shop for cybersecurity at the ITU is vain and cannot be fulfilled even in its own terms. There is no scaling of IMPACT that would allow for much more than a few workshops and thought shops every year. To make it country-specific IMPACT should have a very different model and still it would require that, say, Pakistan paid for the effort (for why would anyone else have to?)
> 
> And, would you feel comfortable with a government-only, or government-plus-industry (the ones with the money) cybersecurity effort in your (any) country?
> 
> So this takes us to the fundamental issue: a one-stop shop for cybersecurity is a dangerous illusion; it is as dangerous, and as illusive, as a single, global definition of cybersecurity. "Cybersecurity" means so many things to so many people in so many contexts!! 
> 
> And that, IMHO, is not a bug, it is a feature; it is a good thing. Because if you are a small, high-tech company you have one set of risks, vulnerabilities and resources that is very different from a low-tech big company, an NGO, a university, a government unit... this in turn further differentiated by region, function, size, money, connectivity. 
> 
> The (cybersecurity) sky has not fallen (yet) because there is a huge, global response in cybersecurity: individuals, companies, NGOs, government units can and do work in a decentralized, problem-oriented, trust-based way and avert most of the attacks with the largest damage potential.
> 
> The way to go forward is to find the sources you trust and build with the resources you can get; save the experience, spread, share, and build again. Send people to ISOC, to SANS, call on people with expertise from your local banks, universities, whatever sources of knowledge and trust you have locally. TRUST YOURSELF and the deep truth of the Internet's decentralized multi-stakeholder ecology and you shall succeed.
> 
> This is not high-faluting wordsmithing. It is practical advice. There are - albeit small - solid experts in Pakistan. What we can do as ISOC is help network with them and support their training and, once done with the training, help them spread the word and the knowledge to others in need. 
> 
> Finally: I am intrigued by your role as Chairman of the Cyber Security Task Force Pakistan and would like to learn more about it. Guess I'm not the only one?
> 
> Yours,
> 
> Alejandro Pisanty
> 
> 
> - - - - - - - - - - - - - - - - - - - - - - - - - - -
>     Dr. Alejandro Pisanty
> Facultad de Química UNAM
> Av. Universidad 3000, 04510 Mexico DF Mexico
> 
> 
> 
> +52-1-5541444475 FROM ABROAD
> 
> +525541444475 DESDE MÉXICO SMS +525541444475
> Blog: http://pisanty.blogspot.com
> LinkedIn: http://www.linkedin.com/in/pisanty
> Unete al grupo UNAM en LinkedIn, http://www.linkedin.com/e/gis/22285/4A106C0C8614
> Twitter: http://twitter.com/apisanty
> ---->> Unete a ISOC Mexico, http://www.isoc.org
> .  .  .  .  .  .  .  .  .  .  .  .  .  .  .  .
> 
> ________________________________________
> Desde: chapter-delegates-bounces at elists.isoc.org [chapter-delegates-bounces at elists.isoc.org] en nombre de Ammar Jaffri [ammar at brain.net.pk]
> Enviado el: domingo, 21 de julio de 2013 12:54
> Hasta: chapter-delegates at elists.isoc.org
> Asunto: Re: [Chapter-delegates] ITU Speech: Governance Monday: Do We Need a Global Cybersecurity Framework
> 
> Dear Team,
> 
> Cyberspace security has no more remained a country issue, this is a
> Global issue. We need to make a Global team of Cyber Security
> Professionals ( Initially on a web of trust ) and the team can grow
> gradually.
> 
> I am worried about my part of the world ( Pakistan ) where we have no
> support/guidance from organizations like ITU or IMPACT. I approached
> IMPACT number of times for arranging some training in our Cyber Security
> events but every time we are told that there is NO FUNDING for such
> trainings. Can any one in ITU tell us, are we not part of the Globe.
> 
> If we are talking about Global Cyber Security Framework, I suggest that
> developing countries like Pakistan must also be taken on board, we have
> the best minds who can very positively contribute in these Global
> initiatives.
> 
> Regards,
> 
> Ammar Jaffri
> Global Member ISOC/ founding member ISOC Islamabad Pakistan
> Chairman Cyber Security Task Force Pakistan
> _______________________________________________
> As an Internet Society Chapter Officer you are automatically subscribed
> to this list, which is regularly synchronized with the Internet Society
> Chapter Portal (AMS): https://portal.isoc.org
> 
> 
> _______________________________________________
> As an Internet Society Chapter Officer you are automatically subscribed
> to this list, which is regularly synchronized with the Internet Society
> Chapter Portal (AMS): https://portal.isoc.org