Cybersecurity Guide for Developing Countries : Edition 2007 / International Telecommunication Union.

Format:

Book

Author/Creator:

International Telecommunication Union, author, issuing body.

Language:

English

Subjects (All):

Information society.

Physical Description:

1 online resource

Other Title:

Cybersecurity Guide for Developing Countries

Place of Publication:

Geneva : International Telecommunication Union, 2007.

Summary:

"This guide is intended to give developing countries a tool allowing them to better understand some of the issues relating to IT security, and provide them with examples of solutions that other countries have put in place in order to deal with these problems. It also refers to other publications giving further specific information on cybersecurity. This guide is not intended as an exhaustive document or report on the subject, but rather as a summary of the principal problems currently encountered in countries wishing to take advantage of the benefits of the information society. ".

Contents:

PART I - CYBERSECURITY - CONTEXT, CHALLENGES, SOLUTIONS

Section I.1 - Cyberspace and the information society

I.1.1 Digitization

I.1.2 The information revolution

Section I.2 - Cybersecurity

I.2.1 The security context of the communication infrastructure

I.2.2 What is at stake with cybersecurity

I.2.3 The security deficit

I.2.4 Lessons to be drawn

I.2.5 The management perspective

I.2.6 The political dimension

I.2.7 The economic dimension

I.2.8 The social dimension

I.2.9 The legal dimension

I.2.10 Cybersecurity basics

PART II - CONTROLLING CYBERCRIME

Section II.1 - Cybercrime

II.1.1 Computer-related crime and cybercrime

II.1.2 Factors that make the internet attractive for criminal elements

II.1.3 Traditional crime and cybercrime

II.1.4 Cybercrime, economic crime and money-laundering

II.1.5 Cybercrime - an extension of ordinary crime

II.1.6 Cybercrime and terrorism

II.1.7 Hackers

II.1.8 Nuisances and malware

II.1.9 Principal forms of internet crime

II.1.10 Security incidents and unreported cybercrime

II.1.11 Preparing for the cybercrime threat: a responsibility to protect

Section II.2 - Cyberattacks

II.2.1 Types of cyberattack

II.2.2 Theft of users' passwords to penetrate systems

II.2.3 Denial-of-service attacks

II.2.4 Defacement attacks

II.2.5 Spoofing attacks

II.2.6 Attacks against critical infrastructure

II.2.7 Phases in a cyberattack

PART III - TECHNOLOGICAL APPROACH

Section III.1 - Telecommunication infrastructures

III.1.1 Characteristics

III.1.2 Fundamental principles

III.1.3 Network components

III.1.4 Telecommunication infrastructure and information highway

III.1.5 The internet

Section III.2 - Security tools

III.2.1 Data encryption

III.2.2 Secure IP protocol

III.2.3 Security of applications

III.2.4 Secure sockets layer (SSL) and secure HTTP (S-HTTP) protocols

III.2.5 E-mail and name server security

III.2.6 Intrusion detection

III.2.7 Environment partitioning

III.2.8 Access control

III.2.9 Protection and management of communication infrastructures

PART IV - A COMPREHENSIVE APPROACH

Section IV.1 - Various aspects of the law regulating new technologies

IV.1.1 Personal data protection and e-commerce

IV.1.2 E-commerce and contracting in cyberspace

IV.1.3 Cyberspace and intellectual property

IV.1.4 Spam: a number of legal considerations

IV.1.5 Summary of the main legal issues relating to cyberspace

Section IV.2 - Prospects

IV.2.1 Educate - train - heighten awareness among all cybersecurity stakeholders

IV.2.2 A new approach to security

IV.2.3 The characteristics of a security policy

IV.2.4 Identifying sensitive resources in order to protect them

IV.2.5 Objectives, mission and fundamental principles of cybersecurity

IV.2.6 Success factors

PART V - ANNEXES

Annex A - Glossary of main security terms

Annex B - Table of contents of ISO/IEC standard 17799:2005, which serves as a reference for security management

Annex C - Mandate and activities of ITU-D in cybersecurity and combating spam

Annex D - Main ITU-T Questions relating to security under study in the 2005-2008 study period

Annex E - Bibliographical references

Annex F - OECD Guidelines for the security of information systems and networks: Towards a culture of security.

Notes:

Description based on publisher supplied metadata and other sources.