WSIS Action Line C5: Building trust and confidence in the use of ICTs
1/5


B U I L D I N G T H E I N F O R M A T I O N S O C I E T Y

Document ALC5/2007/CISCO
14 May 2007

2
nd
Facilitation Meeting for WSIS Action
Line C5 : Building confidence and
security in the use of ICTs
Original: English
CONTRIBUTION TO MEETING
"Examples of Mechanisms for Enhanced Cooperation on
Cybersecurity and Combating Spam"
submitted by
Cisco Systems

FOR INFORMATION


Introduction.

The World Summit on the Information Society committed to building a people-centric,
inclusive Information Society that promoted human, social and economic development
through the efforts of all stakeholders. Cooperation, collaboration and communications
among all stakeholders is critical to success in implementing WSIS Action Line C5 (Building
confidence and security in the use of ICTs).

To promote implementation of WSIS Action Line C5, Cisco Systems is pleased to submit this
contribution to the discussion of mechanisms to enhance cooperation on cybersecurity and
combating spam. A myriad of cooperative activities are underway on a global, regional and
national basis to address cybersecurity and spam issues. This contribution is intended to
illustrate some examples of cooperative efforts with others (governments, civil society,
business, the Internet community, educational institutions) that might be helpful in the
discussion of mechanisms that could be built upon to further enhance cooperation.

Discussion.

Cybersecurity and combating spam are important continuing efforts in bringing the benefits of
the Information Society to people around the world, and in building trust and confidence in
the use of ICT in achieving the Millennium Declaration Goals. Cisco like many other
stakeholders is committed to these efforts that are critical to building a "culture of
cybersecurity".

In addition to its extensive internal efforts to build security into its products and services to
address user needs, Cisco Systems is involved in an array of activities working with others to
promote cybersecurity and combat spam. These include:
WSIS Action Line C5: Building trust and confidence in the use of ICTs
2/5

Partnerships with others to provide education and training on cybersecurity and
combating spam to students from policy makers, enterprises, service providers,
colleges/universities

Participation in computer and network security/incident response team efforts at
global, regional and national levels

Leadership and participation in global, national and regional forums addressing
technical standards, best practices, policy discussions, etc, as well as industry groups
developing initiatives to address the challenges.

Strategic alliances with other individual companies to address these issues.

Each of these areas will be described below.

Partnerships with others to provide education and training on cybersecurity and
combating spam

Cisco Systems is active in a wide range of human capacity building activities. Many of these
are on the topic of cybersecurity/combating spam or include modules related to these topics.
Below are a few examples:

Cisco Networking Academies (CNAs)

Cisco has more than 10,000 CNAs (universities, colleges and other educational
institutions) in more than 160 countries providing 280 hours of networking course
content with hands-on labs as well. Topics related to network security are included in
the curricula. In addition, a "network security" module has been developed for this
program.

Among the many CNA partnerships, 60+ Academies have been established in
partnership with the ITU-D as part of the ITU's Internet Training Center Initiative
(ITCI) in developing countries and least developed countries. These ITIC Academies
have been very successful (more than five thousands graduates in 5 years with 2000
current students; ~30% women students and more than 20% women instructors) and
is an ongoing and growing cooperative program between Cisco Systems and the ITU.

USTTI (United States Telecommunications Training Institute)

Cisco Systems is one of many companies/organizations partnering with the USTTI to
provide education and training to students from around the world. Twice a year (April-
May and November) as part of this program, Cisco experts offer three weeks of USTTI
courses/workshops in San Jose, Ca. on networking, network management, and
security. Each of these courses is provided for 20-30 students from among 200-300
applicants. . In May 2007, Cisco will host the next USTTI.

The focus of the security course/workshop is on training network engineers in the
types of products and network designs that provide the greatest security in a typical
enterprise environment. The following key topics are covered: typical attacks,
encryption technologies, authentication, IPSec VPN, firewalls, intrusion detection and
security design principles. Hands-on laboratory exercises provide students with actual
design and configuration experience.

WSIS Action Line C5: Building trust and confidence in the use of ICTs
3/5
Note: Each of these courses has 200-300 applicants. Only 20-30 can be selected per
three weeks of courses.

"Networkers"

Cisco holds annual user conferences on the latest in technologies, applications, and
services in multiple locations around the world for customers and others. Thousands
attend. Security is an important topic in these sessions. At the most recent Networkers
in June 2006, 33 (thirty-three) security sessions were held.

These sessions cover firewalls, intrusion protection technology, secure VPNs, secure
management (proper use of SNMPv3 and out of band management techniques), and
network admission control. Strategies for secure network design and deployment for
both enterprise and service provider networks are also featured.

The 2007 schedule for Networkers is:


Sun City, South Africa

April 22 � 25, 2007

Anaheim, California
July 22 � 26, 2007

Brisbane, Australia
September 17-20, 2007



"Other"

Cisco also participates in Seminars and Webcasts globally throughout the year.
Security is a topic in many of these events. More information is available at:
http://www.cisco.com/web/learning/le21/le39/learning_seminars_tool_launch.html


Participation in computer and network security/incident response teams

Cooperation and information sharing among users as well as providers of networking,
systems, services and applications is facilitated by mechanisms such as Computer Emergency
Response Teams (CERTs) at national and regional levels, and the Forum on Incident Response
and Security Teams (FIRST) at the international level.

The CERT-function (also referred to in some countries or organizations as CSIRT, CIRT, and
PSIRT ) have been established to resist cybersecurity attacks and promote continuity of
operations/services/applications for users and providers.

The international FIRST provides a mechanism for enhanced cooperation and coordination
among computer security incident response teams from government, business, and
educational institutions. Its focus is incident prevention, assistance in responding rapidly to
incidents, and information sharing among members and the community at large. Cisco
Systems and its Product Security Incident Response Team (PSIRT) are among the current 181
teams across 36 countries that are FIRST members. Information on FIRST and a list of the
WSIS Action Line C5: Building trust and confidence in the use of ICTs
4/5
response teams that are members with links to their websites are given at:
http://www.first.org/
and
http://www.first.org/members/teams/
, respectively.

Leadership and participation in global, regional and national forums

Cisco Systems participants and frequently provides leadership in numerous global, regional
and national forums discussing issues related to cybersecurity and combating spam. The
beginning of 2007 marked an important milestone in the area of standards with the approval
of domain keys identified mail (DKIM) as a Proposed Standard by the Internet Engineering
Task Force. Combined with reputation services, DKIM can form an effective basis for
determining whether or not a message is spam.

Examples of forums in which Cisco is currently active include:

Global
ITU

Associate rapporteur for the ITU-D Question 22/1: "Securing information and
communication networks: Best practices for developing a culture of cybersecurity"

Speaker in ITU and ITU-T
SG 17 Workshops,
WSIS Thematic Meetings on Cybersecurity, and
WSIS C5 (Cybersecurity) Implementation Meeting

Partner with the ITU-D in Internet Training Centers (details below in section on
education and training)

IETF
Chairing the Internet Architecture Board (IAB) as well as several Security Area working
groups including:

DKIM (DomainKeys Identified Mail) � email authentication technology for
combating spam and phishing using a cryptographic signature to authenticate the
sender domain

EAD (EAP Method Update) - Extensible Authentication Protocol (EAP) [RFC 3748] is
a network access authentication framework used in the PPP (Point-to-Point
Protocol), IEEE 802.11 (WiFi), 802.16 (WiMax), VPN (Virtual Private Network),
PANA (Protocol for carrying Authentication of Network Access) , and in some
functions in 3G networks.

IPSec (IP Security) - set of protocols to securely exchange packets at the IP layer

SYSLOG (Security Issues in Network Event Logging) - standardize the syslog
protocol and transport as a means for logging system events
In addition, Cisco is currently engaging with interested parties both inside the IETF and
in other industry associations to improve web user authentication and further reduce
phishing.

IEEE

Cisco plays an ongoing role in various IEEE committees, in both wireless and
wireline standards, with focuses that include improving device and network security.

WSIS Action Line C5: Building trust and confidence in the use of ICTs
5/5
Regional/National

ENISA - European Network and Information Security Agency programs, Permanent
Stakeholders Group

NIAC � U.S. National Infrastructure Advisory Council, Cisco CEO, Vice Chair

FCC CSRIC - FCC Communications Security, Reliability and Interoperability Council
(Note: The FCC recently announced that the the CSRIC would be formed to replace the
existing FCC NRIC (Network Reliability and Interoperability Council) and FCC MSRC
(Media Security and Reliability Council))

In addition Cisco Systems is active in such groups as the Messaging Anti-Abuse Working
Group (MAAWG) that is bringing industry together to work collaboratively through initiatives
to address messaging abuses such as spam, phishing, virus attacks, and denial-of-service
attacks.
http://www.maawg.org/
The next MAAWG meeting will be held in Dublin, Ireland in
June 2007.

Strategic Alliances

The delivery of reliable and secure, end-to-end ICT applications/services/products creates the
need for an ecosystem that includes equipment suppliers, service providers, content
providers, and users. Strategic alliances are commercial arrangements that
companies/organizations develop to design and implement complementary and/or integrated
solutions to address user needs on a timely basis. They can also stimulate innovation and
competition.

While increasingly important due to convergence, advances in technology, and the expanding
range of applications, strategic alliances are commercial agreements related to specific
products and features among business partners and thus will not be elaborated upon here.
Cisco and many other companies are actively involved in strategic alliances that relate to
cybersecurity and combating spam as well as to many other capabilities and attributes.

Cisco's commitment to improved Cybersecurity is further demonstrated by the announcement
of its intention to acquire Ironport Systems, an industry leader in mail transport agents and
anti-spam services.
______________