1887

Securing Information and Communication Networks

Best Practices for Developing a Culture of Cybersecurity. Final Report [Question 3/2]

image of Securing Information and Communication Networks

This report is composed of a number of best practice reports on different aspects of cybersecurity. An analysis of an ITU’s cybersecurity awareness survey demonstrates that while a number of countries have to improve cybersecurity awareness, some do not, and those that do often do not target key segments of society. Strong attention is often paid to child online protection as a priority. Information related to the ITU’s Global Cybersecurity Index (GCI) conducted is also provided.

English

.

National experiences with common criteria framework for security

The Question 3/2 terms of reference called for us to begin an exploration into national experiences with common criteria framework for security. As part of this exploration Question 3/2 received a contribution34 from United Kingdom of Great Britain and Northern Ireland outlined its experience with how Common Criteria is a reputable, open, international scheme which assists those who design and implement IT systems to select IT products which have appropriate security assurance levels. While there is no single tool or approach which guarantees that systems will be secure, Common Criteria is a widely-accepted and mature scheme which assists purchasers in the selection of products for which assurance is important. The Common Criteria Recognition Agreement (CCRA) has existed since 2000. Its function is to improve the availability of reliably evaluated IT security products and eliminate the burden of duplicated evaluations. Security testing is performed in independent laboratories against agreed standards. The laboratories have to be licensed as being competent and independent. More recently (2014), the CCRA has been updated to support a more detailed specification approach, involving experts from industry, academia, etc., in the setting of fundamental requirements for each area of technology which can then be clearly assessed by all.

English

This is a required field
Please enter a valid email address
Approval was a Success
Invalid data
An Error Occurred
Approval was partially successful, following selected items could not be processed due to error