Dimensions of cybersecurity and cybercrime

4 December 2008 - A Main Session on Security in Hyderabad, India

Original Proposal

The purpose of this workshop is to execute a clear and well-defined mapping of the different clusters of issues regarding security of the Internet and on the Internet. It will map out different categories of threats and different types of illegitimate behaviors and attacks, as well as identify the existing actors addressing these issues. It will identify the urgent issues and where the security community is positioned with respect to addressing them satisfactorily. It will also review in a holistic manner the various activities, cooperations, resources, tools and instruments envisaged and those already developed to tackle these problems. It will cover, inter alia, issues like: the legal contexts, social engineering, prevention, remediation, capacity building and forensics.

Cyberspace has emerged as the new frontier. Today, over a billion users can access the Internet; over the next five to ten years, several billion new and very diverse users will join the existing users 'on the net'. With the growth of users, the Internet will dramatically expand its reach and scope.

Security threats to the Internet are both evolving and increasing in number and sophistication. With the growing importance of cyberspace, threats like spam, botnets, viruses, DDOS attacks, and malware, identity theft and other types of fraud, as well as child pornography and other content-related offences create new challenges to the security and stability of the Internet and raise concerns for both users and policy makers at all levels. Stakeholders -- users, providers, and policy makers -- are grappling with how to 'secure cyberspace'. Given the global and interconnected nature of the Internet, cyber security and cyber crime have implications for developing and developed countries.

Security of any type, including cybersecurity, is a shared responsibility, but it is often not regarded as such, especially by the average Internet user. The problem is exacerbated by lack of knowledge, a perverse incentive structure, and the absence of a comprehensive and widely accepted framework in which to understand the scope of cybersecurity and the individual issues, and implement effective risk mitigation measures with which to improve it.