Report2019

G l o b a l C y b e r s e c i u r i t y C e n t e r f o r D e v e l o p m e n t

Published in December 2019

| 32

Taking a big leap forward

Addressing Global Cybersecurity ChallengesOverview

Public officials in emerging economies and our partners

To enhance the information security capacity of emerging economies

Joint seminar, Invitation-based training,

CMM on-site workshop

Established in 2015 under KISA (Korea Internet & Security Agency)

Stru

ctu

re

Objective

Programs

Ta

rget

About GCCD Global Cybersecurity Center for Development

Since its inception in June 2015, the Global Cybersecurity Center for Development(GCCD) has strived to align and expand its programs according to the evolving demands of the cybesecurity environment. As part of our endeavor, we have hosted several cybersecurity capacity building seminars in various regions to provide practical information and relay Korea’s experience according to the needs of local partners. Recently, two seminars were held in Costa Rica and Lao PDR, respectively. Additionally, we have hosted invitation-based trainings every year in collaboration with CAMP Annual Meeting for participants from all over the world.

To strengthen the cybersecurity capacity of developing countries, we have a trilateral cooperative partnership with the World Bank and Oxford University’s GCSCC. Together, we assess a country’s national cybersecurity level and provide training based on the assessment results. As of November 2019, the GCCD has provided cybersecurity follow-up workshop customized for Kosovo, based on the results of their National Cybersecurity Capacity Maturity Model(CMM). We will continue to expand our programs and partnerships and plan to update each program for improved quality for further seminars.

Global Cybersecurity Center for Development | 54

GCCD Activities and Performance

Invitation-based Training (in collaboration with CAMP)In July 2016, 35 participants from 23 countries were invited to Korea and given a training program. Based on the needs of the participants, we organized two courses, one in Information Security Policy and another in Cybersecurity Incident Response. The participants also had the opportunity to attend the inauguration ceremony and the 1st annual meeting of Cybersecurity Alliance for Mutual Progress (CAMP), which was also launched in July 2016.

In July 2017, 30 participants from 23 countries were invited to Korea and given a training program. In this second year, we offered courses based on the needs of the participants in National Information Security Policy and Information Security Technical Response. During the program, participants also attended the 2nd annual meeting of CAMP.

The following year, in September 2018, 35 people from 26 countries came to Korea and participated in a training program. In addition to attending the 3rd annual meeting of CAMP, all of the participants also visited the information security cluster in Pangyo, Korea, where they observed demonstrations of various types of attacks, such as door lock hacking. The program also included site visits to the South Korean information security corporations Ahnlab and Wins.

In September 2019, 36 participants from 27 countries were invited to Korea and given a training program. Based on the needs of the participants, we organized Hands-On Exercise regarding Cybersecurity Incident Response. The participants also had the opportunity to have business meetings with Korean information security SMEs and attend the 4th annual meeting of CAMP during the program.

Joint SeminarIn 2016, The GCCD hosted joint seminars in Montenegro and Moldova under the theme of Critical Information Infrastructure Protection (CIIP) and Information Security Management System (ISMS) respectively. We also held joint seminars in Guatemala, Bolivia and Indonesia. The ministries responsible for information security policy in these countries requested seminar themes that would help improve their information security capacity, and we tailored the seminars accordingly.

In 2017, the GCCD hosted a joint seminar in the West Africa region with Ghana’s Ministry of communications(MoC). The main theme of the seminar in Ghana was Cybersecurity Framework and Incident Response in Korea. To foster multilateral cooperation in the field of cybersecurity, KISA also organized the 1st CAMP Regional Forum in Africa.

2016-2019 GCCD Joint Seminars

Year Country Main Topic Co-host

2016

Montenegro Critical Information Infrastructure Protection (CIIP)

Ministry for Information Society and Telecommunications (MIST)

Moldova Information Security Management System (ISMS)

Ministry of Informational Technologies and Communications (MITC)

Guatemala

Cybersecurity Incident Response

Ministerio de Gobernacion(MINGOB)

BoliviaMinisterio de Obras Publicas, Servicios y Vivienda, Autoridad de Regulación y Fiscalización de Telecomunicaciones y Transporte(ATT)

Indonesia Information Security Manpower Training and Cyber Crime Response Desk Cyberspace National (DCN)

2017 Ghana National Cybersecurity Framework Ministry of Communications(MoC)

2018 Serbia Cybersecurity policy and CERT operation Ministry of Interior(MoI)

2019Costa Rica Cybersecurity Strategy Development and

Incident Handling

Ministry of Science, Technology and Telecommunication(MICITT), Central American Bank for Economic Integration(CABEI)

Lao PDR Cybersecurity Framework and Capacity Building Ministry of Communications and Post(MPT), LaoCERT

Global Cybersecurity Center for Development

GCCD Joint Seminar in Costa Rica(2019)

GCCD Joint Seminar in Lao PDR(2019)

The following year, in 2018, after considering the emerging demands of our trusted partners (including the ICT & Security ministries of partner countries and the embassies of the Republic of Korea in-country), we held the 2018 GCCD joint seminar in the Republic of Serbia. Our counterpart, the Serbian Ministry of Interior, gathered stakeholders from the National CERT and the Office for Information Technology and Electronic Administration to attend the seminar. At the seminar, the GCCD delivered a National Cybersecurity Policy and Framework, as well as guidelines for CERT/CSIRT operation.

In 2019, GCCD hosted two seminars in Costa Rica in April and Lao PDR in November, respectively. In collaboration with Ministry of Science, Technology and Telecommunication(MICITT) and Central American Bank for Economic Integration(CABEI), the first GCCD joint seminar was hosted at the CABEI regional office in Costa Rica with about 40 participants from Costa Rica. And at the last quarter of 2019, GCCD hosted the second joint seminar in Vientiane, Lao PDR with the LaoCERT, Ministry of Post and Telecommunications. At this joint seminar in Lao PDR, GCCD proceeded Hands-On Exercise with the theme of DDoS incident response. About 30 government officials from Lao PDR joined and discussed recent cyber threats.

| 76

GCCD Joint Seminar in Ghana(2017) GCCD Joint Seminar in Serbia(2018)

Global Cybersecurity Center for Development | 98

CMM(Cybersecurity Capacity Maturity Model) On -Site WorkshopThe first co-project(2016-2018) between World Bank(WB), KISA GCCD and Oxford University’s GCSCC was closed as of December 2019, supporting five countries as below.

In 2016, the GCCD conducted a training program on CSIRT operation policy and working-level tasks for officials from the Ministry of Economic Development (MED) and CERT managers from relevant organizations for Kosovo. The program was organized based on the request of the World Bank member country and the assessment results of the CMM of Oxford University’s GCSCC. The 3-day long program was comprised of two days of training courses and a one day site tour to an information security company.

The following year, in 2017, we went to Bishkek, the capital of Kyrgyzstan, and provided a 2-day long local CMM cybersecurity follow-up workshop for relevant stakeholders. GCCD co-hosted this seminar with the State Committee of Information Technologies and Communications(SCITC) from Kyrgyzstan and the World Bank group. The workshop in Bishek drew 57 participants from 38 organizations based in Kyrgyzstan.

In 2018, the 3rd CMM follow-up workshop was hosted in the Former Yugoslav Republic(FYR) of Macedonia in April. The minister of Information Society and Administration(MISA), Damjan Mancevski took part in the opening of the workshop. During the workshop, we discussed the country’s cybersecurity frameworks and shared Korea’s experience in cyber incident response and e-gov security.

Also, the 4th and 5th CMM cybersecurity follow-up workshop of the GCCD took place in Albania and Bosnia and Herzegovina respectively in the fourth quarter of 2018. The GCCD provided practical knowledge based on the experiences from major cyber incidents in Korea.

In 2019, the new co-project(2019-2021) between WB, KISA GCCD and Oxford University’s GCSCC was kicked off to support our partners. As the first partner of this newly launched project, GCCD team went to Prishtina, the capital of Kosovo, and provided a 2-day long local CMM follow-up workshop for the attendees. Ministry of Economic Development(MED) of Kosovo was the co-host and focal point of the Kosovo’s government. And particularly, it was the first CMM follow-up workshop which provided Hands-On Exercise and practiced incident handling.

On -Site Workshop in Kosovo(2019)

Workshop in Kyrgyzstan(2017) Workshop in FYR of Macedonia(2018) Workshop in Kosovo(2019)

CMM workshop press release in local mediaCMM workshop press release in local mediaOn -Site Workshop in Albania(2018)On -Site Workshop in Bosnia and Herzegovina(2018)

2016-2019 GCCD CMM On-Site Workshops

Year Country Main Topic Co-host

2016 Kosovo CSIRT Operations Ministry of Economic Development(MED)

2017 Kyrgyzstan National Cybersecurity Framework State Committee of Information Technologies and Communications(SCITC)

2018

FYR of Macedonia

Cybersecurity Incident Response and Analysis Case

Ministry of Information Society and Administration(MISA)

Bosnia and Herzegovina Cybersecurity Incident Response Ministry of Communications and Transportation

Albania CSIRT Operations and E-gov Security National Authority for Electronic Certification and Cybersecurity(AKCESK)

2019 Kosovo Cybersecurity Framework and Incident Response Ministry of Economic Development(MED)

Collaboration between WB-KISA GCCD-GCSCCStage Stage 1 Stage 2 Stage 3 Stage 4

ActivitiesIdentification

of the beneficiary countries

CMM Assessmentand

Dissemination

Delivery ofFollow-upWorkshop

Activity ImpactAssessment

Subject World Bank Oxford Uni. GCSCC KISA GCCD World Bank

Global Cybersecurity Center for Development | 1110

Invitation-based Training

The GCCD will continue to provide invitation-based training courses to support member countries’ capacities to respond to cyber incidents and establish cyber protection policies. These efforts not only strengthen the individual countries, but also contribute to the overall understanding of cybersecurity. To this end, we have utilized internally developed curricula and training materials and shared our hands-on knowledge with participants. In the future, we will continue to update and improve our training content in line with the changing cybersecurity landscape. We look forward to inviting people from around the world to participate in future training in Korea.

Joint Seminar

The cybersecurity joint seminar will cover the various themes requested by applicant countries interested in cooperation with GCCD and KISA for cybersecurity capacity building. The GCCD will design a tailored program for each country based on the country’s requests and its level of expertise and knowledge. GCCD delegations and experts will be determined according to the theme of each seminar. We will coordinate with the co-host organization and visit each country to share Korea’s experience in the field of cybersecurity.

Global Cooperation and Information-Sharing

With the aim of strengthening our partnership for knowledge sharing in the field of cybersecurity, we will keep moving forward to build relationships based on trust and mutual understanding. In addition, we will do our best to respond to our valued partners. Any form of cooperation, from bilateral meetings to MOU signings, will be welcomed as new opportunities to build constructive partnerships with trusted friends in the cybersecurity field.

GCCD Outlook GCCD History

Established in June 2015 Joint seminars in Costa Rica, Peru, Mongolia, India, Vietnam Invitation-based seminar in Seoul

Joint seminars in Montenegro, Moldova, Guatemala, Bolivia, Indonesia CMM On-Site Workshop in Kosovo

Joint seminar in Serbia Invitation-based seminar in Seoul CMM On-Site Workshop in Macedonia, Albania, Bosnia and Herzegovina

Joint seminar in Ghana Invitation-based seminar in Seoul CMM On-Site Workshop in Kyrgyzstan

Joint seminars in Costa Rica, Lao PDR Invitation-based seminar in Seoul CMM On-Site Workshop in Kosovo

2016

2019

2018

2017

2015