(Orientation) ICT REPORT

[ National Information Security Policy Course ]
Azerbaijan
| Laman Huseynzade
THE REPUBLIC OF
AZERBAIJAN
CYBER SECURITY SERVICE UNDER THE MINISTRY OF

TRANSPORT, COMMUNICATIONS AND HIGH TECHNOLOGIES
DEPARTMENT OF INTERNATIONAL RELATIONS AND COOPERATION
LAMAN HUSEYNZADE
INFORMATION SECURITY POLICY COURSE

27 OCTOBER-2 NOVEMBER 2018
INFORMATION SECURITY STATUS OF AZERBAIJAN
CYBER SECURITY SERVICE UNDER THE MINISTRY OF TRANSPORT,

COMMUNICATIONS AND HIGH TECHNOLOGIES
SPECIAL STATE PROTECTION SERVICE

SPECIAL COMMUNICATION AND INFORMATION SECURITY STATE
AGENCY
COMPUTER EMERGENCY RESPONSE TEAM
AZERBAIJAN NATIONAL ACADEMY OF SCIENCES

COMPUTER SECURITY INCIDENT RESPONSE TEAM
INFORMATION SECURITY STATUS OF AZERBAIJAN
✓Capacity to detect and respond to cyber incidents 24/7

✓Capacity to fight against cyber crimes
✓Capacity to conduct military cyber defence operations
✓Capacity to protect critical information infrastructure
CYBER SECURITY SERVICE UNDER THE MINISTRY OF TRANSPORT,
COMMUNICATIONS AND HIGH TECHNOLOGIES
Established:
On the 26th september of 2012 the decree was signed by President of th
e Republic of Azerbaijan
Mission:
➢Coordination of information security authorities
➢Awareness and education of people and private sector
➢Incident handling
➢Prevention of cyber attacks
➢Eliminate results of cyber attacks
➢Monitoring internet traffic of country
➢Analyzing cyber threats
➢Providing services in the field of information security and
personal data protection
CYBERSECURITY STRATEGY
PROJECT CONTENT
1. INTRODUCTION
2. DEFINITIONS
3. AIMS AND PRINCIPLES
4. THREATS AGAINST NATIONAL CYBERSPACE
5. MAIN ACTIVITIES
5.1. Improving legal and organizational fundamentals of cyber security
5.2. Increasing cyber security of critical infrastructures
5.3. Fight against cybercrime
5.4. Conducting scientific researches and staff training
5.5. Increasing the culture of information security
5.6. Cooperation on cyber security
PROJECT SCHEDULE
1. ESTABLISHING OF WORKING GROUP (representatives from different
ministries) – APRIL 2018
1. PREPERATION OF DRAFT VERSION OF STRATEGY –MAY-AUGUST 2018
2. CONCORDANCE WITH GOVERNMENT ORGANIZATIONS – SEPTEMBER 2018
3. ASSES PROPOSALS OF GOVERNMENT ORGANIZATIONS – OCTOBER 2018
4. APPROVAL OF THE STRATEGY BY PRESIDENT – EXPECTED NOVEMBER 2018
5. PREPARING ACTION PLAN REGARDING TO THE STRATEGY – 3 MONTHS AFTER
APPROVAL
REQUIREMENTS
1. Identifying critical infrastructure
2. Improving legal acts based on international experience
3. Increasing staff training
4. Cooperation with different countries and international organizations in the field of
cyber security
GOALS AND CHALLENGES IN THE FIELD OF
INFORMATION SECURITY
1. APPROVING OF CYBERSECURITY STRATEGY
2. APPROVING OF ACTION PLAN REGARDING TO THE CYBER
SECURITY STRATEGY
3. IMPROVING LEGAL ACTS IN THE FIELD OF INFORMATION
SECURITY, AS WELL AS DATA PROTECTION
4. STRENGTHENING THE FIGHT AGAINST CYBERCRIME
5. PREPARATION OF HIGHLY QUALIFIED SPECIALISTS IN THE FIELD
OF INFORMATION SECURITY
6. STRENGTHENING CYBER SECURITY OF CRITICAL INFORMATION
INFRASTRUCTURES
COOPERATION BETWEEN AZERBAIJAN AND
KOREA
✓ System of the Electronic Government Training Center has been implemented b
y the grant of the government of the Republic of Korea.
✓ Experts regularly participate trainings and courses held by KISA and KOICA.
✓ We have presented some projects to KOICA in the field of information security.
✓ Our expert studied master education sponsored by KOICA.
✓ CYBER SECURITY SERVICE is a member of CAMP (The Cyber security Alliance fo
r Mutual Progress ) since 2016.
Cambodia
| Ratha Nuth
Cambodia ICT and Cybersecurity
Mr. Nuth Ratha,
ICT Security Department
General ICT Department
Ministry of Posts and Telecommunications, Cambodia
National Information Security Policy Course

29 Oct – 02 Nov 2018 11
1. About Cambodia
Temple
12
1. About Cambodia
Phnom Penh
Capital City
13
1. About Cambodia
SEA & Beach

14
2. Cambodia’s Telecom in Brief
Mobile Operators: 6
(3 share more than 90% of the market)
Fixed operators: 7
ISP: 33
Land Fiber Optical Network: 37, 800 Km

Viettel Cambodia: 17, 200 Km
CFONC: 19,000 Km
Telecom Cambodia: 1,600 Km
Sub-Marine Cable Projects (Ongoing):

Telcotech : MCT
CFONC : AAE-1
15
2G Mobile Network Coverage

➢Population Coverage: 99.0%
➢Geographical Coverage: 73.7%
3G Mobile Network Coverage

➢Geographical Coverage: 29.5%
4G-LTE Mobile Network Coverage

➢ Geographical Coverage: 12.7%
16
Fiber Optic Cable Infrastructure
Company Length Optic Cable
Viettel (Cambodia) 8,300 km

CFOCN 17,200 km
Telecom Cambodia 1,600 km
Total 27,100 km
17
2. Domain Registration
.org.kh .net.kh .per.kh .mil.kh .kh

.edu.kh 8.27% 1.05% 0.08% 0.20% 0.04%
.gov.kh 5.93%
6.55%
.com.kh
77.88%
18
3. About MPTC
19
3. Capacity
Capacity Development
Development onCambodia
on Cybersecurity in Cybersecurity
in Cambodia
OBJECTIVE
The overall project objective is to reinforce the function of concerned

division/organization such as CamCERT under Department of ICT Security
by installing the security devices for protecting the ICT assets of specific
government agency toward establishment of the Security Operation
Center (SOC) in near future.
OUTPUT
Output 1: Organizational and policy Improvement

Improve the organizational structure, policies, guideline to treat cyber incidents.
Output2: Awareness rising for cyber incidents

Improve awareness of governmental officials on cyberattack and develop function to
monitor such cyberattack.
3. Capacity
Capacity DevelopmentDevelopment
on Cybersecurity inon Cybersecurity
Cambodia (TO-BE)
in Cambodia (TO-BE)
OBJECTIVE
The overall project objective is to reinforce the function of concerned

division/organization such as CamCERT under Department of ICT Security
by installing the security devices for protecting the ICT assets of specific
government agency toward establishment of the Security Operation
Center (SOC) in near future.
OUTPUT
Output 1: Organizational and policy Improvement

Improve the organizational structure, policies, guideline to treat cyber incidents.
Output2: Awareness rising for cyber incidents

Improve awareness of governmental officials on cyberattack and develop function to
monitor such cyberattack.
3. Capacity
Cambodia (TO-BE)
in Cambodia (TO-BE)
OUTPUT 1
• Formulation of baseline standard and rule on the use of web application.

• Definition of critical infrastructure.
• Assignment of Point of Contact (POC) and share incidents to international
organization through such POC
• Definition of duties of demarcation of CSOs and CIOs
OUTPUT 2
• Trainings to improve incidents detection and analysis of capacity of CSOs of

Ministries.
• Development of curriculum for the training on the incidents detection and analysis.
• Formulation of program to improve cyber security literacy.
• Holding workshop for cybersecurity awareness rising for governmental agencies by
initiative by MPTC
3. Capacity
Cambodia (TO-BE)
in Cambodia (TO-BE)
EQUIPMENT
• IDS/IPS
• WAF
• Network Analyzing Tool
• Vulnerability assessment tool (for Web Application)
• SIEM (Security Information and Event Management) tool
IMPLEMENTATION SCHEDULE
APRIL 2019 ~ APRIL 2020
WE ARE LOOKING FOR FINANCIAL FUNDING SUPPORT FOR THIS

PROJECT
5. CHALLENGES
Challenges
• Cooperation with ISP

• Monitoring and preventing cyber attack
• No incident report from local
Issue
• Absent of law and regulation regarding cybersecurity

• Lack of expert
• Lack cybersecurity personnel
6. Cambodia-Korea Cooperation on ICT
• GAIS Project
• PAIS Project
• Cambodia ICT Masterplan 2020
• Consultation on Information Security Policy in Cambodia
• Feasibility Study on Digital Signature in Cambodia
Thank You
26
[ National Information Security Technical Course ]
Colombia
| Arnol Garavito
COLOMBIA
Boyacá Department
Government
ICT Direction
ARNOL FILYP GARAVITO OCHOA
1ST General Introduction of the Country
2nd ICT Status of the Country
Deficit of IT professionals
58.000 New Students
2014 IT Careers to 2018
93.431
2018
35.504
100%
EMPLOYMENT
Redeemable
ICT INDUSTRY Credits
Promotional
campaigns in IT
Careers
3.000 Young rural

entrepreneurs using ICT IT talent
for business training.
3rd Current ICT Issue of your Country
Currently the Departmental Government is

working on implementing the following tech
nology:
MiPymes formal with WEB and / o

r mobile presence
1.115 municipalities with 4G MiPymes that make transactions thr

cellular technology in 2018 ough
Electronic Commerce
4th Introduction of your organization
Health Secretary
Secretary of Agricultural
Development
Carlos Andres Amaya
Planning secretary
Governor
Secretary of Culture and

Tourism
Secretary of Education
1500 employees in Boyacá
Productivity Secretary
and ITC
5th Self Introduction (About Me)
I'm Arnol Filyp Garavito Ochoa, I'm husband and father of two magi
cal princesses, I'm a Electronic Engineer
and course master in management TIC, I'm currently
working in the Governorate of Boyacá, implementing different tech
nologies and promoting projects.
I consider myself a
very calm person, dreame, shy and responsible but
very cheerful. I like to work in the ICT area because
from there we can improve the quality of services to citizens and cr
eate developments for or nation.
Of the most recent things carried out, there are differen

t security projects supported by the Governorate of Boy
acá, with which security below free code equipment, n
etwork LAN intrusion detection system, among others i I believe that technology is th
n process. e way for the development of
a society
economically.
6th General Introduction of the DEPARTNMENT
¡THANK YOU!
Costa Rica
| Elder Briceno
Cibersecurity in Costa Rica
Elder Briceño Mendoza
Cybersecurity Analyst
Cybersecurity Incident Response Team
Ministry of Science, Technology and Telecommunications
29/11/2018
Cibersecurity policy and government
coordination in Costa Rica
• Cybersecurity Incident Response Team (CSIRT-CR)
– Created by decree in 2012, established in 2017.
– Government CSIRT and internal department in MICITT.
– SPOC for internal/external cybersecurity stakeholders.
• National Cybersecurity Strategy

– Developed with OAS support, published in 2017.
– Strengthen and articulate national cybersecurity.
Cybersecurity Initiatives and Challenges
• Strategical roadmap:
– Awareness raising
– Completing the legal framework
– Training current/potential CSIRT-CR employees
– Partnering with internal/external stakeholders
– National Cybersecurity Strategy implementation
Specific Initiative
• Developing the National Cybersecurity

Incident Response Protocol v1.0
– To establish a standardized CSIRT-CR service
handling.
– To comply with National Telecommunications
Development Plan (PNDT).
– To implement worldwide CSIRT best practices.
Thank you for your attention
CSIRT-CR <csirt@micitt.go.cr>
Djibouti
| Liban Houssein Ali
DJIBOUTI
DSSI
LIBAN HOUSSEIN
29/10 – 02/11
Information Security Technical Course
Republic Of DJIBOUTI
Djibouti is a country located in the horn of
Africa
▪ Capital: Djibouti
▪ Religion Muslim
▪ Population: Almost a Million
▪ Area: 23 200 km
▪ Language: French and Arabic
▪ Presence of Military Bases: USA, France, Japan, China
Who is ANSIE
ANSIE (National Agency of Information Systems) was created in 2016 and
is attached to the Presidency of the Republic
The Agency has many goals for 3 entities:
- For Administration:
❖ Modernization of the functioning of the administrations through the use of the new
Information and Communication Technologies (ICT)
❖ Allow a faster exchange of information between the administration and citizens
❖ Increased transparency on the part of the administration and a reduction in the
running costs of the administration
❖ Apply a vast program of dematerialization
- For Citizen:
❖ Make the administration more accessible to the citizen and facilitate his efforts
❖ Develops powerful and safe tools, to simplify the lives of Djibouti citizens, whether
health, civil status or taxation
Who is ANSIE
- For Enterprise:
❖ Supports companies in their administrative procedures by providing them with tools
to facilitate their exchanges and the transmission of documents with the
administration
ANSIE is administered by a Board of Directors that is the organ of

deliberation, follow-up and control of the actions of the Agency, with
regard to the orientations defined in the national strategy of e-
government.
ANSIE is composed of 4 departments:
▪ Administrative, Financial and Legal department

▪ Network Infrastructure and Systems department
▪ Studies and Planning Department
▪ Security Information Systems department
ICT STATUS OF Djibouti
The concept of Cybersecurity is new in Djibouti, we

are lacking almost everything
- No National Cyber Security Strategy

- No Law, Policies, Standard and Regulation
- No National CERT/SOC
- No National Digital Forensic Laboratory
- Poor Public and Private Partnership
ICT PROJECTS
- PKI Project with KICA:
➢ The goal is establish a National Public Key
Infrastructure solution in Djibouti
▪ No Law, Regulation and Standard
▪ No application like e-Gouvernement, e-Taxation, e-
Banking, e-Health
- E-ID
➢ ANSIE want to provide an Electronic Card or ID
for each citizen (On-going)
ICT GOALS AND
CHALLENGES
There are plenty of challenges for the

republic of DJIBOUTI
✓ Develop an adequate and interoperable national and
regional cyber security frameworks
✓ Implement protection plan for Critical Infrastructure
✓ Data protection
✓ Cyber security Risks and Incident management
✓ Establish National Computer Emergency Response
Team (CERT)
✓ Cybersecurity Training and Experts
COOPERATION BETWEEN
YOUR DJIBOUTI AND KOREA
Very good cooperation with the
republic of Korea:
o Mostly with the port of Djibouti
We need more cooperation in the Cyber Security

field
THANKS
Ecuador
| David Mayorga
ECUADOR
Servicio de Rentas Internas

IT Security
David Mayorga Polo
20-October-2018
Security Technical Expert Course / 29-Oct. to

02/Nov./2018
ICT facts
Banking sector:
• Defacement
• Spear phishing
• Malware
• DDoS
Nation's tax collection agency
Mission:
Manage the tax policy, within the framework of
the constitutional principles, ensuring the
collection sufficiency destined to the promotion of
the social cohesion.
GENERAL DIRECTOR
Tax Compliance Director Organizational

Development
Director
Business Core Units Business Support Units

IT Security Project – 2019
Anti-fraud Security Controls for IT services
• Strengthen access and monitoring controls through
specialized tools
• Implement robust controls for authentication and access.
• Implement double factor mechanisms and alerts on high risk
transactions.
-- February to November 2019 --
USD 320.000,00
Challenges
• National Cybersecurity strategy not developed

(including military).
• Protection of personal data not regulated.
• Lack of awareness in society poses a great risk.
• Cybersecurity attacks not properly reported.
• Internal fraud
• Budget restrictions
• Human resources restrictions
Cooperation
The Agency provides bilateral technical cooperation through the

following programs: Providing volunteers and experts to cooperate in
private and government institutions, nation wide projects, training,
scholarships for postgraduates and support to Korean non-
governmental organizations .
Egypt
| Ahmed Mashaly
Egypt
Eg-CERT
Cyber Security Awareness
Ahmed Mashaly
22-10-2018
National Security Policy/ 5days
ICT STATUS OF THE COUNTRY
We used to handle more than

200 incident each month
Now we have changed the

approach where we handle
incidents based on the affected
organization and the business
impact of the incident.
ORGANIZATION EXPLANATION
EG-CERT is charged with providing computer and

information security incident response, support, defense
And analysis against cyber attacks and collaboration with
governmental, financial entities and any other critical
information infrastructure sectors.
EG-CERT also provides early warning against malware

spreading and massive cyberattacks against Egypt's telecom
infrastructure. EG-CERT consists of five main departments,
which are Incident Handling, Cyber forensics, Malware Analy
sis and Penetration Testing and Awareness.
ICT PROJECTS
Project name :
National cyber security
awareness campaign.
ICT PROJECTS
PROJECT CONTENTS :
1- Planning.
2- Developing content and setting measurements.
3- Delivering the content.
4- Measuring the progress and improving the
material and delivery methods.
Estimated to start mid 2019.
ICT GOALS AND CHALLENGES
Being able to reach as many

organizations and citizens as
possible as efficiently as possible to
develop and deliver awareness
content that is sufficient to make
cyber security a culture and a habit.
COOPERATION BETWEEN
EGYPT AND KOREA
None yet but hopefully after this course we shall be

able to jumpstart cooperation between Egypt and
Korea in the area of cyber security.
El Salvador
| Guillermo Funes
El Salvador
MINISTRY OF JUSTICE AND
PUBLIC SECURITY
IT
GUILLERMO FUNES
29TH OCT 2018
2018 ICT EXPERT TRAINING PROGRAM
29TH OCT - 2ND NOV 2018
EL SALVADOR:
Area: 21,000 square kms (Smallest country in
Central America
Pupulation: 7,000,000
Mobile Phones: 9,000,000
Cybercrime Law (Feb 2016)

It Includes:
Crimes against Children and teenagers, Cyberbulling , Porn
Crimes against damages on Systems
Crimes against Unauthorized Access in any form
Crimes against theft of Electronic Identity
It Does Not Include: ISP duties, Network Administrators, other
CSIRTs,
Critical Infrastructure, Agencies coordination Etc
Ministry of Justice and Public Security:
Mission: We are in charge of the National Security
Main Departments:
• National Police
• Immigration department
• Correctional Facilities
• National Police Academy
Goverment’s CSIRT
Goverment Scope (Executive Branch Only)
Members:
• Ministry of Justice and Public Security
• National Police
• President’s Office
• Ministry of Education
• Deputy Ministry of Technology
• National Security Council (Leaded by the Minister of Justice and
Public Security)
 Development of a National Cybersecurity
Strategy
 Development of a Methodology of Cyberdefense
for Organizations(Public and Private)
 Development of a System for Early Awareness,
including Monitoring Devices
 Changing the law for include Cybersecurity and
Cyberdefense, Critical Infrastructures
Promove the Cybersecurity in the National
priority list
Protect the technology used againts crime :
• Telephone intervention
• Bracelets for law offenders
• System of jammers for cellphone signal around th
e correctional facilities
• Video surveillance System
• 400 Kilometers of fiber optic
Include into the law, several subjects, topics, and

policies regarding cybersecurity (Including CII)
 National Security:
 2011: Korea runs the first Suviliance System with 52
cameras(KOICA)
 2014: Korea runs a Suviliance System with 71 License Plate
Recognition cameras (KOICA)
 Cybersecurity:
 2018: Korea runs a diagnosis for Cybersecurity Status in El Salvador
(KEXIM-AhnLab): Support for Development of ISAC for the
Broadband Infrastructure Protection in El Salvador
 2019: Korea will establish a National Academy for Suvilliance
systems operators.(KOICA)
Thank you
Guillermo Funes
guillermo.funes@seguridad.gob.sv
gfunes@cert.Gob.sv
Honduras
| Jose Angel Pineda Ortiz
Honduras
National Emergency System

911
MSc. Jose Angel Pineda
Department of Information Technology
Oct 29th
Security Technical Expert Course / Oct 29th ~ Nov 2nd
ICT Projects & Status
ICT Projects and Status
Honduras
• E-Government
• Cybersecurity
• Free Wi-Fi Zones in public spot
• Broadband
ICT Status - Honduras
• Statistics
National Emergency System 911
Mission:
Serve and coordinate immediately the emergency calls
make it to the 911 for any citizen or foreigner inside
the national territory.
Objectives:
Save and protect life, goods and everyone in Honduras
through the qualified personnel of the National
Emergency System 911(nine, one, one) with the
highest standard of operativity.
Ongoing ICT Projects
• National Emergency System 911 New Centers

Copan (East Center)
Choluteca (South Center)
La Ceiba (North Center)
• National Emergency System 911 New Centers

Copan (East Center)
Choluteca (South Center)
Olancho (West Center)
• Geo-localization of the calls

• Speech Recognition
• Computer Vision task as Object Detection,

Segmentation, Face recognition
• Cyber security
• User’s Modules allocated in the website
• Mobile applications and GPS

Cooperation
Honduras – Korea Republic
Cooperation
Honduras - Korea
Thanks!!
Q/A
Indonesia
| Henry Tampubolon
Indonesia
Henry Tampubolon
Directorate of Standardization
DG SDPPI
MCIT
Information Security Policy Course
A GLANCE OF ICT POLICY IN INDONESIA
Thank you
Jordan
| Tareq Almajali
Information Security Policy
Jordan
Ministry of information
communication technology
security division
Tareq Ziad Al majali
16-10-2018
Information Security Policy
29-oct-2018 – 02-nov-2018
ICT and IT Enabled Services
(ITES)
Jordan’s ICT and IT Enabled Services (ITES) sector has come a long way in the past years and
has achieved a great deal of accomplishments in which we can all take great pride.
Today, the ICT ecosystem in Jordan is considered one of the most developed and robust in the region.
With the rise of internet penetration and the invasion of new technologies, ICT and ITES are
listed amongst the government’s highest priorities, and are expected to continue to contribute
to the Jordanian economy.
• Total population in Jordan around 9.80 million, internet users are around 8.70 million which means 89%
of total population.
• Also mobile connections are 11.34 million that means 116% of population in Jordan.
• Jordan has ranked in eighth place amongst the top 12 countries to fall victim to frequent cyber attacks in
the Arab world.
• The list was compiled by Kaspersky Lab, a multinational cyber security and anti-virus provider
headquartered in Moscow, Russia.
• According to statistics released by the Public Security Directorate (PSD), the number of cybercrimes
committed in Jordan since the beginning of 2018 has reached 1158 crimes.
Ministry of Information and Communications
Technology
Established in April 2002, the Ministry of Information and
Communications Technology [MoICT] is the government entity
responsible for articulating policy in the areas of Information
Technology, Telecommunications, and Post in the Hashemite Kingdom
of Jordan.
The sectors within Information Technology (IT) and Telecommunications are identified as particular drivers and enablers
of economic and social growth.
MoICT has overall responsibility for the achievement of National goals and objectives within ICT, and has various
means and relationships at its disposal through which to achieve them.
MoICT accordingly has broad powers of oversight and Action within the sectors that comprise ICT.
In addition to developing, incubating, and supporting ICT initiatives at a national level, the Ministry’s mandate includes s
timulating local and foreign technology investments as well as promoting awareness and adoption of ICT by all segments
by all segments of the population, in an all-inclusive approach.
The Ministry, through a dynamic public-private partnership process, works to create, promote, and drive new ICT
opportunities in Jordan, which will facilitate the positioning of the Kingdom as a regional player in technology adoption
and development, a key step to creating a knowledge-based economy.
National Information Assurance
and Cyber Security Strategy
National CyberSecurity Strategy (NCS) covering the period to 2023 provides a summary of the progress made against
the delivery of the objectives set out in 2012 and considers how current trends in cyber threats indicate a more robust national
approach to the governance of cyber security is required.
The use of Cyberspace is transforming business, making it more efficient and effective. It is opening up markets, allowing
commerce to take place at lower cost and enabling people to do business on the move. It has promoted fresh thinking,
innovative business models and new sources of growth and business opportunity for established enterprise and
emerging entrepreneurs alike. It enables companies to provide a better, cheaper and more convenient shopping experience
to customers. It also helps individuals to shop around, compare prices and find what they want.
These actors are not only working relentlessly to compromise digital assets, they are also looking for new and simple ways
of damaging its integrity and disrupting its availability.
Secure cyber space is essential for Jordanian entities to prosper, to grow and to demonstrate to external
organizations that Jordan is a safe place in which they can conduct business. For national security and prosperity, it is
incumbent upon us all to play our part; this includes both the public and private sector organizations and staff, as well as our
citizens. To address the challenges of cyber security head on, and seize the opportunities that cyber space offers,
requires leadership and governance of cyber at the highest levels.
NIACSS goals
•Strengthen Jordan’s National Security by Preventing Cyber Attacks to
Critical Information Infrastructures.
•Minimize Risks to Critical Information Infrastructures and Government
Networks by Reducing Vulnerabilities.
• Minimize Damage and Recovery Time from Cyber Attacks regardless of
source or intent.
• Enhance Jordan’s Economy and improve National Prosperity by
Increasing Confidence and Trust in Government, and by extension,
Private Information Systems Security, thereby encouraging investment
and creating opportunities for enhanced collaborative processes.
• Increase Information Security Awareness and its importance to National
Security through a National Information Security Awareness and Training
Program
KOICA in Jordan
KOICA implements projects related to "e-government" to promote the administrative efficiency and
transparency of developing partner governments.
Since narrowing the digital divide in a knowledge-based society expedites poverty alleviation and
promotes sustainable economic development, KOICA has made continuous efforts to reduce the digital
divide and facilitate economic development.
KOICA's ICT cooperation focuses on fostering ICT human resources by strengthening ICTeducation
infrastructure, and enhancing ICT education capacity implementinge-government initiatives such as
drawing up ICT master plans, and building infrastructure and systems, and expanding ICT usage by
launching internet phone networks, remote medical treatment, computerized libraries, Through these
assistance programs, KOICA is striving to achieve Target 18 of MDG 8, which aims to create global
partnerships for
development and make the benefits of new technologies available to the developing world.
Kosovo
| Rifat Hyseni
Kosovo
Tax Administration of Kosovo
IT Department
RIFAT HYSENI
29 October 2019
Information Security Policy Course/ PERIOD
(cybersecurity National Strategy)
ICT FIGURES BASED ON EACH COURSE.
- The Internet penetration based on users is at least 76.62% or
1,080,038 Internet users (based on Census 2011 total
population).
- subscription rates)
- No Information of umber of cyber attacks given monthly..
EXPLAIN ABOUT YOUR ORGANIZATION
Executive State Agency,
Administrating the revenue at National Level.
• Education,
• Audit,
• Collection,
Information Technology, Automation, Services etc.
DESCRIBE ICT PROJECTS IN YOUR
ORGANIZATION/COUNTRY (RELATED TO THE
TRAINING COURSE, EITHER ONGOING OR TO-BE)
• Modernization od TAK based on new ICT System. 2019-2021

• Cyber Security Strategy in progress to be formalized
• ICT Security Policy
DESCRIBE ICT GOALS AND CHALLENGES
OF YOUR COUNTRY/ORGANIZATION
• E-Government Program still not in place.
• Cyber Security Capacities not in place
• National CERT not in full function yet.
• Complete Cyber Security Policies not in Place yet
DESCRIBE COOPERATION BETWEEN
YOUR COUNTRY AND KOREA
- December 2016, Seoul - Training about Cyber Security Basics – KISA
- June 2017, Pristina- Cyber Security Assessment and Training
- June- November 2018, Pristina - Pilot Project implementing WAF for Tax
Administration of Kosovo,
Moldova
| Artur Munteanu
UNCLASSIFIED
Security and Intelligence Service of the Republic of Moldova
Republic of Moldova
Security and Intelligence Service

of the Republic of Moldova
Oct 29 (Mon) – Nov 2 (Fri), 2018
120
UNCLASSIFIED
ICT is one of the most dynamic sectors in the Moldovan Economy and
represents one of the priority areas for development for the Moldovan
Government
ICT Infrastructure:
• Fixed Communication;
• Mobile Connection;
• International Communication.
Information Security, Data Protection and Privacy:

• Internet Infrastructure (cybercrime, terrorism and attacks) – Moldova ranked globally
73rd (out of 165 countries) in the 2017 Global Cybersecurity Index
• Type of attacks – 680000 attacks were registered by the CEC in 2016, 27 attempts to
breach Government information systems in 2016 (Trojan Virus), dozens of Moldovans fell
victim of phishing in 2016, DDOS attacks, 13000 cregisteredases of theft from bank accounts
in 2016.
121
UNCLASSIFIED
Security and Intelligence Service

of the Republic of Moldova
MISSION: Efficient protection of fundamental rights and
freedoms of citizens, society and state against risks and
threats to state security.
One of the primary missions is to prevent and counteract aggressions in virtual
environment, domestic and abroad, targeting electronic communication systems of
national importance. This mission is carried out in accordance with the legislation in
force through the following operational processes:
• Developing proposals on ensuring informational security, developing and
promoting state policies in the field and exerting control in the process of ensuring
the protection of information in cyberspace;
• Developing strategies and implementing national policies in the field of
administration and ensuring the operation and security of communication systems.
122
UNCLASSIFIED
ICT Projects in the Republic of Moldova
Regarding general ICT development, Moldova has fulfilled 58% of the ICT
development index (2016).
Moldova has made significant developments in the area of secure environment

for e-services, electronic identification and electronic signature and fight against
cybercrimes.
Additionally, baseline cyber security is relatively well developed in Moldova.
Moldova has a personal data protection authority, legislation for information

classification, minimum requirements for cyber security, and requirements for
ICT systems’ audit
123
UNCLASSIFIED
The goals of the Republic of Moldova
Areas in the Republic of Moldova were developments are mostly

needed:
1. Cyber threat analysis;

2. Protection of essential e-services and critical information
infrastructure;
3. Capacity to manage large-scale cyber crises;
4. National defense capabilities.
124
UNCLASSIFIED
Cooperation between the Republic of

Moldova and the Republic of Korea
The Government of the Republic of Korea provides assistance in different
areas to the institutions of the Republic of Moldova through the Korean
Agency for International Cooperation - KOICA.
Also, a number of projects in the field of information and
communication technologies (Moldovan-Korean Information and Access
Center, etc.) were supported financially.
In 2015, KOICA provided financial support of € 200,000 to support
ICT in education. Continuing collaboration with KOICA on the $ 300,000
SMART EDUCATION project (development of digital textbooks,
educational portal, educational repository, educational software, teacher
training) continues.
Today, Republic of Korea is one of the most important investors in the IT field of
Republic of Moldova and contributable side to the working out of the Digital Moldova
2020 strategy, in the view of Korean experience as to cyber security.
125
UNCLASSIFIED
THANK YOU FOR YOUR ATTENTION!
126
Mongolia
| Dashbalbar Sukhbaatar
COUNTRY PROFILE
MONGOLIA
Communications Regulatory Commission of
Mongolia
Department of Administration and Cooperation
Dashbalbar. S
2018-10-29
Information Security Technical Course / 5 minute

CONTENT OF PRESENTATION
➢ COUNTRY PROFILE
➢ ICT SECTOR ORGANIZATIONAL STRUCTURE AND
WORLD RANK OF MONGOLIA
➢ STATISTICS OF ICT SECTOR OF MONGOLIA
➢ LEGAL ENVIRONMENT AND ESTABLISHMENT OF
CRC
➢ MISSION AND MAIN RESPONSIBILITIES OF CRC
COUNTRY PROFILE
COUNTRY PROFILE
ICT SECTOR STRUCTURE
President Parliament
Prime Minister
Communications
Communication and Information Cabinet members of
Regulatory Commission
Technology Authority (CITA)
(CRC) the Government
IT Park 16 Ministries
Data center 27 Agencies
CITIZENS, BUSINESSES, OTHER PUBLIC, AND PRIVATE ENTITIES
National ICT Policy Council was established on 15 Dec,

2017 supervised by the Cabinet Secretary;
ICT SECTOR:
KEY INDICATORS AND STATISTICS
2. NUMBER OF MOBILE SUBSCRIPTIONS /thousand subscriptions/ (2017.12.31)
4,500.0
3,886.2
4,000.0
3,409.4
3,500.0
3,027.2 3,068.2
2,811.5 2,877.6
3,000.0
2,373.0
2,500.0
2,023.0
2,000.0 1,743.5
1,500.0
1,000.0
500.0
0.0
2009 2010 2011 2012 2013 2014 2015 2016 2017
Source: CRC of Mongolia (2017.12.31)

4
CONTENTICT
OFSECTOR
PRESENTATION
IDI – Asia and the Pacific 2017
ICT Development Index /IDI/ 2017 Asia
IDI 2017 IDI 2016 IDI 2016
Pacific Country
IDI 2017 IDI 2017 IDI 2016 IDI 2016 Value Rank Value
Country Rank 2017
Rank Value Rank Value 1 Korea (Rep.) 8.85 1 8.80
1 Iceland 8.98 2 8.78 2 Hong Kong, China 8.61 6 8.47
2 Korea (Rep.) 8.85 1 8.80
3 Japan 8.43 11 8.32
3 Switzerland 8.74 4 8.66 4 New Zealand 8.33 12 8.23
4 Denmark 8.71 3 8.68 5 Australia 8.24 16 8.08
5 United Kingdom 8.65 5 8.53 6 Singapore 8.05 20 7.85
6 Hong Kong, China 8.61 6 8.47 7 Macao, China 7.80 29 7.55
7 Netherlands 8.49 10 8.40 Brunei
8 6.75 54 6.56
8 Norway 8.47 7 8.45 Darussalam
9 Malaysia 6.38 62 6.22
9 Luxembourg 8.47 9 8.40
10 Thailand 5.67 79 5.31
10 Japan 8.43 11 8.32
11 China 5.60 83 5.17
11 Sweden 8.41 8 8.41 12 Iran (I.R.) 5.58 85 5.04
12 Germany 8.39 13 8.20 13 Maldives 5.25 86 4.97
89 Albania 5.14 89 4.90 14 Mongolia 4.96 87 4.91
90 Seychelles 5.03 92 4.80 15 Philippines 4.67 100 4.52
91 Mongolia 4.96 87 4.91 30 Bangladesh 2.53 146 2.37
92 South 31 Pakistan 2.42 148 2.21
Source : ITU Africa
2017 4.96 88 4.91
32 Kiribati 2.17 155 2.04
33 Solomon Islands 2.11 154 2.04
34 Afghanistan 1.95 165 1.71
ICT SECTOR:
2. NUMBER OF MOBILE SUBSCRIPTIONS /thousand subscriptions/ (2017.12.31)
4,500.0
3,886.2
4,000.0
3,409.4
3,500.0
3,027.2 3,068.2
2,811.5 2,877.6
3,000.0
2,373.0
2,500.0
2,023.0
2,000.0 1,743.5
1,500.0
1,000.0
500.0
0.0
2009 2010 2011 2012 2013 2014 2015 2016 2017

4
ICT SECTOR:
3. NUMBER OF SMARTPHONE USERS (2017.12.31)
Mobile data users: 3,886,167
Data users: 2,625,685
Smartphone users: 2,439,236
3.74% 2.65%
71.90%
21.71%
2017 year: 26,354[TB]
2016 year: 17,455[TB]
Android IOS (Apple) OSs Other
Source:
10
CRC of Mongolia (2017.12.31)
ICT SECTOR:
4.NUMBER OF CABLE TELEVISION SUBSCRIBERS (thousands subscribers 2017.12.31)
900
855.9
800
796.6
700
725.8
669.9
600
Type 2017 year
500
523.8
Cable 5.70%
482.6
400
Satellite 44.68%
300
DTV 21.37%
294.5
200
210.8 IPTV 28.25%
100
Total 100.00%
0
2010 2011 2012 2013 2014 2015 2016 2017

24
ICT SECTOR:
5. Main economic indicators of the communication sector
5.1. Total investment of ICT sector /billion MNT/
300
Type Market share

250 Mobile service 71.92%
239.2 ICN 9.18%
233.2
IPTV 5.48%
200
204.6 Wholesale service 4.48%
Postal service 2.63%
173.2
150 TV broadcasting 1.93%
Cable channel 1.71%
122.2 Cable television 1.25%
100
107.7 108.0 Fixed telephone
0.51%
89.9 service
Internet service 0.19%
50
Other 0.72%
Total 100.00%
0
2010 2011 2012 2013 2014 2015 2016 2017

32
24
ICT SECTOR:
6. Main economic indicators of the communication sector
6.1. Total income of ICT sector /billion MNT/
1200
Market
Type
share
Mobile service 50.26%
1000
1,074.4
IPTV 11.78%
965.0 Internet 10.56%
933.3
800 850.4 Wholesale service 5.66%
784.0 Cable television 4.73%
ICN 4.30%
600 649.7 TV broadcasting 3.65%
538.9 Postal service 1.78%

470.9 Cable channel 1.50%
400
Fixed telephone 1.46%
VSAT 1.30%
200 NIIM 1.18%
Other 1.84%
Total 100.00%
0
2010 2011 2012 2013 2014 2015 2016 2017

31
32
24
ICT SECTOR LEGAL ENVIRONMENT
Legal Framework:
Communications Law (1995)

Law on Radio waves (1999)
Postal Law (2003)
Law on USOF (2006)
e-Signature Law, (2011)
Financial transparency Law, (2014)
National Payment System Law, (2017)
Government Resolution 159, 2017
About the government electronic databases and data exchange
About the e-Kiosk (ATM)
About government online services & PPP promotion
Draft of laws (2016-2017):

Amendment of Communications Law, Broadcasting Law, e-Government
Law, Information Security Law, Data Protection Law
ICT SECTOR COOPERATION
POLICY AND PROGRAM
The State Policy on

ICT Sector and Government Policy 2017 Development of ICT
(2017-2025)
Milestones
National e-Government
2012
program
2011 National Broadband Program
National Program on Information Security

2010
2008 National Program on Unified Registration System
2006 E-Mongolia National Program
2004 Midterm Strategy for ICT Development in Mongolia
1999 Vision for Mongolian ICT Development up to 2010

POLICY AND PROGRAM
Key Program and Projects:
➢ Mongolian National Data Center was established by Government

Resolution 183th that issued on June 24th 2009 and MNDC is
funded by Government, responsible for stability, security,
reliability of Mongolian national electronic data system;
➢ Launching of e-Kiosk machines, 2013;
➢ Creation of 11-11 Call Center, 2014;
➢ UBIT Initiative : Smart Ulaanbaatar City Program, 2014-2020;
➢ Expansion of National Backbone Network to Soums level (Rural
areas),
➢ development of public key infrastructure as well as
establishment of XYP data exchange platform among
government organizations, 2016-2020;
➢ Smart Government Project, The world Bank, 2016-2020;
THANK YOU FOR YOUR
ATTENTION
Contact Address:
Dashbalbar. S,
IT & Network Security Officer
Communications Regulatory Commission
Metro Business Center, Fl-5,
Sukhbaatar District, Ulaanbaatar 14201
MONGOLIA
Tel: 976-99094645
Mail: dashbalbar@crc.gov.mn
Web: www.crc.gov.mn
Montenegro
| Goran Tomkovic
Cybersecurity in Montenegro
Goran Tomković
CIRT-ME
Ministry of Public Administration

“Information Security Technical Policy”
South Korea, October 2018
Cybersecurity Status in Montenegro
Homes: Businesses:
• 55,9% have PC access, • 94,3% businesses use PC’s.

• 37,6% have laptops
• 94,9% have mobile phones,
• 67,5% have Internet access at home.
Year Incidents
2013 22 Incidents:
2014 42
• Malware,
2015 132 • Web Defacement
2016 - May 163 • DDoS
2017 532 • Internet Fraud
• Inappropriate content on the Internet
2018 (1 oct) 364
Total 1255
Cybersecurity Status in Montenegro
CIRT Services
•Incident Handling, Response
and Coordination
•Security Advisories
•Awareness, Training &

Education
Cybersecurity Projects
New Cybersecurity Strategy for Montenegro 2018-2021 (finished)
•Critical Information Infrastructure Protection (ongoing)
•Establishing a Security Operations Center (SOC) (ongoing)
•Expanding National CIRT capacities (planned)
•Implementation of DLP (Data Loss Prevention) system (planned)
•Education of children, teaching staff, school pedagogues and

psychologists (planned)
Cybersecurity Challenges
•Limited resources of the National CIRT
•Limited resources of Law Enforcement Agencies
•Public-Private Partnership
•General cybersecurity awareness level

Montenegro – South Korea Cooperation
•World Bank
• KISA –Montenegro Joint Cybersecurity Seminar – May, 2016
•CAMP 2018 3rd Annual meeting & GCCD Cybersecurity Seminar
•CAMP Membership
Peru
| Adriana Alejandra Narvaez Palacios
FONAFE
Fondo Nacional de Financiamiento de la Actividad Empresarial del Estado
National Fund for the Financing of the State's Business Activity
Lima - Perú
Adriana Alejandra Narváez Palacios
Octubre 2018
Information Security Policy Course/
29 Oct – 2 Nov
Timeline
Profesional experience
Risk Management Trainning KISA
2018
Practicante de
Manufactura 2016 - 2018
2011 Especialista de Riesgos
Analista de Riesgos
Practicante de y procesos
2017 2018
Riesgos Information Security
Magister en Policy Course
2010 - 2011 2012 - 2014 Administración
de Empresas
2011 2014 - 2016

Bachiller
Consultor de
Universidad de
Riesgos
lima
2011 - 2012
Asistente de Master en
GRC Riesgos
CULTURE: MACCHU PICCHU CITY (CUZCO, TYPICAL FOOD: CEVICHE
PERÚ)
PERÚ
CULTURE: NAZCA
LINES (ICA, PERÚ)
CULTURE: AMAZONAS RIVER (IQUITOS,

PERÚ)
Video: Perú Live the legend:
https://www.youtube.com/watch?v=gGq_U1DYUCs
2ND ICT STATUS OF PERÚ
Peru is the country with the lowest pe

rcentage of protected equipment in La
tin America
Ransomware, phishing and crypto

jacking are the most current form
s of users and businesses in Peru.
At the regional level, it is estimat
ed that cyber attacks will rise by
35% during 2020.
Actually Latin America is vulne
rable to cyber attacks, only six
countries have cyber security
strategies, while most are not
ready for new threats
The survey shows detailed results of Peru on investment to ensure
terminal points, databases and applications, using authentication
and identity management solutions, fraud detection and the use of
analytical tools, investments in cybersecurity.
Inglés
3RD COMPANY FONAFE
MISSION
"We are the corporation of
State companies that
provides quality goods and
services and generates value
economic, social and
environmental for the
development of the country“
Nuestro principal objetivo es

ser parte de la OCDE.
32 companies
Relationship between Risk Management and other frameworks
It allows management to
have an efficient strategy
Promotes the to ensure compliance
establishment of
adequate controls that
Corporate with the Company's
objectives.
mitigate the effects of Governance
an unwanted
interruption or disaster
Business
ISO 9001
Continuity
Provides an approach
on which to base
Allows the them. processes to
strengthening of
Risk Management guarantee the
Information quality of products
Security and / or services
Internal
ISO 27001
Control
Provides the guidelines
It focuses on the for the development of
development of controls that the Risk Assessment
ISO 37001 component
serve for the development of
Anti-Bribery Management
4TH ICT PROJECTS
Project 1: Improvement of Business Management
New Web Portal FONAFE
• Improve the Fonafe website
Project 2: Improvement of Business Management
Intranet FONAFE
• Improve Fonafe's intranet
Project 3: Implementation of Information Security Management FONAFE
• Prepare policies, manuals and corporate guidelines
Project 4: Improvement of Business Management Corporate Contact Center (CCC)
• Centralize as the only point of attention to the citizen through voice solutions, mail, social
networks, SMS and interactive chat.
5TH ICT GOALS OF PERU
In Peru there is a digital government
secretary in charge of the Presidency
of the Council of Ministers, in
addition there is a working group for
the implementation of the digital
national agenda with a view to the
year 2021, in that year Peru
celebrates its 200th anniversary as
the foundation of the country.
6th COOPERATION COUNTRY
AND KOREA
The "VI International Conference of the Public Company
Network: Transparency and Integrity as Pillars of Good
Management", This is an event that takes place every year, is
organized by the Inter-American Development Bank (IDB), in
cooperation with the Government of Republic of Korea of the
South, and the development of Good Practices in the
countries of Latin America and the Caribbean
Fonafe is a regulatory entity of the Peruvian state,

currently several international cooperation organizations
supported by the Republic of Korea, promotes the
Peruvian state manages to promote a digital state, a
government interconnected among its public institutions.
The Republic of Korea of the South and the various
organizations have managed to draw a road map
thinking about the development of Peru, which is about
to complete its bicentennial in the year 2021.
THANK YOU!
Tunisia
| Nada Laabidi
ARAB INFORMATION AND COMMUNICATION
TECHNOLOGIES ORGANIZATION
DEVLOPMENT AND STRATEGIC PLANNING

DEPARTMENT
NADA LAABIDI
National Information Security Policy
29 October-02 November 2018
CyberSecurity in the Arab region
1. ICT status in the Arab region
2. Cybersecurity status in the Arab region
2.1 : Cybersecurity readiness of Arab States
2.2 : Cybersecurity strategies and approaches
2.3 : Cybercrime Legal Frameworks & Measures in
the Arab countries
2.4 : Data protection
2.5 Regional frameworks
3. Arab ICT Organization and its commitment for a safer cybers
pace in the Arab region
4. Cooperation between AICTO and Korean
institutions/Companies
(some indicators)
3 5 6 3
IDI value in the Arab Region
ICT Development Index (IDI) 2017 (ICT access – ICT use – ICT Skills)
International Telecommunication Union
(some indicators)
• Highest- and lowest-ranking Arab Countries, IDI 2017
(some indicators)
• Proportion of households with internet access, 2017 : 47,2 %
Internet penetration rate for Men and Women

Proportion of individuals using the Internet, by , 2017
age, 2017 60
47.7
50
39.4
40
43.7
30
20
64.2
10
0
Male Female
Male Female
Total Population Ages 15-24
Source : ITU
2. Cybersecurity status in the
Arab region
Arab region
• Cyberattacks in the Arab region
• UAE : Country faced 86 cyber attacks in the first two months of 2018
• Kuwait : In February there was an attempt by cyber criminals to hack
the website of Kuwait's Ministry of the Interior
• Saudi Arabia : December 2017 Saudi Aramco's (Saudi Arabia's state-
owned oil company) safety system was attacked by malicious software
• Tunisia : March 2018, DDoS attack against the OVH servers hosted in
the Tunisian Internet Agency (IXP).
• In May 2017 all Golf countries were subject to Wannacry ransomware
Arab region
– 2.1 : Cybersecurity readiness of Arab States

– 2.2 : Cybersecurity strategies and approaches
– 2.3 : Cybercrime Legal Frameworks & Measures
in the Arab countries
– 2.4 : Personal Data protection
– 2.5 : Regional frameworks
Arab region
2.1 : Cybersecurity readiness of Arab states
Global Cybreresecurity Index – 2017 (ITU)
Wich measures the commitment of countries around the world to

Cybersecurity with regard to the following five pillars : Legal, Technical, Orga
nizational, Capacity Building, Cooperation
Arab region
Global situation of the commitment and the readiness of Arab State
Arab States scorecard (green for high, yellow for medium, and red for low).
s upon the basis of the 25 indicators (GCI – 2017)
Arab region
2.1 : Cybersecurity readiness of Arab states
R.R Country Score G. Rank R.R Country Score G. Rank
1 Oman 0.871 4 12 Syria 0.237 102
2 Egypt 0.772 14 13 Palestine 0.228 104

3 Qatar 0.676 25 14 Libya 0.224 105
4 Tunisia 0.591 40 15 Lebanon 0.172 119
5 Saudi Arabia 0.569 46 16 Mauritania 0.146 125
6 United Arab E 0.566 47 17 Kuwait 0.104 139
mirates
7 Morocco 0.541 49 18 Djibouti 0.099 140
8 Bahrain 0.467 65 19 Iraq 0.043 159
9 Algeria 0.432 68 20 Comoros 0.040 161
10 Jordan 0.277 93 21 Somalia 0.034 162
11 Sudan 0.271 96 22 Yemen 0.007 164

Ranks and scores - GCI-2017
Cybercriminal legislation
in the Arab region
10Algeria – Bahrain – Egypt – Morocco – Oman – Qatar – Palestin

High
4 Djibouti – Jordan - Saudi Arabia - Syria
e – Sudan – Tunisia - United Arab Emirates
Medium
Low
8 Comoros – Iraq – Kuwait – Lebanon – Libya – Mauritania – Somalia - Yemen
CyberSecurity legislation
in the Arab region
7 Algeria – Egypt – Morocco – Oman – Qatar – Tunisia - United A

High
8 rab Emirates
Bahrain – Jordan – Kuwait – Mauritania - Saudi Arabia – Palestine – Sudan - Syria
Medium
Low
7 Comoros – Djibouti –Iraq- Lebanon – Libya – Somalia - Yemen
CyberSecurity Training
in the Arab region
High
10Algeria – Bahrain – Egypt – Morocco – Oman – Qatar - Saudi Ar
abia - Syria – Tunisia - United Arab Emirates
Medium
Low
12 Comoros – Djibouti – Iraq – Jordan – Kuwait – Lebanon – Libya – Mauritania –
Somalia – Palestine – Sudan - Yemen
CyberSecurity - LEGAL MESURES
in the Arab region
Cybercriminal legislation - CyberSecurity legislation - CyberSecurity Training
9 Algeria – Bahrain – Egypt – Morocco – Oman – Qatar - Saudi Ar

High
3 abia – Tunisia - United Arab Emirates
Palestine – Sudan - Syria
Medium
Low
10 Comoros – Djibouti – Iraq –Jordan –Kuwait –Lebanon –Libya – Mauritania – So
malia -Yemen
CyberSecurity – TECHNICAL MESURES
in the Arab region
National CERT/CIRT/CSIRT - Government CERT/CIRT/CSIRT - Sectorial CERT/CIRT/CSIRT - Stan
dards for organizations - Standards for professionals - Child online protection
Qatar
5 Egypt – Morocco – Oman – Qatar - Saudi Arabia

High
6 Bahrain – Palestine – Sudan – Syria – Tunisia - United Arab Emirates
Medium
Low
11 Algeria – Comoros – Djibouti – Iraq – Jordan – Kuwait – Lebanon - Libya – Mau
ritania – Somalia - Yemen
CyberSecurity – ORGANIZATIONAL MESURES
in the Arab region
Strategy – Responsible Agency – Cybersecurity metrics
2 Oman – Qatar
High
10 Algeria – Bahrain – Egypt – Jordan – Lebanon – Libya – Mauritania – Morocco – Tu
nisia - United Arab Emirates
Medium
Low
10 Comoros – Djibouti – Iraq – Kuwait - Saudi Arabia – Somalia – Palestine – Suda
n – Syria - Yemen
CyberSecurity – CAPACITY BUILDING
in the Arab region
Standardization bodies – Cybercesurity good practices – R&D programmes – Public awarness
campaigns – Professional programmes – incentive mechanisms – Home-Grown industry
5 Egypt – Oman – Qatar - Saudi Arabia - Tunisia

High
5 Algeria – Jordan – Libya – Morocco - United Arab Emirates
Medium
Low
12 Bahrain – Comoros – Djibouti – Iraq – Kuwait –Lebanon – Mauritania – Somalia
– Palestine – Sudan – Syria - Yemen
CyberSecurity – COOPERATION
in the Arab region
Bilateral agreements – Multilateral agreements – International participation – Public Private Partners
hips – Interagency partnerships
4 Egypt – Oman - Saudi Arabia - Tunisia

High
7 Algeria – Bahrain – Djibouti – Lebanon – Morocco – Qatar - United Arab Emirates
Medium
Low
11 Comoros – Iraq – Jordan – Kuwait – Libya – Mauritania – Somalia – Palestine –
Sudan – Syria - Yemen
GCI in the Arab Region
Legal Measures – Technical Measures – Organizational Measures –
Capacity Building – Cooperation
4 Egypt – Oman – Qatar - Tunisia

High
5 Algeria – Bahrain – Morocco - Saudi Arabia - United Arab Emirates
Medium
Low
13 Comoros – Djibouti – Iraq – Jordan – Kuwait – Lebanon – Libya – Mauritania –
Somalia – Palestine – Sudan – Syria - Yemen
Arab region
2.1 : Cybersecurity readiness of Arab region
Top three ranked Arab countries and an average score GCI-2017
Country GCI Legal Technical Organization Capacity Buil Cooperation

al ding
Oman 0.87 0.98 0.82 0.85 0.95 0.75
Egypt 0.77 0.92 0.92 0.4 0.92 0.7
Qatar 0.67 0.83 0.82 0.65 0.78 0.33
Source : Global Cybersecurity

Index 2017 - ITU
Arab region
2.2 : Cybersecurity readiness in the Arab region
Comparison GCI and IDI in the Arab States
Source : Global Cybersecurity Index 2017 - ITU

Cybersecurity STRATEGIES
in the Arab countries
National Cybersecurity Strategies or a part of the National Digital/ICT Strategy
13Egypt – Oman – Qatar (2014) – Tunisia – Morocco – Sudan – UAE – Ba

hrain – Kuwait – Saoudi Arabia– Jordan (2012) – Palestine – Iraq
National CIRTs
In the Arab region
10 Egypt – libya - Morocco - Oman – Qatar – Saudi Arabia – Suda

n – Syria –Tunisia - United Arab Emirates
National CIRTs
Arab region
2.3 : Cybercrime Legal Frameworks & Measures in the Arab countries
12 countries
Cybercrime’s Law
Arab region
Country Legislation en Description
acted
Morocco 2003 law to fight terrorism in 2003. It resorted to this law to thwart some web sites that used by te
rrorists to launch their attacks.
Tunisia 2003 The Tunisian legislator took a measure to resist the phenomenon of terrorism by issuing a law to fight
terrorism on December 10th, 2003. The first chapter of this law referred to the fight and rejection of t
errorism. The second chapter referred to the definition of terrorism, crimes of money laundering, fun
ding of terrorism. The third chapter dealt with the sanctions to be inflicted with a view to preventing
such crimes
Saudi Arabia March 2007 Royal decree in 2007
Anti-Cyber Crime Law, Royal Decree No. M/17, 26 March 2007
Sudan 2007 Cybercrime Act, 2007
Algeria 2008 In 2008, the Algerian government tabled a new draft before the national parliament to fight agains
t cyber crimes. By virtue of this draft, the government will be entitled to punish all criminals who wou
ld break into or destroy web sites and computers, steal protected data and numbers of credit card
s, establish or visit pro-terrorist sites. In the same vein, Algeria issued a law, in 2005, to fight terrorism,
money laundering and terrorism funding.
Oman February 2011 Royal Decree No 12/2011 issuing the Cyber Crime Law
Source : Research Paper - Joyce Hakmeh - Cybercrime Legislation in the GCC Countries - Fit for Purpose?
- Database of Legislation of the UNODC
Arab region
Country Legislation enacted Legislation / Law title
UAE August 2012 Federal Decree Law no. 5 (2012) On Combating Cybercrimes
Bahrain September 2014 Law No. (60) of 2014 on Information Technology Crimes
Qatar September 2014 Law No. (14) of 2014 Promulgating the Cybercrime Prevention Law
Kuwait July 2015 Law No. (63) for the year 2015 on Combating Information Technology Crimes
Cybercrime Law that contains 18 articles dealing with the complete spectrum of c
Jordan ybercrime, including everything from minor offences such as unauthorised access
to computer material to more serious crimes like identity theft and credit card frau
d
Egypt 2018 Law No.175/2018 « Anti-Cybercrime law »
Anti-Cybercrime law regulates activities online

Combationg information technology Law
Source : Research Paper - Joyce Hakmeh - Cybercrime Legislation in the GCC Countries - Fit for Purpose?
- Database of Legislation of the UNODC
Arab region
2.4 : Personal Data protection
• Some countries in the Arab region are giving importan

ce to safeguarding individuals’ personal information an
d are addressing this through effective data protection
legislation.
• Egypt, Saudi Arabia, UAE & Tunisia all have data prote
ction legislation.
Arab region
2.5 : Regional frameworks
Arab Convention on Combating Technology Offences

(21/12/2010)
Ministers of Interior and Justice in all Arab countries signed this convention
on behalf of their States
The purpose of this convention is to enhance and strengthen cooper

ation between the Arab States in the area of combating information
technology offences to ward off the threats of such crimes in order t
o protect the security and interests of the Arab States and the safety
of their communities and individuals.
Towards a Sustainable Arab Digital Society

About AICTO
The Arab ICT Organization «AICTO» is a specialized Arab

governmental organization working under the aegis of the
league of Arab States, located in Tunis, and has been operational
since 1st January 2008.
AICTO creation resulted from the will of the Arab States to
contribute to the development of ICTs and providing the
necessary mechanisms to reinforce cooperation between its
members while promoting and enriching common strategies and
policies to ensure an equitable access to ICT to all Arab citizens.
Members
Being a multi-stakeholder technical organization,

AICTO membership is open to the Public and private
sectors and the Civil Society dealing with ICT and
represented in the Arab region and worldwide in the
quality of "Associate Member", in addition to the
Arab States members of the League of Arab States,
represented by their ministries of ICT.
Our mission
Providing an open platform for ICT Multi-

stakeholders(Public sector, Private sector,
Civil Society and specialized bodies) for
dialogue, experience & expertise sharing
and for technological knowledge transfer.
AICTO’s Vision
Towards a harmonious Arab digital society bas

ed on the creativity and innovation, boosting t
he Arab-Interregional complementarity and co
ntributing efficiently to the development of the
global sustainable digital economy.
Our Strategic goals
• AICTO-SG 1 : Ensuring the transition of Arab countries to the All-Digital and

enabling Arab Citizens to benefit from innovative digital services
• AICTO-SG 2 : Achieving the Arab complementarity and bridging the digital
gab within the Arab region
• AICTO-SG 3 : Unifying and coordinating Arab positions serving their own str
ategic interest within international organizations/at the international level
• AICTO-SG 4 : Boosting the Arab countries’ contribution to the implementatio
n of sustainable development goals 2030 while enhancing their inclusion in
the global digital economy
AICTO’s Strategic vision
Regional Projects &
programs
Regional & International
E-
cooperation
transformation
Joint interregional projects
& actions
E-Innovation
AICTO Working groups
4E Implementa
Strategic
Strategy tion
Vision E-Inclusion Rosters of Experts/ Think
Tanks
Capacity Building (ATAC)
E-Trust
Technical Assistance
E-trust
Technical Studies and

CyberSecurity researches
3. AICTO’s commitment for a safer
cyberspace in the Arab region
AICTO projects & programs
AICTO’s programs
& Projects
Program 1 :
E-Trust : AAECA-Net
AAECA-Net WG1- E-trust-T
AAECA-Net WG2 - E-trust -L
Working Group :
Program 2. CS Technical Program 3. CS Capacity Program 4. CS Studies &
assistance & consultancy Building & Awareness Reports Cybersecurity & Data
Privacy
ARAB INFORMATION AND COMMUNICATION TECHNOLOGIES
ORGANIZATION
Program 1 : E-Trust
Towards building an
interregional - PKI’s (Public and - Awareness activities - Common Training
Multistakeholders private) actions
- Technical assistance
e-Trust Network - Governmental
- Trainings and - Common
based on Laws bodies (Ministries,
Vision & Main principles :
Membership
Activities
Opportunities for Collaboration

Capacity building Technical
Harmonization, regulators,…)
E-trust services
activities assistance actions
- Private companies
Interoperability and a - Studies & surveys - Common studies
(Infra and Solution
strong cooperation and reports
Suppliers, consulting - Working Groups :
framework
cabinets…) - AAECA-Net WG1- - Bi-Multilateral
- Open Interregional
- Universities & NGOs E-trust-T cooperation and
Multistakeholders
- AAECA-Net WG2 - partnerships
Network
- Open and flexible E-trust -L agreements
platform for Sharing (Harmonization of
global experiences & legal framework,
best practices Technical WG…)
- Coordination and
building up of an
upward convergence
framework
ORGANIZATION
Program 2 : CyberSecurity Technical

assistance & consultancy
Providing assistance to - On-site Technical assistance - Common Technical
- Arab LDCs to improve - Consultancy actions assistance actions
security in the digital space - Common Consultancy
- Working group :
- Arab countries having low Cybersecurity & Data Privacy assignments
Main principles and Focus :
scores in the GCI through

Activities

(Members : - Arab & - Common on-site hands-
consultancy missions (for
International on workshops
legal and technical levels )
Instituions/companies
- Arab countries not having working in the field
yet their - Arab & International Experts )
national/Govermental/Sectori
al : CERT/CIRT/CSIRT
ORGANIZATION
Program 3 : CyberSecurity Capacity

Building & Awareness
Organizing forums, - Forums - CommonTraining

workshops, trainings on workshops
- Workshops
cybersecurity in order to
keep updating knowledge - Awareness open days - Common Certifying
and improving the skills in Trainings
Working group :
Activities

the field of Cybersecurity Cybersecurity & Data Privacy - Common Awareness
as well as sharing of best
Within the scope of the workshops/actions
practices (both on the
AICTO Technology
technical and legal levels) - Common Cynersecurity
Academy (ATAC)
Drills and Hachathons
- State personnel training (all
- Trainings sessions : special
economic sectors) - Know how transfer
program for Cybersecurity
- Private sector
- Poliy Makers, Law makers
- Law-enforcement
- Managerial and decision-

making-level
ORGANIZATION
Program 4 :
CyberSecurity Studies & Reports
Conducting regional studies - Surveys - Common Studies
and surveys to collect
- Studies - Common reports &
updated data on the status of
the CS in the Arab region Roadmaps
- Working group :
(some studies includes also Cybersecurity & Data Privacy - Common database on
the African region) :
Cybersecurity indicators in
Activities

Cyber attacks indicators and the Arab region
threats facing the region (s)
The status of the regulatory

and legal frameworks
- Preparation and publishing

of White books (about the
best practices towards safer
internet and related subjects
Status in quo
• The Arab Information and Communication Technologies Organizat

ion ( AICTO) has joined the Cybersecurity Alliance for Mutual Pro
gress (CAMP) family as a member
• Also, AICTO is member of Operations Committee of CAMP.
The way forward :

Multilateral Sustainale Solutions
Cybersecurity is a major priority and it requires strong Cooper

ation relationships at the regional and international levels i
n order to create collaborative approach with input from all k
ey stakeholders in order to promote an open, free, and secure
cyberspace for everyone everywhere
ORGANIZATION
Opportunities for Collaboration and

partnership
AICTO programs Opportunities for Collaboration Benefits

•Program 1 : E-Trust •- Common Training actions
• Know how transfer
•Program 2 : Technical - Common Technical assistance actions
• Dissemination of
assistance & consultancy •- Bi-Multilateral cooperation and partnerships agreements
products & solutions
•Program 3 : Capacity •- Common Consultancy assignments
- Common on-site hands-on workshops • Setup of pilot
Building & Awareness
•- Common Awareness workshops/actions projects in some Arab
•Program 4 : Studies &
- Common Cynersecurity Drills and Hachathons- Common countries
Reports
Studies, reports & Roadmaps • Business
- Common database on Cybersecurity indicators in the Arab opportunities
region
identification
•…
Ukraine
| Anastasiia Bondarchuk
SECURITY SERVICE OF UKRAINE
DEPARTMENT OF INFORMATION SECURITY
Anastasiia Bondarchuk
DATE
Security Technical Expert Course/ 10.29 – 11.02
Cybercrime Department is working to counter all kinds

of cyber threats and related crimes:
• Cyber threats to the state-owned information resources and special informa

tion and telecom infrastructure;
• Combating cybercrimes which present threat to the national security;
• Counteraction to the cyber terrorism and cyber espionage;
• Counteraction to the destructive usage of the social networks and free reso
urces of the Internet against the national security of Ukraine;
• Unlawful use of special wiretapping and surveillance equipment.
Targets of attacks
Energy sector Banking and

financial sector
Transportation
Mass-media
Logistics and
telecommunication Trading networks
Government
institutions
Ukrainian cyber threats

АРТ - attacks
Criminal
Supply-chain APT-29 Shadowpad
Pawn Storm Buhtrap Turla
Hellsing Ursnif CCleaner
(ver. 5.33)
BlackEnergy2 Sofacy
FakeToken
Armageddon Poseidon Ztorg
Animal Farm Armageddon Sofacy
Carbanak Gcat mod Armageddon
2015 2016 2017
Equation BlackEnergy3 Bad Rabbit

APT28 Emdivi DarkTrack
Naikon Potao NotPetya
Wild Neutron
BlackEnergy4 WannaCry
Cozy Duke ZeuS Dvmap
BlackEnergy3 Bolek/KBOT BlackEnergy
Duqu 2.0
Carbanak -X-
Potao
MISP-UA – MALWARE INFORMATION SHARING PLATFORM

MISP USED BY INTERNATIONAL ORGANIZATIONS SUCH AS
NATO NCI Agency, FIRST, CIRCL, CiviCERT
GOALS OF OUR PROJECTS
• MISP-UA – share malware IOC for prevention, timely detecting

and counteraction cyber threats,
• Introduction sensors in objects of critical infrastructure for timel
y detection new cyber threats (using SIEM – security informatio
n event management).
Guatemala
| Carlos David Figueroa Guevara
COUNTRY
Information Systems Directorate

Carlos David Figueroa Guevara
Security Technical Expert Course

October 29 ~ November 2, 2018
Republic of Guatemala
Capital Ciudad de Guatemala
Government Democratic
President Jimmy Morales Cabrera
Population 17.4 millones (2018)
Total Surfac 108,889 square kilometers
Political Division
and Administrative 22 States
Population by Sex 48.7% Male
51.3% Female
Official Language Spanish
Currency Quetzal (Q)
Zona Horaria UTC-6

• Human Resources: Bilingual staff highly trained in technology languages with worldwide
recognized certifications.
•
• Connectivity: Excellent connectivity and redundancy. Modern fiber optic infrastructure, Three
main carriers and 19 ISPs., Connected to NAP by means of three independent submarine
cables.
• Technology: World class services, including QOS, MPLS (implemented for 5 years),
TrafficShaping, failover / failback and disaster recovery.
• In 2017 Guatemala was the fourth country in Latin America most prone to cyber attacks
• Cyber attacks 54% of users have been affected by malicious contend

(The biggest threat is the Trojans)
Statistics threats
Updated data until October 16, 2018
Minister of Labour and Social Prevention
Mission Vision
We are the State institution responsible for To be a Strengthened, competent,

ensuring and promoting effective and modern and reliable Ministry that
effective compliance with legislation, policies a
promotes a culture of respect for labor
nd programs related to work and social w
elfare, for the benefit of society. legislation and the welfare of society
Objective
To direct and orient the labour and social policy of the country.
Promote and guarantee freedom of association.
To promote and harmonize labour relations between employers

and workers.
To promote the development and improvement of the health and safet

y system at work and social welfare.
Enforce the legal system relating to work and social welfare.
To promote technical and professional training.

Information Systems Directorate – DISI
Main Roles
• The Information Systems Directorate is responsible for safeguarding, applying,

formulating, and proposing technological solutions for the Ministry of Labor and
Social Security. Through the issuance of policies and procedures according to the
needs of the institution
• Centralization of the labor information generated through the administrative support

systems developed and maintained by the Management
ICT PROJECTS
Projects Goals Period
Methodology of security for Establish a new methodology fo Project Period : 2018-2019

Minister of Labor and Social r standardizing security protoco
Prevention Data Center ls Bidding Period : Undefined
within networks, servers, comp
Budget : Undefined
uters, and logical designs to
enhance overall security.
COOPERATION BETWEEN GUATEMALA AND KOREA
In Ministry of Labour and Social Prevention
Standardize development processes, Change Control in and implementation of
Infrastructure Analysis. Review and advice on the implementation of control processe
s.
ended goals :
. Change Control Management in software development
. Standardize security protocols within networks, servers, computers
and logical designs for improve overall safety
• Implementing Process to centralized code source management
• Review and modification of procedures internal about IT management
goals in process
• Implementing MDM Database
• Restructuring Local Area Network and implementing new security standards
THANK YOU! GRACIAS!
Sri Lanka
| Kanishka Karunasena
SRI LANKA
Sri Lanka CERT|CC

Ministry of Telecommunication and Digital Infrastructure
Dr Kanishka Karunasena
29-10-2018
Cyber Security Policy Training

Computer
Ownership Broadband Telephone
23.5% Subscriptions Subscriptions Telecomm.
Infrastruct
Urban: 39.9% Fixed 2.65 % Fixed 12.49% ure Index
Rural: 21% Wireless 7.8 % Mobile 103.1% 0.2445
Estate: 5.1%
Devices use to Connect to Internet
Internet usage Desktop or Laptops 38.1% Online e-Government
Service Development
21.3% Smart Phones 56.9% Index 0.5445
Index
Email usage 11% Tablets 2.1% 0.6522 Rank 79
Mobile Phones 2.9%

a. Computer Literacy 28.3% (A person could use computer
by own) Human
Capital
(Urban 41.1%, Rural 26.5%, Estate 9.5%) Index
b. Digital Literacy 38.7% (A person use computer, laptop, 0.7369
tablet or smartphone by own)
(Urban 54.5%, Rural 36.4%, Estate 16.4%)
Incidents Types 2012 2013 2014 2015 2016 2017
Phishing 08 08 12 14 23 26
Abuse/Privacy Vio 08 08 08 21 32 21
lation
Scams 06 18 12 18 12 16
160 141
Malicious Softwar 02 02 03 12 21 30
e/ Ransomware 140 118 143
Financial Frauds - - - 10 16 24 120 117

Compromise of W 15 16 56 20 10 11
100
ebsites
80
Compromise of E 06 08 10 16 16 11 71 75
mails 60
50
IP Violation 03 03 03 03 07 04 40
44
Unauthorized Acc 01 11 08 - - - 20
ess
0
DoS/ DDoS 01 01 06 03 04 -
4000
3500 3537
3537 Social Media Related Incidents Reported
3000 2850
2500
1947 fake social media 2250 2200
accounts 400 photo 2000
785 hacking social media abuse
accounts 1500 1425
1200
1000 1100
47 17
threatening pornographic 500
53 involving videos Other 281
misuse of 80
phone 7 copyright 0
numbers violations 2010 2011 2012 2013 2014 2015 2016 2017
SRI LANKA CERT
Vision
• To be Sri Lanka’s flagship organization and trusted source of advice on th
reats and vulnerabilities to Information Systems through proactive preve
ntion and effective action.
Mission
To be the single and the most trusted point of contact for Information Security in
Sri Lanka
• Sri Lanka (CERT) is the single trusted source of advice about the latest thr
eats and vulnerabilities affecting computer systems and networks, and a
source of expertise to assist the nation and member organizations, in resp
onding to and recovering from Cyber attacks.
• It was set up in June 2006, now functioning under the Ministry of Teleco
mmunication and Digital Infrastructure.
Establishment of Governance Framework
Establishment of a governance framework to implement
Projects
national information and cyber security strategy.
Enactment and Establishment of Legislation, Policies a

Our vision is to create a resilient and nd Standards
Formulation of legislation, policies, and standards to cre
trusted cyber security ecosystem that ate a regulatory environment to protect individuals and
organizations in the cyber space.
will enable Sri Lankan citizens to realize
the benefits of digitalization and to Resilient Digital Government and Infrastructure
Work with public authorities to ensure that the digital go
facilitate growth vernment systems implement and operate by the them h
Establishment ave the appropriate level of cyber security and resilience
of Governance
Framework
Development of Competent Workforce
Public-Private,
Local-
Legislations,
Policies and
Development of a skilled and competent workforce to m
International
Partnerships
Standards eet future demand.
Vision Raising Awareness and Empowerment of Citizens

Make our citizens more competent in protecting their id
Resilient
Awareness and Digital entity, privacy and economic assets in the cyber space.
Empowerment Government
of Citizens and
Infrastructure
Development of Public-Private, Local-International Par
Competent tnerships
Workforce
Development of public-private, local-international partn
erships to create a robust cybersecurity ecosystem.
CHALLENGES
• Overall ICT readiness of the country is poor
• Did not have a strategy for facing modern cyber
related threats
• Lack of awareness of citizens on cyber security.
• Lack of readiness in the public service
• Un availability of appropriate laws
COOPERATION BETWEEN SRI
LANKA AND KOREA
• Closely work with CAMP
• Implemented Lanka Government Network by

Samsung networks
Uzbekistan
| Farrukh Abduvakhidov
Republic of Uzbekistan «Electronic Government»
system development Center
Information Technology
Development Department
FARRUKH ABDUVAKHIDOV
From October 29 - November 2, 201

8
with the length of 4 days
Information Security Policy Course
http://uzbekistan.travel
http://e-government.uz/uz
UZBEKISTAN PROFILE 2
Location: The Republic of Uzbekistan is situated in

the central part of Central Asia.Uzbekistan borders
Turkmenistan, Kazakhstan, Kyrgyzstan, Tajikistan
and Afghanistan in the South.
Administrative and Territorial Structure:

Autonomous Republic of Karakalpakistan, 12
regions, 226 cities and districts.
Capital: Tashkent
Independence date: 1st September 1991

(from Soviet Union)
National Symbols:
Flag of Uzbekistan, Emblem of Uzbekistan.
Area: 448,900 km2, Land: 425.400 km2,

Water: 22,000 km2
Population: 33 million, youths (up to 25 years) – 60%
State language: Uzbek

ICT OF UZBEKISTAN:
HUGE UNEXPLORED POTENTIAL & OPPORTUNITIES
✓ > 12 million internet users ✓ ICT share in GDP: 2%

✓ > 23 million mobile users ✓ Software industry is currently
at Initial stage
✓ 5th fastest developing state
✓ Very high literacy rate
in the world
ICT DEVELOPMENT – GOVERNMENT’S TOP PRIORITY
> 33,1 MILLION > 60% > 3 MILLION

POPULATION YOUTH POPULATION TASHKENT CITY
[3rd largest state in CIS] (up to 25 years) POPULATION
e-Government status
Uzbekistan
E-Government Architecture
9
2015-2019
ICT Infrastructure
Development Program POPULATION BUSINESS
(9 projects)
The Single Interactive Websites of
28
2013-2020 State services Portal Government Bodies
E-Government
Development Program
(28 projects)
Database of Database of
7 Public Health Entities Individuals
TAX 1
8 Education Procurement 2
9 Public Utilities Database of Budget 3

Real Estate
Database of
Transport
10 Justice-2 Clearing 4
11 State Management Customs 5

Database National
12 License Guides & Classifiers GIS Pension 6
Data Center
“Electronic Government” system development center under the Ministry for development of
information technologies and communications of the Republic of Uzbekistan on the basis of the
government decision (RCM No. 250 dated September 16, 2013), whose main tasks are:
▪ Developing strategic directions for further development and improvement of "Electronic government" system on the
basis of the analysis and research of global trends and the experience of foreign countries;
▪ Providing a single technological approach on formation of Electronic government system, which provides a consistent
mechanism design, development and integration of information systems, information resources and databases used in gover
nment organization, the organization of normative-methodical support of projects of "Electronic government";
▪ Arranging of a systemic reorganization of functional and operational processes of government authorities’ activity,
preparation of proposals on optimization, improvement and implementation of innovative mechanisms for managing busines
s processes associated with the provision of public services;
▪ Conducting target analysis and preparation of proposals on improvement of the existing legal framework for the effective im
plementation of the "Electronic government" system;
▪ Conducting systematic monitoring and evaluation of the implementation and development of information and
communication technologies, including the study on the effectiveness of implementation of information systems and resourc
es, conducting system of rating on the implementation effectiveness of information and communication technologies in the a
ctivities of state bodies within "e-Government" system.
▪ Developing a method for determining the key performance indicators of the effectiveness of the provision and use of
online government services, the target indicators and implementation indicators of projects within the “Electronic government
” system.
http://e-government.uz/en/menu/umumiy-malumotlar
Major e-Government
projects in detail
THE UNIFIED PORTAL OF INTERACTIVE PUBLIC SERVICES
my2.gov.uz
The Unified Portal of Interactive Public Services is established in 2013,
currently provides around 300 types of modern and popular public services, including electronic b
usiness registration. The new version (my2.gov.uz) was launched in May, 2017
Discuss the regulatory and legal
documents’ drafts openly
Preparing for discussion - 133
Is being discussed - 33
Discussed - 1060
To be revised - 16
1306 Doc.s
Accepted - 64
UZBEKISTAN OPEN DATA
data.gov.uz
• Launched in 2015
• 3735 datasets on 18 topics
• 129 data agencies
• 3035k downloads
• API for apps
UNIFIED IDENTIFICATION SYSTEM ID.GOV.UZ
Launched in October, 2016
Advantages:
1. One account - all
e-government systems
2. Individuals and legal entities
identification
3. User data privacy
List of connected resources
Single window
centers
The portal of electronic Portal of municipal

and housing fund – ek.uz
licensing - license.gov.uz
E-LICENSING LICENSE.GOV.UZ
41 from 62
Licensed
types of activities
128 363
entries in the register o
f licenses and permits
State Agency Number of licenses

MITC 5088
Ministry of Justice 3642
Ministry of Agriculture and Water Resources 2656
Ministry of internal affairs 870
Agency on intellectual property 389
A SINGLE PLATFORM FOR SOCIAL INITIATIVES
A single platform for social initiatives

(petition.gov.uz) was launched in April, 2018
1. What is an electronic collective appeal?

It is a electronic appeal filed in accordance with the established procedure through the
web portal “Social initiatives”
2. Who can submit an electronic collective appeal?
All citizen of the Republic of Uzbekistan, who has reached the age of eighteen by the day
of submission of the application
3. What is the purpose of the web portal “Social initiatives”?
The main purpose of this portal is to develop and strengthen the civil society, the protection
of human and civil rights, the participation of citizens in the management of state affairs.
4. What is the main features of this portal?
Submit your appeal;
To see the submit applications;
To vote for the placed appeals;
Get information about the progress and results of the implementation of collective appeals.
Development strategy
Rise to top 30 in the UN e-Government Rise in the World Bank’s “Doing Business”
index Survey Index to top 30 by 2020
Develop a central database of individuals, Establishment of Center for supporting the

legal entities, vehicles, real estate etc., so development and introduction of innovative
that state authorities can jointly use this projects to provide the enhancement of
central database to reduce time and innovation activities and realization of
inconvenience for the public scientific and technical products
Enhance large-scale organization of computer
Further develop e-Government with literacy trainings for citizens and business,
smart technologies, full integration of enabling them to effectively use the
e-Government services, widespread use opportunities created. Interactive kiosks will
of mobile technologies bee installed throughout the country to expand
public access to e-Government services
Further development of broadband internet
Train international level IT specialists, and
access based on fiber-optic communication
organize educational and academic programs at
lines, as well as improving the reliability of
Tashkent university of information technologies
telecommunication networks, enabling data
and Inha University in Tashkent in compliance
protection and information security of the
with international standards and in partnership
national information and communication system
with international institutions of higher learning
KOREAN-UZBEK COOPERATION
PROJECT
NAME OF ORGANIZATION NAME OF PROJECT
STATUS
Increasing computer literary of wider population in Uzbekistan

Korea International
through the establishment of specialized centers in the 2016-2018
Cooperation Agency (KOICA)
framework of "IT basics program“.
Individuals and legal entity database system;

LG CNS Integrated Platform for the e-Government System; 2015-2017
New version of Single portal of interactive government services
Feasibility Study on Implementation of Common Groupware for

THE BRIDGESOFT INC 2015-2016
Administrative Agencies in Uzbekistan
Korea Local Information

Feasibility Study on Establishing Master plan for Regional 2015-2016
Research & Development
Informatization
Institute (KLID)
National Agency for the
development of the
Cooperation and expanding the usage of open source software,
information technology 2016
implementing them in e-Government and education
industry of the Republic of
Korea (NIPA)
❖ Korea-Uzbekistan IT Cooperation Center (2013)
❖ Mr. Kim Nam-Seok appointed as Deputy Minister
for Development of Information Technologies and
Communications (2013)
❖ Mr. Chul Soo Lee appointed as Vice President -
ICT Adviser of Tashkent University of Information
Technologies (2013)
❖ Inha University in Tashkent (2014)

(Orientation) ICT REPORT

Uploaded by

Document Information

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

(Orientation) ICT REPORT

Uploaded by

Copyright:

Available Formats

[ National Information Security Policy Course ]

CYBER SECURITY SERVICE UNDER THE MINISTRY OF

INFORMATION SECURITY POLICY COURSE

CYBER SECURITY SERVICE UNDER THE MINISTRY OF TRANSPORT,

SPECIAL STATE PROTECTION SERVICE

AZERBAIJAN NATIONAL ACADEMY OF SCIENCES

✓Capacity to detect and respond to cyber incidents 24/7

National Information Security Policy Course

SEA & Beach

Land Fiber Optical Network: 37, 800 Km

Sub-Marine Cable Projects (Ongoing):

2G Mobile Network Coverage

3G Mobile Network Coverage

4G-LTE Mobile Network Coverage

Company Length Optic Cable

Viettel (Cambodia) 8,300 km

.org.kh .net.kh .per.kh .mil.kh .kh

The overall project objective is to reinforce the function of concerned

Output 1: Organizational and policy Improvement

Output2: Awareness rising for cyber incidents

The overall project objective is to reinforce the function of concerned

Output 1: Organizational and policy Improvement

Output2: Awareness rising for cyber incidents

• Formulation of baseline standard and rule on the use of web application.

• Trainings to improve incidents detection and analysis of capacity of CSOs of

APRIL 2019 ~ APRIL 2020

WE ARE LOOKING FOR FINANCIAL FUNDING SUPPORT FOR THIS

• Cooperation with ISP

• Absent of law and regulation regarding cybersecurity

3.000 Young rural

Currently the Departmental Government is

MiPymes formal with WEB and / o

1.115 municipalities with 4G MiPymes that make transactions thr

Secretary of Culture and

Of the most recent things carried out, there are differen

• National Cybersecurity Strategy

• Developing the National Cybersecurity

The Agency has many goals for 3 entities:

ANSIE is administered by a Board of Directors that is the organ of

ANSIE is composed of 4 departments:

▪ Administrative, Financial and Legal department

The concept of Cybersecurity is new in Djibouti, we

- No National Cyber Security Strategy

There are plenty of challenges for the

We need more cooperation in the Cyber Security

Servicio de Rentas Internas

Security Technical Expert Course / 29-Oct. to

Tax Compliance Director Organizational

Business Core Units Business Support Units

-- February to November 2019 --

• National Cybersecurity strategy not developed

The Agency provides bilateral technical cooperation through the

We used to handle more than

Now we have changed the

EG-CERT is charged with providing computer and

EG-CERT also provides early warning against malware

Being able to reach as many

None yet but hopefully after this course we shall be

Cybercrime Law (Feb 2016)

Include into the law, several subjects, topics, and

National Emergency System

• National Emergency System 911 New Centers

• National Emergency System 911 New Centers