Joint partnership with UNDP’s Cybersecurity for Developing Nations and FIRST for discussing cybersecurity threats impacting the UN system
UNICC hosts an annual Common Secure Conference with the goal to bring its cybersecurity Clients and Partners Organizations together to increase the UN family circle of trust, share intelligence on cyber practices and provide feedback on UNICC Common Secure services. The multi-day workshop blends UN Agency participation with Member States, academic, regional and vendor participants and speakers with feedback, presentations and input with closed and public sessions.
This year’s conference was a joint partnership with UNDP‘s Cybersecurity for Developing Nations programme and FIRST, including a jam-packed week of specialized and public events held from 3-7 October 2022 and located adjacent to the UNICC Cybersecurity Centre of Excellence in Valencia, Spain.
We are pleased to see this vision of the strong role the UN system, and UNICC on behalf of the system, can play in developing the global cyber leaders of tomorrow. A great partnership between UNICC, UNDP and FIRST. A great collaboration with industry leaders, the private sector and public sector organizations.Sameer Chauhan, UNICC Director
Cybersecurity thought leadership and best practices
Goals of the 2022 Conference were to share cybersecurity thought leadership and best practices, enhancing collaboration within the UN system and with national and international Computer Emergency Response Teams (CERTs).
The conference this year witnessed attendees (physically and virtually) from nearly 40 UN organizations, keynote speakers and guests from CERTs, academic institutions and top technology companies to share cybersecurity issues, opportunities and solutions, including cybersecurity threats impacting the UN system and the measures they take to mitigate these threats.
Participants shared insights on the ways to implement zero trust, on the future of the cloud and its impact on cybersecurity, UN Privileges and Immunities in the cloud, vulnerability management, threat hunting, security automation, IOT security and DevSecOps. Participating national and international CERTs shared cyber threat experience as well as recommendations for tools and techniques they leverage to respond to cybersecurity incidents.
A shared cybersecurity knowledge hub results in maximum impact and greater efficiency and effectiveness across the UN family, engaging our experienced and certified cybersecurity experts. UNICC’s Cybersecurity Centre of Excellence in Valencia enables our participating UN Agencies to create secure business solutions, where cybersecurity is a strategic business enabler.Tima Soni, Chief, Cybersecurity Division, UNICC
Day 1: On the first day of the conference, Sameer Chauhan, Director, UNICC and Tima Soni, Chief, Cybersecurity Division, UNICC, welcomed conference participants and introduced the day’s sessions, including speakers from the Asian Development Bank (ADB), World Health Organization (WHO) World Trade Organization (WTO), World Food Programme (WFP) UN Women and UNICC.
Day 2: The second day’s sessions focused on presentations on cybersecurity threat landscapes from Member States and seasoned speakers from World Food Programme, CCN-CERT Centro Criptológico Nacional, National Cyber Security Centre, ON2IT Cybersecurity, Splunk, SANS Institute, Dragos, Inc. and more.
Day 3: On the third day experts shared their knowledge and insights in both technical and management of cybersecurity topics. Each of them presented a report on the experience of cybersecurity in their work environment, the challenges and problems they faced. They discussed results they obtained after working on several technology solutions. They also brought up potential risks in the cloud over the following years and offered future solutions.
Day 4: The fourth day included hands-on training and knowledge sharing between participants, with a keynote speech by the Secretary-General’s Envoy on Technology, Amandeep Gill, who shared a vision of the long-term value of UN family cyber-collaboration and capacity-building.
Day 5: On the last day the conference, there was a cybersecurity Capture-the-Flag event and a tabletop exercise. Discussions over the five days confirmed the following:
- Building trust is a key enabler to enhance collaboration and sharing of information within the cybersecurity community
- Capacity building in cybersecurity is crucial to deal with the shortage of cybersecurity professionals
- Identifying a protected surface is critical to implement zero trust
- There is an urgent need to have cybersecurity controls incorporated into digital products by default.
Cybersecurity events like this one attest to the high value of UNICC’s cybersecurity services, which aim to expand UN-system cybersecurity strategic oversight, governance, threat intelligence sharing as well as advisory services and a spectrum of programmatic and operational components to protect the UN family.