cybersecurity Archives

Photo: Pexels

UNICC Supports ICAO’s ICT Strategy and Digital Transformation

Posted on 27 February, 2023 | by William Allen

Good governance, cloud computing, cybersecurity, data and analytics, business process automation, organizational resilience and more

With the development of an ICT Strategy and Digital Transformation Action Plan 2022 – 2025, the International Civil Aviation Organization (ICAO) has been in process of modernizing its ICT systems and practices using leading benchmarks from industry frameworks and UN guidelines.

As a key advisor and trusted partner, UNICC has been entrusted with the mission to design and then advance ICAO’s vision, by supporting the implementation of key aspects of ICAO’s Digital Transformation agenda.

Collaboration and expertise

UNICC and ICAO have worked together closely in strategizing a comprehensive program to set out the vision of a cloud-centric Digital Transformation strategy. Throughout the process, UNICC has become a strategic execution partner to accompany ICAO along their transformational journey. Starting in January 2022, UNICC advised ICAO in architecting the optimal framework for a multi-year, interdisciplinary and high-impact program for strategy formulation, planning and execution.

ICAO’s digital transformation benefits. Credit: UNICC

The ICT market has evolved continuously over the last years and thus, similarly ICAO has adapted its operations to accommodate the shifts in ICT service delivery, technology, solution sourcing and the positioning of ICT as a crucial component for sustainable growth within the organization. Prominently, the Digital Transformation process ensures that ICAO is achieving its ongoing mission to support as well as enable a global air transport network that meets the social and economic development and broader connectivity needs of the global air transport industry.

ICAO’s strategic priorities. Credit: ICAO

Getting off the ground
UNICC’s approach has been structured on two levels. First, on a strategic level: UNICC helped ICAO create a sound and actionable ICT Strategy (Strategy definition and Action plan 2023 – 2025) supported by a budget formulation plan over a 3-year period to guide the Digital Transformation.

The strategy was approved by Member States and endorsed by external auditors. ICAO was fit to embark on a Digital Transformation journey to respond with agility to changing needs and requirements, secure the business, drive efficiencies as well as transparency and to catch up to the technological maturity and best practices of its United Nations counterparts.

Strategy for success

ICAO’s ICT Strategy is more than just the implementation of an array of new technologies. More than just shifting to SaaS and cloud technologies, ICAO’s digital transformation is equally concerned with streamlining operations, addressing security and compliance requirements and better managing the direction of technology in the organization.

The ICT Strategy UNICC developed for ICAO involves implementing more efficient operating models, restructured technological governance, and refined processes and procedures. In order for UNICC to define the new ICT strategy to support the ICAO digital transformation, the two organizations undertook activities to incorporate stakeholder, leadership and auditor inputs.

Assessment and recommendations

This involved deep dives into audit reports, conducting stakeholder workshops, and analyses of ICT’s current strength, weakness, opportunity, and threat (SWOT) reports.

ICAO’s digital transformation technology roadmap. Credit: UNICC

ICAO’s ICT Roadmap

On a tactical level and occurring concurrently with the strategic planning exercise, UNICC was entrusted with the mission to ensure the stability and reliability of ICAO’s ICT organization and systems. In this regard, UNICC has been working hand-in-hand with ICAO’s ICT team on several foundational projects within ICAO’s Digital Transformation. These include:

Robust governance model supported by a Program Management Office (PMO) to orchestrate an efficient coordination of work streams, ensuring stakeholder alignment and developing ad-hoc reporting mechanisms to various leadership instances and governing bodies: with main outcomes providing visibility and transparency of all ongoing projects to the leadership. As well, this process resulted in an achievement of top-down alignment among ICAO’s stakeholders and ensured smooth delivery and effective coordination of concurrent projects. Cross-functional communication and resource optimization also resulted in data-driven executive reporting, and more efficient risk mitigation
Migration of MS Exchange to M365 for communications and collaboration for ICAO’s Secretariat and Delegations: with the main outcomes being a successful migration of 1250-staff Secretariat and 183-Member State Delegations to cloud-based email environment
Enhanced ICAO infrastructure operations, both on-premises and cloud environments leveraging UNICC’s shared service delivery model: with the main outcomes being a comprehensive delivery of an exhaustive ICT due diligence resulting in instrumental recommendations for ICAO to address critical pain points and modernize outdated infrastructure
Developed a comprehensive roadmap for Business Continuity and Disaster Recovery: with the main outcomes of robust and actionable guide for business continuity and Disaster Recovery planning for a more resilient recovery
Built the cloud foundations of ICAO’s architecture (ICAO Landing Zone). When building a new airport from scratch, the airport should be secure, efficient and easy to navigate for both passengers and staff. This includes considerations like security protocols, baggage handling, passenger check-in, and air traffic control. UNICC has followed standardized security protocols, connectivity requirements for inbound/outbound, identity and access management and other cloud industry best practices guidelines to build the cloud foundation infrastructure for ICAO. By using a custom-built cloud landing zone, ICAO can be confident that their cloud resources will be set up in a consistent, secure and efficient way.

ICAO Cloud Architecture – Azure Landing Zone using airport analogy. Credit: UNICC

UNICC has played a crucial role in envisioning a comprehensive program for ICAO’s digital transformation journey over the next few years. This extensive project implementation and its ongoing success highlight the integral factor of the seamless, well-coordinated multidisciplinary teams from various service areas who have worked together over a year to produce high-impact and measurable results.

Photo: UNFCCC

UNICC Cybersecurity and Data Solutions Support COP27 Climate Conference

Posted on 15 December, 2022 | by William Allen

UNICC team on the ground in Sharm El Sheikh helps UNFCCC with conference optimization

UNICC assisted with cybersecurity and data solutions for the United Nations Framework Convention on Climate Change (UNFCCC) at COP27 in Sharm El Sheikh, Egypt, from 6 to 18 November 2022.

There were more than 100 Heads of State and Governments and 35,000 participants, including VIPs, country delegations, civil society organizations, coordination and management teams, technical specialist teams, UNFCCC and local staff, journalists, reporters and visitors. UNICC sent three cybersecurity and data experts to help out on the ground, in addition to providing remote support from Valencia.

Last year UNICC provided conference management, registration cybersecurity and data support to COP26. UNFCCC asked UNICC to continue this year with a number of services, including:

Virtual conference platform and infrastructure cybersecurity assessment
Onsite cybersecurity support
Data and analytics solutions to optimize information on participants, enhance data quality and confidence in registration data, with a view to enabling UNFCCC management to make informed decisions and gather insights from survey data.

Under my guidance as UNFCCC Director of Conference Services, that of the UNFCCC, Head of ICT and the respective team leads, the UNICC team on-site (and offsite) provided excellent support, particularly in the area of registration and accreditation. This enabled UNFCCC to successfully deliver a large-scale COP. The UNICC team showed absolute dedication, commitment and flexibility in being there to address the challenges and getting the issues resolved, often within minutes, especially during situations that needed immediate intervention. On top of this, the UNICC team on the ground were also able to manage some of their other prior commitments, which is commendable.
Laura Lopez, Director of Conference Affairs at UNFCCC

On-site and remote cybersecurity support for COP27
Under the leadership of the UNFCCC Cybersecurity Officer, UNICC was part of the Security Operations Center (SOC) team that supported UNFCCC and the Government of Egypt during COP27. UNICC was tasked with the vetting of the cybersecurity arrangements in place, as well as to participate in security operations during COP27 to ensure that a safe and secure information and cyber environment was provided for participants and delegates.

Activities in scope for UNICC’s review included a threat and risk assessment established prior to the conference, as well as a comprehensive security audit conducted by the main cybersecurity provider and the Egyptian CERT teams. The scope of the audit included conference facilities, network infrastructure, IT services, and end-user IT equipment and was followed by a remediation phase to address findings before the start of the conference.

Under UNFCCC supervision, UNICC participated in security incident management and response activities jointly with the main cybersecurity provider and the Egyptian CERT teams. Security operations were carried out by the SOC, itself embedded within the Network Operations Center (NOC) for enhanced interaction, and were supported by a Security Information and Event Monitoring solution (SIEM) deployed on-premises by the main cybersecurity provider specifically for the purpose.

During the conference, a UNICC team member served as a backup to the UNFCCC Cybersecurity Officer and worked on a shift basis to oversee the cybersecurity operations on behalf of UNFCCC during the sessions.

The UNICC team member interfaced with other SOC team members, the conference Infrastructure Lead Engineer, the NOC teams, the Conference Logistics Officer and on-site UNFCCC staff servicing the conference to address cybersecurity-related events and incidents.

Doing this, UNICC was responsible for assessing and evaluating reported cybersecurity-related events and alerts, daily reports issued by the teams, as well as for providing input to decision-making and follow-up recommendations to the UNFCCC ICT Lead as necessary. UNICC was also responsible for providing forensics investigation for cybersecurity-related incidents, as well as for providing regular threat intelligence updates prior and during the conference. In addition, UNICC teams undertook the cybersecurity assessment of the virtual conference platform.

As Head of UNFCCC ICT and Lead COP27 ICT Service Coordination, I would like to express my heartfelt gratitude to the UNICC team for the high quality support we received on the cybersecurity front, which was very valuable to us navigating through this year’s conference.We were fortunate to have UNICC expertise in the SOC, jointly with the main cyber contractor and the Egyptian teams. UNICC’s on-site and remote contribution was excellent, in particular the additional support we received in the area of threat hunting and forensics work, which was key to driving incident handling throughout the conference. UNICC colleagues were great, reliable team players, and showed outstanding professionalism, dedication, and support even in stressful moments.
John Kiarie, Head of ICT at UNFCCC

Data and analytics support
UNICC provided data and analytics support to UNFCCC for operational aspects. The UNICC data and analytics team focused on building data and analytics solutions to support the Conference Affairs, ICT and Operations coordination teams.

They created re-usable playbook and frameworks to manage workflows such as managing information on participants, support conference affairs team with registration and other formalities. They also worked to improve the data quality and confidence in registration data and enable UNFCCC leaders to make better decisions and gather insights from survey data, improving credibility with self-serve analytics on UNFCCC reporting platforms.

The team supported with high-level areas where to provide support:

Supported COP27 registration and accreditation data insights, with tools that supported real-time decision-making by UNFCCC senior management.
Provided optimal registration and accreditation services and development and implementation of the secretariat’s registration and accreditation standards.
Managed a COP27 client survey, a major reference and decision-making tool for UNFCCC senior management, management at large and Host Countries, as well as other conference managers in the UN system and intergovernmental systems.
Supported the Coordination Unit and Registration and Accreditation Management Team (RAMT) of the Conference Affairs division with responsibilities related to data analysis, data transformation and reporting. Worked under the general guidance of the respective Team Lead according to the area of specific assignments.

Data and Analytics team members, present in Egypt at the conference, also offered support for ad-hoc requests on stats and dashboards (e.g. on vaccinations, exceptions lists, etc.), maintaining, supporting and adapting existing dashboards as well as creating new ones based on requirements.

The high-quality data analytics solutions for the COP27 included client survey, registration and accreditation allowing for sophisticated insights and harnessing data to drive actionable analytics.

The team also liaised with ICT on the ground, adding additional data sources and technical issues, as well as an interactive client survey dashboard, a sentiment analysis for the client survey, interactive registration and accreditation dashboards and stable data infrastructure for ingest, storage and processing.

UNICC was proud to help with its successful cybersecurity and data solutions and support for UNFCCC at COP27 this year.

Photo: UNICC

UNICC Common Secure Conference 2022

Posted on 14 October, 2022 | by Reham Ashour

Joint partnership with UNDP’s Cybersecurity for Developing Nations and FIRST for discussing cybersecurity threats impacting the UN system

UNICC hosts an annual Common Secure Conference with the goal to bring its cybersecurity Clients and Partners Organizations together to increase the UN family circle of trust, share intelligence on cyber practices and provide feedback on UNICC Common Secure services. The multi-day workshop blends UN Agency participation with Member States, academic, regional and vendor participants and speakers with feedback, presentations and input with closed and public sessions.

This year’s conference was a joint partnership with UNDP‘s Cybersecurity for Developing Nations programme and FIRST , including a jam-packed week of specialized and public events held from 3-7 October 2022 and located adjacent to the UNICC Cybersecurity Centre of Excellence in Valencia, Spain.

We are pleased to see this vision of the strong role the UN system, and UNICC on behalf of the system, can play in developing the global cyber leaders of tomorrow. A great partnership between UNICC, UNDP and FIRST. A great collaboration with industry leaders, the private sector and public sector organizations.
Sameer Chauhan, UNICC Director

Cybersecurity thought leadership and best practices

Goals of the 2022 Conference were to share cybersecurity thought leadership and best practices, enhancing collaboration within the UN system and with national and international Computer Emergency Response Teams (CERTs).

The conference this year witnessed attendees (physically and virtually) from nearly 40 UN organizations, keynote speakers and guests from CERTs, academic institutions and top technology companies to share cybersecurity issues, opportunities and solutions, including cybersecurity threats impacting the UN system and the measures they take to mitigate these threats.

Participants shared insights on the ways to implement zero trust, on the future of the cloud and its impact on cybersecurity, UN Privileges and Immunities in the cloud, vulnerability management, threat hunting, security automation, IOT security and DevSecOps. Participating national and international CERTs shared cyber threat experience as well as recommendations for tools and techniques they leverage to respond to cybersecurity incidents.

A shared cybersecurity knowledge hub results in maximum impact and greater efficiency and effectiveness across the UN family, engaging our experienced and certified cybersecurity experts. UNICC’s Cybersecurity Centre of Excellence in Valencia enables our participating UN Agencies to create secure business solutions, where cybersecurity is a strategic business enabler.
Tima Soni, Chief, Cybersecurity Division, UNICC

Tima Soni, Chief of Cybersecurity Division, UNICC spoke at Day 1 during the conference opening session — Photo: UNICC

Agenda Overview

Day 1: On the first day of the conference, Sameer Chauhan, Director, UNICC and Tima Soni, Chief, Cybersecurity Division, UNICC, welcomed conference participants and introduced the day’s sessions, including speakers from the Asian Development Bank (ADB), World Health Organization (WHO) World Trade Organization (WTO), World Food Programme (WFP) UN Women and UNICC.

2022 Common Secure Conference group photo — Photo: UNICC

Day 2: The second day’s sessions focused on presentations on cybersecurity threat landscapes from Member States and seasoned speakers from World Food Programme, CCN-CERT Centro Criptológico Nacional, National Cyber Security Centre, ON2IT Cybersecurity, Splunk, SANS Institute, Dragos, Inc. and more.

From left to right: Amedeo Cioffi (Head, Cybersecurity Operations, UNICC), Lyle Mcfadyen (Senior Solutions Architect, UNICC), John Kindervag (Creater of Zero Trust, Senior Vice President, Cybersecurity Strategy) and Tima Soni (Chief, Cybersecurity Division, UNICC) — Photo: UNICC

Day 3: On the third day experts shared their knowledge and insights in both technical and management of cybersecurity topics. Each of them presented a report on the experience of cybersecurity in their work environment, the challenges and problems they faced. They discussed results they obtained after working on several technology solutions. They also brought up potential risks in the cloud over the following years and offered future solutions.

From left to right: Jenean Paschalidis (Senior Cybersecurity Officer, UNICC), Jennifer Bradford (OPCW), Marwa Popal (ICJ), Laura Del Pino (UN Women), Ioana Salanta (UN-IIM) and Tima Soni (Chief, Cybersecurity Division, UNICC), — Photo: UNICC

Day 4: The fourth day included hands-on training and knowledge sharing between participants, with a keynote speech by the Secretary-General’s Envoy on Technology, Amandeep Gill, who shared a vision of the long-term value of UN family cyber-collaboration and capacity-building.

Day 5: On the last day the conference, there was a cybersecurity Capture-the-Flag event and a tabletop exercise. Discussions over the five days confirmed the following:

Building trust is a key enabler to enhance collaboration and sharing of information within the cybersecurity community
Capacity building in cybersecurity is crucial to deal with the shortage of cybersecurity professionals
Identifying a protected surface is critical to implement zero trust
There is an urgent need to have cybersecurity controls incorporated into digital products by default.

Cybersecurity events like this one attest to the high value of UNICC’s cybersecurity services, which aim to expand UN-system cybersecurity strategic oversight, governance, threat intelligence sharing as well as advisory services and a spectrum of programmatic and operational components to protect the UN family.

Photo: UN

UNICC Supports FAO Conferencing Needs for its 170th Council Session

Posted on 29 August, 2022 | by William Allen

UNICC partnered with the Food and Agriculture Organization (FAO) to plan, set up, and integrate a reliable, scalable and user-friendly virtual conference platform for FAO’s 170th Council session.

On June 13th, 2022, the first day of the Council, the hybrid platform setup ensured that representatives attending in person at FAO’s headquarters in Rome and others joining virtually had a seamless conference experience.

Leveraging FAO’s previous conferencing platform and experience, UNICC worked over the course of eight weeks with 6Connex, a leading virtual event platform, to provide FAO’s Meeting Services Branch (CSGM) with a virtual conference environment with UNICC project management and support services essential to hosting Council sessions.

More than 600 delegates attended the Council through the virtual platform during the five days of the Governing Body.

I wanted to say a huge thank you for all the support you provided for the 170th session of the Council. All the preparatory work, together with your dedication and effective communication with participants ensured a smooth fruition of the Virtual Platform for all Members. Looking forward to future opportunities of collaboration.
Sergio Ferraro, Deputy Director, Governing Bodies Servicing Division at FAO.

During the conference, UNICC’s Conference Support team helped to expand FAO’s channels to support remote delegates by operating a multilingual live-chat module which the joint team tailored to FAO’s requirements and integrated into the Council’s conference virtual environment.

Credit: FAO

The UNICC-FAO support team also created a standalone instance of the live-chat module, accessible to all delegates for exceptional circumstances (such as not being able to access the platform)– allowing delegates to access content outside of the conference’s virtual environment. The solution replaced FAO’s previous support model, comprised of Help Desk services confined to a particular virtual room in the Council’s environment, with limited customization, an email ticketing system and a telephone line.

The professionalism, dedication, creativity and cooperation of the UNICC team were fantastic! We shared a very good and positive team spirit, working together as one team towards a common goal. And it was a success.
Elisa Milanesio, Conference Officer, Governing Bodies Servicing Division at FAO

By fully integrating the live-chat module into the virtual environment hosted in the 6Connex platform, UNICC ensured instant access to support for all remote delegates across the virtual environment, thus realizing a more comprehensive and rapid support channel.

UNICC and FAO also provided the live-chat platform and support to:

Guide remote delegates across the virtual environment
Resolve registration and technical issues
Direct delegates to relevant documentation and agenda items available in the virtual environment and on the Council’s website
Streamline and troubleshoot virtual access to the Council’s plenaries taking place in the virtual environment via Zoom integration.

In addition to dedicating two support agents from its own ranks, UNICC’s Conference Support team trained two FAO personnel as support agents who in tandem provided multilingual support to remote delegates in the FAO’s six languages (Arabic, Chinese, English, French, Russian and Spanish).

UNICC and FAO teams, together with the 6Connex platform team, collaborated extensively throughout the partnership. They met regularly to review work done and sync on the required actions for the implementation and customization of the live chat tool in 6Connex.

UNICC secured the 6Connex license and project management services for the implementation of the Council’s session, secured the license for, integrated and operated the live-chat platform, providing first level support to remote delegates, chiefly in the area of access to the virtual environment.

FAO led the effort to build and populate the virtual rooms of the Council’s virtual environment, managed delegates’ entitlements and access privileges, offered support to onsite delegates and provided and managed the Zoom tenant for the virtual component of the Council’s plenary sessions.

According to the live-chat platform data, 175 chats were supported on the days of the Council, aiding diplomats, ambassadors and country delegates with their access to the virtual venue. Through competent and regular analysis of requirements, documentation and project management practices, coordination, follow-up meetings and effective communication channels, UNICC’s Conference Support team was able to validate and meet FAO’s expectations for this digital diplomacy engagement and guarantee the timely delivery of expected services.

UNICC was the qualified and experienced partner that FAO sought at the onset of the project to deliver a smooth conference experience. This work was highly received through emails of Client appreciation.

Photo: OHCHR/Albouy

UNICC Builds Mandate Review and Management System to Support UN Secretariat Business Processes

Posted on 12 August, 2022 | by William Allen

UN Secretariat business processes mapped and systematized through M365

The UN system is experiencing digital transformation at every level. It is benefiting from cloud-based technologies to streamline its business workflows and provide cost-efficiencies, smart solutions using new technologies, and ensuring a safe and secure environment for its enterprise applications, information and data.

Even before the challenges of COVID, the UN Secretary-General’s Data Strategy for Action by Everyone, Everywhere offered a roadmap for digital transformation in every corner of every organization. This together with his Strategy on New Technologies sets out a new course to maximize efficiencies and effectiveness across the UN family. UNICC has been at the forefront of delivering innovation and economies of scale for multiple digital projects across the UN family, notably with Microsoft 365 tools and integrated workspaces.

In the course of their work for UN intergovernmental bodies, delegates need to understand the cost implications of draft resolutions, so relevant offices within the UN Secretariat collaborate to prepare oral statements of programme budget implications (PBIs). The PBI process is complex, requiring multiple stakeholders to add and review data, often across several entities within a tight time frame. Several levels of review may be needed prior to approval. Reporting must be precise and swiftly communicated.

Until recently, the common practice for each entity responsible for providing services in support of activities mandated by resolutions of intergovernmental bodies, has been to track relevant information separately in locally-stored files. This often resulted in cumbersome manual consolidation processes, and no single platform existed from which to view and extract information on previously approved mandates.

Following consultations, a multi-stakeholder ‘Mandate Review and Management System team’ was established, comprising of staff from the Office of the High Commissioner for Human Rights (OHCHR), the Department of General Assembly and Conference Management (DGACM)-Geneva, the United Nations Office at Geneva (UNOG), and the Department for Management Strategy, Policy and Compliance (DMSPC)-Programme Planning and Budget Division (PPBD) in New York. The team reached out to UNICC requiring the creation of a digital solution that would unify and systematize the intricate PBI business process workflows, augmenting collaboration in real time using the UN’s M365 technology toolkit.

With its deep experience and expertise with M365 cloud technologies, UNICC leveraged the M365 licenses already in place across the UN system. UNICC’s Application Delivery, Cloud Services and Data and Analytics teams went to work building a M365-based solution in order to provide this optimized system.

Due to the large volume of PBIs emanating from the UN Human Rights Council (HRC) each year and the visibility of its work, supporting the internal business processes of the Secretariat emanating from mandates of this intergovernmental body was identified as the initial use case of the planned system.

Credit: MRMS Team

Towards a Mandate Review and Management System
The functionalities built by UNICC now allow multiple UN Secretariat offices to cooperate in the cost review, approval and tracking of mandates for services related to conferences, travel, operational support, and legal services as well as human resources and Human Rights-related field missions support.

The MRMS is a fully-integrated system for the execution of internal Secretariat business processes related to PBIs. Microsoft SharePoint Online provides resolution dashboards (an overview of records created), data entry, data storage and a user interface. Microsoft Teams provides a user collaboration tool, while Microsoft Outlook manages email notifications.

Microsoft Word was used for oral statement documents and Microsoft Excel provides bulk reference data import and export, as well as maintenance of reference data such as DSA rates, travel rates, and standard cost estimates. Microsoft PowerBI provides the standard reporting.

The system’s functionalities include:

Workflows and processes with automated notifications to handle multiple entities interacting in a collaborative way

User-friendly forms for data input with automated calculations

Automated consolidation of data

Live workflow process tracking

Central storage and retrieval of mandate information

Tracking and reporting capabilities through Microsoft PowerBI.

Realized business benefits include:

Elimination of voluminous email exchanges

Enhanced efficiency and removal of manual costing file management process

Improved, online collaboration

Workflows and processes clarified

Current and historical data securely accessible by all stakeholders, anytime, anywhere

Ability to scale-up as required

Leverages the current investment in the Microsoft 365 platform.

The MRMS is a testament to clear business benefits resulting from an effective collaboration of several entities in a forward-thinking process improvement exercise.

The extensive expertise and technical insights provided by UNICC staff were instrumental in translating the requirements brought by the MRMS project team stakeholders into user-friendly digital solutions.
Mandate Review and Management System Team

The first version of the MRMS was released in February 2022 ahead of the 49th session of the HRC. Constructive feedback from users was received and incorporated into the MRMS ahead of the HRC’s 50th session, and further improvements are already being deployed ahead of the HRC’s 51st session.

Credit: MRMS Team

[The Mandate Review and Management System] is a wonderful example of teamwork and collaboration.
Johannes Huisman, Director of the Programme Planning and Budget Division, OPPFB, DMSPC

The MRMS has been praised by senior management and by active system users as a significant new tool. Critically, the MRMS is built with scalability in mind so that, if required, it can be expanded beyond HRC use, with the potential to include other human rights bodies and mechanisms, including Committees of the General Assembly.

See also the original article by the MRMS Team in UN Today.

Photo: UNICC/Cadinu

UNICC Wins CSO50 Information Security Award 2020

Posted on 30 September, 2019 | by Maria Thomsen

New York, September 30, 2019 – The International Computing Centre (UNICC) has been named an honouree of a 2020 CSO50 Award from IDG’s CSO. This prestigious honour is bestowed upon a select group of organizations that have demonstrated that their security projects or initiatives have created outstanding business value and thought leadership for their companies. See CSO press release here.

UNICC’s Partners have requested a new approach to handling cyber security risks. UNICC has responded with new tools and new processes to support flexible arrangements by the development of a cyber security knowledge hub at UNICC, with its expert, certified staff. UNICC also brings 48 years of experience working within the United Nations landscape and offers the same UN privileges and immunities to this hub.

Sameer Chauhan, Director, UNICC

The CSO50 Award is a recognized mark of risk and security excellence. The award is given to organizations and companies rather than individuals, making it an honor in which everyone on your security team can take pride. Client and Partner Organizations who have similarly won this award include UNDP and the Asian Development Bank. Judging criteria included innovation (the extent to which your organization used security in a new way) and business results value (the measurable impact your project has had on your organization’s business).

Other CSO50 honourees include Adobe, ADP, AFLAC, Brigham Young University, Cities of Gaineville and Greensboro, Equifax, Expedia Group, Genpact, Horizon Blue Cross Blue Shield of New Jersey, HP Inc., Kansas State University, Microsoft, PayPal, Prudential Financial, Inc., Q2 Software, Inc., SAP SE, St. Louis Cardinals, LLC, Visa Inc., Webster Bank and others.

Common secure information security hub for the UN family

UNICC introduced a Continuous Security Improvement Suite several years ago offering cyber security tools to a handful of UN Agencies, including infrastructure for UN field offices with security controls, a threat analysis tool, and governance and operational solutions for smaller UN Agencies to support ISMS standards and processes.

Its singular success has led UNICC to scale into a comprehensive global solution, now including over 30 Agencies and growing. With tools in place, UNICC initiated a Common Secure Hub for the UN family, including a UN Security Operations Centre, SIEM, an information-sharing network and comprehensive cyber security solutions across the spectrum.

We have worked to build a Common Secure Information Security Hub for the UN family, with over 20 staff and 30 Clients today in areas such as threat intelligence networking, a UN Security Operations Centre (CSOC) and Incident Event Management (CSIEM), PKI digital identity services, advisory services, governance, and operational support and our CSOC located in UNICC’s Centre of Excellence in Valencia, Spain.

Tima Soni, Chief, Information Security Services, UNICC

UNICC, as a not-for-profit UN entity, is supporting the UN Reform’s mandate for Agencies to utilize shared services for maximum impact and greater efficiency and effectiveness across UN Agencies. Clients are asking for more business value for their cyber postures, including mitigating the risks of negative reputation, loss of information, exposure to complex cyber-attacks, sharing timely, relevant, actionable cyber security threats, and incident information. The fundamental business driver for this innovative cyber security hub has been the interest and demand from the Client base, which ranges from large UN organizations like UNDP, UNICEF and UNHCR to smaller Agencies like WMO, WTO and ILO.

The Hub provides a community for everything cyber in the United Nations – oversight and governance solutions, an Inter-Agency intel-sharing community of practice, as well as operational components, information security awareness, SWIFT security assessments and security incident response.

UNICC maintains strategic partnerships with Microsoft, Amazon, Oracle, ID2020, Cloud Security Alliance, Center for Internet Security, Hyperledger, SWIFT, UiPath, Automation Anywhere, Blue Prism and FIRST organizations, bringing the best of long-term agreements, partnership opportunities and best practices sharing with UNICC’s 60 Clients.

What is innovative is the use and support of new technologies (PKI for shared digital identity management, Robotic-Process Automation, AI, open source and agile development and block chain are some of new technologies UNICC is offering).

What is even more innovative is the establishment of inter-Agency hubs where different Agencies leverage the same, shared solutions. Historically UN Agencies work in silos with their own budget and business solutions – the Hub brings shared solutions to provide maximum efficiency and cost savings with a brand-new innovative approach.

About UNICC

The International Computing Centre (UNICC) has 48 years of experience providing Information and Communications Technology (ICT) services to United Nations programmes, funds and entities. Its mission is to provide ICT services to the United Nations family, maximise the sharing of infrastructure, systems and skills and generate economies of scale to benefit its over 60 Clients.