DECLARATION 2017 ON STRENGTHENING CYBERSECURITY
by CIRT Team
ENDORSED AT THE INTERNATIONAL CYBERSECURITY CONFERENCE HELD ON 9 MARCH 2017
The participants of the International cybersecurity conference meeting at Bangladesh Computer Council in Dhaka, Bangladesh, on 9 March 2017,
REAFFIRMING the commitments set out in the ‘Vision 2021’ to build Digital Bangladesh and transform Bangladesh into a fast developing Middle Income Country by 2021 and to mainstream ICTs as a pro-poor tool to eradicate poverty, establish good governance, ensure social equity through quality education, healthcare and law enforcement for all, and prepare the people for climate change.
ACKNOWLEDGING WITH SATISFACTION the broad support provided by multilateral organizations to create an environment for rapid dissemination of ICT at all strata of the society in Bangladesh to improve good governance, sustainable economic growth and societal development;
REITERATING the importance of securing and protecting cyberspace and the eco-system in Bangladesh to maximise the benefits of ICT growth and to sustain economic and social development;
RECOGNIZING the relevance, timeliness and importance of the World Bank funded project titled ‘Leveraging ICT for Growth Employment and Governance‘, which enabled the Government of Bangladesh to establish a Computer Incident Response Team at Bangladesh Computer Council (BCC);
REITERATING that secure and protected cyberspace and the eco-system in Bangladesh is essential for innovation and maximization of the benefits of ICT growth to sustain economic and social development;
OBSERVING that digitization with immense opportunities brings a whole new layer of threats which can undermine development efforts and can destroy public trust in technologies, institutions and critical infrastructures. Specific nature of cyber threats – global, persistent and ever changing – makes legacy security mindset of institutions and organizations unprepared to address them, so new governance structures, processes and competences need to be developed; and
ACCUMULATING knowledge from experience worldwide and first hand implementing projects in Bangladesh;
- Every organization that manages significant digital assets is responsible for ensuring security of its digital operations.
- Every institution of the country bears full responsibility for its own cyber security and of other governmental or other organizations may assist in this matter. The more important digital assets the organization manages (e.g. such as personal/identity data of population, property rights records, etc.), the more robust cyber security must be ensured in that organization. National organizations, like CERT, can address only specific national threats, and they are not expected to ensure secured operations at individual organizations’ level.
- Cyber security is Management issue and not a technological one.
- Nature and scope of cyber threats dictate that sustainable security of operations cannot be ensured by technology alone. Organizations must embrace cybersecurity as they are embracing computerization, digitization and online operations. Management must own cyber-security and act without delay.
- Management of every institution that handles significant digital assets must act without delay:
- Cyber-conscious organizations are to update their org-charts identifying a role, responsible for cyber secure operations of the organization, entrusted with clear mandate, responsibilities and budget.
- Cyber-conscious organizations are to ensure that the member of staff appointed to Cyber security role will report directly to the top management. Reporting to Head of IT keeps cybersecurity as purely technological issue and is not sufficient.
- Cyber-conscious organizations are to develop an actionable cybersecurity roadmaps, approved and monitored by top management.
We believe that this commitment will contribute to the continuous development of Bangladesh cybersecurity capabilities and capacities to meet future cybersecurity challenges that are inherent to the increased ICT use for good governance and economic and societal development of Bangladesh and other emerging economies which strive to modernize their public service delivery and economies leveraging information and communication technologies.
Hereby endorsed by the INTERNATIONAL CYBERSECURITY CONFERENCE HELD ON 9 MARCH 2017 AT BANGLADESH COMPUTER COUNCIL, DHAKA, BANGLADESH,
Signed by the Host on behalf of the participants of the Conference.
The declaration, signed by honorable State Minister for ICT Zunaid Ahmed Palak :