ESA and PSCE cooperate on Space Applications and Digital Transformation in Public Safety

The European Space Agency (ESA) and Public Safety Communication Europe (PSCE) are working together to support the emergence of space-based applications in the domain of public safety. Having jointly signed a Memorandum of Intent (MoI), the organisations will join efforts to support the emergence of applications that leverage on secure satellite communications for addressing the needs of blue forces. ESA will launch a funding call early in 2022 to invite companies to develop and demonstrate digital services that are enabled by secure satcom solutions for addressing the urgent needs of public safety operators.

Security in space and on Earth are inextricably linked. The deployment of advanced satellite systems and their safe circulation in space are crucial for resilient and secure connectivity on Earth. As set out in its recently released vision for European space activities, ESA is stepping up its efforts to enable Europe to address new safety and security user needs to make sure that our space programmes continue to be at the service of all citizens through Agenda 2025. ESA's Strategic Programme Line “Space Systems for Safety and Security (4S)” combines both to include applications within disaster preparedness, response and resilience, situational awareness, assessments of damages, navigation-based services for tracking and coordinating rescue forces on-site and for emergency vehicles.

Through its ARTES (Advanced Research in Telecommunications Systems) programme, ESA is forging strong links between institutions, industries, and business to leverage the capabilities of space to drive digital services.

“I’m pleased to be working with PSCE to realise the potential of space to drive commercial solutions for secure satellite communication in public safety. This is a great example on how ESA is promoting the use of space technologies and applications to address safety and security needs expressed by the organisations operating in this domain. This collaboration will pave the way to the ESA Rapid and Resilient Crisis Response (R3) Accelerator,“ says Rita Rinaldo, Head of the Partner-led and Thematic Initiatives Section, ESA Space Solutions.

The basis for safer digital finance

The transformations we are seeing in numerous fields – from energy and mobility to health care, agriculture, and financial services – all hinge on digital technologies, along with an array of associated business ecosystems. All these technologies and systems must be reliable, secure and deserving of our trust.

The Financial Inclusion Global Initiative (FIGI) is an open framework for collaboration led by the International Telecommunication Union (ITU), the World Bank Group, and the Committee on Payments and Market Infrastructures (CPMI).

Our partnership brings together the expertise to accelerate digital financial inclusion. With the support of the Bill & Melinda Gates Foundation, we have brought together the full range of stakeholders set to benefit from this expertise.

The World Bank Group and CPMI have helped to build a strong understanding of the policy considerations surrounding digital identity and incentivizing the use of electronic of payments.

ITU’s work has focused on security, infrastructure and trust – secure financial applications and services, reliable digital infrastructure, and the resulting consumer trust that our money and digital identities are safe.
No more secrets

Considering the prevalence of data breaches, the need for strong authentication is clear, with discussions in the industry often noting that “there are no secrets anymore.”

New ITU standards for a universal authenticator framework (X.1277) and client-to-authenticator protocol (X.1278) are helping overcome the security limitations of the "shared secret" approach, the basis for the widely familiar username-password model of authentication.

Users can now authenticate locally to their device using biometrics, with the device then authenticating the user online with public key cryptography. With the new standards, users are asked to authenticate locally to their device only once, and their biometric data never leaves the device. This model avoids susceptibility to phishing, man-in-the-middle attacks, or other forms of attack targeting user credentials.

FIGI engagement helped to usher these specifications, first developed by the FIDO (Fast Identity Online) Alliance, into the ITU standardization process to stimulate their adoption globally. Authentication options consistent with X.1277 and X.1278 are now supported by most devices and browsers on the market.
Fortifying a walled garden

In developing countries, digital financial services are often provided over Signalling System No.7 (SS7), a legacy network protocol standardized by ITU in the late 1970s. SS7 enables all network operators to interconnect and looks sure to remain in use for years to come.

But security was not considered in its design. SS7 was designed as a walled garden. Entry to the SS7 network was intended to be highly regulated, with only trusted network operators being granted access. But malicious actors have since found various ways to get hold of the keys, especially since some of the initial design and deployment assumptions were no longer valid with the introduction of deregulation, voice over IP, and mobile networks.

FIGI has worked to raise awareness about SS7’s security vulnerabilities and associated mitigation techniques. As the need to mitigate these vulnerabilities increases, network operators can look to ITU’s new Q.3057 standard outlining signalling requirements and architecture for interconnection between trustable network entities. This is another standard rooted in FIGI discussions.
Reliable, widely available connectivity

Trust in digital financial services is also acutely affected by the reliability and availability of connectivity. Network downtime and transaction failures resulting from dropped connections can erode the trust of consumers and merchants in digital financial services.

Investment in digital infrastructure must continue, with the industry adopting meaningful, widely accepted benchmarks for service quality. ITU standards specify the route towards reliable, interoperable network infrastructure, and they provide a wide range of tools to assess the performance and quality of the services running over this infrastructure.

FIGI highlighted the demand for service quality indicators specific to digital financial services. With the expertise on hand at ITU, we have delivered new standards describing key quality considerations for digital financial services (ITU G.1033) and a methodology to assess the quality of user experience (ITU P.1052).
Security across the value chain
Every industry player involved in providing digital financial services has to be concerned about security risks. Security is only as strong as its weakest link, and innovation in digital finance continues to extend the length and increase the complexity of the underlying value chain.

Secure digital finance calls for coordinated defences that are attuned to evolving security threats. A key FIGI report outlines the security assurance framework needed to achieve this for each actor in the digital finance value chain.

The best practices suggested by the framework could form the basis for a safer business ecosystem. They reflect the needs of everyone involved, from customers to network operators and digital finance providers, right through to third-party providers interfacing with the financial system.

[Source: ITU]

New ITU standards project to define a sustainability passport for digital products

A new ITU standard is under development to describe the information that a sustainability passport for digital products should contain to support consumers, industry and government in applying the principles of circular economy.
The project is underway in ITU’s standardization expert group for ‘environment and circular economy’, ITU-T Study Group 5.
Circular economy can be described as extending a product’s lifespan over multiple lifecycles or increasing the value delivered by a product over its lifespan. Supporting the shift towards circular economy is a key priority for ITU-T Study Group 5, with e-waste now the world’s fastest-growing waste stream.
Experts see considerable potential for a sustainability passport to provide an instrument to help manage e-waste in a sustainable way, on a global scale – e-waste often crosses borders, and often to developing countries ill-equipped to manage a growing e-waste burden.
Our national passports describe our attributes at birth but also record where we have travelled. Should a sustainability passport for digital products be the same?
“Digital products have one set of attributes at manufacture, but these attributes can change over time as products are upgraded, recycled or resold,” highlights the standard’s Editor and Co-Rapporteur for the responsible working group (Q7/5), Leandro Navarro of Spain’s Colegio Oficial Ingenieros de Telecomunicación.
The new standard aims to define the requirements and semantics necessary to represent information relevant to circular product lifecycles. Its development will consider the inclusion of information available at the time of manufacture as well as dynamic information representing changes to product attributes over product lifecycles.
“We need verifiable data to support us in assessing the extent to which we are achieving principles of circular economy and our ambition to achieve net zero emissions,” explains Leandro. “There is currently no international agreement on the product information required to facilitate and achieve circularity in the digital technology industry.”
Clarifying the necessary information could help to put theory into practice, highlights Leandro, making an example of ITU L.1023, an international standard outlining an assessment method for circular scoring.
“Verifiable, machine-readable information could enable automatic comparisons of product attributes relevant to circularity,” says Leandro. "And with the required degree of interoperability, all stakeholders and systems could make use of this information."

Digital regulators need to collaborate to “build forward better” after COVID

​​​​​​​​Bold regulatory approaches are needed to guide ground-breaking technology uptake, foster collaboration, and drive digital transformation in the post-COVID world, according to participants at the latest Global Symposium for Regulators (GSR-21) organized by the International Telecommunication Union (ITU).
The meetings brought together regulators from around the world to tackle the persistent, growing, global digital divide. In part, this involved adopting new guidelines for inclusive information and communication technology (ICT) regulation to “build forward better" and drive post-COVID recovery.
“Following the global social and economic disruption brought about by the COVID-19 pandemic, regulators have a unique opportunity to rethink and reshape policy principles and regulatory best practices to build ubiquitous, open and resilient digital infrastructure," said ITU Secretary-General Houlin Zhao.
Focus on holistic digital transformation
COVID-19 has prompted countries to seek more holistic, future-ready agendas for digital transformation. Accordingly, regulators discussed the need for collaborative leadership to ensure trust in the digital space; sufficient connectivity and regulatory enablers; financing to ensure affordable connectivity, meaningful access, and widespread use; safe digital inclusion; and partnerships for digital transformation.
“Effective regulation matters not just in times of crisis," said Doreen Bogdan-Martin, Director of ITU's Telecommunication Development Bureau. “To build forward better in the post-COVID digital world, we need agile and ground-breaking approaches and tools for digital regulation to accelerate the sustainable and inclusive growth of ICTs. Connectivity, access and use are ultimately at the heart of the digital transformation. Along with fit-for-purpose regulatory approaches, these are the predominant enablers of competitiveness and key to the future prosperity of people, communities, countries and regions everywhere."
New GSR-21 Best Practice Guidelines
Innovative tools and approaches are outlined in the newly released GSR-21 Best Practice Guidelines: Regulatory uplift for financing digital infrastructure, access and use. ​
Approaches to ICT regulation need to be globally consistent yet flexible, allowing each national framework to be tailored to meet local needs, regulators taking part in GSR-21 agreed.
Mercy Wanjau, Acting Director-General of the Communications Authority of Kenya and Chair of GSR-21, said: “The regulatory Best Practice Guidelines crafted and adopted by regulators and policy makers at GSR have been guiding all of us through challenges and new endeavours. I call upon regulators everywhere to leverage the GSR-21 Guidelines in adopting and implementing globally agreeable approaches that are relevant to their national circumstances and leverage collaboration across the board."
The guidelines emphasise the need for a collaborative, whole-of-government approach to regulation, focusing particularly on the role of effective and agile financing, prototyping regulatory patterns and approaches, and transformational leadership, to drive faster and more inclusive connectivity and ensure safe digital inclusion for all in the wake of the pandemic.
Key recommendations include:
- Alternative mechanisms for funding and financing digital infrastructures across economic sectors. Regulators should encourage investment and help to create competitive markets for future-proof broadband and digital services. Investment is also needed in non-commercial areas to make digital services available and affordable for all, while ensuring that basic regulatory needs are met.
- Promotion of local innovation ecosystems that enable the development of emerging technologies and business models. Regulators must create a safe space for digital innovation and experimentation. New approaches to regulation should protect consumers while encouraging market growth and ensuring resilience in future networks and services.
- Spectrum innovation and efficient use. New approaches may be needed to enhance regulatory foresight, harness data to target interventions, and create space for regulators and industry to experiment together. Spectrum innovation is just one such example.
- Ambitious yet executable regulatory roadmaps. The proposed best practices from GSR 21, if widely adopted, could help countries leapfrog ahead in economic development, maximize the benefits of ICT uptake, and ensure that these immense opportunities reach everyone.
In addition to the GSR-21 Best Practice Guidelines, GSR-21 saw the release of several new publications and platforms​:  Financing Universal Access to Digital Technologies and Services, Econometric Modelling in the context of COVID-19, collaborative case studies, and ICT Regulatory Tracker 2020​.

ENISA Report: New Light Shed on Capabilities in Energy & Healthcare

A new report released by the EU Agency for Cybersecurity (ENISA) showcases the product vulnerability management landscape, unveiling challenges faced by sectoral CSIRTs and PSIRTs.
Europeans can count on more than 500 Computer Incident Response Teams (CSIRTs) and on the CSIRTs network to respond to cybersecurity incidents and attacks.
In addition to CSIRTs, Product Security Incident Response Teams (PSIRTs) have emerged more recently. Their role is to manage the vulnerabilities of a company’s products and services.
PSIRTs have been mostly developed in a heterogeneous way. For instance, while some of them are well developed and independent from the main Incident Response (IR) team of the host company, others belong to their Security Operations Centre (SOC) or are just part of the development team.
Why a report on CSIRTs and PSIRTs capabilities?
The Directive on Security of Network and Information Systems (NISD) adopted in 2016 provides legal measures to boost the level of cybersecurity in the EU. Both CSIRTs and PSIRTs are essential players in the global Incident Response (IR) ecosystem.
The study published today - PSIRT Expertise and Capabilities Development - provides recommendations on the role of PSIRTs in the IR setup of the Member States according to the NISD, specifically in the energy and health sectors.
ENISA had already explored in details the IR setup across all sectors of the NISD in a study published in 2019: “EU Member States incident response development status report”.
Sectoral PSIRTs as energy or healthcare ones may benefit from an aligned approach in terms of processes and collaboration to ensure legal compliance in relation to their business partners, clients and possibly Operators of Essential Services or other actors subject to EU cybersecurity regulation.

Iceland prepares for next-generation cybersecurity

A booming data-centre industry and plans to improve connectivity are amplifying Iceland’s role in the global digital ecosystem.
Experts estimate that Iceland loses nearly USD 72 million (ISK 10 billion) to cybercrime each year – equivalent to roughly 0.3 per cent of the north Atlantic island nation’s gross domestic product.
Bringing together the wide range of institutions and experts that regulate, implement, and maintain cybersecurity systems can be a daunting task.
The GCI measures each country’s level of development and engagement in terms of five dimensions of cybersecurity: legal measures, technical measures, organizational measures, capacity development, and cooperation. The result is aggregated into an overall score and ranked among others worldwide.
In fast-moving fields like cybersecurity important steps related to documentation, coordination, and deliberation are easily neglected. To address this challenge, the Cyber Security Council used the GCI framework to review and revise national cybersecurity priorities, considering the framework in the context of Iceland’s priorities.
At the 2020 ITU Global CyberDrill online events, a series of sessions promoting hands-on exercises for national Computer Incident Response Teams (CIRTs), discussions on current cybersecurity issues and information sharing sessions, Iceland’s Cyber Security Council worked with practitioners from across the island to document the island’s readiness to withstand cyberattacks. Identifying best practices from around the world, the local experts discussed ways to improve their own ecosystem.
Efforts like this helped Iceland boost its GCI performance from 87th to 77th in the global rankings between 2017 and 2018 – and the results of this continued commitment will be revealed in the forthcoming 2020 edition of the Global Cybersecurity Index.
Room to improve
Iceland’s mapping of its cybersecurity progress demonstrates the GCI’s versatility. While such tools are mainly promoted to build capacity in developing countries, similar kinds of engagement can also benefit the most developed.
Technical measures, such as its frameworks for implementing cybersecurity standards, are similarly ripe for improvement. These actions would complement the country’s existing Computer Emergency Response Team (CERT-IS) and the Icelandic National Cybersecurity Strategy.
[Source: ITU]

eu-LISA to Extend its Portfolio with a New Large-Scale IT System

The Council of the EU approved a general approach on the regulation on cross-border judicial tool e-CODEX, which foresees handing over its operational management to eu-LISA, in order to provide a sustainable, long-term legal framework for the system.
e-CODEX – which aims to improve the efficiency of cross-border communication between European judicial authorities and facilitate access to justice for citizens and businesses – has been developed by a consortium of Member States, who are in charge of its management until 2024.
The draft regulation introduces provisions protecting the independence of the judiciary and details the governance and management structure to be implemented within eu-LISA.
The decision was taken during the Justice and Home Affairs Council meeting taking place 7-8 June 2021. "The COVID-19 pandemic has put the spotlight on the need to, among others, speed up the digitalisation and interoperability of our justice systems. Providing our judicial authorities with a sustainable, secure system to communicate in cross-border procedures is an important step in this direction", said Francisca Van Dunem, Portuguese Minister of Justice, during the segment dedicated to discussing e-CODEX.
As part of eu-LISA's growing role in the justice domain, the Agency is set to take over operational management of the system as of 1 July 2023.
e-CODEX – which stands for "e-Justice Communication via Online Data Exchange" – offers a digital, decentralised infrastructure for secure communication between national systems, facilitating its users (judicial authorities, legal practitioners and citizens) to send and receive documents, legal forms and evidence. The reasoning behind e-CODEX is that access to justice should not be discouraged by the complex variety of the different legal systems across EU Member States.
The transfer of the system to eu-LISA is not an end in itself, as very soon e-CODEX will be ready for further expansion and will require the introduction of new security and interoperability features. As with all new technology, the implementation must occur hand in hand with the respect of fundamental rights, data protection and privacy regulations. eu-LISA will be responsible, among others, for technical development, maintenance, bug fixing, updates and support, as well as development of new features in order to respond to emerging requirements.

New ITU tools to foster digital development

Data is critical to our goal of connecting the world. It tells us where we were, where we are, what works and what doesn’t. It is a key ingredient of empirical research for establishing correlation, determining causality, identifying good practices, and formulating policy recommendations.
Since the advent of the Internet, data volumes have grown exponentially. And yet, reliable and meaningful data remain surprisingly scant, because producing such data is often complex, costly, and time-consuming.
To enhance its offerings, ITU has released three new tools: an online training course; a new edition of ICT price trends; and the Digital Development Dashboard.
Developing statistical capacity
ITU is responsible for setting the international statistical standards for ICT indicators. The Manual for measuring ICT access and use by households and individuals and the Handbook for the collection of administrative data on telecommunications/ICT describe approximately the 200 or so standards maintained by ITU.
These publications are complemented by capacity development activities on the ground. To reach a broader audience, ITU is also creating several online training courses on ICT statistics. The first, Measuring digital development: Telecommunication/ICT Indicators, is now available for free on the ITU Academy platform.
Tracking the cost of connectivity
The cost of connecting to the Internet partly is one of the key reasons why some 3.7 billion people are still offline and prevents many of the 4 billion who are connected from harnessing the potential of the Internet.
The 2020 edition of ICT price trends provides analyses and compares prices of key ICT services for more than 200 economies, providing unique insights on the status of ICT affordability.
Number of economies achieving the Broadband Commission target with data-only mobile-broadband services. Includes 188 economies for which data is available from 2020 data collection. Source: ICT Price trends 2020, ITU
The report takes stock of progress towards the UN Broadband Commission’s affordability target for 2025, according to which entry-level broadband services – i.e., the cheapest data-only broadband mobile or fixed subscription available – should amount to less than two per cent of monthly gross national income (GNI) per capita.
The report features new measures of affordability that reveal vast disparities within countries: even where the target has been met at country level, services often remain unaffordable for the 40 per cent poorest.
As a complement to the report, a new ICT price app enables users to compare prices of various ICT services across countries and regions and visualise trends going back 10 years.
ICT price trends follow a massive data collection effort by ITU, its Member States, and the Alliance for Affordable Internet (A4AI).
Making data more accessible
Hidden data cannot create impact.
The newly launched Digital Development Dashboard provides a user-friendly overview of digital development for 196 economies.
The Dashboard features 37 indicators related to infrastructure and access, Internet use, and enablers and barriers. It presents 10-year trends and comparisons with regional peers. A ‘light’ version is available for mobile and low-resolution devices, while two-page country profiles can be downloaded as PDFs. The underlying data can also be downloaded in Excel format.

UAE regulator puts digital transformation front and centre

The UAE's Telecommunications and Digital Government Regulatory Authority (TDRA) has taken an important step in advancing the national digital vision.
Formerly the Telecommunications Regulatory Authority (TRA), we formally updated our identity in April 2021.
This means embracing artificial intelligence (AI), smart cities, and a knowledge-based society and economy.
The new logo reflects our new TDRA’s long-term future vision as a key national regulator. It symbolizes cutting-edge communication via the image of fibre-optic cables. At the same time, our regulator’s new name and identity reflects simplicity and aspiration to deliver customer happiness.
Enhancing innovation
As per a recent Global Innovation Institute report, the recently-renamed TDRA ranked among the top three innovative entities in the Middle East. The institute has accredited several innovations that our regulatory authority developed and implemented at the national and international level.
Leadership in the field of information and communication technology (ICT) depends on original ideas and creativity. These are critical elements of the UAE’s National Agenda 2021. Under that plan, the "United in Knowledge" pillar calls for building a diverse, competitive economy, driven by knowledgeable and innovative Emiratis, as the key to the UAE’s successful long-term development.
As a next step, in cooperation with Abu Dhabi Digital Authority (ADDA) and Smart Dubai, we recently issued national guidelines for 'API-first' business and services.
Application Programming Interface (API) is the best way to link multiple customer-service entities from everywhere at any time. The new guidelines will help government and private entities continually update and link their services and smart applications, with close coordination ensuring a better user experience overall.
ICT investment
Other ongoing TDRA initiatives include support for remote working, distance learning, e-commerce, and e-government services across the country. The UAE also aims to enhance the ICT sector and drive digital transformation in developing countries worldwide. The country – represented by TDRA – maintains close cooperation with the International Telecommunication Union (ITU), striving to extend logistical and technical support where needed, align digital strategies with sustainable development, lay the foundation for inclusive economic growth, and foster social happiness.
Digital government will be crucial going forward. Under the guidance of the UAE’s national leadership, TDRA intends to keep working closely with other government agencies and with partners across the ICT industry, aiming to envision, foster and cultivate a sustainable long-term digital transformation.
[Source: ITU]

ITU and UNDP join forces to address urgent unmet capacity building needs

The rise of digital technologies and ways of working offers extraordinary new opportunities to further global sustainable development and achieving the Sustainable Development Goals, from increasing economic resilience to mitigating the damage of COVID-19 and delivering more effective public services. Yet not everyone is equally able to take advantage of these opportunities, particularly as the rapid pace of digital change places further demands on resource-constrained governments and societies.

Bridging the world's digital divide is increasingly urgent, as those who left out of today's digital transformation are in danger of falling further behind. This means ensuring that digital services are available everywhere, as well as affordable and accessible to all.

To address this key issue, the International Telecommunication Union (ITU) and the United Nations Development Programme (UNDP) have launched a Joint Facility for Digital Capacity Development to support those not currently served by existing digital capacity development resources or channels.

Supporting UN Efforts in Digital Capacity Development

The Joint Facility stands in support of the UN Secretary-General's Roadmap for Digital Cooperation, which calls for "a broad multi-stakeholder network to promote holistic, inclusive approaches to digital capacity-building for sustainable development, including a new joint facility for digital capacity development, which will be led by ITU and UNDP."

People and communities currently underserved in terms of digital capacity will benefit from more efficient and effective support from the ITU/UNDP Joint Facility, which aims to make digital opportunities accessible to all.

​"Robust and effective digital capacity building underlines the fulfilment of the Secretary-General's Roadmap for Digital Cooperation, by supporting countries in their efforts to harness the full potential of digital technology as part of their digital futures", said Assistant Secretary-General Maria Francesca Spatolisano, Officer-in-Charge at the UN Office of the Envoy on Technology.

"The Joint Facility will further strengthen our collective effort to equip people with the needed digital skills, literacy and capabilities, alongside with the multi-stakeholder network for digital capacity development envisioned in the roadmap."

The Joint Facility aims to:
- direct stakeholders to relevant existing ITU/UNDP resources, including digital literacy and skills training;
- identify areas of unmet demand for digital capacity development initiatives and work with end users to develop new interventions when needed;
- identify patterns and trends in unmet stakeholder needs; and
- direct strategic, operational, and programmatic support in executing digital strategies, capacity development initiatives, or other high-priority operational areas for partners.

Digital capacity must be strengthened on both the local and international levels to enable inclusive digital and societal transformation.

While governments are the main target audience, other groups requiring digital capacity support will also benefit from the services offered by the Joint Facility.

Bringing UN Agencies Together for Meaningful Change

The Joint Facility cements the partnership between ITU and UNDP to drive digital capacity development, and intends to have a new single structure facilitating joint resourcing, roles, and responsibilities.

Through its Development Sector, ITU provides direct assistance and capacity development initiatives to bridge the digital divide, promote digital inclusion and facilitate digital transformation for all.

"Making adequate capacity development tools available to all is more important than ever to bridge the digital divide and connect half of the world's population that are still offline," said Doreen Bogdan-Martin, Director of ITU's Telecommunication Development Bureau.

"There are many aspects to developing digital skills apart from the actual training. Through the Joint Facility, we will be able to assist countries across the digital skills development value chain from assessing digital capacity needs, advising on digital strategies, and even helping with procurement and raising funds for digital development. We are incredibly excited to work together with the UNDP towards this."

UNDP's wide field presence and topic expertise will help match key local context to relevant digital solutions.

"The lack of sufficient digital skills is a major barrier to reaping the benefits of digitalization and threatens to leave the most marginalized behind," said Robert Opp, UNDP's Chief Digital Officer. "The UNDP is proactively investing in the key area of digital capacity building so that we can all take advantage of digital opportunities together."

While building on existing collaboration between the two agencies, the Joint Facility also paves the way for wider, longer-term collaboration between the UNDP and ITU.​

More information about the Joint Facility can be found at digital-capacity.org.

[source:ITU]
1 2