OECD-APEC Workshop on Security of Information Systems and Networks - Seoul, 5-6 September 2005


Return to > Information security and privacy > Security > 2002 Security Guidelines


Summary of the Workshop


DAY 1: Monday 5 September 2005

9:00         Opening Session 

  • Welcome
    • Opening remarks – Dr. Inuk Chung, Chair, APEC TEL Working Group
    • Welcome address to the APEC-OECD Workshop on Security of Information  Systems and Networks – Mr. Jung-Hyup Kang, Director General for Information Infrastructure and Security, Ministry of Information and Communication, Korea
  • APEC and OECD Strategies for Security
    • Workshop Chair – OECD  – Keith Besgrove, Vice-Chair, Working Party on Information Security and Privacy, OECD - Presentation
    • Workshop Chair – APEC – Shamsul Jafni Shafie, Head, Information and Network Security Department, Monitoring & Enforcement Division, Malaysian Communications and Multimedia Commission - Presentation 

10:00       Plenary Session 1: Key Challenges

10:45       Coffee Break

11:15       Plenary Session 2: Spyware

Moderators: Keith Besgrove, Shamsul Jafni Shafie

  • What is Spyware? - Seow Hiong Goh, Software Policy (Asia), Business Software Alliance (BSA)
  • How does Spyware Link to other e-Security Threats?  How does it relate to malware more generally? How do these threats affect end users?
    • Kim Duffy CEO Internet Security Systems (ISS) - Presentation
    • Aaron T. Hackworth, CERT(R) Coordination Center, Software Engineering Institute, Carnegie Mellon University, Pittsburgh, PA

12:30       Lunch

13:30       Plenary Session 2 : Spyware (continued)

  • Combating Spyware in the US – Alice Hrdy, Division of Financial Practices Bureau of Consumer Protection Federal Trade Commission, United States
  • Industry Perspective
    • Kang Meng Chow, Microsoft, Singapore - Presentation
    • Kay Chuan Chua, Government Relations Representative for Asia Pacific & Japan, Symantec Corporation - Presentation
  • Using the attributes discussed in the previous discussion, this panel will debate the technical, legal and education strategies for combating Spyware
    • Mr. Suresh Ramasubramaniam APCAUCE - Presentation
    • Mr. Thomas Veit, Federal Office for Information Security, Germany - Presentation
    • Mikko Hyppönen, Chief Research Officer, F-Secure Corp., Finland
  • Final panel session – Developing an International Agenda
    Topics for discussion : Establishing common definitions/understanding, addressing related e-security threats, technical countermeasures, legal countermeasures, public awareness, what cross-border, APEC and OECD actions can be pursued
    • Same speakers as above

15:15       Coffee break

15:45       Parallel Session 1 - Reaching out to SMEs and Individuals

The expanding deployment and use of information systems and networks by SMEs and individuals increases the necessity for focusing on securing their systems.  What efforts by government are most successful in reaching this segment of users?  How is the industry that supplies the hardware, software and services for SMEs and individuals responding to their needs?

Moderator: Michael Mudd, Director Asia Pacific Public Policy, Computing Technology Industry Association (CompTIA)


15:45       Parallel Session 2 - Promoting Effective Global Incident Response  (the roles of governments and CERTs/CSIRTs)

Moderator: KrCERT/CC – Facilitator: APCERT

  • Existing Collaborative Arrangements - What are they and how do they work? 
    What cross border arrangements currently exist for watch and warning, incident response and information sharing – how do they work and what do they offer the CERT/CSIRT communities.
  • Panel Discussion and Outcomes
    Moderator: APCERT 
    Panel session to discuss the issues raised and to identify outcomes from the session.
    • US DOJ
    • APCERT (panel)
    • Henk Bronk, GOVCERT.NL, Netherlands

17:15        End of day 1 - Cocktail

Day 2 - Tuesday 6 September 2005
9:00 Parallel session 3 - Emerging Security Threats and the Technologies Being Developed to Address Them: the Role of R&D

This session will examine emerging security threats, such as new viruses, worms, and other malware, the threats posed by a new generation of computer savvy hackers and more sophisticated inter-networked technologies, as well as the domestic and international R&D efforts being undertaken to address these threats.

Moderator: Keith Besgrove 

9:00 Parallel Session 4 - Comparing Legislative and Policy Approaches to Identity Management and to Security of Information systems and Networks

The session will examine different approaches to identity management and to security of information systems and networks.
Moderator: Shamsul Jafni Shafie

10:30  Coffee break

11:00  Plenary Session 3: Reports from the parallel sessions and panel discussion

In this session, the four chairs of the parallel sessions will briefly report the main outcomes of their session and start a panel discussion with one representative of government, business and civil society on possible ways forward for OECD and APEC to co-operate further in the area of security of information systems and networks.
Moderators:  the co-chairs of the workshop

Reports from the parallel sessions

Panel discussion

  • The four chairs of the parallel sessions
  • Government: Edgar De Lange, Ministry of Economic Affairs, Netherlands
  • Government: Richard Downing, Department of Justice, Computer Crime Section, United States
  • Business – Kang Meng Chow, Microsoft, Singapore
  • Civil society – Marc Rotenberg (Statement)

12:15  Conclusions by the co-chairs of the Workshop on future co-operation

12:35  End of the Workshop.


Related Documents