UNICC Common Secure Conference 2022

14 October, 2022

...
Photo: UNICC

Joint partnership with UNDP’s Cybersecurity for Developing Nations and FIRST for discussing cybersecurity threats impacting the UN system

UNICC hosts an annual Common Secure Conference with the goal to bring its cybersecurity Clients and Partners Organizations together to increase the UN family circle of trust, share intelligence on cyber practices and provide feedback on UNICC Common Secure services. The multi-day workshop blends UN Agency participation with Member States, academic, regional and vendor participants and speakers with feedback, presentations and input with closed and public sessions.

This year’s conference was a joint partnership with UNDP‘s Cybersecurity for Developing Nations programme and FIRST, including a jam-packed week of specialized and public events held from 3-7 October 2022 and located adjacent to the UNICC Cybersecurity Centre of Excellence in Valencia, Spain.

We are pleased to see this vision of the strong role the UN system, and UNICC on behalf of the system, can play in developing the global cyber leaders of tomorrow. A great partnership between UNICC, UNDP and FIRST. A great collaboration with industry leaders, the private sector and public sector organizations.

Sameer Chauhan, UNICC Director

Cybersecurity thought leadership and best practices

Goals of the 2022 Conference were to share cybersecurity thought leadership and best practices, enhancing collaboration within the UN system and with national and international Computer Emergency Response Teams (CERTs).

The conference this year witnessed attendees (physically and virtually) from nearly 40 UN organizations, keynote speakers and guests from CERTs, academic institutions and top technology companies to share cybersecurity issues, opportunities and solutions, including cybersecurity threats impacting the UN system and the measures they take to mitigate these threats.

Participants shared insights on the ways to implement zero trust, on the future of the cloud and its impact on cybersecurity, UN Privileges and Immunities in the cloud, vulnerability management, threat hunting, security automation, IOT security and DevSecOps. Participating national and international CERTs shared cyber threat experience as well as recommendations for tools and techniques they leverage to respond to cybersecurity incidents.

A shared cybersecurity knowledge hub results in maximum impact and greater efficiency and effectiveness across the UN family, engaging our experienced and certified cybersecurity experts. UNICC’s Cybersecurity Centre of Excellence in Valencia enables our participating UN Agencies to create secure business solutions, where cybersecurity is a strategic business enabler.

Tima Soni, Chief, Cybersecurity Division, UNICC
Tima Soni, Chief of Cybersecurity Division, UNICC spoke at Day 1 during the conference opening session
Photo: UNICC

Agenda Overview

Day 1: On the first day of the conference, Sameer Chauhan, Director, UNICC and Tima Soni, Chief, Cybersecurity Division, UNICC, welcomed conference participants and introduced the day’s sessions, including speakers from the Asian Development Bank (ADB), World Health Organization (WHO) World Trade Organization (WTO), World Food Programme (WFP) UN Women and UNICC.

2022 Common Secure Conference group photo
Photo: UNICC

Day 2: The second day’s sessions focused on presentations on cybersecurity threat landscapes from Member States and seasoned speakers from World Food Programme, CCN-CERT Centro Criptológico Nacional, National Cyber Security Centre, ON2IT Cybersecurity, Splunk, SANS Institute, Dragos, Inc. and more.

From left to right: Amedeo Cioffi (Head, Cybersecurity Operations, UNICC), Lyle Mcfadyen (Senior Solutions Architect, UNICC), John Kindervag (Creater of Zero Trust, Senior Vice President, Cybersecurity Strategy) and Tima Soni (Chief, Cybersecurity Division, UNICC)
Photo: UNICC

Day 3: On the third day experts shared their knowledge and insights in both technical and management of cybersecurity topics. Each of them presented a report on the experience of cybersecurity in their work environment, the challenges and problems they faced. They discussed results they obtained after working on several technology solutions. They also brought up potential risks in the cloud over the following years and offered future solutions.

From left to right: Jenean Paschalidis (Senior Cybersecurity Officer, UNICC), Jennifer Bradford (OPCW), Marwa Popal (ICJ), Laura Del Pino (UN Women), Ioana Salanta (UN-IIM) and Tima Soni (Chief, Cybersecurity Division, UNICC),
Photo: UNICC

Day 4: The fourth day included hands-on training and knowledge sharing between participants, with a keynote speech by the Secretary-General’s Envoy on Technology, Amandeep Gill, who shared a vision of the long-term value of UN family cyber-collaboration and capacity-building.

Day 5: On the last day the conference, there was a cybersecurity Capture-the-Flag event and a tabletop exercise. Discussions over the five days confirmed the following:

  •  Building trust is a key enabler to enhance collaboration and sharing of information within the cybersecurity community
  • Capacity building in cybersecurity is crucial to deal with the shortage of cybersecurity professionals
  • Identifying a protected surface is critical to implement zero trust
  • There is an urgent need to have cybersecurity controls incorporated into digital products by default.

Cybersecurity events like this one attest to the high value of UNICC’s cybersecurity services, which aim to expand UN-system cybersecurity strategic oversight, governance, threat intelligence sharing as well as advisory services and a spectrum of programmatic and operational components to protect the UN family.