Mona I.

Al-achkar Jabbour

Imad Y. Hoballah

The Regional Pan Arab Legal and Regulatory Observatory for Cyber Security

Importance of Cyber Security

Cyber space is the domain that generated from the interconnection between computers
and telecommunication, to store, modify, and exchange data via networked systems and
associated physical infrastructures, without regard to physical geography. So, its security
largely depends on the data and the ICTs’ security.

Actually, with high degree dependency on informatics and telecommunications, for

almost every activity, and service, it’s extremely dangerous and harmful to ignore the
growing phenomenon of cyber crimes and the increasing number of threats that can
endanger not only citizen lives and activities, but governmental systems also.

Sources of Cyber threats may be unintentional like accidents, vulnerabilities and

negligence, or intentional like direct attacks on systems. Objectives of Systems’ attacks
can be shut down, to gain access and steal, to make illegal financial transfers, to disrupt
records, or to manipulate data and code in order to introduce harmful instructions.
Attackers can be recreational hackers, crackers or terrorists. This is true for business
entities and interests, as well as it is for public sector and government.

Banking institutions, energy, states agencies, hospitals, business, education, and even
social affairs heavily rely on their online presence.

With flowing information through boundaries and different legal systems, and the
connectivity between the networks around the globe, there is a growing need to protect
personal information, funds and assets, as well as national security.

Thus, Cyber security issues have stepped into the light and into public as well as private
sectors land of interests.

Background
Cyber security is about building confidence and security in the use of ICTs that support
trust in information society.
Consequently, we can define it as including all activities and operations aiming at threat
and vulnerabilities reduction, prevention and protection, incident response, recovery
policies, data assurance, law enforcement, military and intelligence operations relating to
security of the cyber space.
This latter touches practically all activities and all citizens around the globe; it provides
tremendous opportunities to enhance human development as well as to achieve better
integration in Information society. It also supports wider access to knowledge and
education, as well as to the development policies and strategies.
Moreover, it has imposed new type of commercial, professional and social paradigms,
giving rise to number of legal and technical problems that must be addressed, on the basis
of respecting its special nature, and needs. Hence, different approach and different
methodologies from what has been adopted before the age of information and
communication technology are needed.

Nevertheless, many governments and societies fear the negative impact ICTs can have on
their own citizens because of the potential dangers it carries, and because of the
economic, the social, and the security challenges it poses.

Accordingly, Lack of security in cyber space undermines the confidence in the

information society especially with many intrusions around the globe resulting in stealing
money, assets, and sensitive military, commercial and economic information.
In legal and regulatory situations, that lack security, no government can realize the full
potential of the information technology revolution.
Consequently, a special attention is needed to prevent cyberspace to turn into a source of
dangers for states and citizens, and it’s also vital to prevent the appearance of Cyber
crime paradise.

Authorities in charge are trying to find the way to prevent and punish new forms and
types of illegal and criminal activities such as: ICTs’ crimes where we find computer-
based assault. Many governments have already adopted particular regulations and
legislations as an answer to the need of ensuring adoption of security’s measures and
techniques.

Cooperation between countries

In the same context, Scholars, experts and policy makers are highlighting the importance
of cooperating between nations and governments to answer challenges imposed by the
cyberspace’s particular nature and to achieve cyber security. As a matter of fact, without
cooperation between nations and countries it is doubtful that any country can protect
itself
In many Arab countries, where there is a shortage of legislations and regulatory texts,
Responsibilities for Cybersecurity are not defined, or well established across the
departments and the authorities in charge of Law enforcement. This situation is sure to
hinder dealing with conflicting issues in a consistent way.
Hence, the Arab world is not yet well organized to address the growing threat of cyber
crime and the organized crime intrusions let alone, the state-sponsored attacks and
operations or the organized crime networks.
The Arab world must be serious about addressing cyber security challenges with strong
leadership and vision. Leadership should be lifted up and strongly anchored within
competent official authorities, capable of coordinating action, and of achieving results.
And, while providing policy, strategy, legal structures, and coordination to empower
concerned authorities to perform their missions, a special attention shall be paid to
strengthen accountability for cyber security, at all levels.

Who is it?
The observatory is an independent group with no ties but to the interest, the safety and
the security of the Arabic and regional “Cyber Space”.
It represents a pioneering effort to develop the first Arab Cyber Security task force,
seeking to watch and screen the status of cyber Security in Arab countries, by gathering
and analysing data on Legal, regulatory, educational, social and technical environments
that impact safety and security. With high-level profiles members, the observatory holds
a unique position that allows it to draw on a broad network of scholars and activists. In
this context, the observatory members aim to work together toward shaping the way the
Arab world will protect its information society in the Information Age. They aim also to
serve as an advisory body to the private and to the Public Sectors and to the State’s
departments.

Principles of work
The observatory work respects and acknowledges some vital principles such as:
- Security’s importance cannot be appreciated without first understanding how much is at
stake.
- No country or government can succeed in securing its cyberspace and in reaping the full
benefits of the digital age if it works in isolation.
- Strategy of Cybersecurity shall be shaped according to international standards and
norms which are critical in establishing a secure and thriving digital infrastructure.
- Homogenizing and approaching legal systems are vital to ensure cyber security
especially at levels like: territorial jurisdiction, and use of force, investigation and
prosecution of cyber crime, data preservation, protection, and privacy.
- The government shall keep its classical role and responsibility in protecting and
defending its citizens’ wellbeing, as well as the country and its cyber space. It cannot
entirely delegate or abrogate its role in securing the Nation from a cyber incident or
accident.
- The government shall develop its own vision of its role in the digital age at the
awareness, capacity building and long life learning levels, to ensure better use of the ICT
potential and to better address national economic needs as well as national security
requirements.

Objectives
The objectives of the observatory stand on the WSIS Geneva Declaration of Principles,
Para 35, stating that “strengthening the trust framework, including information security
and network security, authentication, privacy and consumer protection, is a prerequisite
for the development of the Information Society and for building confidence among users
of ICTs”. As well as on the WSIS Tunis Agenda, Para 39, reaffirming ““… the necessity
to further promote, develop and implement in cooperation with all stakeholders a global
culture of cyber-security as outlined in the United Nations general Assembly resolution
57/239 and other relevant regional frameworks. Thus, particular attention will be paid to
the Steps to be undertaken in order to support the development of a Cyber Security
Culture.
And, many objectives are seen as essential to achieve better integration in the information
society. Here we can mention as objectives:
- conduct a dialogue on Cyber security to develop more public awareness of the threats
and risks and to ensure an integrated approach toward the Nations’ need for security and
their commitment to citizens’ protection and crimes’ prevention.
- Integrate workable plans to address cyber security related issues confronting the
different governments.
- Elaborate a Harmonized approach to build synergies between cyber security initiatives
Through Comprehensive strategies on all levels in multiple work areas:
1 •legislative rules and measures
2 •Technical measures
3 •Organizational structure
4 •awareness Capacity building
5 •Inter-states and International cooperation
- Establish a comprehensive framework in the Arab world that can ensure coordinated
responses and recovery by the governments, as well as by the private sector, to a
significant incident or threat.
- create a resource of cyber security guides from a variety of organizations.
In order to achieve these objectives the observatory will:
- Produce a clear and consistent overview of the emerging cyber security needs of the
Arab-Speaking society, as well as of the legal and regulatory framework that should
be dealt with

- Create a solid and clear framework for different countries

to reach harmony in their legal and regulatory issues to
Secure the cyberspace for the government and its citizens

- Cover the commercial, economic, academic and social aspects of cyber security

Main aspects subjects to study by the observatory

There are many aspects to consider with regard to enhancing cyber security in the Arab
world. Hence the observatory will conduct studies, researches, and capacity building
workshops and seminars, with focus on: best practices in responding, detecting and
preventing attacks, as well as in raising awareness, decreasing cyber crimes and all other
related dangerous activities. Special attention will be paid to enhance cooperation
between the different national agencies in the field of forensics, data encryption, network
security, adoption of international standards and norms, and the development of the
adequate regulatory and legislative framework.
Key themes to be covered by the studies and research include the way to enhance
relationship among awareness, education, capacity building, legal and regulatory
framework, technical security, as well as the nature of reforms that can promote the
establishment of trustful information society.

Composition and structure

The government and the private sector share the same worries, since they are exposed to
the same threats. In any given country, they use the same information infrastructure, and
can be victims of unauthorized intrusions, theft, and disruption of services. The public
and private sectors’ interests are intertwined with a shared responsibility for ensuring a
secure, reliable infrastructure. Accordingly, addressing cyber space security issues calls
for shared answer, and requires a public-private partnership as well as an inter-
governmental cooperation, at regional and international levels.
The composition and the structure of the observatory reflect this reality, as well as the
belief in the necessity of establishing a network of relations, that ensures adequate
participation of most of the information society stakeholders.

Hence, the observatory gathers experts and professionals from a broad cross-section of
industry, academia, NGOs, State governments, international partners, Legislative and
Executive authorities. Actually, they are representatives of the Ministry of justice, the
ministry of Interior security and the municipalities, the General Directorate of the ISF-
the judiciary police- ”Cyber crime and intellectual property office”, the Regional
standards Bureau of Microsoft, the Arab League “Center of judiciary and legal studies”,
the Lebanese institutions for standards and norms- LIBNOR, the office of the minister of
state for administrative Reform OMSAR, the Telecommunications Regulatory Authority,
- The Faculty of Engineering – The Antonine University – and the Lebanese Information
Technologies Association (LITA).
The observatory membership is open to participation by all Arab institutions who have an
interest in making the Internet secure and who commit to disseminate the common
message of cyber security concerns in their environment. Hence , the membership of
the Observatory will be expanded to include new Arab countries and institutions.
Participation in the observatory doesn’t require a financial contribution. Secretariat and
meeting expenses are covered by the Antonine University, who supports the observatory.
The administration is run by all the members through two committees in charge of
performing the work, following-up and coordinating the various efforts: General
Committee and Executive Committee assisted by committee created according to needs.

Management

The Observatory consists of two committees in charge of performing the work,

following-up and coordinating the various efforts. The representation in the committee is
done according to the nature of the tasks to be performed. The first is the general where
collaborate local representatives from all concerned sectors in each country, without
constraints to the number of members. This committee has the responsibility of:
 developing a comprehensive plan of action
 development and implementation of monitoring, assessment and analysis
processes
 identifying risks and proposing solutions and means of protection
 developing awareness plans as well as drafting and disseminating safety
indicators
 coordinating the work among experts, professionals and academics
 formulating proposals and pursuing their implementation at the national level
 reporting the needs and the specific challenges of the country

The General Committee is composed of three sub-committees:

1- Policy, Administrative, and Public Relations Sub-Committee responsible for:

 Establishing a network of relationships that provides adequate coverage of the

various legislative, regulatory, administrative, security, academic and professional
activities. This network should include the following:

 Ministries of Interior, Defense, Justice, ICT, and Education

 Major universities
 Main Operators (ICT, Telecommunications)

 Creating and regularly updating a website dedicated to the working group,

responsible for issuing periodical updates on developments in the administrative,
legislative, and regulatory areas. This website should constitute a communication
platform between all members of the observatory, and between all those involved
in cyber security and the proper engagement in the information society
 Organizing workshops and scientific meetings, seminars, and training programs
for professionals and citizens, in cooperation with official and private bodies
 Developing comprehensive public awareness plans in the area of cyber security
 Strengthening the cooperation between various bodies and sectors of society
 Reviewing the curriculums for higher education as to the extent to which it
responds to the needs of development, awareness, and the proper and safe
engagement in the information society
 Providing a widely available hotline as a mean to connect to the Observatory for
Cyber Security. This should serve as a national center to disseminate information
about threats, vulnerabilities, and cyber security incidents

 Technical Sub-Committee: is responsible for:

 Following-up on safety standards and measures in the areas related to the use of
information technology and communications
 Following-up on the latest developments in internet management and
communications, especially those that directly affect cyber security

  Legal Sub-Committee: is responsible for:

 Following-up on the latest legislative and regulatory developments especially

those that directly affect cyber security
 Following-up on cyber security issues, especially with respect to limiting
violations, and prosecuting crimes
 Establishing a regulatory and legislative database specialized in security and
safety standards in the area of cyber security, so that everyone concerned can
recognize the various legislative and regulatory rules, in an easy and reliable
manner
 Following-up and developing indicators that provide the legislative and regulatory
framework, and the extent to which the various cyber security frameworks in the
Arab region are in harmony
 Studying various strategies on regulation and legislation, especially those related
to e-government
 Developing a report, in coordination with the Technical Sub-committee, on the
status of cyber security in the Arab world, from the perspectives of available
techniques as well as legal and regulatory means. This report should provide
proposals to the various governments taking into account the need to enhance and
develop digital transactions, electronic commerce, and the respect for the rights of
citizens and the need to protect them from infringements on their financial and
personal data
 Reviewing the draft laws and regulations that are proposed in the Arab countries,
and providing proposals which facilitate the harmonization between these laws

Executive committee

This committee Includes representatives of all participating Arab countries who are
elected by the members of each country. Its responsibilities include:

 developing a plan of action for each country

 implementing the action plan and the policy of the General Authority, to the
extent that is consistent with each country’s plans and the proposals of the
General Authority
 coordinating different efforts, and studying the various proposals and submitting
them to the involved official bodies or the specialized regional ones.

This committee shall serve as a link between the General Committee and the member
states. Each participating country should have three members, at least. Each of these
three members should work with one of the following three sub-committees of which
the Executive Committee is composed:

- Legal Sub-Committee: is composed of representatives from each member country.

Each member should perform the following:
  Provide reports and updates on the legal status and latest legislative developments
within his country
 Implement the recommendations and proposals for the harmonization between
laws suggested by the General Committee in the legal field & translate them into
local legal systems/rules, to the extent that is consistent with each country’s
plans/systems

- Technical Sub-Committee: is composed of representatives from each member

country. Each member should perform the following:

 Provide reports on technical data, standards, rules and statistics related to his
country
 Implement recommendations of the General Committee in the technical field &
translate them into local best practices/rules

- Public Relations/Administrative Sub-Committee: is composed of representatives

from each member country. Each member should perform the following:

 Establish a local network in his country in order to stay up-to-date with the
activities and recommendations of the General Sub-Committee, and provide
coverage of the various activities related to cyber security within his country
 Apply awareness plans and capacity building programs suggested by the General
Committee

Suggested Arab countries, already having experience and taskforces in the area of
cyber security, which should have members in the above Sub-Committees are: UAE,
Qatar, Egypt, and Tunisia

Supplementary activities

In addition to the previously mentioned responsibilities of each sub-committee, the

following activities are also suggested:
- Identify and ally with key international organizations and NGOs active in the field,
e.g. The International Center for Missing and Exploited Children (ICMEC) and Child
Exploitation and Online Protection Center, to tailor solutions for different societies,
attending and hosting forums as appropriate
- Meet periodically with heads of NGOs for raising awareness and discussion of
issues to create a trickle down effect
- Produce a code of ethics for young users to be applied at national levels, and hold
monthly awareness meetings with youth. These meetings should be directed at
identifying and promoting Internet safety tips to parents, youth and children, as well
as explaining the pros and cons of different Internet based IT tools
- Promote a system of classification, technical tools, standards, and filters
- Promote the building of national expertise in information security, incident
management and computer forensics
- Establish an alerting mechanism that allows for timely delivery of new alerts and
mitigation strategies
- Establish a guide for member countries to perform an exercise to assess
preparedness capabilities in response to a cyber incident of national significance
- Coordinate with member states, universities and the private sector to produce a
National Cyber security Awareness month
- Encourage the adoption of cyber ethics, cyber safety and cyber security in school
education in the member countries, as well as teacher preparedness to address these
issues in the classroom. Also, encourage the development of a volunteer program for
computer security professionals to teach cyber security in schools
- Establish a an independent, non-profit research institute that provides assessments of
the strategic and economic consequences of possible cyber-attacks and cyber-assisted
physical attacks. It also investigates the likelihood of such attacks and examines the
cost-effectiveness of possible counter-measures, and give professional opinion to
forensic investigators within each member’s local authority
- Create helpful booklets in the area of cyber security. Suggestion: an Identity Theft
Booklet that provides practical advice and strategies on how to protect personal and
financial information, as well as information on computers and what to do if someone
becomes a victim of identity theft. The booklet also includes a checklist to assess how
vulnerable we are to identity crime and provides a list of government resources to
help protect our personal information
- Maintain a large network of trusted CERT contacts around the world. These
contacts should receive early warning of global threats and assist in responding to
incidents which span jurisdictions
- Become a trusted member in related international organizations such as ITU, ISO,
etc.
- Create a free alert service on the Observatory’s website that provides easy to
understand information on the latest e-security threats and vulnerabilities, a free
interactive education resource for primary and secondary school students, videos with
useful tips on protecting one’s computer, a self assessment tool for small businesses,
and information for parents
- Enhance the Arab World’s regional and international cooperation on information
security
- Facilitate information sharing and technology exchange, including information
security, computer virus and malicious code among members of the observatory
- Promote collaborative research and development on subjects of interest to various
members of the observatory
- Provide inputs and/or recommendations to help address legal issues related to
information security and emergency response across regional boundaries
- Establish media coverage of the various activities of the observatory (publishing
articles, interviews, flash news, workshops and events)
- Establish a central help desk and national help desks to respond to cyber security
issues. This should work in coordination with local CERTs within each member
country and local authorities
Meetings
The secretariat of the observatory will reside in the TICKET offices in the Antonine
University- Baabda, in Beirut.
The observatory board meets in person at least once a month to discuss policy direction,
networking opportunities, and lobbying visits with senior government policy makers. In
addition, it may choose to influence outside events for side meetings and may be invited
to in ministerial/parliamentary reunions or other senior meetings.