Well said with Steve and Explorer, Security matters are tied to value systems. Without values there is no security. I stand to be corrected but in the vision 2030 document we had a pillar that received very little attention. This pillar touched on National values , i think this is where the rain started beating us on the security front. Recent interventions from the government and religious communities have emphasized on collective responsibilities and being your brothers keeper (Nyumba kumi et al). I think the same approach should be applied to stem Cyber Security that is sensitizing users on the importance of confidentiality. This can best be done by implementing Security standards such as ISO 27000 series which break down security into a laymans language. Regards On 7/21/15, 0xexplorer via kictanet <kictanet@lists.kictanet.or.ke> wrote:
IMHO there is still a lot to be done to enhance cyber security.
A computer incident response team was setup some time ago however their activities are hardly seen or heard of in the public domain.
Secondly the recent Hacking Team leaks revealed agents allegedly acting on behalf of the state to engage in potentially illegal activities.
It is a challenge to even assess the readiness of the country to handle significant cyber security incidents. I feel that a culture that encourages information sharing and promoting awareness amongst the general public would be a great start.
My two cents.
--
0xexplorer
-------- Original Message --------
Subject: [kictanet] #KeIGF15 Online Discussions Day Two: Cyber Security and Trust
Time (GMT): Jul 21 2015 05:58:44
From: kictanet@lists.kictanet.or.ke
To: 0xexplorer@protonmail.ch
CC: nmutungu@gmail.com
Dear Listers,
Kenya has had its fair share of high profile cyber threats, hacking etc, the latest being the alleged compromise of the IFMIS system at NYS/Ministry of Devolution. The country and Africa at large is making efforts to assure cyber-security. These include among others her involvement in the Africa Union Convention on Cybercrime and a proposal for a Cybercrime law, an initiative led by the Office of the Director of Public Prosecutions. Significant financial resources have also been earmarked by government for security and cyber security in particular. There are also partnerships between government and private sector in deploying cybersecurity centres.
The private sector has employed practical measures to protect their businesses. However, businesses such as mobile money providers and banks have been shy to divulge their cyber security concerns to protect their interests.
Civil society on the other hand has raised concern about the line between protecting the cyber space and creating a facilitative environment for innovators as well as protecting the rights of users.
Are our efforts at deterring cyber-crime the correct way to assure cyber security? Are fears about a partnership between government and private sector and the general fears about stifling innovation and human rights in the name of cybersecurity legitimate? Are there other practical approaches that different stakeholders can take to enhance cyber security?
-- Barrack O. Otieno +254721325277 +254-20-2498789 Skype: barrack.otieno http://www.otienobarrack.me.ke/