The purpose of Information Security/Cybersecurity is to protect an organizations's valuable resources, such as information, hardware and software. Through the selection and application of appropriate safeguards, Information Security helps the organization's mission by protectiing its physical and financial resources, reputation, legal position, employees, and other tangible and intangible assets.
The issue of cybersecurity/Information security simply comes down to three things: 1) Confidentiality, 2) Integrity and Availability.
Information Security management/cybersecurity entails the identification of an organisation's information assets and developemt, documentation, and implementation of policies, standards, procedures and guidelines, which ensure their Confidentiality, Integrity and Availability.
Unfortunately, cybersecurity is sometimes viewed as hindering the mission of the organisation by impossing poorly selected bothersome rules and procedures on users, managers and systems. On the contrary, if well implemented, Cybersecurity rules and procedures can support the overall organisational mission.
In the case of Kenya, the way to create a culture of cybersecurity is through management tools such as data classification, security awareness traininig, risk assesment and risk analysis in order to identify threats, classify assets, and rate their vulnerabilities so that effective security controls can be implemented.
 
Regards,
Evans

 
On Sun, May 3, 2009 at 10:59 PM, mwende njiraini <mwende.njiraini@gmail.com> wrote:

Good morning,

 

The focus of our discussion this week is on cybersecurity and trust.  We will seek to address privacy and data security issues.

 

Like many other Kenyans, we frequently register to use various online services provided by the government and businesses.  The registration process requires that we provide personal information including physical, postal address, telephone numbers, credit card numbers, etc.  The younger generation and the young-at-heart are readily sharing “personally identifiable information” including photos and events through social networking sites including facebook, youtube, myspace, flickr, twitter, etc. 

 

Personal information collected and made available in the public domain such as the electoral register, telephone directory can be combined with information for example from  supermarkets loyalty cards to create valuable market information  to  track individual preferences and purchase profiles.  This information may unfortunately be subject to abuse and theft.   Consequently, ‘trust’ in policies and the security measures that the government and businesses establish to protect user information is therefore an essential element for the success of e-transactions (both e-government and e-commerce)

 

Looking forward to hearing from you.

 

Kind regards

Mwende

 

References

1.     Protecting your Privacy on the Internet: http://privacy.gov.au/internet/internet_privacy/index.html#2

2.     Privacy Policies: http://www.facebook.com/policy.php?ref=pf, http://twitter.com/privacy

3.     Article 12 of the Universal Declaration of Human Rights :http://www.un.org/en/documents/udhr/index.shtml#a12

4.     Office of the Privacy Commissioner of Canada: Protecting Your Privacy on the Internet:  http://www.priv.gc.ca/fs-fi/02_05_d_13_e.cfm

5.     Privacy illustrations: http://www.priv.gc.ca/information/illustrations/index_e.cfm

6.     http://www.diplomacy.edu/ISL/IG/

 

Disclaimer: Views expressed here are the author’s own


_______________________________________________
kictanet mailing list
kictanet@lists.kictanet.or.ke
http://lists.kictanet.or.ke/mailman/listinfo/kictanet

This message was sent to: ifani.kinos@gmail.com
Unsubscribe or change your options at http://lists.kictanet.or.ke/mailman/options/kictanet/ifani.kinos%40gmail.com