Friends, I am sure that the authorities are addressing this matter to the best of their knowledge and efforts. And I am sure that this issue presents the GoK and the Kenyan private sector a chance to learn for, as they say, what doesn't kill you makes you stronger. Thinking aloud, here is how to gain the strength/resilience - Information protection be declared and understood to be a strategic imperative; one cannot run an effective knowledge economy without proper information protection framework and practices. Each ministry, department, private sector, etc needs to understand this and act in concert. - Design, clarify and communicate an information governance, risk and compliance framework; complete with a thorough no fault compliance regime. - Establish an information protection leadership with commensurate powers needed to realize the strategic imperative of information; this leadership must not be subservient to IT but be independent in a similar manner that audit is. Leadership in turn will develop an information protection organization with needed skills, organization and processes. - Develop and implement an ongoing information protection awareness regime for the nation; this would be segmented to ensure that appropriate knowledge is communicated to target audiences. (Did you know that one can actually collect business-related information (proposals, strategic plans, presentations, etc.) of a number of businesses at Internet cafes? All one needs is recover much of these from the temp folders; one can also harvest a lot fo personal information (ID card-related, etc.) from the same cafes ... implication for identity theft are humongous.) - Invest heavily in information protections skills development: require/coax academic institutions to make information risk management training a priority ... Baadaye. ---------------------------------------------------------------------------------------------- Matunda Nyanchama, PhD, CISSP; mnyanchama@aganoconsulting.com Agano Consulting Inc.; www.aganoconsulting.com; Twitter: nmatunda; Skype: okiambe ---------------------------------------------------------------------------------------------- Be prepared to face ICT Security failures & know how to respond when they happen! Call: +1-888-587-1150 or info@aganoconsulting.com ---------------------------------------------------------------------------------------------- "A bus station is where a bus stops. A train station is where a train stops. On my desk I have a workstation…" - Anonymous ----------------------------------------------------------------------------------------------- This e-mail, including attachments, may be privileged and may contain confidential or proprietary information intended only for the addressee(s). Any other distribution, copying, use, or disclosure is unauthorized and strictly prohibited. If you have received this message in error, please notify the sender immediately by reply e-mail and permanently delete the message, including any attachments, without making a copy. Thank you.
participants (1)
-
Matunda Nyanchama