p { margin-bottom: 0.08in; }a:link { } Government Websites Hacked :- What next? It has been all over the social network. Most government websites hosted on the .go.ke domain were hacked by some Indonesian cyber-security student. Apparently after several hours of teaching, the lecturer encouraged the students to test their skills on selected government sites and what better target than Kenya? After all Kenya is reputed to be the hub for ICT technologies in East and Central Africa. Better still, with the recently implemented multiple undersea fiber cables, Kenya present high quality internet speeds that are necessary for launching sophisticated attacks from within and the outside world. With that hindsight or profiling, the hacker must have made a good choice of a target - a target that has its technological development way ahead of its cyber security advancement. Within hours over one hundreds of governments sites including the not so lucky http://www.treasury.go.ke/, http//www.lands.go.ke and www.roads.go.ke just to select a few. By the time of going to press, twelve long hours after the attack, most of these sites continue to be down. Think about it, if Vision 2030 is to be believed, most Kenyans will be engaging governments e-services through these sites. Think of what would happen if this type of attack is repeated 5years from today. Ever seen the hue and cry when MPESA is down for 10minutes? Think of that and then think disaster when Ministry of Lands, Roads (electric trains?) and Treasury get shut down in future - by a local university student doing her security practicals on government sites. The Social network is abuzz with chants of whom to blame. Is it eGovernment Directorate, is it the Converged Regulator who runs the National CSIRT (Cyber Security Incidence Response Team) or should it be the security agent, NSIS - with its mega-billion funds to invest in security? For ISACA-Kenya, we think it is a wakeup call for everyone, to realize that Cyber Security is not a one-man or woman show. Just like the ongoing "Linda-Nchi" initiative in Somali where we are all affected - each and everyone must contribute to the overall safety of the other. Security is indeed not entirely the Chief of General Staff's problem, but rather a collective problem requiring a collective approach. So in conclusion, a safer digital environment is going to take a lot more and deliberate exercise to involve and educate each stakeholder. Most notably ofcourse the Telecommunication Operators, Hosting and Content Managers, Regulators, Law Enforcement, Judiciary, the ICT professionals and Users. The cyber-security of our country is going to be as good as the weakest link in these and possibly a wider group of stakeholders. This is a wakeup call for a concerted and holistic look at how such an National Cyber-Security program could be achieved. Signed Roy Akalah President ISACA-Kenya Chapter