Challenges and Successes in the Zambian ICT Security Sector

Slides:



Advertisements
Similar presentations
Operations of District and Provincial Environmental Committees. An E-Learning Course for the National Environment Management Authority (NEMA) in Kenya.
Advertisements

STRENGTHENING COOPERATION ON CYBER SECURITY WITHIN THE ASEAN REGION
David A. Brown Chief Information Security Officer State of Ohio
PEOPLE’S REPUBLIC OF HACKING By: Lani N, Ashley R, Michael R, Gregory R.
STOP.THINK.CONNECT™ NATIONAL CYBERSECURITY AWARENESS CAMPAIGN SMALL BUSINESS PRESENTATION.
Forensic and Investigative Accounting Chapter 15 Cybercrime Management: Legal Issues © 2007 CCH. All Rights Reserved W. Peterson Ave. Chicago, IL.
E-Security Background IT Infrastructure in Sikkim Current Status of Cyber Security& Cyber Crime in SIkkimCurrent Status of Cyber Security& Cyber Crime.
Page 1 Presented Insp. Amos Sylvester Trinidad and Tobago Police Service.
STATE OF CYBER SECURITY IN JAMAICA Hon. Julian Robinson Chairman Joint Select Committee on the Cybercrimes Act January 24, 2013.
Mumbai Cyber Lab A Joint Endeavor of Mumbai Police and NASSCOM Mumbai Cyber Lab A Joint Endeavor of Mumbai Police and NASSCOM Dr. Pradnya Saravade Dy.
8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.
8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.
8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.
Life in the Information Age
Cyberspace and the Police Mamoru TAKAHASHI Head of Computer Forensic Center, Hi-tech Crime Technology Division National Police Agency, Japan.
Geneva, Switzerland, September 2014 Challenges and Successes in the Zambian ICT Security Sector Mainza Siamubayi Handongwe, Student Research Fellow,
(Geneva, Switzerland, September 2014)
Geneva, Switzerland, September 2014 Overview of Kenya’s Cybersecurity Framework Michael K. Katundu Director, Information Technology Communications.
Preparedness for cybersecurity threats domestic aspects of cyber security Jaan Priisalu.
CYBER CRIME AND SECURITY TRENDS
Comptroller of the Currency Administrator of National Banks E- Security Risk Mitigation: A Supervisor’s Perspective Global Dialogue World Bank Group September.
Creating Trust in Critical Network Infrastructures Canadian Case Study Michael Harrop.
Session 4.2: Creation of national ICT security infrastructure for developing countries National IP-based Networks Security Centres for Developing Countries.
Securing Information Systems
Kittiphan Techakittiroj (04/09/58 19:56 น. 04/09/58 19:56 น. 04/09/58 19:56 น.) Network Security (the Internet Security) Kittiphan Techakittiroj
1 Group-IB: Digital investigations and forensic Ilya Sachkov Group-IB
Topic: Information Security Risk Management Framework: China Aerospace Systems Engineering Corporation (Case Study) Supervisor: Dr. Raymond Choo Student:
Cybersecurity and the Department of Justice Vincent A. Citro, Assistant United States Attorney July 9-10, 2014 Unclassified – For Public Use.
ICT business statistics and ICT sector: Uzbekistan’s experience Prepared by Mukhsina Khusanova.
The ICT Sector in Zambia Presented by: Ministry of Communications and Transport Overview & Investment Perspective.
C8- Securing Information Systems
Success factors that govern the compilation of indicators An efficient model for change PART 3.
Security Professional Services. Security Assessments Vulnerability Assessment IT Security Assessment Firewall Migration Custom Professional Security Services.
1 UNODC and CYBERCRIME December Cybersecurity   Constitutes the protection against all forms of cyber incidents by strengthening the safety.
OVERVIEW OF CYBER TERRORISM IN INDONESIA PRESENTED BY: SUPT. DRS. BOY RAFLI AMAR SPECIAL DETACHMENT 88 AT – INP ARF SEMINAR ON.
INFORMATION SECURITY GOVERNANCE READINESS IN GOVERNMENT INSTITUTION
2010 Ministry of Economic Development of Georgia Communications and IT Department Overview of the Georgian ICT Sphere and its Future Development Irakli.
International Telecommunication Union Geneva, 9(pm)-10 February 2009 BEST PRACTICES FOR ORGANIZING NATIONAL CYBERSECURITY EFFORTS James Ennis US Department.
Cyber Insecurity Under Attack Cyber Security Past, present and future Patricia Titus Chief Information Security Officer Unisys Corporation.
AUB Department of Electrical and Computer Engineering Imad H. Elhajj American University of Beirut Electrical and Computer Engineering
The information contained in this document is confidential, for internal use only, and may not be distributed outside Ministry of Transport and Communications.
What are they? What do they have to with me?. Introduction  You may not know exactly what it is, but chances are you have encountered one at some point.
Part V Electronic Commerce Security Online Security Issues Overview Managing Risk Computer Security Classifications. Security.
Reducing data loss by threats detection. InfoWatch Traffic Monitor & Workplace Security. Andrey Sokurenko Business Development Director.
IT Security in Nepal: Issues and challenges Rajan R. Pant ITSERT-NP.
Geneva, Switzerland, September 2014 Towards a partnership-based framework for secure ICT Infrastructure in developing countries Bill McCrum Senior.
Geneva, Switzerland, September 2014 Session 1 – ICT infrastructure development, new security threats and counter-measures Patrick Mwesigwa, Director/Technology,
Regional Telecommunications Workshop on FMRANS 2015 Presentation.
Cyber Crime in China: Current Situation and Countermeasures He Xing Cyber Crime Investigation Division Ministry of Public Security, China.
M O N T E N E G R O Negotiating Team for the Accession of Montenegro to the European Union Working Group for Chapter 10 – Information society and media.
Cyber laws and white collar CRIME, a ura perspective ; is uganda ready for the challenge? BY The Commissioner tax investigations department UGANDA REVENUE.
Securing Information Systems
Securing Information Systems
Johannesburg, South Africa
Name: Faten Al-Mohsin ID: Major: Finance
National Workshop on Cyber Crimes and Cyber Laws
Chapter 5 Electronic Commerce | Security
Technical Assistance and Capacity Building Activities in SADC
Securing Information Systems
8 Building Blocks of National Cyber Strategies
AFRICAN UNION- 23RD-27TH July 2018 PRESENTER: Mr. Nawa J.T Samatebele
Computer-Based Processing: Developing an Audit Assessment Approach
Chapter 5 Electronic Commerce | Security
E-Commerce for Developing Countries (EC-DC)
Cyber security Policy development and implementation
(Geneva, Switzerland, September 2014)
PC ON TELECOMMUNICATION & POSTAL SERVICES
Office of the Head of Mission •
UNODC and CYBERCRIME October 2009.
SECURITY AND RISK MANAGEMENT CONSULTANT
Presentation transcript:

Challenges and Successes in the Zambian ICT Security Sector ITU Workshop on “ICT Security Standardization for Developing Countries” (Geneva, Switzerland, 15-16 September 2014) Challenges and Successes in the Zambian ICT Security Sector Mainza Siamubayi Handongwe, Student Research Fellow, Information and Communications University Email: msh12600@gmail.com Geneva, Switzerland, 15-16 September 2014 1 1

Zambia has made so much progress in the ICT sector Introduction Zambia has made so much progress in the ICT sector Over the past past decade, we have seen the following major developments; Three mobile telecommunication companies Online services (e-commerce, e- learning, etc) Web hosting Internet Service Provision Geneva, Switzerland, 15-16 September 2014 2 2 2

Introduction cont' This has lead to exposure to several information security risks including; Website defacement Debit card stealing and cloning Financial losses due to debit card cloning Phishing Internet bundle and mobile credit stealing Denial of Service Wireless network hacking Geneva, Switzerland, 15-16 September 2014 3 3 3

Introduction cont' This in most cases has adversely affected socio-economic activities especially where cyber security preparedness is lacking Geneva, Switzerland, 15-16 September 2014 4 4 4

Challenges Zambia, like many developing countries, is faced with several challenges in the ICT sector These include; Inadequate policies to curb cyber crime Inadequate qualified personnel to fight cyber crime Inadequate ICT infrastructure to prevent and investigate cyber crime Lack of sensitization on cyber crime Geneva, Switzerland, 15-16 September 2014 5 5 5

Inadequate policies to curb cyber crime Zambia has had no piece of legislation towards fight cyber crime for many years Computer Crime and Misuse Act number 13 of 2004 enacted following defacement of State House website Though it criminalizes some cyber crimes, the act still does not prohibit other major cyber crimes Act imposes lighter sentences for crimes that would require hefty ones Geneva, Switzerland, 15-16 September 2014 6 6 6

Inadequate policies to curb cyber crime cont' Act imposes lighter sentences for crimes would require hefty ones The National ICT Policy of 2007 indicates government's commitment to promote safety in the electronic frontier However, the policy does not give mandate to relevant government departments and private sector to combat cyber crime Geneva, Switzerland, 15-16 September 2014 7 7 7

Inadequate qualified personnel to fight cyber crime Most personnel that are employed to manage and monitor networks and IT systems lack cyber security skills No defined ICT Staff structure at departmental and lower levels, especially in rural areas This could be attributed to limited number of training institutions within Zambia that offer cyber security training Geneva, Switzerland, 15-16 September 2014 8 8 8

Inadequate qualified personnel to fight cyber crime cont' The cost of training and certification is also limiting This makes networks/systems that are managed by such personnel vulnerable to attacks Investigation of such incidences becomes difficult due to lack of computer forensic skills Geneva, Switzerland, 15-16 September 2014 9 9 9

ICT Staff Per Institution Cyber Security Skilled CBU 7 1 UNZA NRDC 2 ZCA-Monze ZCA-Mpika ICU 5 3 Nkhrumah College Rusangu Univeristy 4 Cooperative College Evelyn Hone College Geneva, Switzerland, 15-16 September 2014 10 10 10

ICT Staff Per Institution ICT staff per institution and those with cyber security skills Geneva, Switzerland, 15-16 September 2014 11 11 11

Inadequate ICT infrastructure to prevent and investigate cyber crime Prevention and investigation of cyber crime requires specialized hardware and software These include firewalls, intrusion detection systems, forensic software etc These usually call for huge investments Geneva, Switzerland, 15-16 September 2014 12 12 12

Inadequate ICT infrastructure to prevent and investigate cyber crime cont' This tends to be the limiting factor for most government and private institutions Geneva, Switzerland, 15-16 September 2014 13 13 13

Lack of sensitization on cyber crime The fight against cyber crime would be fruitless without involvement of ICT end users Information sharing with citizens on cyber crime and counter measures was not done in the past, hence the ‘information gap' Geneva, Switzerland, 15-16 September 2014 14 14 14

Successes-Govt and Private Sector Establishment of the Zambia Information Communication Authority (ZICTA) to regulate ICT in Zambia Government has set up the first ever Computer Forensic Laboratory based at the Zambia Police Headquarters Several police officers have been trained in Information Security and Computer Forensics The Zambian government has partnered with several local and international organizations (including ITU) in the fight against cyber crime Geneva, Switzerland, 15-16 September 2014 15 15 15

Conclusions and Recommendations Formulate policies that will mandate relevant departments to prevent and investigate cyber crime, and prosecute perpetrators of such crimes Invest more in systems that prevent and help investigate cyber crime Ensure that private institutions invest in systems that guarantee security to users or clients Train and/or recruit more personnel in cyber security Establish Computer Incidence Response Teams at all levels in government structures Sensitize citizens on cyber crime and counter measures Geneva, Switzerland, 15-16 September 2014 16 16 16