Presented by: Njei Check Head, Audit Security Division, ANTIC

Similar documents
CTO, 26/04/2013. B.P 6170 Yaoundé Tél : (+237) Internet :

COMESA CYBER SECURITY PROGRAM KHARTOUM, SUDAN

Commonwealth Cyber Declaration

Developing a Legal Foundation and Establishing Effective Enforcement: Case Study Kenya

GLobal Action on CYbercrime (GLACY) Assessing the Threat of Cybercrime in Mauritius

The cost of cybercrime the benefits of cooperation

Cyber Security in Europe

Caribbean Cyber Security: Not Only Government s Responsibility

Workshop on Cyber Security & Cyber Crime Policies. Policies for African Diplomats

Safeguarding company from cyber-crimes and other technology scams ASSOCHAM

Global cybersecurity and international standards

About Issues in Building the National Strategy for Cybersecurity in Vietnam

Fundamentals of Cybersecurity/CIIP. Building Capacity: Using a National Strategy & Self-Assessment

National CIRT - Montenegro. Ministry for Information Society and Telecommunications

Cybersecurity in Asia-Pacific State of play, key issues for trade and e-commerce

Promoting Global Cybersecurity

Security

KENYA YOUR RELIABLE PARTNER AT THE ITU. Candidate for the ITU Council in Region D

The UK s National Cyber Security Strategy

Transport and ICT Global Practice Smart Connections for All Sandra Sargent, Senior Operations Officer, Transport & ICT GP, The World Bank

Australian Government Cyber-security Activities in the Pacific

WORKSHOP CYBER SECURITY AND CYBERCRIME POLICIES FOR AFRICAN DIPLOMATS. Okechukwu Emmanuel Ibe

EU policy on Network and Information Security & Critical Information Infrastructures Protection

INDEPENDENT COMMUNICATIONS AUTHORITY OF SOUTH AFRICA(ICASA) CYBERSECURITY PRESENTATION AT SAIGF. 28 th November 2018

Electronic payments in the Netherlands

RESOLUTION 130 (REV. BUSAN, 2014)

Global Alliance Against Child Sexual Abuse Online 2014 Reporting Form

NIS Standardisation ENISA view

Cybersecurity for ALL

Cybersecurity Capacity ITU Preetam Maloor Strategy & Policy Advisor 3 March 2015

NATIONAL CYBER SECURITY STRATEGY. - Version 2.0 -

REPUBLIC OF KENYA MINISTRY OF INFORMATION, COMMUNICATIONS AND TECHNOLOGY

Garry Mukelabai Communications Authority Zambia

Valérie Andrianavaly European Commission DG INFSO-A3

Security and resilience in Information Society: the European approach

ENISA EU Threat Landscape

Resolution adopted by the General Assembly on 21 December [on the report of the Second Committee (A/64/422/Add.3)]

Angela McKay Director, Government Security Policy and Strategy Microsoft

Challenges in Developing National Cyber Security Policy Frameworks

Cybersecurity Auditing in an Unsecure World

General Framework for Secure IoT Systems

Implementing a National Strategy : the case of the Tunisian CERT

GLOBAL CYBERSECURITY INDEX 2016

National Policy and Guiding Principles

Policy recommendations. Technology fraud and online exploitation

Stakeholders Analysis

The Arab ICT Organization

MANAGING SECURITY THREATS IN THE NEW CONNECTED WORLD THROUGH FORENSIC READINESS

New Zealand National Cyber Security Centre Incident Summary

Presented by: - Anselm Charles ICT Manager CARICOM IMPACS

Discussion on MS contribution to the WP2018

Rohana Palliyaguru Director -Operations Sri Lanka CERT CC APCERT AGM and Conference, 24 th October 2018 Shanghai, China MINISTRY OF TELECOMMUNICATION

Cyber Security Roadmap

ITU-IMPACT Capacity Building for Least Developed & Developed Countries

RISING CYBER SECURITY CAPABILITY WITH A UNIQUE NETWORK OF TRUSTED PARTNERS. Jan De Blauwe Chairman Cyber Security Coalition Belgium

Netherlands Cyber Security Strategy. Michel van Leeuwen Head of Cyber Security Policy Ministry of Security and Justice

Legislative Council Panel on Security

The challenges of the NIS directive from the viewpoint of the Vienna Hospital Association

Panelists. Moderator: Dr. John H. Saunders, MITRE Corporation

Position Title: IT Security Specialist

State Planning Organization Information Society Department

Cybersecurity, Trade, and Economic Development

Digital Health Cyber Security Centre

European Union Agency for Network and Information Security

UNITED STATES OF AMERICA COMMENTS ON THE REPORT OF THE WGIG

Bradford J. Willke. 19 September 2007

Itu regional workshop

Data Protection and Cybercrime Challenges

Forum. Ningbo, China 25 February

Cyber Security Strategy

Cybersecurity & Spam after WSIS: How MAAWG can help

NEW INNOVATIONS NEED FOR NEW LAW ENFORCEMENT CAPABILITIES

Bringing cyber to the Board of Directors & C-level and keeping it there. Dirk Lybaert, Proximus September 9 th 2016

standards and so the text is not to be used for commercial purposes, gain or as a source of profit. Any changes to the slides or incorporation in

Package of initiatives on Cybersecurity

IT Security Mandatory Solutions. Andris Soroka 2nd of July, RIGA

A Strategy for a secure Information Society Dialogue, Partnership and empowerment

COUNCIL OF THE EUROPEAN UNION. Brussels, 24 May /13. Interinstitutional File: 2013/0027 (COD)

NATIONAL STRATEGY:- MALAYSIAN EXPERIENCE

Greg Garcia President, Garcia Cyber Partners Former Assistant Secretary for Cyber Security and Communications, U.S. Department of Homeland Security

ENISA & Cybersecurity. Dr. Udo Helmbrecht Executive Director, European Network & Information Security Agency (ENISA) 25 October 2010

Best Practices in Public Information Management in Sri Lanka. Presented by Nimal Athukorala D.C. Dissanayake

Brussels, 19 May 2011 COUNCIL THE EUROPEAN UNION 10299/11 TELECOM 71 DATAPROTECT 55 JAI 332 PROCIV 66. NOTE From : COREPER

Legal Foundation and Enforcement: Promoting Cybersecurity

Systemic Analyser in Network Threats

CONCLUSIONS OF THE WESTERN BALKANS DIGITAL SUMMIT APRIL, SKOPJE

Critical Information Infrastructure Protection. Role of CIRTs and Cooperation at National Level

The European Policy on Critical Information Infrastructure Protection (CIIP) Andrea SERVIDA European Commission DG INFSO.A3

SAINT PETERSBURG DECLARATION Building Confidence and Security in the Use of ICT to Promote Economic Growth and Prosperity

2 nd ARF Seminar on Cyber Terrorism PAKISTAN S PERSPECTIVE AND EXPERIENCE WITH REFERENCE TO CERT IN COMBATING CYBER TERRORISM

ECOWAS Cyber security Agenda

Centre for cybersecurity Belgium : Role, Missions et future capacities

Call for Expressions of Interest

Cybersecurity and Vulnerability Assessment

The NIS Directive and Cybersecurity in

INTRODUCTION OVERVIEW ON CYBERCRIME

Provisional Translation

EUROPEAN ORGANISATION FOR SECURITY SUPPLY CHAIN SECURITY WHITE PAPER

RESOLUTION 45 (Rev. Hyderabad, 2010)

Liberia ICT Policy

Transcription:

Windhoek, 30th May 2017 Presented by: Njei Check Head, Audit Security Division, ANTIC B.P 6170 Yaoundé Tél : (+237) 694 405 868 Email : das@antic.cm Website : http://www.antic.cm

SUMMARY 1 INTRODUCTION 2 COMMON THREATS FACED IN CAMEROON S CYBERSPACE 3 SECURITY SOLUTIONS DEPLOYED TO SECURE CAMEROON S CYBERSPACE 4 PERSPECTIVES 5 CONCLUSION IST- AFRICA 2017, Pre-conference event

1. CONTEXT 1.1. ICT Development in Cameroon vthe Government of Cameroon is committed to deploying ICT related solutions across government agencies and departments. Benefits of this effort include: greater efficiency, improved public services, reduced corruption and enhanced engagement with citizens. vin 2009, Cameroonian government put in place a framework which focuses on cybersecurity activities and considering cybersecurity risks as part of the country s risk management processes vsecurity related solutions are highly needed to protect citizens and government information systems in terms of ensuring information availability, integrity and confidentiality. v Our Government has established a National Public Key Infrastructure (PKI), a Computer Incident Response Team (CIRT) and other cyber security solutions such as nationwide security audits of information systems. vthe Government has also developed a legal and regulatory framework to help fight against cyber crimes.

1. CONTEXT 1.2. Common security threats in Cameroon Scamming 1 Phishing 2 Skimming 3 Webdefacement 4 Hoax 5 Unlicensed software 6 Malware 7 SIMBOX 8

1. CONTEXT 1.3. Some statistics on cybersecurity in Cameroon (2012 2016) More than 8 Million USD loss incurred through scamming and phishing More than 7 Million USD loss incurred through skimming More than 300 casesof social networkprofilesspoofing and blackmail registered More than 400 thousand USD loss incurred through intrusion More than 25 million USD loss incurred through SIMBOX fraud 28 webdefacement attacks perpetrated against public administration websites More than 12814 vulnerabilities detected on public administration websites More than 150 requests related to cybercriminality received from INTERPOL and law enforcement Global cybersecurity index: 0,4118 (5 th in Africa and 15 th world wide, ITU 2014)

2. CAMEROON S CYBERSECURITY & INTERNET GOVERNANCE FRAMEWORK Awareness raising and Capacity buidling Legal and Institutional Framework CIRT (Computer Incident Response Team) Security Audit Digital certification - PKI Management of Internet resources (.cm & IP addresses) Legal and Institutional Framework

2. CAMEROON S CYBERSECURITY & INTERNET GOVERNANCE FRAMEWORK 2.1. Legal and InstitutionalFramework Enactment of Law No. 2010/012 on cyber security and cyber crime which punishes cybercrimes such as intrusion into information systems, denial of service and privacy related attacks Enactment of Law No. 2010/013 of December 21, 2010 on electronic communications, which was subsequently amended by Law No. 2015/006 of April 20, 2015; Reorganization of ANTIC by Decree No. 2012/180 of April 10, 2012; Creation of a special fund to finance cyber security related projects. IST AFRICA 2017, Pre-Conference event

2. CAMEROON S CYBERSECURITY & INTERNET GOVERNANCE FRAMEWORK 2.2. Awareness raising and capacity building Development of best practice guidelines Organization of sensitization seminars Animate radio program dedicated to cybersecurity Creation of cybersecurity program in universities

2. CAMEROON S CYBERSECURITY & INTERNET GOVERNANCE FRAMEWORK 2.3. CIRT Monitoring of critical IT infrastructures Issuing security bulletins and alerts Providing assistance to end user and companies in handling security incidents Developing cybersecurity related standards (policy, procedures) Digital Forensic investigations Establishing and maintaining partnerships with other CIRTs and security organizations. IST - AFRICA 2017, Pre-Conference event

2. CAMEROON S CYBERSECURITY & INTERNET GOVERNANCE FRAMEWORK 2.4. Security audit Analysis of critical information systems aimed at detecting vulnerabilities, evaluating risks and proposing measures to correct the vulnerabilities detected. Over 100 security audit missions carried out in both public and private organisations (2013-2016); Over 10 000 vulnerabilities detected (2013-2016); Improvement of ICT user s awarness on cybersecurity

2. CAMEROON S CYBERSECURITY & INTERNET GOVERNANCE FRAMEWORK 2.5 Digital certification (operational, 2012) Using Public Key Infrastructure (PKI) technology in securing automated processes - Setting up of a Root Certification Authority - Setting up of an accredited certification authority Secured applications - e-guce (GUCE) - e-procurement (MINMAP) - e-billing (ANTIC) Ongoing - Teledéclaration (CNPS) - Teledéclaration (DGI) - NEXUS (DGD) - Driving license (MINT) - PrideSoft (ARMP)

2. CAMEROON S CYBERSECURITY & INTERNET GOVERNANCE FRAMEWORK 2.6. Management of Internet resources Development of an IPv6 migration strategy Development of.cm chart and an IP address chart Setting up of a national.cm mail service platform Implementation of DNSSEC Setting up of two IXP National campaign of Telcom subscriber identification Building of Whois platform for public IP addresses Organisation of national Internet Governance Forum (annually)

3. PERSPECTIVES q Improve on the sensitization and capacity building q Reinforce the national CIRT q Construct a backup for the national PKI q Construct a national government datacenter q International recognition of SSL certificates issued by Cameroon s PKI q Accredit private companies to carry out security audits q Improve on the development of local content q Reinforce the legal and regulatory framework q Promote the migration from IPv4 to IPv6

4. CONCLUSION In the last few years, the digital economy, as a catalyst for innovation and competitiveness, has become an important lever for economic development. As an illustration, a recent report of the world bank advocates that an increase of 10% in broadband usage can lead to an increase of 2% in the GDP. Unfortunately, the development of digital economy is jeopardized by cybercriminality that thrives on the virtuality of the cyberspace and seriously damaging the trust within the cyberspace. Therefore, to reach the expectations of digital economy, it is imperious to reinforce the security of our cyberespace.

Thank you for your kind attention Contact: njei.check@antic.cm

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback