COMESA CYBER SECURITY PROGRAM KHARTOUM, SUDAN

Similar documents
Commonwealth Cyber Declaration

Cybersecurity in Asia-Pacific State of play, key issues for trade and e-commerce

The UK s National Cyber Security Strategy

ENISA EU Threat Landscape

Critical Infrastructure Protection (CIP) as example of a multi-stakeholder approach.

Global cybersecurity and international standards

Promoting Global Cybersecurity

Cyber Security in Europe

SAINT PETERSBURG DECLARATION Building Confidence and Security in the Use of ICT to Promote Economic Growth and Prosperity

NATIONAL CYBER SECURITY STRATEGY. - Version 2.0 -

Cybersecurity for ALL

Bradford J. Willke. 19 September 2007

Security and resilience in Information Society: the European approach

Cybersecurity & Digital Privacy in the Energy sector

General Framework for Secure IoT Systems

RESOLUTION 130 (REV. BUSAN, 2014)

Presented by: Njei Check Head, Audit Security Division, ANTIC

Global Alliance Against Child Sexual Abuse Online 2014 Reporting Form

The challenges of the NIS directive from the viewpoint of the Vienna Hospital Association

The European Policy on Critical Information Infrastructure Protection (CIIP) Andrea SERVIDA European Commission DG INFSO.A3

Brussels, 19 May 2011 COUNCIL THE EUROPEAN UNION 10299/11 TELECOM 71 DATAPROTECT 55 JAI 332 PROCIV 66. NOTE From : COREPER

EU policy on Network and Information Security & Critical Information Infrastructures Protection

Resolution adopted by the General Assembly on 21 December [on the report of the Second Committee (A/64/422/Add.3)]

CYBERCRIME AS A NEW FORM OF CONTEMPORARY CRIME

NIS Standardisation ENISA view

World Telecommunication Development Conference (WTDC- 14) Dubai, 30 March 10 April 2014

Package of initiatives on Cybersecurity

GLobal Action on CYbercrime (GLACY) Assessing the Threat of Cybercrime in Mauritius

Commonwealth Telecommunications Organisation Proposal for IGF Open Forum 2017

DIGITAL AGENDA FOR EUROPE

OAS Cybersecurity Capacity Building Efforts

13967/16 MK/mj 1 DG D 2B

INDEPENDENT COMMUNICATIONS AUTHORITY OF SOUTH AFRICA(ICASA) CYBERSECURITY PRESENTATION AT SAIGF. 28 th November 2018

Critical Information Infrastructure Protection. Role of CIRTs and Cooperation at National Level

Systemic Analyser in Network Threats

Provisional Translation

ETNO Reflection Document on the EC Proposal for a Directive on Network and Information Security (NIS Directive)

A Strategy for a secure Information Society Dialogue, Partnership and empowerment

ECOWAS Cyber security Agenda

Transport and ICT Global Practice Smart Connections for All Sandra Sargent, Senior Operations Officer, Transport & ICT GP, The World Bank

NEW INNOVATIONS NEED FOR NEW LAW ENFORCEMENT CAPABILITIES

Angela McKay Director, Government Security Policy and Strategy Microsoft

NATIONAL GUIDELINES ON CLOUD COMPUTING FOR GOVERNMENT, MINISTRIES, DEPARTMENTS AND AGENCIES

Outreach and Partnerships for Promoting and Facilitating Private Sector Emergency Preparedness

First Session of the Asia Pacific Information Superhighway Steering Committee, 1 2 November 2017, Dhaka, Bangladesh.

European Union Agency for Network and Information Security

H2020 WP Cybersecurity PPP topics

UAE National Space Policy Agenda Item 11; LSC April By: Space Policy and Regulations Directory

COUNCIL OF THE EUROPEAN UNION. Brussels, 28 January 2003 (OR. en) 15723/02 TELECOM 78 JAI 307 PESC 593

India s National Policy On. Information Technology. Ajay Sawhney, President & CEO, National egovernance Division, Dept of IT

Cyber Security Roadmap

RESOLUTION 45 (Rev. Hyderabad, 2010)

REPUBLIC OF KENYA MINISTRY OF INFORMATION, COMMUNICATIONS AND TECHNOLOGY

Forum. Ningbo, China 25 February

Plenipotentiary Conference (PP- 14) Busan, 20 October 7 November 2014

Fundamentals of Cybersecurity/CIIP. Building Capacity: Using a National Strategy & Self-Assessment

Section One of the Order: The Cybersecurity of Federal Networks.

The Republic of Korea. economic and social benefits. However, on account of its open, anonymous and borderless

ENISA s Position on the NIS Directive

Mobile Payments Services in Sudan: Toward Financial Inclusion Opportunities and Challenges from Telecommunication Regulatory Point of view

E Government in Tonga

cybersecurity in Europe Rossella Mattioli Secure Infrastructures and Services

ASREN Arab States Research and Education Network

Cyber Security Strategy

National CIRT - Montenegro. Ministry for Information Society and Telecommunications

Data Governance for Smart City Management

Gujarat Forensic Sciences University

GLOBAL AGENDA FOR CYBER CAPACITY BUILDING

Regional Development Forum For the Arab States(RDF-ARB) 2018

National Policy and Guiding Principles

RESOLUTION 67 (Rev. Buenos Aires, 2017)

WORLD TELECOMMUNICATION STANDARDIZATION ASSEMBLY Hammamet, 25 October 3 November 2016

EUROPEAN ORGANISATION FOR SECURITY SUPPLY CHAIN SECURITY WHITE PAPER

Developing a Legal Foundation and Establishing Effective Enforcement: Case Study Kenya

SYMANTEC: SECURITY ADVISORY SERVICES. Symantec Security Advisory Services The World Leader in Information Security

U.S. Japan Internet Economy Industry Forum Joint Statement October 2013 Keidanren The American Chamber of Commerce in Japan

Dr. Emadeldin Helmy Cyber Risk & Resilience Bus. Continuity Exec. Director, NTRA. The African Internet Governance Forum - AfIGF Dec 2017, Egypt

NATIONAL STRATEGY:- MALAYSIAN EXPERIENCE

G7 Bar Associations and Councils

COUNCIL OF THE EUROPEAN UNION. Brussels, 24 May /13. Interinstitutional File: 2013/0027 (COD)

Legal and Regulatory Developments for Privacy and Security

KENYA YOUR RELIABLE PARTNER AT THE ITU. Candidate for the ITU Council in Region D

AMERICAN CHAMBER OF COMMERCE IN THAILAND DIGITAL ECONOMY POSITION PAPER

CONCLUSIONS OF THE WESTERN BALKANS DIGITAL SUMMIT APRIL, SKOPJE

About Issues in Building the National Strategy for Cybersecurity in Vietnam

Concept Note: GIDC. Feasibility Study(F/S) on Government Integrated Data Center (GIDC) for the Republic of Nicaragua

how to manage risks in those rare cases where existing mitigation mechanisms are insufficient or impractical.

PROJECT RESULTS Summary

FDA & Medical Device Cybersecurity

Liberia ICT Policy

Legal Foundation and Enforcement: Promoting Cybersecurity

The role of COP/ITU on international level. Dr Ibrahim Al dabal chair of child on line council working group

National Open Source Strategy

Forensics and Active Protection

The NIS Directive and Cybersecurity in

Cybersecurity, Trade, and Economic Development

Joint Declaration by G7 ICT Ministers

Cybersecurity Capacity ITU Preetam Maloor Strategy & Policy Advisor 3 March 2015

Discussion on MS contribution to the WP2018

Cybersecurity Strategy of the Republic of Cyprus

Transcription:

COMESA CYBER SECURITY PROGRAM KHARTOUM, SUDAN 24-27 July 2016 1

CONTENT INTRODUCTION POLICY OBJECTIVES POLICY AND LEGISLATIVE PRINCIPLES CYBER SECURITY STRATEGY CHALLENGES AND OPPORTUNITIES CAPACITY BUILDING INTERNATIONAL AND REGIONAL COOPERATION ACTIONS 2

INTRODUCTION 3

INTRODUCTION The main goal of cyber security policy is the maintenance of a secure, resilient and trusted electronic operating environment that supports governments security Safe and reliable ICT is of fundamental importance for our prosperity and well-being and forms a catalyst for (further) sustainable economic growth. In 2015, the British insurance company estimated that cyber attacks cost businesses as much as $400 billion a year. It will cost $2 trillion in 2019. Kenyan cybercrime cost is Sh15 billion in 2015. In Nigeria $450 million per year 4

POLICY OBJECTIVE The main goal of these policy guidelines is to assist member countries in the development of a safe and secure cyberspace within the COMESA region which will facilitate and promote regional cooperation. Specific objectives are: Harmonizing the legal and regulatory frameworks for COMESA Member States which are aligned with international best practices; Facilitating the establishment of relevant structures in support of cyber security; Ensuring the reduction of cyber security threats and vulnerabilities; Coordinated local and international partnerships Continuous innovation, skills development and compliance 5

POLICY AND LEGISLATIVE PRINCIPLES Trust: enhance the confidence of consumers, businesses and governments in the confidentiality, integrity and availability of the online environment Innovation: maximize the ability of organizations to develop and adopt the widest possible choice of cutting edge cyber security solutions. Protection: implement the security measures that are most appropriate to mitigating the specific risks faced by consumers, businesses and government agencies. Standards: Policy convergence: must recognize the borderless nature of the Internet, of the global economy and of cyber threats 6

POLICY AND LEGISLATIVE PRINCIPLES Check user identity: Develop acute situational awareness: National Coordination: Accreditation and Testing Services: promote the development and maintenance of good practice in testing and inspection and maintain a registration scheme for organisations that comply with that practice. Information Security Assessment: Cyber Defence: 7

POLICY AND LEGISLATIVE PRINCIPLES System Vulnerability Analysis: Defining and classifying network or system resources, Assigning relative levels of importance to the resources, Identifying potential threats to each resource, Developing a strategy to deal with the most serious potential problems first, Defining and implementing ways to minimize the consequences if an attack occurs. Threat Analysis and Remediation: Enterprise Information Security Architecture: Cyber-Insurance: Information Assurance: 8

STRATEGY Strategy is a roadmap allowing Governments departments and institutions to better define and coordinate their role in cyberspace. policy and legal framework, to execute a specific way forward, and to plan for future implementation. The cybersecurity strategy should be aligned with the goals of the country and should be built to serve the states objectives Reasons to establish a Cyber security Strategy: Securing cyberspace,. Need for collaborative approach to Cyber security initiatives within the state, all stakeholders must be involved. Cyber security awareness and capacity building. Facilitate social-economic development. 9

PKI CER T Rationale for a cybersecurity strategy. Facilitate development of a national version of the cyber security strategy. Involvement of all stakeholders Establish a foundation for a COMESA cybersecurity strategy.

STRATEGY. 11

STRATEGY: GOALS AND MEASURES Goals and measures In order to reduce the vulnerability. of cyberspace, the following strategic goals have been identified: establishment of a multilevel system of security measures; expanding expertise in and awareness of information security; adopting an appropriate regulatory framework to support the secure and extensive use of information systems; consolidating the position as one of the leading countries in international co-operative efforts to ensure cyber security. 12

STRATEGY STAKEHOLDERS AND THEIR ROLES. Legislators: To provide the legal framework. Constituents: To realize the importance of the cybersecurity initiative to their economic well-being. Judiciary and court system: Full capacity & awareness. Executive Institutions of Government responsible for the ICT: Drives the initiative (Compliance, Standards, Drafts Strategy). Research and Academia: Work on the basic research. Private sector companies in the cybersecurity industry: Capacity building & the know-how Telecom Critical Infrastructure Owners and Operators: Responsible for implementing strategy at the backbone 13

CHALLENGES The COMESA region faces the following challenges: Lack of policy and legislation framework in most of Member States; establishment of national and regional CIRT and PKI Risk amount and eminence around member states Critical Information Infrastructure s (CII) is high. There is minimum to no security on CII low literacy rates especially on Internet security awareness; ; exchange of information and tackling the crimes. Few forensic labs in the region 14

CHALLANGES non existence of central information security body to educate the layman around Internet security and other cyber security issues; Availability, reliability and affordability of users protection ; Freeware downloads offer no guarantees on functionality and do not provide support; and Lack of regional framework for cooperation, protection, Rapid advances in deployment of new technologies (NGN standards, LTE etc.) Mapping legal and regulatory instruments with existing and 15 new technologies

OPPORTUNITIES The implementation of the Policy Guidelines leading to a secure cyberspace will achieve the following benefits: Confidence and security in the use of ICTs by Government, business, society and the individual; Identification and protection of critical infrastructure; A safe and secure cyberspace; Secure environment for electronic communication and conducting electronic transactions; Economic growth and competitiveness of the Member States and the region; Reduction of cyber crime impact on the economy 16

CAPACITY BUILDING Training on Law enforcements, prosecutors, investigators, lawyers and judges. Training for CIRT experts; Training for PKI regulators and experts Raising the awareness of users, Study tour 17

INTERNATIONAL & REGIONAL COOPERATION cooperation is critical due to the borderless nature of the cyber security attacks achieving worldwide moral condemnation of cyber attacks given their negative effects on people s lives and the functioning of society, Involvement in the development and implementation of regional and international cyber security policies developing co-operative networks in the field of cyber security and improving the functioning of such networks. Judiciary system 18

Internet Site: http://www.comesa.int 19

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback