[kictanet] Experts: Kenyan businesses unprepared for security attacks

wesley kiriinya kiriinya2000 at yahoo.com
Wed Apr 30 13:12:59 EAT 2008 

Some of the best security experts are the hackers and crackers themselves-the certifications (if they have them) aren't the base of their skills. The ability to detect and correct security exploits and security holes is largely a matter of experience and ingenuity. Security exploits and holes can be very many and can cross a wide range of devices (basically anything that can be programmed and can connect to a network is lethal nowadays) e.g. I could write a virus or worm than lies dormant on a host portable device until it's plugged into a computer, the virus then creeps into the systems collecting some few info and it returns into the portable device. This device can be mine or anyone else (which I might have sent via bluetooth), the worm can detect the anti virus in the system and when it was last updated and abort if necessary, This is just a quick thought in my mind and one can easily see how it can become far more complex.

- Someone intruding a system doesn't have to cause damage to it.
- There is a psychology that motivates these people to intrude one system and not another, I hope there is a certification that talks about that. Just because the systems of company X haven't been intruded yet doesn't mean they are secure.
- Intrusion can happen from almost anywhere in the world. Someone can be sitting in the middle of L.Victoria with a nice satelitte connection, do the job, damp the laptop in the lake (, catch some fish) and go home.

I definitely wouldn't compare to a doctor.

waudo siganga <emailsignet at mailcan.com> wrote:          Re: [kictanet] Experts: Kenyan businesses unprepared for security attacks             IT Security can also be enhanced if we promote the idea of IT experts operating in a legal and regulatory environment. An IT Practioners Management Act would go a long way in ensuring acceptable qualifications, licensing, disciplining, continuous professional development (including periodic training in security). When a doctor is to operate on me I expect him to be licenced; I should have the same expectation of an "IT expert" who wants to operate on my company systems/data.
Waudo

On Tue, 29 Apr 2008 03:44:57 -0700 (PDT), "Rebecca Wanjiku" <rebeccawanjiku at yahoo.com> said:

Experts: Kenyan businesses unprepared for security attacksThe switch to more computerized information and processes has led to increased productivity and profits for many Kenyan companies, but information security has been neglected, according to IT experts in the country.
Many companies in Kenya adopt high-tech hardware and software, but very few are fully investing in information security and frequent audits to identify vulnerabilities, according to John Gichuki, an information security and forensic auditor. 
http://computerworld.co.ke/articles/2008/04/28/experts-kenyan-businesses-unprepared-security-attacks


Tel. 254 720 318 925

blog:http://beckyit.blogspot.com/

---------------------------------
Be a better friend, newshound, and know-it-all with Yahoo! Mobile. Try it now.    
-- 
  waudo siganga
  emailsignet at mailcan.com

 _______________________________________________
kictanet mailing list
kictanet at lists.kictanet.or.ke
http://lists.kictanet.or.ke/mailman/listinfo/kictanet

This message was sent to: kiriinya2000 at yahoo.com
Unsubscribe or change your options at http://lists.kictanet.or.ke/mailman/options/kictanet/kiriinya2000%40yahoo.com


       
---------------------------------
Be a better friend, newshound, and know-it-all with Yahoo! Mobile.  Try it now.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.kictanet.or.ke/pipermail/kictanet/attachments/20080430/440513a7/attachment.htm>

More information about the KICTANet mailing list