[kictanet] Day 4 of 10:- IG Discussions, Internet Security.

mwende njiraini mwende.njiraini at gmail.com
Thu Aug 21 15:58:34 EAT 2008 

Good afternoon,

Sorry for the late post.

I am seeking responses to the following in relation to security:

-          Are there initiatives to create awareness on internet security?

-          Apart from CSIRT-KENYA are there other institutions that monitor
vulnerability incidents?

-          What institutional framework should be set up to deal with cyber
security?

-          Are there any success stories in dealing with security incidents?

Kind regards

Mwende







Disclaimer: These comments are the author's own
On 8/15/08, Patrick Mburu <patrick.mburu at gmail.com> wrote:
>
>  Good afternoon ladies and gents,
>
> Information security... one query i had been asking myself for years.. is
> how can we be sure we take the necessary measures to ensure "my" information
> is safe...however this has always fallen on the higher side... especially
> now in a strange world of buying all types and goods and services from as
> far as Brazil and know it will be delivered right to my door.  One element
> remains is *how safe* is my or any of your information and details in
> the virtual world...and what is being done to protect it once its there...
> Just looking back a couple moth ago, we saw with the safcom IPO when all (or
> maybe just me..) there was a loop hole to see what person had on a
> portfolio... ofcourse this could be downplayed.. but just for example...
>
> Information is only too powerful a resource that we all in different
> capacities hold dear...once in the hand of others we may feel violated /
> vulnerable... similar as being burgled in a way...someone being able to walk
> right through my front door and check on my personal files.. take what they
> need and do what they will... so information security surely needs to be
> tackled and or awareness to consumers and businesses;
>
> I think one area for review is this area of authentication of actual users
> and at the varios portals that are currently popping up in all avenues... as
> Mich and other colleagues have already indicated... u never know what site u
> may be logging onto and giving your access codes to the online mwizi...
>
> With that said e-commerce is here to be embraced... and most definitely for
> development...using whatever technologies or combination there are on the
> market to promote this...but with customer / consumer information at
> risk... i think the one main focus point is on the ample meausre's needed
> to ensure security of customer information...
>
>  Given the ever growing rate in internet and or e-fraud instances
> currently experienced in Europe, US, etc.., one of the main reported cases
> of internet fraud is through identity fraud... i think as we embark on this
> new trend of business and convenience.. we could assist in eductating the
> community locally...regionally.. on the potential threats... and thereof....
>
> Ok prior to proposing a possible solution through this.. and respecting
> this as a discussion fora... i will first seek permission to :-)
>
> Just FYI: heres some information / statistics on cyber crime:
>
> http://www.tamingthebeast.net/blog/ecommerce/internet-fraud-statistics-0207.htm
> http://securosis.com/2008/06/09/new-identity-theft-stats/
>
> Kind regards,
>
> Patrick Mburu
> Director - IT
> www.ats-africa.com
> *"Prevention is better than cure..."*
>
>
> 2008/8/15 Judy Okite <judyokite at gmail.com>
>
>>  Michuki,
>>
>> I do agree with you,very few onliners, think about security,when they are
>> online. examples:
>>
>> 1. How many people,do actually read the End User License Agreement on the
>> websites,especially,when installing softwares? the link below should make a
>> good read.
>>
>> http://www.pcpitstop.com/spycheck/eula.asp
>>
>> 2. Should there be or is there a policy,when  it comes to changing a
>> domain name?
>>
>> When one types; www.nationmedia.com you are redirected to
>> www.nationmedia.co.ke....I check this website everyday....one day it was so
>> slow loading...then...walaa...its .co.ke....if we dont take the time(maybe I
>> missed it) to let our users know of the changes....then, what will happen
>> when when Kenya gets into serious E-commerce? I believe we need to start
>> now,to build trust online,it may seem like a small thing,but it will go a
>> long way.
>>
>> e.g what is the difference between www.safaricom.com and
>> www.safaricom.co.ke?
>>
>>
>> I)     The Jurisdiction and Arbitration of eCriminals e.g. How would one
>> resolve a case where a Kenyan ISP is hosting an eCommerce site that sells
>> content that is declared illegal in Germany (e.g Hitler's paraphanallia).
>>  Can/Should the Germans shut down the Kenyan business site?
>>
>> Well,I think the Yahoo and France on the Nazi case was a great eye opener
>> in this regard, but what does that mean.......if the Germany decides to
>> filter ccTLD(.KE)...then all Kenyan businesses loose.....not a very wise
>> option! the ISP's will have to be responsible for the contents they
>> display??.
>>
>> Kind Regards,
>>
>>
>>
>>
>>   On Thu, Aug 14, 2008 at 8:05 AM, John Walubengo <jwalu at yahoo.com>wrote:
>>
>>
>>>  Morning all,
>>>
>>> Looks like very little response on yesterday's topic...where's Waudo
>>> formerly WGIG member?  Nway, today's IG theme is the one with the most
>>> consensus across all stakeholders.  The fact that the internet is becoming a
>>> place to place to work, live, pray or play is widely acknowledged and hence
>>> the consensus on the need to protect it.
>>>
>>> The global and borderless nature of the Internet means that a secure
>>> internet needs a concerted global effort as earlier mentioned by Brian.  A
>>> very secure US-territoial Internet is of no use if for example the
>>> Africa-territorial Internet is insecure since phising attacks, viruses,
>>> spam, eFrauds and other destabilizing conditions can be launched from there.
>>> Spam for example is known to constitute over 60% of email traffic on the
>>> Internet, which is a fairly significant chunk of Internet Bandwidth and
>>> Server Processing power going to waste.
>>>
>>> The main internet security debate that cross-cuts into legal/social
>>> baskets often centers around:
>>> I)      How the Internet Protocol (IP) could be improved so as to
>>> trace-back the origin of the Spammers, eFraudsters, and other criminals.
>>>  This may demand implementing IP tools that require all internet services
>>> (email, dns, web, etc) to be digitally signed - a feature that would come
>>> with some overheads (Mich could again assist here on which overheads these
>>> could be)
>>> II)     The Jurisdiction and Arbitration of eCriminals e.g. How would one
>>> resolve a case where a Kenyan ISP is hosting an eCommerce site that sells
>>> content that is declared illegal in Germany (e.g Hitler's paraphanallia).
>>>  Can/Should the Germans shut down the Kenyan business site?
>>> III)    The delicate balance between pursing security and respecting
>>> citizen rights. To what extent should governments go into private emails,
>>> phone-logs, etc, in order to safeguard national security? Or what should be
>>> the mandatory procedures required of Businesses to safeguard sensitive
>>> electronic data of citizens?
>>>
>>> Plse feel free to add, clarify, object or modify the above.  More
>>> importantly think of what would be an E.African position on the issues.
>>>
>>> As usual, 1day on this theme.
>>>
>>> walu.
>>>
>>>
>>>
>>>
>>>
>>> _______________________________________________
>>> kictanet mailing list
>>> kictanet at lists.kictanet.or.ke
>>> http://lists.kictanet.or.ke/mailman/listinfo/kictanet
>>>
>>>
>>> This message was sent to: judyokite at gmail.com
>>> Unsubscribe or change your options at
>>> http://lists.kictanet.or.ke/mailman/options/kictanet/judyokite%40gmail.com
>>>
>>
>>
>>
>> --
>> "Do not go where the path may lead, go instead where there is no path and
>> leave a trail."
>> ~ Ralph Waldo Emerson
>>
>>
>> _______________________________________________
>> kictanet mailing list
>> kictanet at lists.kictanet.or.ke
>> http://lists.kictanet.or.ke/mailman/listinfo/kictanet
>>
>> This message was sent to: patrick.mburu at gmail.com
>> Unsubscribe or change your options at
>> http://lists.kictanet.or.ke/mailman/options/kictanet/patrick.mburu%40gmail.com
>>
>>
>
>
> _______________________________________________
> kictanet mailing list
> kictanet at lists.kictanet.or.ke
> http://lists.kictanet.or.ke/mailman/listinfo/kictanet
>
> This message was sent to: mwende.njiraini at gmail.com
> Unsubscribe or change your options at
> http://lists.kictanet.or.ke/mailman/options/kictanet/mwende.njiraini%40gmail.com
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.kictanet.or.ke/pipermail/kictanet/attachments/20080821/07ee7f01/attachment.htm>

More information about the KICTANet mailing list