[kictanet] Experts: Kenyan businesses unprepared for security attacks

John Kariuki ngethe.kariuki2007 at yahoo.co.uk
Mon May 5 08:40:33 EAT 2008


Wesley,
You are very right. The problem is even deeper than stated by the article. In my view, it should be seen in three perspectives:
1. Information Security
2. Cybersecurity
3. Critical Information Infrastructure Protection

Each of those areas require very extensive actions if we as a country and the users are to gain confidence in the use of ICTs.

But first we need to start creating awareness about these issues.
Remember the case of cyber attacks on ESTONIA? What about BOTNETS which continue to grow daily? Do we have a KENCERT? What about the now common problem of IDENTITY THEFT

We need very strong advocacy in these matters so that  ICT users are aware of the security risks they face.

John

wesley kiriinya <kiriinya2000 at yahoo.com> wrote: Some of the best security experts are the hackers and crackers themselves-the certifications (if they have them) aren't the base of their skills. The ability to detect and correct security exploits and security holes is largely a matter of experience and ingenuity. Security exploits and holes can be very many and can cross a wide range of devices (basically anything that can be programmed and can connect to a network is lethal nowadays) e.g. I could write a virus or worm than lies dormant on a host portable device until it's plugged into a computer, the virus then creeps into the systems collecting some few info and it returns into the portable device. This device can be mine or anyone else (which I might have sent via bluetooth), the worm can detect the anti virus in the system and when it was last updated and abort if necessary, This is just a quick thought in my mind and one can easily see how it can become far more complex.

- Someone intruding a system doesn't  have to cause damage to it.
- There is a psychology that motivates these people to intrude one system and not another, I hope there is a certification that talks about that. Just because the systems of company X haven't been intruded yet doesn't mean they are secure.
- Intrusion can happen from almost anywhere in the world. Someone can be sitting in the middle of L.Victoria with a nice satelitte connection, do the job, damp the laptop in the lake (, catch some fish) and go home.

I definitely wouldn't compare to a doctor.

waudo siganga <emailsignet at mailcan.com> wrote:          Re: [kictanet] Experts: Kenyan businesses unprepared for security attacks             IT Security can also be enhanced if we promote the idea of IT experts  operating in a legal and regulatory environment. An IT Practioners Management Act would go a long way in ensuring acceptable qualifications, licensing, disciplining, continuous professional development (including periodic training in security). When a doctor is to operate on me I expect him to be licenced; I should have the same expectation of an "IT expert" who wants to operate on my company systems/data.
Waudo

On Tue, 29 Apr 2008 03:44:57 -0700 (PDT), "Rebecca Wanjiku" <rebeccawanjiku at yahoo.com> said:

Experts: Kenyan businesses unprepared for security attacksThe switch to more computerized information and processes has led to increased productivity and profits for many Kenyan companies, but information security has been neglected, according to IT experts in the country.
Many companies in Kenya adopt high-tech hardware and software, but very few are  fully investing in information security and frequent audits to identify vulnerabilities, according to John Gichuki, an information security and forensic auditor. 
http://computerworld.co.ke/articles/2008/04/28/experts-kenyan-businesses-unprepared-security-attacks


Tel. 254 720 318 925

blog:http://beckyit.blogspot.com/

---------------------------------
Be a better friend, newshound, and know-it-all with Yahoo! Mobile. Try it now.    
-- 
  waudo siganga
  emailsignet at mailcan.com

 _______________________________________________
kictanet mailing list
kictanet at lists.kictanet.or.ke
http://lists.kictanet.or.ke/mailman/listinfo/kictanet

This message was sent to:  kiriinya2000 at yahoo.com
Unsubscribe or change your options at http://lists.kictanet.or.ke/mailman/options/kictanet/kiriinya2000%40yahoo.com

           

---------------------------------
Be a better friend, newshound, and  know-it-all with Yahoo! Mobile.  Try it now._______________________________________________
kictanet mailing list
kictanet at lists.kictanet.or.ke
http://lists.kictanet.or.ke/mailman/listinfo/kictanet

This message was sent to: ngethe.kariuki2007 at yahoo.co.uk
Unsubscribe or change your options at http://lists.kictanet.or.ke/mailman/options/kictanet/ngethe.kariuki2007%40yahoo.co.uk


       
---------------------------------
Sent from Yahoo! Mail.
A Smarter Email.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.kictanet.or.ke/pipermail/kictanet/attachments/20080505/f44b617f/attachment.htm>


More information about the KICTANet mailing list