[kictanet] Experts: Kenyan businesses unprepared for security attacks

Evans Ikua ikua at lpakenya.org
Mon May 5 12:40:18 EAT 2008 

John,
I talked to a fresh graduate and he told me that in his 4 year degree  
in IT at a local University there was nothing on Security. What can  
those training our IT pros say about leaving out such serious topics  
in their curricula?

Whatever happened to churning out full-baked graduates, which is  
something that has been discussed like forever?


-- 
Evans Ikua
Linux Professional Association of Kenya
Tel: 20-250381, Cell: 0722 955 831
Eagle House, 2nd Floor
Kimathi Street, Opp. Corner House
www.lpakenya.org


Quoting John Kariuki <ngethe.kariuki2007 at yahoo.co.uk>:

> Wesley,
> You are very right. The problem is even deeper than stated by the   
> article. In my view, it should be seen in three perspectives:
> 1. Information Security
> 2. Cybersecurity
> 3. Critical Information Infrastructure Protection
>
> Each of those areas require very extensive actions if we as a   
> country and the users are to gain confidence in the use of ICTs.
>
> But first we need to start creating awareness about these issues.
> Remember the case of cyber attacks on ESTONIA? What about BOTNETS   
> which continue to grow daily? Do we have a KENCERT? What about the   
> now common problem of IDENTITY THEFT
>
> We need very strong advocacy in these matters so that  ICT users are  
>  aware of the security risks they face.
>
> John
>
> wesley kiriinya <kiriinya2000 at yahoo.com> wrote: Some of the best   
> security experts are the hackers and crackers themselves-the   
> certifications (if they have them) aren't the base of their skills.   
> The ability to detect and correct security exploits and security   
> holes is largely a matter of experience and ingenuity. Security   
> exploits and holes can be very many and can cross a wide range of   
> devices (basically anything that can be programmed and can connect   
> to a network is lethal nowadays) e.g. I could write a virus or worm   
> than lies dormant on a host portable device until it's plugged into   
> a computer, the virus then creeps into the systems collecting some   
> few info and it returns into the portable device. This device can be  
>  mine or anyone else (which I might have sent via bluetooth), the   
> worm can detect the anti virus in the system and when it was last   
> updated and abort if necessary, This is just a quick thought in my   
> mind and one can easily see how it can become far more complex.
>
> - Someone intruding a system doesn't  have to cause damage to it.
> - There is a psychology that motivates these people to intrude one   
> system and not another, I hope there is a certification that talks   
> about that. Just because the systems of company X haven't been   
> intruded yet doesn't mean they are secure.
> - Intrusion can happen from almost anywhere in the world. Someone   
> can be sitting in the middle of L.Victoria with a nice satelitte   
> connection, do the job, damp the laptop in the lake (, catch some   
> fish) and go home.
>
> I definitely wouldn't compare to a doctor.
>
> waudo siganga <emailsignet at mailcan.com> wrote:          Re:   
> [kictanet] Experts: Kenyan businesses unprepared for security   
> attacks             IT Security can also be enhanced if we promote   
> the idea of IT experts  operating in a legal and regulatory   
> environment. An IT Practioners Management Act would go a long way in  
>  ensuring acceptable qualifications, licensing, disciplining,   
> continuous professional development (including periodic training in   
> security). When a doctor is to operate on me I expect him to be   
> licenced; I should have the same expectation of an "IT expert" who   
> wants to operate on my company systems/data.
> Waudo
>
> On Tue, 29 Apr 2008 03:44:57 -0700 (PDT), "Rebecca Wanjiku"   
> <rebeccawanjiku at yahoo.com> said:
>
> Experts: Kenyan businesses unprepared for security attacksThe switch  
>  to more computerized information and processes has led to increased  
>  productivity and profits for many Kenyan companies, but information  
>  security has been neglected, according to IT experts in the country.
> Many companies in Kenya adopt high-tech hardware and software, but   
> very few are  fully investing in information security and frequent   
> audits to identify vulnerabilities, according to John Gichuki, an   
> information security and forensic auditor.
> http://computerworld.co.ke/articles/2008/04/28/experts-kenyan-businesses-unprepared-security-attacks
>
>
> Tel. 254 720 318 925
>
> blog:http://beckyit.blogspot.com/
>
> ---------------------------------
> Be a better friend, newshound, and know-it-all with Yahoo! Mobile.   
> Try it now.
> --
>   waudo siganga
>   emailsignet at mailcan.com
>
>  _______________________________________________
> kictanet mailing list
> kictanet at lists.kictanet.or.ke
> http://lists.kictanet.or.ke/mailman/listinfo/kictanet
>
> This message was sent to:  kiriinya2000 at yahoo.com
> Unsubscribe or change your options at   
> http://lists.kictanet.or.ke/mailman/options/kictanet/kiriinya2000%40yahoo.com
>
>
>
> ---------------------------------
> Be a better friend, newshound, and  know-it-all with Yahoo! Mobile.   
>  Try it now._______________________________________________
> kictanet mailing list
> kictanet at lists.kictanet.or.ke
> http://lists.kictanet.or.ke/mailman/listinfo/kictanet
>
> This message was sent to: ngethe.kariuki2007 at yahoo.co.uk
> Unsubscribe or change your options at   
> http://lists.kictanet.or.ke/mailman/options/kictanet/ngethe.kariuki2007%40yahoo.co.uk
>
>
>
> ---------------------------------
> Sent from Yahoo! Mail.
> A Smarter Email.

More information about the KICTANet mailing list