[kictanet] IG Discussion 2009, Day 8 of 10 - National Cybersecurity strategies
Evans Kahuthu
ifani.kinos at gmail.com
Wed May 6 06:51:16 EAT 2009
Good morning,
The overall objective of a national cyber security strategy is to protect
the confidentiality, integrity and availability of information.
The provisions contained in the KCA (amendment) Act, 2009 represent the
primary threats that keep an organisation from attaining its goals. Cyber
security strategy should be part of any organisation's overall asset
protection program. The goals and objectives should be understood by all
employees.
>From an information security professional point of view, it is important to
understand and provide organisational guidance with respect to the computer
crime laws that relate to your operation. These can ofcourse be only the
laws of your country or if your organisation operates in a multinational
environment, can include laws of other countries.
An important part of information security consists of interpreting the law
for top management and instituting policy and procedures designed to keep
the organisation and its employees from violating the law.
Regarding,crimes commited across border, in some cases countries are
requesting the extradiction of computer hackers who have never physically
entered the country whose laws they have allegedly broken. Unfortunately,
evidence rules generally differ in various legal systems,which poses other
problems in the evidence collection approach.
Evans
On Tue, May 5, 2009 at 4:42 PM, mwende njiraini
<mwende.njiraini at gmail.com>wrote:
> Good morning!
>
> Today we continue to build on previous discussions on cybersecurity, with a
> view of seeking your contributions in the development a national
> cyber-security strategy.
>
>
>
> The Kenya Communications (Amendment) Act, 2009 (
> http://www.communication.go.ke/media.asp?id=775) contains the following
> provisions with regard to cybersecurity:
>
> - Unauthorized access to computer data,
> - Access with intent to commit offences
> - Unauthorized access to and interception of computer service,
> - Unauthorized modification of computer material,
> - Damaging or denying access to computer system,
> - Unauthorized disclosure of password,
> - Unlawful possession of devices and data,
> - Electronic fraud,
> - Tampering with computer source documents,
> - Publishing of obscene information in electronic form,
> - Publication for fraudulent purpose and
> - Unauthorized access to protected systems
>
>
>
> Harry Delano (email 29th April) “Are our cybersecurity regulations (law)
> up to the task, to protect us...?”
>
>
> In answering this question we may wish to consider the issue of
> jurisdiction, the ability of the judicial system to make a ruling with
> regards to a crime committed through the internet by extra-territorial
> elements and secondly the role of arbitration as an Alternative Dispute
> Resolution (ADR) mechanism (http://www.ciarbkenya.org/).
>
> Kind regards
> Mwende
>
>
> *Disclaimer: Views expressed here (apart from those quoted/referenced) are
> the author’s own*
>
>
> _______________________________________________
> kictanet mailing list
> kictanet at lists.kictanet.or.ke
> http://lists.kictanet.or.ke/mailman/listinfo/kictanet
>
> This message was sent to: ifani.kinos at gmail.com
> Unsubscribe or change your options at
> http://lists.kictanet.or.ke/mailman/options/kictanet/ifani.kinos%40gmail.com
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.kictanet.or.ke/pipermail/kictanet/attachments/20090505/8d662096/attachment.htm>
More information about the KICTANet
mailing list