[kictanet] IG Discussion 2009, Day 6 of 10

Solomon Mburu solo.mburu at gmail.com
Wed May 6 10:08:34 EAT 2009


Though coming in late on this one, I'm nevertheless compelled to chip
in. When I subscribe to say, ZAP, m-Pesa or Magic pay, etc, doesn't
that mean I sell my privacy to these firms making it their 'property'?
How many of us do read those small font terms and conditions when
subscribing to any cyber related content? Mama mboga and a CEO who
frequently uses these services do not bother acquaint themselves with
the conditions binding an agreement except in verbal quickie
situation. The cyber products must be clearly explained especially the
privacy part. Solomon Mburu.

On 05/05/2009, mwende njiraini <mwende.njiraini at gmail.com> wrote:
> Thank you Evans for this contribution.
>
> Organizations may wish to consider seeking Information Security Management
> System (ISMS) ISO/IEC 27001 certification which includes the following
> elements:
>
>    1. Security Objectives
>    2. Information Security Policy
>    3. Security Organization
>    4. Asset Classification and Control
>    5. Personnel Security
>    6. Physical and Environmental Security
>    7. Computer, S/W, Data, Operation, and Network Security
>    8. System Access Control
>    9. Systems Development and Maintenance
>    10. Business Continuity Planning
>    11. Compliance
>
>
>
> Reference: http://www.iso.org/iso/catalogue_detail?csnumber=42103
>
>
>
> Kind regards
>
> Mwende
>
>
>
> *Disclaimer: Views expressed here are the author’s own*
>
>
> On Mon, May 4, 2009 at 6:53 PM, Evans Kahuthu <ifani.kinos at gmail.com> wrote:
>
>> The purpose of Information Security/Cybersecurity is to protect an
>> organizations's valuable resources, such as information, hardware and
>> software. Through the selection and application of appropriate safeguards,
>> Information Security helps the organization's mission by protectiing its
>> physical and financial resources, reputation, legal position, employees,
>> and
>> other tangible and intangible assets.
>> The issue of cybersecurity/Information security simply comes down to three
>> things: 1) Confidentiality, 2) Integrity and Availability.
>> Information Security management/cybersecurity entails the identification
>> of
>> an organisation's information assets and developemt, documentation, and
>> implementation of policies, standards, procedures and guidelines, which
>> ensure their Confidentiality, Integrity and Availability.
>> Unfortunately, cybersecurity is sometimes viewed as hindering the mission
>> of the organisation by impossing poorly selected bothersome rules and
>> procedures on users, managers and systems. On the contrary, if well
>> implemented, Cybersecurity rules and procedures can support the overall
>> organisational mission.
>> In the case of Kenya, the way to create a culture of cybersecurity is
>> through management tools such as data classification, security awareness
>> traininig, risk assesment and risk analysis in order to identify threats,
>> classify assets, and rate their vulnerabilities so that effective security
>> controls can be implemented.
>>
>> Regards,
>> Evans
>>
>>
>>   On Sun, May 3, 2009 at 10:59 PM, mwende njiraini <
>> mwende.njiraini at gmail.com> wrote:
>>
>>>   Good morning,
>>>
>>>
>>>
>>> The focus of our discussion this week is on cybersecurity and trust.  We
>>> will seek to address privacy and data security issues.
>>>
>>>
>>>
>>> Like many other Kenyans, we frequently register to use various online
>>> services provided by the government and businesses.  The registration
>>> process requires that we provide personal information including physical,
>>> postal address, telephone numbers, credit card numbers, etc.  The younger
>>> generation and the young-at-heart are readily sharing “personally
>>> identifiable information” including photos and events through social
>>> networking sites including facebook, youtube, myspace, flickr, twitter,
>>> etc.
>>>
>>>
>>>
>>> Personal information collected and made available in the public domain
>>> such as the electoral register, telephone directory can be combined with
>>> information for example from  supermarkets loyalty cards to create
>>> valuable
>>> market information  to  track individual preferences and purchase
>>> profiles.
>>> This information may unfortunately be subject to abuse and theft.
>>>  Consequently, ‘trust’ in policies and the security measures that the
>>> government and businesses establish to protect user information is
>>> therefore
>>> an essential element for the success of e-transactions (both e-government
>>> and e-commerce)
>>>
>>>
>>>
>>>    - How can we create a cyber security culture in Kenya? What is the
>>>    role of the educators, peers and parents in digital literacy with
>>> respect to
>>>    privacy and security?
>>>    - Does the current legal environment provide for the protection of
>>>    privacy on the internet?  How can we establish a balance between
>>> security
>>>    and right to privacy?
>>>
>>> Looking forward to hearing from you.
>>>
>>>
>>>
>>> Kind regards
>>>
>>> Mwende
>>>
>>>
>>>
>>> References
>>>
>>> 1.     Protecting your Privacy on the Internet:
>>> http://privacy.gov.au/internet/internet_privacy/index.html#2
>>>
>>> 2.     Privacy Policies: http://www.facebook.com/policy.php?ref=pf,
>>> http://twitter.com/privacy
>>>
>>> 3.     Article 12 of the Universal Declaration of Human Rights :
>>> http://www.un.org/en/documents/udhr/index.shtml#a12
>>>
>>> 4.     Office of the Privacy Commissioner of Canada: Protecting Your
>>> Privacy on the Internet:  http://www.priv.gc.ca/fs-fi/02_05_d_13_e.cfm
>>>
>>> 5.     Privacy illustrations:
>>> http://www.priv.gc.ca/information/illustrations/index_e.cfm
>>>
>>> 6.     http://www.diplomacy.edu/ISL/IG/
>>>
>>>
>>>
>>> *Disclaimer: Views expressed here are the author’s own*
>>>
>>> _______________________________________________
>>> kictanet mailing list
>>> kictanet at lists.kictanet.or.ke
>>> http://lists.kictanet.or.ke/mailman/listinfo/kictanet
>>>
>>> This message was sent to: ifani.kinos at gmail.com
>>> Unsubscribe or change your options at
>>> http://lists.kictanet.or.ke/mailman/options/kictanet/ifani.kinos%40gmail.com
>>>
>>>
>>
>


-- 
Man is a gregarious animal and enjoys agreement as cows will graze all
the same way to the side of a hill!




More information about the KICTANet mailing list