[kictanet] IG Discussion 2009, Day 9 of 10 - National Cybersecurity strategies
John Walubengo
jwalu at yahoo.com
Fri May 8 13:55:37 EAT 2009
Nyaki/Sam: My take was that we have the capacity to run Computer Emergency Response Teams (CERT) but we are not doing it. But am just attending the KENIC AGM and it looks like KENIC seems to have covered some ground in this area that could be used to crystalize the CERT idea.
walu.
--- On Fri, 5/8/09, Sam Gatere <sam.gatere at gmail.com> wrote:
> From: Sam Gatere <sam.gatere at gmail.com>
> Subject: Re: [kictanet] IG Discussion 2009, Day 9 of 10 - National Cybersecurity strategies
> To: jwalu at yahoo.com
> Cc: "KICTAnet ICT Policy Discussions" <kictanet at lists.kictanet.or.ke>
> Date: Friday, May 8, 2009, 1:09 PM
> Walu your analogy or discovery points at a very interesting
> area - our
> education system - If you do not train a child how he/she
> should grow how do
> you expect them to be what you envision? Nyaki's
> questions are quite sport
> on! I my humble view I would beg to ask what kind of
> investment that the
> government has put down on this non-tangible risk or threat
> depending on how
> you look at it. Our current political environment may not
> be too interested
> on matters digital if things that make perfect sense such
> as environmental
> preservation (read Mau) have to have a protracted political
> battle and we
> can all see the effects of poor resource management. If our
> Intelligence
> agents (NISIS - CID) were more Techie savvy I think it
> would be a great
> boost just as Barrack mentioned in his post. However it all
> has to start
> somewhere, if Kenya has a CERT up an running we shall
> surely be starting on
> the right foot preempting disaster or cyber security issues
> and taking
> appropriate action rather than fighting fires! without fire
> equipment :)
> just for a the sake of argument - if the Migingo row
> degenerated further
> -God forbid- and a Cyber war broke out how would Kenya
> defend its Internet
> infrastructure from its aggressors? (in this case UG-sounds
> wired but hey
> its possible) read this article about the Russian Gorgian
> conflict that went
> all the way to the web!
>
> http://blogs.zdnet.com/security/?p=1670
>
>
> On Fri, May 8, 2009 at 12:33 AM, Barrack Otieno
> <otieno.barrack at gmail.com>wrote:
>
> > In my opinion there appears to be some ambiguity
> within our instituional
> > structures. When it comes to Cybersecurity issues how
> does the NSIS for
> > instance come in since it is a critical stakeholder. I
> am weary of non state
> > actors taking up responsibilities that they might not
> be well equiped to
> > handle, maybe PPP could work here
> > Thanks
> >
> > On Thu, May 7, 2009 at 11:46 PM, Catherine Adeya
> <elizaslider at yahoo.com>wrote:
> >
> >> Walu,
> >>
> >> Sorry I am coming in at the tail end...but is the
> question here an issue
> >> of we cannot do it? or we do not want to do it? or
> we cannot justify
> >> prioritizing doing it?
> >>
> >> Nyaki
> >>
> >> ------------------------------
> >> *From:* John Walubengo <jwalu at yahoo.com>
> >> *To:* elizaslider at yahoo.com
> >> *Cc:* KICTAnet ICT Policy Discussions
> <kictanet at lists.kictanet.or.ke>
> >> *Sent:* Thursday, May 7, 2009 1:57:26 PM
> >>
> >> *Subject:* Re: [kictanet] IG Discussion 2009, Day
> 9 of 10 - National
> >> Cybersecurity strategies
> >>
> >>
> >> Emergency Response Teams? - for Computer or other
> disasters? Very
> >> difficult concept for Kenyans. We live in a
> culture that thrives on
> >> crisis-management...I bet 99.9% of Kenyan
> graduates submitted their final
> >> projects - or +2hr before and after the deadline.
> >>
> >> Its a culture that must be overcome if we shall
> ever setup a computer
> >> emergency response team.
> >>
> >> walu.
> >> nb: but maybe we could learn from the medical
> practitioners, they seem to
> >> respond better to swine, chicken and other
> emerging cocktails of flu.
> >>
> >> --- On Thu, 5/7/09, mwende njiraini
> <mwende.njiraini at gmail.com> wrote:
> >>
> >> > From: mwende njiraini
> <mwende.njiraini at gmail.com>
> >> > Subject: Re: [kictanet] IG Discussion 2009,
> Day 9 of 10 - National
> >> Cybersecurity strategies
> >> > To: jwalu at yahoo.com
> >> > Cc: "KICTAnet ICT Policy
> Discussions" <kictanet at lists.kictanet.or.ke>
> >> > Date: Thursday, May 7, 2009, 10:36 AM
> >> > Morning,
> >> >
> >> > Reference to email below - you may wish to
> make reference
> >> > to the following
> >> > additional resources
> >> >
> >> > - One more CERT in Africa: Mauritius Gets
> Computer
> >> > Emergency Response
> >> > Team -
> >> >
> >> >
> >>
> http://www.pcworld.com/businesscenter/article/146123/mauritius_gets_computer_emergency_response_team.html
> >> > - CERT is located at Carnegie Mellon
> University,
> >> > involved in Internet
> >> > security vunerabilities, long term network
> changes
> >> > research:
> >> > http://www.cert.org/
> >> > - Team Cymru is a specialized Internet
> security research
> >> > firm :
> >> > http://www.team-cymru.org/
> >> > - FIRST is the global Forum for Incident
> Response and
> >> > Security Teams:
> >> > http://www.first.org/
> >> >
> >> > Kind regards
> >> > Mwende
> >> > Please note the change in the subject line
> today is IG
> >> > Discussion 2009,*Day
> >> > 9 of 10 *
> >> >
> >> > *Disclaimer: Views expressed here (except
> those quoted or
> >> > referenced) are
> >> > the author’s own*
> >> >
> >> >
> >> > On 5/7/09, mwende njiraini
> >> > <mwende.njiraini at gmail.com> wrote:
> >> >
> >> > > Good morning,
> >> > >
> >> > >
> >> > >
> >> > > Today we have the opportunity of
> discussing the last
> >> > aspect of
> >> > > cybersecurity: Computer Security
> Incident Response
> >> > Teams (CSIRTs)/Computer
> >> > > Emergency Response Teams (CERT).
> CSIRTs/CERTs are
> >> > responsible for preparing
> >> > > for, detecting, managing and responding
> to
> >> > cybersecurity incidents as well
> >> > > as creating consumer awareness.
> >> > >
> >> > >
> >> > >
> >> > > Global cybersecurity is said to be ‘as
> strong as the
> >> > weakest link’. Developing
> >> > > countries particularly in Africa have
> not sufficiently
> >> > addressed
> >> > > cybersecurity issues. While some
> countries have
> >> > initiated efforts to
> >> > > develop cybersecurity capabilities
> through the
> >> > establishment of National
> >> > > CSIRTs/CERTs, the CERT-TCC in Tunisia is
> the only
> >> > active national CERT in
> >> > > Africa
> (http://www.ansi.tn/en/about_cert-tcc.htm).
> >> > >
> >> > >
> >> > >
> >> > > In establishing a National CERT/CSIRT…
> >> > >
> >> > > - What structure could be adopted?
> >> > > - What services should be offered?
> >> > > - What elements could be considered
> to establish
> >> > trust in this
> >> > > institution thereby encouraging
> organizations with
> >> > critical information
> >> > > infrastructure (CII) such as
> government agencies,
> >> > banks, educational
> >> > > institutions, water and power
> companies, etc, to
> >> > share of cybersecurity
> >> > > incidents?
> >> > >
> >> > >
> >> > >
> >> > > Kind regards
> >> > >
> >> > > Mwende
> >> > >
> >> > > *Disclaimer: Views expressed here
> (except those quoted
> >> > or referenced) are
> >> > > the author’s own*
> >> > >
> >> >
> _______________________________________________
> >> > kictanet mailing list
> >> > kictanet at lists.kictanet.or.ke
> >> >
> http://lists.kictanet.or.ke/mailman/listinfo/kictanet
> >> >
> >> > This message was sent to: jwalu at yahoo.com
> >> > Unsubscribe or change your options at
> >> >
> http://lists.kictanet.or.ke/mailman/options/kictanet/jwalu%40yahoo.com
> >>
> >>
> >>
> >>
> >> _______________________________________________
> >> kictanet mailing list
> >> kictanet at lists.kictanet.or.ke
> >>
> http://lists.kictanet.or.ke/mailman/listinfo/kictanet
> >>
> >> This message was sent to: elizaslider at yahoo.com
> >> Unsubscribe or change your options at
> >>
> http://lists.kictanet.or.ke/mailman/options/kictanet/elizaslider%40yahoo.com
> >>
> >>
> >> _______________________________________________
> >> kictanet mailing list
> >> kictanet at lists.kictanet.or.ke
> >>
> http://lists.kictanet.or.ke/mailman/listinfo/kictanet
> >>
> >> This message was sent to: otieno.barrack at gmail.com
> >> Unsubscribe or change your options at
> >>
> http://lists.kictanet.or.ke/mailman/options/kictanet/otieno.barrack%40gmail.com
> >>
> >>
> >
> >
> > --
> > Barrack O. Otieno
> > ISSEN CONSULTING
> > Tel:
> > +254721325277
> > +254733206359
> > http://projectdiscovery.or.ke
> > To give up the task of reforming society is to give up
> ones responsibility
> > as a free man.
> > Alan Paton, South Africa
> >
> > _______________________________________________
> > kictanet mailing list
> > kictanet at lists.kictanet.or.ke
> > http://lists.kictanet.or.ke/mailman/listinfo/kictanet
> >
> > This message was sent to: sam.gatere at gmail.com
> > Unsubscribe or change your options at
> >
> http://lists.kictanet.or.ke/mailman/options/kictanet/sam.gatere%40gmail.com
> >
> >
> _______________________________________________
> kictanet mailing list
> kictanet at lists.kictanet.or.ke
> http://lists.kictanet.or.ke/mailman/listinfo/kictanet
>
> This message was sent to: jwalu at yahoo.com
> Unsubscribe or change your options at
> http://lists.kictanet.or.ke/mailman/options/kictanet/jwalu%40yahoo.com
More information about the KICTANet
mailing list