[kictanet] Stung by cyber attacks, State resolves to host websites locally

[Ali Hussein]

I suppose we also need to move all the social media accounts locally? 

I mean seriously! 

First things first. The Government needs to have proper infrastructure to manage all their Digital Assets. This should start with the right HR Resources.  A CIO is called for as a matter of urgency with a clear mandate to organize, invest, execute and ensure the security of all these Assets. This doesn't only include Websites. These are just portals to access information. It includes the digital migration to digital IDs, the Land Registry, the Company Registry, immigration etc. 

You get the picture.  

Having the CAK all of a sudden being asked to host government websites is a waste of our resources and detracts the CAK from doing the job they are there to do. Regulation. I urge CAK to resist and reject these demands on their scarce resources. They could however second competent staff to assist the Central Government achieve this. 

This may sound harsh but someone needs to take control and stop these knee jerk reactions to serious breaches of our Digital Assets! 

Brand Kenya is under serious threat as the so called Hub of ICT in Africa.

Ali Hussein

+254 770 906375 / 0713 601113

Twitter: @AliHKassim
Skype: abu-jomo
LinkedIn: http://ke.linkedin.com/in/alihkassim
Blog: www.alyhussein.com

"I fear the day technology will surpass human interaction. The world will have a generation of idiots".  ~ Albert Einstein

Sent from my iPad

> On Jul 25, 2014, at 11:31 AM, Ngigi Waithaka via kictanet <kictanet at lists.kictanet.or.ke> wrote:
> 
> Central Management of GoK;s website hosting is a step in the right direction as the skills needed to protect government infrastructure can also be centralized. However, it also gives you a single point of failure where if anyone gets in, then the whole government could be compromised.
> 
> On the other hand, is there any advantage to be had from a security PoV from hosting websites in Kenya? Is there say a Data Center in .KE that can withstand a well co-ordinated DDOS Attack on its infrastructure? 
> 
> Not one.
> 
> As an example, this ( http://www.itnews.com.au/News/372033,worlds-largest-ddos-strikes.aspx ) DDOS attack on CloudFare sometime back was generating around 400GPS of Traffic. If this was to be directed to our one data center, then KRA, CBK, Immigration, County Revenue sites etc would all be down.
> 
> So as we put all our  'eggs' in one basket we better watch that basket really really carefully.
> 
> Regards
> 
> 
>> On Fri, Jul 25, 2014 at 11:05 AM, Mwendwa Kivuva via kictanet <kictanet at lists.kictanet.or.ke> wrote:
>> All State-owned websites will be hosted locally in order to curb rising cases of cyber security attacks.
>> 
>> This was a key resolution at a crisis meeting held on Thursday between top security officials and the Ministry of ICT.
>> 
>> Held at Communication Authority of Kenya (CAK), the meeting was called to discuss the safety preparedness of the government to handle cyber attacks.
>> 
>> It comes just days after hacking of the Kenya Defence Forces’ social media accounts including the official email account of the military spokesperson Emmanuel Chirchir.
>> 
>> In attendance were ICT principal secretary Joseph Tiampati, representatives of the National Intelligence Service, Kenya Defence Forces, CID, CAK director-general Francis Wangusi and ICT Authority chief executive.
>> 
>> http://www.nation.co.ke/business/Cyber-Security-Attacks-ICT-Ministry/-/996/2396632/-/g6u9p4z/-/index.html
>> 
>> 
>> ______________________
>> Mwendwa Kivuva, Nairobi, Kenya
>> twitter.com/lordmwesh
>> 
>> "There are some men who lift the age they inhabit, till all men walk on higher ground in that lifetime." - Maxwell Anderson
>> 
>> _______________________________________________
>> kictanet mailing list
>> kictanet at lists.kictanet.or.ke
>> https://lists.kictanet.or.ke/mailman/listinfo/kictanet
>> 
>> Unsubscribe or change your options at https://lists.kictanet.or.ke/mailman/options/kictanet/ngigi%40at.co.ke
>> 
>> The Kenya ICT Action Network (KICTANet) is a multi-stakeholder platform for people and institutions interested and involved in ICT policy and regulation. The network aims to act as a catalyst for reform in the ICT sector in support of the national aim of ICT enabled growth and development.
>> 
>> KICTANetiquette : Adhere to the same standards of acceptable behaviors online that you follow in real life: respect people's times and bandwidth, share knowledge, don't flame or abuse or personalize, respect privacy, do not spam, do not market your wares or qualifications.
> 
> 
> 
> -- 
> Regards,
> 
> Waithaka Ngigi
> Chief Executive Officer | Alliance Technologies | MCK Nairobi Synod Building
> T + 254 (0) 20 2333 471 |Office Mobile: +254 786 28 28 28 | M + 254 737 811 000
> www.at.co.ke
> 
> 
> _______________________________________________
> kictanet mailing list
> kictanet at lists.kictanet.or.ke
> https://lists.kictanet.or.ke/mailman/listinfo/kictanet
> 
> Unsubscribe or change your options at https://lists.kictanet.or.ke/mailman/options/kictanet/info%40alyhussein.com
> 
> The Kenya ICT Action Network (KICTANet) is a multi-stakeholder platform for people and institutions interested and involved in ICT policy and regulation. The network aims to act as a catalyst for reform in the ICT sector in support of the national aim of ICT enabled growth and development.
> 
> KICTANetiquette : Adhere to the same standards of acceptable behaviors online that you follow in real life: respect people's times and bandwidth, share knowledge, don't flame or abuse or personalize, respect privacy, do not spam, do not market your wares or qualifications.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.kictanet.or.ke/pipermail/kictanet/attachments/20140725/d1137c53/attachment.htm>