[kictanet] [Cybersecurity + Innovation Ecosystems + Policy] Role of governments

Patrick A. M. Maina pmaina2000 at yahoo.com
Thu Nov 8 23:13:51 EAT 2018


 Good stuff! Interestingly this was written before the era of weaponized IoT botnets (e.g. Mirai and variants) - so a very good example of what can happen when regulators fail to act fast enough or heed expert advice on technology risks. 
I also support the call for increased stakeholder engagement that places public interest and safety at a higher priority than the accumulation of profits for a few. 

Imagine what would happen if a botnet DDOS attack interferes with election results transmission during Kenya's super-high-stakes elections. We have all seen how fast things can deteriorate when the public loses trust in institutions. 
The economic and/or social impact of innovations should be tangible, measurable, sustainable and independently verifiable (not just some magic numbers pulled out of the air). Companies like Facebook, for example, could be connecting people online and keeping them "engaged" through nudge tech, but when this lowers real-world productivity (e.g. for millions of employees) and adds monitoring costs to thousands of employers, is it truly beneficial to the economy? 
The only way to tell is for companies that monetize engagement at scale to demonstrate a real net gain for the host country in verifiable monetary value against an annually estimated GDP impact (or alternatively, pay employers a fair compensation for that engagement if it happens during work hours for example - because employers pay for their employee's time and engagement). 

Another insidious thing that happens is using Africa as unwitting guinea pigs for "impact" experiments that will be commercialized elsewhere (say India, South America or even the US) without paying fair royalties to the test country (and local co-innovators). Sometimes the same solutions are re-branded and sold back to Africa. This is not ethical, considering the fact that Africa is a low income region where fair royalties could fight poverty and even save lives.
There's so much that needs fixing to bring our ailing ecosystem back to life and turn the local Tech scene into a thriving (and resilient) GDP contributor with multiple mega-success stories. 
A proper ecosystem where organic success is the norm (not the exception - as is currently the case) is what attracts massive FDI and game changing innovations. 
Deloitte Report on the secrets of Israel's transformation to a global innovation leader:(excerpt) "The Israeli government founded the Technology Incubator program in the early 1990s. Today there are over 25 incubators across the country, all of which have been privatized. The incubators offer government funding of up to 85% of early stage project costs for two years. They nurture companies from seed to early stage, thus minimizing the risk to the investor. More than 1100 projects have so far graduated from the incubators, with over 45% successfully attracting additional investments from different investors."
The Israeli technological Eco-system | Deloitte Israel | Innovation


| 
| 
| 
|  |  |

 |

 |
| 
|  | 
The Israeli technological Eco-system | Deloitte Israel | Innovation

We are lucky to be sitting in one of the hottest hubs for innovation and technology in the world, and our goal i...
 |

 |

 |




Thanks for Sharing!
    On Thursday, November 8, 2018, 8:04:38 PM GMT+3, Barrack Otieno via kictanet <kictanet at lists.kictanet.or.ke> wrote:  
 
 Listers,
Might be of interest.
Regards

---------- Forwarded message ---------
From: Richard Hill <rhill at hill-a.ch>
Date: Thu, Nov 8, 2018 at 10:43 AM
Subject: [Internet Policy] Role of governments in cybersecurity
To: Internetpolicy at Elists. Isoc. Org <internetpolicy at elists.isoc.org>



This EU report well explains the traditional role of governments with respect to ensuring safety and security, and how that role might be mapped to modern ICTs:

https://publications.europa.eu/en/publication-detail/-/publication/80bb1618-16bb-11e8-9253-01aa75ed71a1/language-en 

I cite below from the Introduction.

Best,
Richard

====================

Governments have long had an important role in maximising social welfare by regulating safety and security, where private-sector providers do not have the incentives to do this properly. The motor industry spent many decades competing to decorate cars with chromium rather than fit them with seat belts, until the Product Liability Directive, mandatory safety testing and the provision of crashworthiness information moved them in a more wholesome direction. The regulation of drugs has moved us from the Wild West of nineteenth-century patent medicines to modern standards of safety and efficacy assessed by randomised controlled trials (the safety of medical devices lags somewhat behind). Regulation also plays a key role in consumer confidence; financial regulation and deposit guarantees enable consumers to trust the banking industry despite occasional crises.

The last twenty years have seen the Internet becoming the main vehicle for interpersonal communication and for financial services, as well as a key medium for entertainment, advertising and shopping. The next twenty will see computer-mediated communications embedded invisibly everywhere, from cars and domestic appliances to industrial control systems and medical devices. Large areas of regulation will have to be revisited as the dependability – the safety and security – of computer and communications systems becomes critical to the safety of vehicles, medical devices, and in fact the whole infrastructure on which our societies depend. Indeed, in many languages, ‘safety’ and ‘security’ are the same word (Sicherheit, sûureté, seguridad, sicurezza, trygghet, ... ).

... What should this regulatory framework look like a decade from now? Will cybersecurity require a powerful, cross-domain regulator; or will each sector regulator acquire a cell of cybersecurity expertise; or will it be some mixture of general and sectoral approaches; or will we need to develop something else entirely?

...

The goals and mission of a cybersecurity regulator may therefore be some mix of the following:
1. Ascertaining and agreeing protection goals 2. Setting standards 3. Certifying standards achievement and enforcing compliance 4. Reducing vulnerabilities 5. Reducing compromises 6. Reducing system externalities


_______________________________________________
To manage your ISOC subscriptions or unsubscribe,
please log into the ISOC Member Portal:
https://portal.isoc.org/
Then choose Interests & Subscriptions from the My Account menu.


-- 
Barrack O. Otieno
+254721325277
+254733206359
Skype: barrack.otieno
PGP ID: 0x2611D86A
 



_______________________________________________
kictanet mailing list
kictanet at lists.kictanet.or.ke
https://lists.kictanet.or.ke/mailman/listinfo/kictanet
Twitter: http://twitter.com/kictanet
Facebook: https://www.facebook.com/KICTANet/
Domain Registration sponsored by www.eacdirectory.co.ke

Unsubscribe or change your options at https://lists.kictanet.or.ke/mailman/options/kictanet/pmaina2000%40yahoo.com

The Kenya ICT Action Network (KICTANet) is a multi-stakeholder platform for people and institutions interested and involved in ICT policy and regulation. The network aims to act as a catalyst for reform in the ICT sector in support of the national aim of ICT enabled growth and development.

KICTANetiquette : Adhere to the same standards of acceptable behaviors online that you follow in real life: respect people's times and bandwidth, share knowledge, don't flame or abuse or personalize, respect privacy, do not spam, do not market your wares or qualifications.
  
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.kictanet.or.ke/pipermail/kictanet/attachments/20181108/eb7514a3/attachment.htm>


More information about the KICTANet mailing list