<div>
<p class="MsoNormal" style="MARGIN: 0in 0in 10pt; TEXT-ALIGN: justify"><span style="FONT-SIZE: 12pt; LINE-HEIGHT: 115%"><font face="Calibri">Good afternoon,</font></span></p>
<p class="MsoNormal" style="MARGIN: 0in 0in 10pt; TEXT-ALIGN: justify"><span style="FONT-SIZE: 12pt; LINE-HEIGHT: 115%"><font face="Calibri">Sorry for the late post.<span style="mso-spacerun: yes"> </span></font></span></p>
<p class="MsoNormal" style="MARGIN: 0in 0in 10pt; TEXT-ALIGN: justify"><span style="FONT-SIZE: 12pt; LINE-HEIGHT: 115%"><font face="Calibri">I am seeking responses to the following in relation to security:</font></span></p>
<p class="MsoListParagraphCxSpFirst" style="MARGIN: 0in 0in 0pt 0.5in; TEXT-INDENT: -0.25in; TEXT-ALIGN: justify; mso-list: l0 level1 lfo1"><span style="FONT-SIZE: 12pt; LINE-HEIGHT: 115%; mso-ascii-font-family: Calibri; mso-fareast-font-family: Calibri; mso-hansi-font-family: Calibri; mso-bidi-font-family: Calibri"><span style="mso-list: Ignore"><font face="Calibri">-</font><span style="FONT: 7pt 'Times New Roman'"> </span></span></span><span style="FONT-SIZE: 12pt; LINE-HEIGHT: 115%"><font face="Calibri">Are there initiatives to create awareness on internet security?</font></span></p>
<p class="MsoListParagraphCxSpMiddle" style="MARGIN: 0in 0in 0pt 0.5in; TEXT-INDENT: -0.25in; TEXT-ALIGN: justify; mso-list: l0 level1 lfo1"><span style="FONT-SIZE: 12pt; LINE-HEIGHT: 115%; mso-ascii-font-family: Calibri; mso-fareast-font-family: Calibri; mso-hansi-font-family: Calibri; mso-bidi-font-family: Calibri"><span style="mso-list: Ignore"><font face="Calibri">-</font><span style="FONT: 7pt 'Times New Roman'"> </span></span></span><span style="FONT-SIZE: 12pt; LINE-HEIGHT: 115%"><font face="Calibri">Apart from CSIRT-KENYA are there other institutions that monitor vulnerability incidents?</font></span></p>
<p class="MsoListParagraphCxSpMiddle" style="MARGIN: 0in 0in 0pt 0.5in; TEXT-INDENT: -0.25in; TEXT-ALIGN: justify; mso-list: l0 level1 lfo1"><span style="FONT-SIZE: 12pt; LINE-HEIGHT: 115%; mso-ascii-font-family: Calibri; mso-fareast-font-family: Calibri; mso-hansi-font-family: Calibri; mso-bidi-font-family: Calibri"><span style="mso-list: Ignore"><font face="Calibri">-</font><span style="FONT: 7pt 'Times New Roman'"> </span></span></span><span style="FONT-SIZE: 12pt; LINE-HEIGHT: 115%"><font face="Calibri">What institutional framework should be set up to deal with cyber security? </font></span></p>
<p class="MsoListParagraphCxSpLast" style="MARGIN: 0in 0in 10pt 0.5in; TEXT-INDENT: -0.25in; TEXT-ALIGN: justify; mso-list: l0 level1 lfo1"><span style="FONT-SIZE: 12pt; LINE-HEIGHT: 115%; mso-ascii-font-family: Calibri; mso-fareast-font-family: Calibri; mso-hansi-font-family: Calibri; mso-bidi-font-family: Calibri"><span style="mso-list: Ignore"><font face="Calibri">-</font><span style="FONT: 7pt 'Times New Roman'"> </span></span></span><span style="FONT-SIZE: 12pt; LINE-HEIGHT: 115%"><font face="Calibri">Are there any success stories in dealing with security incidents?</font></span></p>
<p class="MsoPlainText" style="MARGIN: 0in 0in 0pt; TEXT-ALIGN: justify"><span style="FONT-SIZE: 12pt; FONT-FAMILY: 'Calibri','sans-serif'; mso-ascii-theme-font: minor-latin; mso-hansi-theme-font: minor-latin">Kind regards</span></p>
<p class="MsoPlainText" style="MARGIN: 0in 0in 0pt; TEXT-ALIGN: justify"><span style="FONT-SIZE: 12pt; FONT-FAMILY: 'Calibri','sans-serif'; mso-ascii-theme-font: minor-latin; mso-hansi-theme-font: minor-latin">Mwende</span></p>
<p class="MsoPlainText" style="MARGIN: 0in 0in 0pt; TEXT-ALIGN: justify"><span style="FONT-SIZE: 12pt; FONT-FAMILY: 'Calibri','sans-serif'; mso-ascii-theme-font: minor-latin; mso-hansi-theme-font: minor-latin"> </span></p>
<p class="MsoPlainText" style="MARGIN: 0in 0in 0pt; TEXT-ALIGN: justify"><span style="FONT-SIZE: 12pt; FONT-FAMILY: 'Calibri','sans-serif'; mso-ascii-theme-font: minor-latin; mso-hansi-theme-font: minor-latin"> </span></p>
<p class="MsoPlainText" style="MARGIN: 0in 0in 0pt; TEXT-ALIGN: justify"><span style="FONT-SIZE: 12pt; FONT-FAMILY: 'Calibri','sans-serif'; mso-ascii-theme-font: minor-latin; mso-hansi-theme-font: minor-latin"> </span></p>
<p class="MsoPlainText" style="MARGIN: 0in 0in 0pt; TEXT-ALIGN: justify"><span style="FONT-SIZE: 12pt; FONT-FAMILY: 'Calibri','sans-serif'; mso-ascii-theme-font: minor-latin; mso-hansi-theme-font: minor-latin">Disclaimer: These comments are the author's own</span></p>
</div>
<div><span class="gmail_quote">On 8/15/08, <b class="gmail_sendername">Patrick Mburu</b> <<a href="mailto:patrick.mburu@gmail.com">patrick.mburu@gmail.com</a>> wrote:</span>
<blockquote class="gmail_quote" style="PADDING-LEFT: 1ex; MARGIN: 0px 0px 0px 0.8ex; BORDER-LEFT: #ccc 1px solid">
<div dir="ltr">
<div>Good afternoon ladies and gents,</div>
<div> </div>
<div>Information security... one query i had been asking myself for years.. is how can we be sure we take the necessary measures to ensure "my" information is safe...however this has always fallen on the higher side... especially now in a strange world of buying all types and goods and services from as far as Brazil and know it will be delivered right to my door. One element remains is <strong>how safe</strong> is my or any of your information and details in the virtual world...and what is being done to protect it once its there... Just looking back a couple moth ago, we saw with the safcom IPO when all (or maybe just me..) there was a loop hole to see what person had on a portfolio... ofcourse this could be downplayed.. but just for example...</div>
<div> </div>
<div>Information is only too powerful a resource that we all in different capacities hold dear...once in the hand of others we may feel violated / vulnerable... similar as being burgled in a way...someone being able to walk right through my front door and check on my personal files.. take what they need and do what they will... so information security surely needs to be tackled and or awareness to consumers and businesses;</div>
<div> </div>
<div>I think one area for review is this area of authentication of actual users and at the varios portals that are currently popping up in all avenues... as Mich and other colleagues have already indicated... u never know what site u may be logging onto and giving your access codes to the online mwizi...</div>
<div> </div>
<div>With that said e-commerce is here to be embraced... and most definitely for development...using whatever technologies or combination there are on the market to promote this...but with customer / consumer information at risk... i think the one main focus point is on the ample meausre's needed to ensure security of customer information...</div>
<div> </div>
<div>
<div>Given the ever growing rate in internet and or e-fraud instances currently experienced in Europe, US, etc.., one of the main reported cases of internet fraud is through identity fraud... i think as we embark on this new trend of business and convenience.. we could assist in eductating the community locally...regionally.. on the potential threats... and thereof....</div>
</div>
<div> </div>
<div>Ok prior to proposing a possible solution through this.. and respecting this as a discussion fora... i will first seek permission to :-)</div>
<div> </div>
<div>Just FYI: heres some information / statistics on cyber crime:</div>
<div><a onclick="return top.js.OpenExtLink(window,event,this)" href="http://www.tamingthebeast.net/blog/ecommerce/internet-fraud-statistics-0207.htm" target="_blank">http://www.tamingthebeast.net/blog/ecommerce/internet-fraud-statistics-0207.htm</a></div>
<div><a onclick="return top.js.OpenExtLink(window,event,this)" href="http://securosis.com/2008/06/09/new-identity-theft-stats/" target="_blank">http://securosis.com/2008/06/09/new-identity-theft-stats/</a></div>
<div> </div>
<div>Kind regards,</div>
<div> </div>
<div>Patrick Mburu</div>
<div>Director - IT</div>
<div><a onclick="return top.js.OpenExtLink(window,event,this)" href="http://www.ats-africa.com/" target="_blank">www.ats-africa.com</a></div>
<div><em>"Prevention is better than cure..."</em><br> </div>
<div> </div>
<div class="gmail_quote">2008/8/15 Judy Okite <span dir="ltr"><<a onclick="return top.js.OpenExtLink(window,event,this)" href="mailto:judyokite@gmail.com" target="_blank">judyokite@gmail.com</a>></span><br>
<blockquote class="gmail_quote" style="PADDING-LEFT: 1ex; MARGIN: 0px 0px 0px 0.8ex; BORDER-LEFT: #ccc 1px solid">
<div><span class="e" id="q_11bc6ee2bdf90028_1">
<div dir="ltr">Michuki,<br><br>I do agree with you,very few onliners, think about security,when they are online. examples:<br><br>1. How many people,do actually read the End User License Agreement on the websites,especially,when installing softwares? the link below should make a good read.<br>
<br><a onclick="return top.js.OpenExtLink(window,event,this)" href="http://www.pcpitstop.com/spycheck/eula.asp" target="_blank">http://www.pcpitstop.com/spycheck/eula.asp</a><br><br>2. Should there be or is there a policy,when it comes to changing a domain name?<br>
<br>When one types; <a onclick="return top.js.OpenExtLink(window,event,this)" href="http://www.nationmedia.com/" target="_blank">www.nationmedia.com</a> you are redirected to www.nationmedia.co.ke....I check this website everyday....one day it was so slow loading...then...walaa...its .co.ke....if we dont take the time(maybe I missed it) to let our users know of the changes....then, what will happen when when Kenya gets into serious E-commerce? I believe we need to start now,to build trust online,it may seem like a small thing,but it will go a long way.<br>
<br>e.g what is the difference between <a onclick="return top.js.OpenExtLink(window,event,this)" href="http://www.safaricom.com/" target="_blank">www.safaricom.com</a> and <a onclick="return top.js.OpenExtLink(window,event,this)" href="http://www.safaricom.co.ke/" target="_blank">www.safaricom.co.ke</a>?<br>
<br><br>I) The Jurisdiction and Arbitration of eCriminals e.g. How would one resolve a case where a Kenyan ISP is hosting an eCommerce site that sells content that is declared illegal in Germany (e.g Hitler's paraphanallia). Can/Should the Germans shut down the Kenyan business site?<br>
<br>Well,I think the Yahoo and France on the Nazi case was a great eye opener in this regard, but what does that mean.......if the Germany decides to filter ccTLD(.KE)...then all Kenyan businesses loose.....not a very wise option! the ISP's will have to be responsible for the contents they display??.<br>
<br>Kind Regards,<br><br><br><br><br>
<div class="gmail_quote">
<div>
<div></div>
<div>On Thu, Aug 14, 2008 at 8:05 AM, John Walubengo <span dir="ltr"><<a onclick="return top.js.OpenExtLink(window,event,this)" href="mailto:jwalu@yahoo.com" target="_blank">jwalu@yahoo.com</a>></span> wrote:<br> </div>
</div>
<blockquote class="gmail_quote" style="PADDING-LEFT: 1ex; MARGIN: 0pt 0pt 0pt 0.8ex; BORDER-LEFT: rgb(204,204,204) 1px solid">
<div>
<div></div>
<div>Morning all,<br><br>Looks like very little response on yesterday's topic...where's Waudo formerly WGIG member? Nway, today's IG theme is the one with the most consensus across all stakeholders. The fact that the internet is becoming a place to place to work, live, pray or play is widely acknowledged and hence the consensus on the need to protect it.<br>
<br>The global and borderless nature of the Internet means that a secure internet needs a concerted global effort as earlier mentioned by Brian. A very secure US-territoial Internet is of no use if for example the Africa-territorial Internet is insecure since phising attacks, viruses, spam, eFrauds and other destabilizing conditions can be launched from there. Spam for example is known to constitute over 60% of email traffic on the Internet, which is a fairly significant chunk of Internet Bandwidth and Server Processing power going to waste.<br>
<br>The main internet security debate that cross-cuts into legal/social baskets often centers around:<br>I) How the Internet Protocol (IP) could be improved so as to trace-back the origin of the Spammers, eFraudsters, and other criminals. This may demand implementing IP tools that require all internet services (email, dns, web, etc) to be digitally signed - a feature that would come with some overheads (Mich could again assist here on which overheads these could be)<br>
II) The Jurisdiction and Arbitration of eCriminals e.g. How would one resolve a case where a Kenyan ISP is hosting an eCommerce site that sells content that is declared illegal in Germany (e.g Hitler's paraphanallia). Can/Should the Germans shut down the Kenyan business site?<br>
III) The delicate balance between pursing security and respecting citizen rights. To what extent should governments go into private emails, phone-logs, etc, in order to safeguard national security? Or what should be the mandatory procedures required of Businesses to safeguard sensitive electronic data of citizens?<br>
<br>Plse feel free to add, clarify, object or modify the above. More importantly think of what would be an E.African position on the issues.<br><br>As usual, 1day on this theme.<br><br>walu.<br><br><br><br><br><br>_______________________________________________<br>
kictanet mailing list<br><a onclick="return top.js.OpenExtLink(window,event,this)" href="mailto:kictanet@lists.kictanet.or.ke" target="_blank">kictanet@lists.kictanet.or.ke</a><br><a onclick="return top.js.OpenExtLink(window,event,this)" href="http://lists.kictanet.or.ke/mailman/listinfo/kictanet" target="_blank">http://lists.kictanet.or.ke/mailman/listinfo/kictanet</a><br>
<br> </div></div>This message was sent to: <a onclick="return top.js.OpenExtLink(window,event,this)" href="mailto:judyokite@gmail.com" target="_blank">judyokite@gmail.com</a><br>Unsubscribe or change your options at <a onclick="return top.js.OpenExtLink(window,event,this)" href="http://lists.kictanet.or.ke/mailman/options/kictanet/judyokite%40gmail.com" target="_blank">http://lists.kictanet.or.ke/mailman/options/kictanet/judyokite%40gmail.com</a><br>
</blockquote></div><br><br clear="all"><br>-- <br>"Do not go where the path may lead, go instead where there is no path and leave a trail."<br>~ Ralph Waldo Emerson<br> </div><br>_______________________________________________<br>
kictanet mailing list<br><a onclick="return top.js.OpenExtLink(window,event,this)" href="mailto:kictanet@lists.kictanet.or.ke" target="_blank">kictanet@lists.kictanet.or.ke</a><br><a onclick="return top.js.OpenExtLink(window,event,this)" href="http://lists.kictanet.or.ke/mailman/listinfo/kictanet" target="_blank">http://lists.kictanet.or.ke/mailman/listinfo/kictanet</a><br>
<br></span></div>This message was sent to: <a onclick="return top.js.OpenExtLink(window,event,this)" href="mailto:patrick.mburu@gmail.com" target="_blank">patrick.mburu@gmail.com</a><br>Unsubscribe or change your options at <a onclick="return top.js.OpenExtLink(window,event,this)" href="http://lists.kictanet.or.ke/mailman/options/kictanet/patrick.mburu%40gmail.com" target="_blank">http://lists.kictanet.or.ke/mailman/options/kictanet/patrick.mburu%40gmail.com</a><br>
<br></blockquote></div><br> </div><br>_______________________________________________<br>kictanet mailing list<br><a onclick="return top.js.OpenExtLink(window,event,this)" href="mailto:kictanet@lists.kictanet.or.ke">kictanet@lists.kictanet.or.ke</a><br>
<a onclick="return top.js.OpenExtLink(window,event,this)" href="http://lists.kictanet.or.ke/mailman/listinfo/kictanet" target="_blank">http://lists.kictanet.or.ke/mailman/listinfo/kictanet</a><br><br>This message was sent to: <a onclick="return top.js.OpenExtLink(window,event,this)" href="mailto:mwende.njiraini@gmail.com">mwende.njiraini@gmail.com</a><br>
Unsubscribe or change your options at <a onclick="return top.js.OpenExtLink(window,event,this)" href="http://lists.kictanet.or.ke/mailman/options/kictanet/mwende.njiraini%40gmail.com" target="_blank">http://lists.kictanet.or.ke/mailman/options/kictanet/mwende.njiraini%40gmail.com</a><br>
<br></blockquote></div><br>