<html><head><style type="text/css"><!-- DIV {margin:0px;} --></style></head><body><div style="font-family:arial,helvetica,sans-serif;font-size:12pt"><div>Thanks Walu, and what you have just written is an issue on its own. It is not completely on the topic we are discussing but allow me this once to digress. There are multiple initiatives going on in Kenya that many who should be cognizant about but are not. It is quite worrying sometimes that I find out so many developments in the ICT industry from researchers overseas....sometimes I have to cover up and quickly confirm the information and normally it is factual.<br><br> I am very happy with what KENIC is doing and anyone else doing anything similar even if it is for an academic thesis, do share. There is alot of good research or ideas that gather dust in our local universities once the student has gotten his/her qualification, they move on and sometimes they are not encouraged to build on this
ideas (local innovation). As I said I know I was digressing.....back to the topic.<br><br>Nyaki<br></div><div style="font-family: arial,helvetica,sans-serif; font-size: 12pt;"><br><div style="font-family: arial,helvetica,sans-serif; font-size: 13px;"><font size="2" face="Tahoma"><hr size="1"><b><span style="font-weight: bold;">From:</span></b> John Walubengo <jwalu@yahoo.com><br><b><span style="font-weight: bold;">To:</span></b> elizaslider@yahoo.com<br><b><span style="font-weight: bold;">Cc:</span></b> KICTAnet ICT Policy Discussions <kictanet@lists.kictanet.or.ke><br><b><span style="font-weight: bold;">Sent:</span></b> Friday, May 8, 2009 11:55:37 AM<br><b><span style="font-weight: bold;">Subject:</span></b> Re: [kictanet] IG Discussion 2009, Day 9 of 10 - National Cybersecurity strategies<br></font><br>
<br>Nyaki/Sam: My take was that we have the capacity to run Computer Emergency Response Teams (CERT) but we are not doing it. But am just attending the KENIC AGM and it looks like KENIC seems to have covered some ground in this area that could be used to crystalize the CERT idea.<br><br>walu.<br><br><br><br>--- On Fri, 5/8/09, Sam Gatere <<a ymailto="mailto:sam.gatere@gmail.com" href="mailto:sam.gatere@gmail.com">sam.gatere@gmail.com</a>> wrote:<br><br>> From: Sam Gatere <<a ymailto="mailto:sam.gatere@gmail.com" href="mailto:sam.gatere@gmail.com">sam.gatere@gmail.com</a>><br>> Subject: Re: [kictanet] IG Discussion 2009, Day 9 of 10 - National Cybersecurity strategies<br>> To: <a ymailto="mailto:jwalu@yahoo.com" href="mailto:jwalu@yahoo.com">jwalu@yahoo.com</a><br>> Cc: "KICTAnet ICT Policy Discussions" <<a ymailto="mailto:kictanet@lists.kictanet.or.ke"
href="mailto:kictanet@lists.kictanet.or.ke">kictanet@lists.kictanet.or.ke</a>><br>> Date: Friday, May 8, 2009, 1:09 PM<br>> Walu your analogy or discovery points at a very interesting<br>> area - our<br>> education system - If you do not train a child how he/she<br>> should grow how do<br>> you expect them to be what you envision? Nyaki's<br>> questions are quite sport<br>> on! I my humble view I would beg to ask what kind of<br>> investment that the<br>> government has put down on this non-tangible risk or threat<br>> depending on how<br>> you look at it. Our current political environment may not<br>> be too interested<br>> on matters digital if things that make perfect sense such<br>> as environmental<br>> preservation (read Mau) have to have a protracted political<br>> battle and we<br>> can all see the effects of poor resource management. If our<br>> Intelligence<br>> agents (NISIS -
CID) were more Techie savvy I think it<br>> would be a great<br>> boost just as Barrack mentioned in his post. However it all<br>> has to start<br>> somewhere, if Kenya has a CERT up an running we shall<br>> surely be starting on<br>> the right foot preempting disaster or cyber security issues<br>> and taking<br>> appropriate action rather than fighting fires! without fire<br>> equipment :)<br>> just for a the sake of argument - if the Migingo row<br>> degenerated further<br>> -God forbid- and a Cyber war broke out how would Kenya<br>> defend its Internet<br>> infrastructure from its aggressors? (in this case UG-sounds<br>> wired but hey<br>> its possible) read this article about the Russian Gorgian<br>> conflict that went<br>> all the way to the web!<br>> <br><span>> <a target="_blank"
href="http://blogs.zdnet.com/security/?p=1670">http://blogs.zdnet.com/security/?p=1670</a></span><br>> <br>> <br>> On Fri, May 8, 2009 at 12:33 AM, Barrack Otieno<br>> <<a ymailto="mailto:otieno.barrack@gmail.com" href="mailto:otieno.barrack@gmail.com">otieno.barrack@gmail.com</a>>wrote:<br>> <br>> > In my opinion there appears to be some ambiguity<br>> within our instituional<br>> > structures. When it comes to Cybersecurity issues how<br>> does the NSIS for<br>> > instance come in since it is a critical stakeholder. I<br>> am weary of non state<br>> > actors taking up responsibilities that they might not<br>> be well equiped to<br>> > handle, maybe PPP could work here<br>> > Thanks<br>> ><br>> > On Thu, May 7, 2009 at 11:46 PM, Catherine Adeya<br>> <<a ymailto="mailto:elizaslider@yahoo.com"
href="mailto:elizaslider@yahoo.com">elizaslider@yahoo.com</a>>wrote:<br>> ><br>> >> Walu,<br>> >><br>> >> Sorry I am coming in at the tail end...but is the<br>> question here an issue<br>> >> of we cannot do it? or we do not want to do it? or<br>> we cannot justify<br>> >> prioritizing doing it?<br>> >><br>> >> Nyaki<br>> >><br>> >> ------------------------------<br>> >> *From:* John Walubengo <<a ymailto="mailto:jwalu@yahoo.com" href="mailto:jwalu@yahoo.com">jwalu@yahoo.com</a>><br>> >> *To:* <a ymailto="mailto:elizaslider@yahoo.com" href="mailto:elizaslider@yahoo.com">elizaslider@yahoo.com</a><br>> >> *Cc:* KICTAnet ICT Policy Discussions<br>> <<a ymailto="mailto:kictanet@lists.kictanet.or.ke" href="mailto:kictanet@lists.kictanet.or.ke">kictanet@lists.kictanet.or.ke</a>><br>> >> *Sent:* Thursday, May 7,
2009 1:57:26 PM<br>> >><br>> >> *Subject:* Re: [kictanet] IG Discussion 2009, Day<br>> 9 of 10 - National<br>> >> Cybersecurity strategies<br>> >><br>> >><br>> >> Emergency Response Teams? - for Computer or other<br>> disasters? Very<br>> >> difficult concept for Kenyans. We live in a<br>> culture that thrives on<br>> >> crisis-management...I bet 99.9% of Kenyan<br>> graduates submitted their final<br>> >> projects - or +2hr before and after the deadline.<br>> >><br>> >> Its a culture that must be overcome if we shall<br>> ever setup a computer<br>> >> emergency response team.<br>> >><br>> >> walu.<br>> >> nb: but maybe we could learn from the medical<br>> practitioners, they seem to<br>> >> respond better to swine, chicken and other<br>> emerging cocktails of flu.<br>>
>><br>> >> --- On Thu, 5/7/09, mwende njiraini<br>> <<a ymailto="mailto:mwende.njiraini@gmail.com" href="mailto:mwende.njiraini@gmail.com">mwende.njiraini@gmail.com</a>> wrote:<br>> >><br>> >> > From: mwende njiraini<br>> <<a ymailto="mailto:mwende.njiraini@gmail.com" href="mailto:mwende.njiraini@gmail.com">mwende.njiraini@gmail.com</a>><br>> >> > Subject: Re: [kictanet] IG Discussion 2009,<br>> Day 9 of 10 - National<br>> >> Cybersecurity strategies<br>> >> > To: <a ymailto="mailto:jwalu@yahoo.com" href="mailto:jwalu@yahoo.com">jwalu@yahoo.com</a><br>> >> > Cc: "KICTAnet ICT Policy<br>> Discussions" <<a ymailto="mailto:kictanet@lists.kictanet.or.ke" href="mailto:kictanet@lists.kictanet.or.ke">kictanet@lists.kictanet.or.ke</a>><br>> >> > Date: Thursday, May 7, 2009, 10:36 AM<br>> >> > Morning,<br>> >>
><br>> >> > Reference to email below - you may wish to<br>> make reference<br>> >> > to the following<br>> >> > additional resources<br>> >> ><br>> >> > - One more CERT in Africa: Mauritius Gets<br>> Computer<br>> >> > Emergency Response<br>> >> > Team -<br>> >> ><br>> >> ><br>> >><br><span>> <a target="_blank" href="http://www.pcworld.com/businesscenter/article/146123/mauritius_gets_computer_emergency_response_team.html">http://www.pcworld.com/businesscenter/article/146123/mauritius_gets_computer_emergency_response_team.html</a></span><br>> >> > - CERT is located at Carnegie Mellon<br>> University,<br>> >> > involved in Internet<br>> >> > security vunerabilities, long term network<br>> changes<br>> >> >
research:<br><span>> >> > <a target="_blank" href="http://www.cert.org/">http://www.cert.org/</a></span><br>> >> > - Team Cymru is a specialized Internet<br>> security research<br>> >> > firm :<br><span>> >> > <a target="_blank" href="http://www.team-cymru.org/">http://www.team-cymru.org/</a></span><br>> >> > - FIRST is the global Forum for Incident<br>> Response and<br>> >> > Security Teams:<br><span>> >> > <a target="_blank" href="http://www.first.org/">http://www.first.org/</a></span><br>> >> ><br>> >> > Kind regards<br>> >> > Mwende<br>> >> > Please note the change in the subject line<br>> today is IG<br>> >> > Discussion 2009,*Day<br>> >> > 9 of 10 *<br>> >> ><br>> >> > *Disclaimer: Views expressed
here (except<br>> those quoted or<br>> >> > referenced) are<br>> >> > the author’s own*<br>> >> ><br>> >> ><br>> >> > On 5/7/09, mwende njiraini<br>> >> > <<a ymailto="mailto:mwende.njiraini@gmail.com" href="mailto:mwende.njiraini@gmail.com">mwende.njiraini@gmail.com</a>> wrote:<br>> >> ><br>> >> > > Good morning,<br>> >> > ><br>> >> > ><br>> >> > ><br>> >> > > Today we have the opportunity of<br>> discussing the last<br>> >> > aspect of<br>> >> > > cybersecurity: Computer Security<br>> Incident Response<br>> >> > Teams (CSIRTs)/Computer<br>> >> > > Emergency Response Teams (CERT).<br>> CSIRTs/CERTs are<br>> >> > responsible for preparing<br>> >> > > for, detecting, managing and responding<br>>
to<br>> >> > cybersecurity incidents as well<br>> >> > > as creating consumer awareness.<br>> >> > ><br>> >> > ><br>> >> > ><br>> >> > > Global cybersecurity is said to be ‘as<br>> strong as the<br>> >> > weakest link’. Developing<br>> >> > > countries particularly in Africa have<br>> not sufficiently<br>> >> > addressed<br>> >> > > cybersecurity issues. While some<br>> countries have<br>> >> > initiated efforts to<br>> >> > > develop cybersecurity capabilities<br>> through the<br>> >> > establishment of National<br>> >> > > CSIRTs/CERTs, the CERT-TCC in Tunisia is<br>> the only<br>> >> > active national CERT in<br>> >> > > Africa<br><span>> (<a target="_blank"
href="http://www.ansi.tn/en/about_cert-tcc.htm">http://www.ansi.tn/en/about_cert-tcc.htm</a>).</span><br>> >> > ><br>> >> > ><br>> >> > ><br>> >> > > In establishing a National CERT/CSIRT…<br>> >> > ><br>> >> > > - What structure could be adopted?<br>> >> > > - What services should be offered?<br>> >> > > - What elements could be considered<br>> to establish<br>> >> > trust in this<br>> >> > > institution thereby encouraging<br>> organizations with<br>> >> > critical information<br>> >> > > infrastructure (CII) such as<br>> government agencies,<br>> >> > banks, educational<br>> >> > > institutions, water and power<br>> companies, etc, to<br>> >> > share
of cybersecurity<br>> >> > > incidents?<br>> >> > ><br>> >> > ><br>> >> > ><br>> >> > > Kind regards<br>> >> > ><br>> >> > > Mwende<br>> >> > ><br>> >> > > *Disclaimer: Views expressed here<br>> (except those quoted<br>> >> > or referenced) are<br>> >> > > the author’s own*<br>> >> > ><br>> >> ><br>> _______________________________________________<br>> >> > kictanet mailing list<br>> >> > <a ymailto="mailto:kictanet@lists.kictanet.or.ke" href="mailto:kictanet@lists.kictanet.or.ke">kictanet@lists.kictanet.or.ke</a><br>> >> ><br><span>> <a target="_blank" href="http://lists.kictanet.or.ke/mailman/listinfo/kictanet">http://lists.kictanet.or.ke/mailman/listinfo/kictanet</a></span><br>> >> ><br>>
>> > This message was sent to: <a ymailto="mailto:jwalu@yahoo.com" href="mailto:jwalu@yahoo.com">jwalu@yahoo.com</a><br>> >> > Unsubscribe or change your options at<br>> >> ><br><span>> <a target="_blank" href="http://lists.kictanet.or.ke/mailman/options/kictanet/jwalu%40yahoo.com">http://lists.kictanet.or.ke/mailman/options/kictanet/jwalu%40yahoo.com</a></span><br>> >><br>> >><br>> >><br>> >><br>> >> _______________________________________________<br>> >> kictanet mailing list<br>> >> <a ymailto="mailto:kictanet@lists.kictanet.or.ke" href="mailto:kictanet@lists.kictanet.or.ke">kictanet@lists.kictanet.or.ke</a><br>> >><br>> <a href="http://lists.kictanet.or.ke/mailman/listinfo/kictanet" target="_blank">http://lists.kictanet.or.ke/mailman/listinfo/kictanet</a><br>> >><br>> >> This message was sent to: <a
ymailto="mailto:elizaslider@yahoo.com" href="mailto:elizaslider@yahoo.com">elizaslider@yahoo.com</a><br>> >> Unsubscribe or change your options at<br>> >><br><span>> <a target="_blank" href="http://lists.kictanet.or.ke/mailman/options/kictanet/elizaslider%40yahoo.com">http://lists.kictanet.or.ke/mailman/options/kictanet/elizaslider%40yahoo.com</a></span><br>> >><br>> >><br>> >> _______________________________________________<br>> >> kictanet mailing list<br>> >> <a ymailto="mailto:kictanet@lists.kictanet.or.ke" href="mailto:kictanet@lists.kictanet.or.ke">kictanet@lists.kictanet.or.ke</a><br>> >><br>> <a href="http://lists.kictanet.or.ke/mailman/listinfo/kictanet" target="_blank">http://lists.kictanet.or.ke/mailman/listinfo/kictanet</a><br>> >><br>> >> This message was sent to: <a ymailto="mailto:otieno.barrack@gmail.com"
href="mailto:otieno.barrack@gmail.com">otieno.barrack@gmail.com</a><br>> >> Unsubscribe or change your options at<br>> >><br><span>> <a target="_blank" href="http://lists.kictanet.or.ke/mailman/options/kictanet/otieno.barrack%40gmail.com">http://lists.kictanet.or.ke/mailman/options/kictanet/otieno.barrack%40gmail.com</a></span><br>> >><br>> >><br>> ><br>> ><br>> > --<br>> > Barrack O. Otieno<br>> > ISSEN CONSULTING<br>> > Tel:<br>> > +254721325277<br>> > +254733206359<br><span>> > <a target="_blank" href="http://projectdiscovery.or.ke">http://projectdiscovery.or.ke</a></span><br>> > To give up the task of reforming society is to give up<br>> ones responsibility<br>> > as a free man.<br>> > Alan Paton, South Africa<br>> ><br>> > _______________________________________________<br>> > kictanet mailing list<br>> > <a
ymailto="mailto:kictanet@lists.kictanet.or.ke" href="mailto:kictanet@lists.kictanet.or.ke">kictanet@lists.kictanet.or.ke</a><br>> > <a href="http://lists.kictanet.or.ke/mailman/listinfo/kictanet" target="_blank">http://lists.kictanet.or.ke/mailman/listinfo/kictanet</a><br>> ><br>> > This message was sent to: <a ymailto="mailto:sam.gatere@gmail.com" href="mailto:sam.gatere@gmail.com">sam.gatere@gmail.com</a><br>> > Unsubscribe or change your options at<br>> ><br><span>> <a target="_blank" href="http://lists.kictanet.or.ke/mailman/options/kictanet/sam.gatere%40gmail.com">http://lists.kictanet.or.ke/mailman/options/kictanet/sam.gatere%40gmail.com</a></span><br>> ><br>> ><br>> _______________________________________________<br>> kictanet mailing list<br>> <a ymailto="mailto:kictanet@lists.kictanet.or.ke" href="mailto:kictanet@lists.kictanet.or.ke">kictanet@lists.kictanet.or.ke</a><br>> <a
href="http://lists.kictanet.or.ke/mailman/listinfo/kictanet" target="_blank">http://lists.kictanet.or.ke/mailman/listinfo/kictanet</a><br>> <br>> This message was sent to: <a ymailto="mailto:jwalu@yahoo.com" href="mailto:jwalu@yahoo.com">jwalu@yahoo.com</a><br>> Unsubscribe or change your options at<br>> <a href="http://lists.kictanet.or.ke/mailman/options/kictanet/jwalu%40yahoo.com" target="_blank">http://lists.kictanet.or.ke/mailman/options/kictanet/jwalu%40yahoo.com</a><br><br><br> <br><br>_______________________________________________<br>kictanet mailing list<br><a ymailto="mailto:kictanet@lists.kictanet.or.ke" href="mailto:kictanet@lists.kictanet.or.ke">kictanet@lists.kictanet.or.ke</a><br><a href="http://lists.kictanet.or.ke/mailman/listinfo/kictanet" target="_blank">http://lists.kictanet.or.ke/mailman/listinfo/kictanet</a><br><br>This message was sent to: <a ymailto="mailto:elizaslider@yahoo.com"
href="mailto:elizaslider@yahoo.com">elizaslider@yahoo.com</a><br>Unsubscribe or change your options at <a href="http://lists.kictanet.or.ke/mailman/options/kictanet/elizaslider%40yahoo.com" target="_blank">http://lists.kictanet.or.ke/mailman/options/kictanet/elizaslider%40yahoo.com</a><br></div></div></div><br>
</body></html>