Kenya inks deal with ITU on cyber-security

Kenya has entered into an agreement with a UN telecommunication agency to boost the East African nation’s efforts in enhancing cyber-security.

Friday, March 02, 2012

Kenya has entered into an agreement with a UN telecommunication agency to boost the East African nation’s efforts in enhancing cyber-security.A statement from the Communication Commission of Kenya (CCK) said Acting Director General, Francis Wangusi and International Telecommunications Union (ITU) Secretary General, Dr. Hamadoun Toure signed an Administrative Agreement for the implementation of Kenya National Computer Incident Response Team Coordination Centre (KE-CIRT/CC) in Geneva, Switzerland. "The ITU will provide staff resources for coordination and management of the project and will be responsible for its overall management, implementation, supervision, monitoring, coordination, evaluation and hand-over to the commission after six months,” Wangusi said in a statement received on Monday.Cyber crimes take various forms and include all manner of offences against the confidentiality, integrity and availability of computer data systems, content, copyright and trademark, computer offences and cyber terrorism, cyber warfare and cyber laundering among other crimes. According to the agreement, CCK will fund about 70 percent of the total project cost and will work closely with the ITU in implementing the Project. The ITU will fund about 30 percent of the total cost.The KE-CIRT/CC project will take approximately six months. Wangusi emphasized the importance of a safe online environment in Kenya. He added that CCK will discharge its mandate of putting in place an enabling online environment for individual internet users, the government organizations and private businesses by facilitating the establishment of the KE-CIRT/CC in Kenya in partnership with the ITU. The KE-CIRT/CC will be the national trusted focal point for advising and coordinating responses to cyber security incidents in Kenya.Other functions of the KE-CIRT/CC will include liaising with the local sector Computer Incident Response Teams (CIRTs), gathering and disseminating technical information on computer security incidents, carrying out research and analysis on computer security, facilitating the development of Public Key Infrastructure (PKIs) and capacity building in information security.The agreement comes at a time when various system improvements adopted by organizations in the Eastern and Central Africa to rein in high rates of fraud have proved futile as fraudsters have become increasingly smarter, skimming out larger amounts from target banks. Banks have become the most affected in the scams, with a recent industry survey conducted on banks in Kenya, Rwanda, Uganda, Tanzania and Zambia indicating that threats like hacking, malicious insiders, card skimming, electronic files manipulation, IT controls circumvention, unauthorized penetration and careless employees have surged as new core banking systems intended for enhanced IT security become more expensive to acquire and deploy.Speaking during the ceremony, Toure lauded Kenya for its high ICT penetration and for taking the lead to ensure confidence in online transactions through chairing the EACO Cyber security Taskforce and now in partnering with the ITU to implement a sound national cyber security management framework in Kenya.