Following recent cyber-attacks that have been targeting East African companies, several institutions in the country have put in place security policies to counter them.Speaking to Sunday Times, Innocent Muhizi, the Head of Information Technology (IT) at Commercial Bank of Rwanda (BCR), said his institution had set up security measures to prevent information leak to hackers.“We have employed world renowned security solutions provider,VeriSign, to protect our clients’ information using online banking,” he revealed Sammy Kioko, the Alliance Manager, Cyber Security Africa, said information leak was unacceptable in today’s globalised digital economy.“An information leak within a company often indicates that security measures were not implemented,” he added.Kioko who is an expert in cyber security, observed that the ISO 27001, the international best practise for an Information Security Management System (ISMS), was needed to control information security within the context of an organisation’s overall business risks. “The ISMS is suitable for large and small companies. The standard is particularly recommended in situations where protection of information assets is critical, such as financial and banking, manufacturing and government sectors,” he explained.“Currently, there are 10 companies in Africa that have so far been ISO 27001 certified and less than 20 companies from both Africa and the Middle East versus 3,274 entities worldwide. With none in Eastern, Central and Horn of Africa, it takes at least two years for companies to prepare themselves for the certification process.”Rwanda on March 23rd, 2012 will host a Cyber Security Africa conference.Fred Gashemeza, the Director General in Charge of ICT in the Judiciary, stated that the institution’s website is well maintained with tight security policies.“Irregular updates make websites vulnerable to hackers. We update our website regularly and I don’t have any fear that information will be leaked in any way,” he noted.Nina Ndabaneze, The Marketing Manager of Tigo, said security measures around the company’s website and all IT infrastructures have always been in place, to safeguard not only the company information, but also their customers. “We have been aware of the recent dangers brought by website hackers and this has resulted in closely monitoring the issue and tightening the security and protection of our servers, equipment and Tigo website,” she emphasized. “We cannot emphasize enough that we take such threats very seriously, hence making cyber security a priority for our IT department”.
