SlideShare a Scribd company logo

National policy and strategy

Download as PPTX, PDF
B
Bright Boateng

Held at AITI

Internet
1 of 34
Ghana’s Experience Eric Akumiah Head, CERT-GH National Cyber Security Policy and Strategy: Ghana’s Experience
Ghana’s Experience Agenda Background • Existing Policy and Law on the fight against cybercrime • Gaps in Existing Policy/laws and Need for Policy & Strategy National Cyber Security Policy • Policy Development Process • 9 Pillars of Our Policy 5 Year Strategic Action Plan • Special Initiatives Way Forward 11/12/2015 2
Ghana’s Experience BACKGROUND 11/12/2015 3
Ghana’s Experience Existing Policy & ACTS • ICT4AD (Pillar 14) 2003 – ICT4AD is Ghana’s policy guidelines for ICT development – Comprise 14 Pillars address all ICT needs in Ghana – Pillar 14 • Policy measures and mechanisms to address – national security – law and order issues • Electronic Transaction Act (ACT 772) 2008 – Legal text embracing key instrument for the fight against cyber crime • ICT Tribunal • Cyber Inspectors • Electronic Government Services • Cyber Offenses • Protected computers and Databases • Consumer protection • Data Protection Act (843) 2012 – Focuses on application of Principles of Data Protection • Privacy of Individual • Collection of personal data • Security measures – Data Protection & Enforcement – Disclosure of information 411/12/2015
Ghana’s Experience Why the need for Cybersecurity Policy? Some shortfall in policy & Laws • ICT4AD does not adopt a PPP approach to ensuring cyber security • All prospective target audience not properly addressed by Pillar 14 • Protection of CNII not properly addressed under policy and ETA • Culture of cyber security across sectors not properly covered • In adequate cyber laws and capacity building for National security agencies and law enforcement to fight cybercrime Challenges • Prevalence of Cyber Frauds called “Sakawa” • Defacement of multiple government websites • Several Financial establishments hit with funds of customer stolen • Prevalent SIM Box Fraud – loss revenue to Government on International call traffic • Lack of awareness of risk to mobile data users on the Internet • Low awareness of risk of children using the Internet • Uncoordinated cyber initiatives across Ghana/ no information sharing • Lack of Information security technology framework in place 11/12/2015 5
Ghana’s Experience Person Specific •Consumer User •Corporate user Device Specific • Telephones • Wireless Cell Devices • Personal Digital Assistant (PDA) Network Specific • Wireless Carrier’s Transport • Local Area, Metropolitan Area and Wireless Area • Internet Targets: National Cyber Security Framework 11/12/2015 6
Ghana’s Experience Level 1:Home and Small Business users Level 2: Large Enterprise Users Level 3: Critical Sectors Level 4: National Priorities Level 5: Global 11/12/2015 7 Levels
Ghana’s Experience CNII Sectors Identified for Ghana 1.National Defense and Security 2. Banking and Finance 3. Information and Communications 4. Energy 5. Transportation 6. Water 7. Health Services 8. Government 9. Emergency services 10. Food and Agriculture 11/12/2015 8
Ghana’s Experience DRAFT NATIONAL CYBER SECURITY POLICY 11/12/2015 9
Ghana’s Experience Initiated by Ministry of Communications in 2011 with support from UNECA National Stakeholder Meeting to review areas for upgrade in National ICT needs Adhoc Technical committee established by MOC to develop policy and strategy Stakeholder meeting to review draft Final review by Adhoc committee to include comments Validation Workshop 11/12/2015 10 Policy Development Process 2011 2015
Ghana’s Experience Policy Development Process-2 • Step 1: Multi-stakeholder Adhoc Technical Committee formed • Step 2: Defined Terms to be used • Step 3: Reviewed existing Policy and Laws to determine gaps • Step 4: Reviewed conventions and country specific policies and strategies. – Budapest Convention, AU draft Convention • Step 5: Developed text of Policy 11/12/2015 11
Ghana’s Experience Vision & Mission • Vision A secure and stable connected Ghana with Internet users working and creating wealth in a safe cyber space, with a well-researched and trained academic and professional community protecting Ghana’s cyber space equipped with global standards and responding swiftly to cyber incidents, and with up-to-date laws and systems in place to efficiently prosecute cyber criminals. . • Mission Our mission is to determine, analyze and address the immediate cyber security threats posed on identified critical national information infrastructure by providing adequately protection for the critical national information infrastructure and over time become a self sufficient country attending to its cyber security needs. 11/12/2015 12
Ghana’s Experience 9 Pillars of Our Policy Effective Governance Legislative & Regulatory Framework Cyber Security Technology Framework Culture of security and Capacity Building Research & Development towards Self-Reliance Compliance and Enforcement Child Online Protection Cyber Security Emergency Readiness International Cooperation 11/12/2015 13
Ghana’s Experience FIVE YEAR STRATEGIC PLAN (2016- 2020) TO BE REVIEWED ANNUALLY 11/12/2015 14
Ghana’s Experience Special Initiative 1: National Cybersecurity Awareness Program Program to train different stakeholders on different aspects of cyber security with the intent of helping them provide a reasonable security consummate with the risks to avoid incidences of cyber attacks. Will take the form of identification, need assessment, training and evaluation of different sets of stakeholders. The program will include a cyber security awareness portal that will establish a permanent awareness campaign on the internet 11/12/2015 15
Ghana’s Experience Special Initiatives 2: Computer Emergency Response Teams Establishment of National Computer Emergency response Team (CERT-GH) Phase I Established with support ITU/IMPACT In August 2014 In January 2015 11 Government website defaced but brought under control with 24 hours by CERT-GH Sharing Alerts and Advisories with constituents to proactive lyimprove security of systems Working to establish phase II in 2015 Introducing probes on Ghanaian networks and subscribing to HORNET and AWARE early warning systems Phase III to be implemented in 2016 Establishment of National Forensic Laboratory 11/12/2015 16
Ghana’s Experience Special Initiative 3: National Cyber Security Centre • Defines, communicates and updates (when necessary) the national cyber security programs to all the CNII. National Cyber Security Policy Implementation: • Closely coordinates cyber security initiatives of various key Agencies and organizations in Ghana.National Coordination: •Promote and facilities formal and informal mechanism for information sharing across the CNII. This includes promoting cyber security awareness, training and education programs to grow the competency of information security professionals and the industry as a whole. Outreach: • Facilitiate the monitoring of compliance to cyber security policies and standards across the CNII.Compliance Monitoring: • Assesses and identifies cyber security threats exploiting vulnerabilities and risks across the CNII.Risk Assessment: • Assist the National Cyber Security Council in all its function activities and help industry to test its emergency plansSupport: • Contribute to application of international standards on cyber security as well as on accreditation and certification of ICT infrastructure, services and suppliers.Contribution: 11/12/2015 17
Ghana’s Experience Special Initiative 4: National Cyber Security Council Governance institution with full oversight of policy and ensuring full implementation of policy after its creation To serve as the highest-level liaison body for cyber security Responsible for adopting or approving the policies put forward for implementation of the function centre. To ensure that appropriate policies are in place to make Ghana a safe destination for cyber activity To boost national image in its sphere of influence and make it a leader in the region To ensure Ghana is part of international conventions and is playing its role as a leader in the region 11/12/2015 18
Ghana’s Experience Special Initiative 5: National Cybersecurity Crisis Management Plan Conceived to ensure that a coordinated swift response is made to any cyber incidences having a bearing on national security. Objective is to: Increase preparedness of country against cyber attacks Enhance capability to respond to cyber security issues Provide coordinated effort in handling cyber attacks Minimize impact to socio – economic activities A management committee which will be under the council where ultimate decisions are made on any major attacks and a working group created as PPP and having membership from the center, the national CERT, CNII sectors and any related agencies to enforce any tactic adopted for resolving any major attacks 11/12/2015 19
Ghana’s Experience11/12/2015 20 STRATEGY TIMELINE ACTIVITIES Short Term Year 1 -2 Holistic assessment of CNII and addressing immediate Concerns & Awareness Creation – Identify issues with CNII, analyze vulnerabilities and put in place stop gap intervention to safeguard systems while setting up institutional structures and creating public awareness Medium Term Year 3 - 4 Building the infrastructure for Cyber security - Setting-up the necessary systems, process, standards and institutional arrangements (mechanisms) and building capacity amongst researchers and information security professionals Long Term Year 5+ Developing self-reliance & international Cooperation – Adopting technology and developing capacity of professionals, monitoring the mechanisms for compliance, evaluating and improving the mechanisms and creating the culture of cyber security Implementation Timelines
Ghana’s Experience Way Forward • Ghana’s Draft Policy Develop started in 2011 • Submitted to Cabinet to review and approve in 2013. • Validation workshop held in 2015 for final cabinet approval • Development of detailed implementation framework of each policy Pillar after Cabinet approval • To develop or not to develop new Cyber security and Cybercrime laws - discussion 11/12/2015 21
Ghana’s Experience Thank You! eric.akumiah@cert-gh.org www.cert-gh.org www.nita.gov.gh www.moc.gov.gh 11/12/2015 22
Ghana’s Experience Additional Slides 11/12/2015 23
Ghana’s Experience Definitions-1 Cyber Security is “Enhancing security and building confidence in the use of ICT applications” (ITU GCA) Cyber Security means the collection of tools, policies, guidelines, risk management approaches, actions, training, best practices, assurance and technologies that can be used to protect organization and user’s assets on the cyber environment. Organization and user’s assets include connected computing devices, computing users, applications/services, communications systems, multimedia communication, and the totality of transmitted and/or stored information in the cyber environment. (ITU-T Recommendation X.1205) Cybersecurity ensures the attainment and maintenance of the security properties of the organization and user’s assets against relevant security risks in the cyber environment. The security properties include one or more of the following: – Availability – Integrity, which may include authenticity and non-repudiation – Confidentiality 11/12/2015 24
Ghana’s Experience Definitions -2 • Critical Infrastructures (CI) are generally considered as the key systems, services and functions whose disruption or destruction would have a debilitating impact on public health and safety, commerce, and national security, or any combination of those matters. – Economic and industrial sectors have their own physical assets which today depend upon reliable functioning of Critical Information Infrastructure (CII) to deliver their services and to conduct business. – Critical Information Infrastructure Protection (CIIP) protects virtual elements (such as systems and data) of the CII. 11/12/2015 25
Ghana’s Experience Policy Pillar 1 & 2 • Effective Governance Government will centralize coordination of national cyber security initiatives and promote effective cooperation between public and private sectors. In order to sustain the gains from any initiatives, government will establish formal and encourage informal information sharing exchanges. • Legislative & Regulatory Framework Government will in collaboration with the Attorney General’s department setup a periodic process of reviewing and enhancing Ghana’s laws relating to cyber space to address the dynamic nature of cyber security threats. In order to empower national law enforcement agencies to properly prosecute cyber security crimes, government will establish progressive capacity building programs to acquire new skills and effective ways of enforcing cyber laws. Government will ensure that all applicable local legislation is complementary to and in harmony with international laws, treaties and conventions. 11/12/2015 26
Ghana’s Experience Policy Pillar 3 & 4 • Cyber Security Technology Framework Policy measures will be put in place to develop a national cyber security technology framework that specifies cyber security requirement controls and baselines for CNII elements. This will be accompanied will mechanism to implement an evaluation/certification program for cyber security product and systems. • Culture of security and Capacity Building Government will invest every resource needed to develop, foster and maintain a national culture of security. As part of the process of development of culture of cyber security, government will support the standardization and coordination of cyber security awareness and education programmes across all elements of the CNII. Government will also: – Establish an effective mechanism for cyber security knowledge dissemination at the national level – Identify minimum requirements and qualifications for information security professionals 11/12/2015 27
Ghana’s Experience Policy Pillar 5 & 6 • Research & Development towards Self-Reliance In order Ghana become self-reliant in protecting the CNII to a level that is commensurate with the risk, government will formalize the coordination and prioritization of cyber security research and development activities enlarge and strengthen the cyber security research community. Research and development will be encouraged by promoting the development and commercialization of intellectual properties, technologies and innovations through focused research and development. Government will also put measures in place to nurture the growth of cyber security industry • Compliance and Enforcement In order to ensure compliance and enforcement, policy measures and mechanism will be put in place to standardize cyber security systems across all elements of the CNII. Government will also strengthen the monitoring and enforcement of standards and develop a standard cyber security risk assessment framework 11/12/2015 28
Ghana’s Experience Policy Pillar 7 & 8 • Child Online Protection Policy measures will be implemented through multi-stakeholder working by government industry, Civil Society, and relevant international child online protection agencies. Government will encourage dialogue at national and local levels to engage all concerned and create awareness of the possibilities and dangers of the Internet. • Cyber Security Emergency Readiness To ensure cyber security emergency readiness, government together with all stakeholders will develop effective cyber security incident reporting mechanisms. This will include the development and strengthening of the national computer security incidence response team (CSIRT) and sector CSIRTs, dissemination of vulnerability advisories and threat warnings in a timely manner and the development of a standard business continuity management framework. The government will also encourage all elements of the CNII to monitor cyber security events and perform periodic vulnerability assessment programs. 11/12/2015 29
Ghana’s Experience Policy Pillar 9 • International Cooperation Policy measures will be put in place to encourage active participation of Ghana in all relevant international cyber security bodies, panels and multi- national agencies. Government will make every effort to promote active participation in all relevant international cyber security activities by hosting an annual international cyber security conference. 11/12/2015 30
Ghana’s Experience Action Plan 2016 -2020 31 Item Thrust Actions and Special Initiatives Policy Drivers 1. Effective Governance Setup Governance Structure and institutions to enable long –term substance of Cyber Security activity including information exchange. Institutions include:  National Cyber Security Council  National Cyber Security Center  National Cyber Security Policy Working Group Ministry of Communications, National Security Council, NITA, NCA 2. Legislative and Regulatory Framework Setup Cyber Law Review Committee under the Attorney General’s Department to do a study on the laws of Ghana to accommodate legal challenges in the Cyber environment and review every three year  Stage 1: identifications of issues in the cyber environment  Stage 2. Review current laws on cyber environment  Stage 3. Make recommendations for amendment of national laws Attorney General’s Department 3. Cyber Security Technology Framework  Review and adopt international cyber security standard such as MS ISO/IEC 27001 to increase robustness of CNII sectors  Expansion of national certification scheme for information security management & assurance Ministry of Communications, NITA NSC 11/12/2015
Ghana’s Experience Action Plan 2016 -2020 32 Item Thrust Actions and Special Initiatives Policy Drivers 4. Culture of Cyber Security & Capacity Building  Reduce number of Information security incidents through improved awareness & skill level o Increase Certification course on information and cyber security,  Develop a National Cyber Security Awareness program and portal targeted at stakeholders by content providers using different packaging for different demographics Ministry of Communications, Ministry of Information, (National Cyber Security Council, National Cyber Security Center, National CSIRT , National Cyber Security Policy Working Group) 5. Research & Development towards Self–Reliance  Develop National R&D Roadmap for Cyber Security o Identify technologies relevant & desirable for CNII o Provide domain competency development o Nature growth of Cyber Security Industry o Update roadmap regularly National Cyber Security Council, National Cyber Security center, National CERT , Universities, CSIR, Professional certification Centers 6. Compliance & Enforcement Develop Risk Assessment framework for CNII 11/12/2015
Ghana’s Experience Action Plan 2016 - 2020 11/12/2015 33 Item Thrust Actions & Special Initiatives Policy Drivers 7. Child Online Protection Develop a framework for the protection of children as they engage with the Internet which ensures that agencies and stakeholders work together to address children’s online risk by 1. Ensuring that Organizational Structures put in place for  A Monitoring Framework  Technical and Procedural Measures for working with all stakeholders 1. Capacity Building – Awareness raising and public education. 2. Legal Measures 3. Implementation and International Cooperation Ministry of Communications Ministry of Gender, Children and Social Protection; Ministry of Interior, Ministry of Educations
Ghana’s Experience Action Plan 2016 -2020 Item Thrust Actions & Special Initiatives Policy Drivers 8 Cyber Security Emergency Readiness Frame work for cyber attack responds – Mitigation of Cyber attacks  National and sector CSIRTs  National Cyber Crises management Committee  National Cyber Crises Management WG Private Sector and Government Network Operators, Academic, Financial Sectors, Security agencies, Utilities, National Cyber Security Council, 9. International Cooperation  Engage in relevant international cyber security meetings  Prioritize international engagements, sign and ensure compliance of International/regional conventions Ministry of Communications Ministry of Foreign Affairs Attorney Generals’ Department National Security Council 11/12/2015 34

Recommended

Singapore. industry 4.0 and cybersecurity
Singapore. industry 4.0 and cybersecurity Singapore. industry 4.0 and cybersecurity
Singapore. industry 4.0 and cybersecurity
Yuri Anisimov
 
Singapore Cybersecurity Strategy and Legislation (2018)
Singapore Cybersecurity Strategy and Legislation (2018)Singapore Cybersecurity Strategy and Legislation (2018)
Singapore Cybersecurity Strategy and Legislation (2018)
Benjamin Ang
 
Lessons learned from the SingHealth Data Breach COI Report
Lessons learned from the SingHealth Data Breach COI ReportLessons learned from the SingHealth Data Breach COI Report
Lessons learned from the SingHealth Data Breach COI Report
Benjamin Ang
 
Singapore Cybersecurity Strategy and Legislation (for SMU Law School 2019)
Singapore Cybersecurity Strategy and Legislation (for SMU Law School 2019)Singapore Cybersecurity Strategy and Legislation (for SMU Law School 2019)
Singapore Cybersecurity Strategy and Legislation (for SMU Law School 2019)
Benjamin Ang
 
Cybersecurity legislation in Singapore (2017)
Cybersecurity legislation in Singapore (2017)Cybersecurity legislation in Singapore (2017)
Cybersecurity legislation in Singapore (2017)
Benjamin Ang
 
Overview of national cybercrime strategies
Overview of national cybercrime strategiesOverview of national cybercrime strategies
Overview of national cybercrime strategies
Benjamin Ang
 
Cybersecurity Hub & Operations - Dr. Kiru Pillay
Cybersecurity Hub & Operations - Dr. Kiru PillayCybersecurity Hub & Operations - Dr. Kiru Pillay
Cybersecurity Hub & Operations - Dr. Kiru Pillay
dotZADNA
 
ID IGF 2016 - Infrastruktur 3 - Towards National Cyber Security Framework
ID IGF 2016 - Infrastruktur 3 - Towards National Cyber Security FrameworkID IGF 2016 - Infrastruktur 3 - Towards National Cyber Security Framework
ID IGF 2016 - Infrastruktur 3 - Towards National Cyber Security Framework
IGF Indonesia
 

Recommended

Singapore. industry 4.0 and cybersecurity
Singapore. industry 4.0 and cybersecurity Singapore. industry 4.0 and cybersecurity
Singapore. industry 4.0 and cybersecurity
Yuri Anisimov
 
Singapore Cybersecurity Strategy and Legislation (2018)
Singapore Cybersecurity Strategy and Legislation (2018)Singapore Cybersecurity Strategy and Legislation (2018)
Singapore Cybersecurity Strategy and Legislation (2018)
Benjamin Ang
 
Lessons learned from the SingHealth Data Breach COI Report
Lessons learned from the SingHealth Data Breach COI ReportLessons learned from the SingHealth Data Breach COI Report
Lessons learned from the SingHealth Data Breach COI Report
Benjamin Ang
 
Singapore Cybersecurity Strategy and Legislation (for SMU Law School 2019)
Singapore Cybersecurity Strategy and Legislation (for SMU Law School 2019)Singapore Cybersecurity Strategy and Legislation (for SMU Law School 2019)
Singapore Cybersecurity Strategy and Legislation (for SMU Law School 2019)
Benjamin Ang
 
Cybersecurity legislation in Singapore (2017)
Cybersecurity legislation in Singapore (2017)Cybersecurity legislation in Singapore (2017)
Cybersecurity legislation in Singapore (2017)
Benjamin Ang
 
Overview of national cybercrime strategies
Overview of national cybercrime strategiesOverview of national cybercrime strategies
Overview of national cybercrime strategies
Benjamin Ang
 
Cybersecurity Hub & Operations - Dr. Kiru Pillay
Cybersecurity Hub & Operations - Dr. Kiru PillayCybersecurity Hub & Operations - Dr. Kiru Pillay
Cybersecurity Hub & Operations - Dr. Kiru Pillay
dotZADNA
 
ID IGF 2016 - Infrastruktur 3 - Towards National Cyber Security Framework
ID IGF 2016 - Infrastruktur 3 - Towards National Cyber Security FrameworkID IGF 2016 - Infrastruktur 3 - Towards National Cyber Security Framework
ID IGF 2016 - Infrastruktur 3 - Towards National Cyber Security Framework
IGF Indonesia
 
INDIAN NATIONAL CYBER SECURITY POLICY (NCSP-2013)
INDIAN NATIONAL CYBER SECURITY POLICY (NCSP-2013)INDIAN NATIONAL CYBER SECURITY POLICY (NCSP-2013)
INDIAN NATIONAL CYBER SECURITY POLICY (NCSP-2013)
Santosh Khadsare
 
National cyber security policy final
National cyber security policy finalNational cyber security policy final
National cyber security policy final
Indian Air Force
 
APCERT Updates
APCERT UpdatesAPCERT Updates
APCERT Updates
APNIC
 
Protecting Critical Infrastructure: a multi-layered approach
Protecting Critical Infrastructure: a multi-layered approachProtecting Critical Infrastructure: a multi-layered approach
Protecting Critical Infrastructure: a multi-layered approach
ITU
 
National Cyber Security Policy-2013
National Cyber Security Policy-2013National Cyber Security Policy-2013
National Cyber Security Policy-2013
Vidushi Singh
 
Cybersecurity for Critical National Information Infrastructure
Cybersecurity for Critical National Information InfrastructureCybersecurity for Critical National Information Infrastructure
Cybersecurity for Critical National Information Infrastructure
Dr David Probert
 
National cyber security policy 2013
National cyber security policy 2013National cyber security policy 2013
National cyber security policy 2013
M P Keshava
 
Review of national cyber security policy 2013 by chintan pathak
Review of national cyber security policy 2013 by chintan pathakReview of national cyber security policy 2013 by chintan pathak
Review of national cyber security policy 2013 by chintan pathak
Chintan Pathak
 
National Cyber Security Policy 2013 (NCSP)
National Cyber Security Policy 2013 (NCSP)National Cyber Security Policy 2013 (NCSP)
National Cyber Security Policy 2013 (NCSP)
Gopal Choudhary
 
Its not ITs problem
Its not ITs problemIts not ITs problem
Its not ITs problem
Shiva Bissessar
 
Cybercrime Bill 2014: Due Diligence
Cybercrime Bill 2014: Due DiligenceCybercrime Bill 2014: Due Diligence
Cybercrime Bill 2014: Due Diligence
Shiva Bissessar
 
Cyber security landscape
Cyber security landscapeCyber security landscape
Cyber security landscape
Jisc
 
Impressions from Caribbean ICT Stakeholder Meeting, CyberSecurity
Impressions from Caribbean ICT Stakeholder Meeting, CyberSecurityImpressions from Caribbean ICT Stakeholder Meeting, CyberSecurity
Impressions from Caribbean ICT Stakeholder Meeting, CyberSecurity
Shiva Bissessar
 
Data Leak Protection Using Text Mining and Social Network Analysis
Data Leak Protection Using Text Mining and Social Network AnalysisData Leak Protection Using Text Mining and Social Network Analysis
Data Leak Protection Using Text Mining and Social Network Analysis
IJERD Editor
 
Combating cyber crimes chinatu
Combating cyber crimes chinatuCombating cyber crimes chinatu
Combating cyber crimes chinatu
Chinatu Uzuegbu
 
National Strategies against Cyber Attacks - Philip Victor
National Strategies against Cyber Attacks - Philip VictorNational Strategies against Cyber Attacks - Philip Victor
National Strategies against Cyber Attacks - Philip Victor
Knowledge Group
 
Day 1 Enisa Setting Up A Csirt
Day 1 Enisa Setting Up A CsirtDay 1 Enisa Setting Up A Csirt
Day 1 Enisa Setting Up A Csirt
vngundi
 
CERT Australia Update, by Scott Brown [APNIC 38 / Network Abuse BoF]
CERT Australia Update, by Scott Brown [APNIC 38 / Network Abuse BoF]CERT Australia Update, by Scott Brown [APNIC 38 / Network Abuse BoF]
CERT Australia Update, by Scott Brown [APNIC 38 / Network Abuse BoF]
APNIC
 
Tech 2 Tech - security
Tech 2 Tech - securityTech 2 Tech - security
Tech 2 Tech - security
Jisc
 
Need for Improved Critical Industrial Infrastructure Protection
Need for Improved Critical Industrial Infrastructure ProtectionNeed for Improved Critical Industrial Infrastructure Protection
Need for Improved Critical Industrial Infrastructure Protection
William McBorrough
 
Advertising pitch presentation
Advertising pitch presentationAdvertising pitch presentation
Advertising pitch presentation
chappleaaron00
 
Mitos y leyendas
Mitos y leyendasMitos y leyendas
Mitos y leyendas
isaksen100
 

More Related Content

What's hot

Protecting Critical Infrastructure: a multi-layered approach
Protecting Critical Infrastructure: a multi-layered approachProtecting Critical Infrastructure: a multi-layered approach
Protecting Critical Infrastructure: a multi-layered approach
ITU
 
National Cyber Security Policy-2013
National Cyber Security Policy-2013National Cyber Security Policy-2013
National Cyber Security Policy-2013
Vidushi Singh
 
Data Leak Protection Using Text Mining and Social Network Analysis
Data Leak Protection Using Text Mining and Social Network AnalysisData Leak Protection Using Text Mining and Social Network Analysis
Data Leak Protection Using Text Mining and Social Network Analysis
IJERD Editor
 

What's hot (20)

INDIAN NATIONAL CYBER SECURITY POLICY (NCSP-2013)
INDIAN NATIONAL CYBER SECURITY POLICY (NCSP-2013)INDIAN NATIONAL CYBER SECURITY POLICY (NCSP-2013)
INDIAN NATIONAL CYBER SECURITY POLICY (NCSP-2013)
 
National cyber security policy final
National cyber security policy finalNational cyber security policy final
National cyber security policy final
 
APCERT Updates
APCERT UpdatesAPCERT Updates
APCERT Updates
 
Protecting Critical Infrastructure: a multi-layered approach
Protecting Critical Infrastructure: a multi-layered approachProtecting Critical Infrastructure: a multi-layered approach
Protecting Critical Infrastructure: a multi-layered approach
 
National Cyber Security Policy-2013
National Cyber Security Policy-2013National Cyber Security Policy-2013
National Cyber Security Policy-2013
 
Cybersecurity for Critical National Information Infrastructure
Cybersecurity for Critical National Information InfrastructureCybersecurity for Critical National Information Infrastructure
Cybersecurity for Critical National Information Infrastructure
 
National cyber security policy 2013
National cyber security policy 2013National cyber security policy 2013
National cyber security policy 2013
 
Review of national cyber security policy 2013 by chintan pathak
Review of national cyber security policy 2013 by chintan pathakReview of national cyber security policy 2013 by chintan pathak
Review of national cyber security policy 2013 by chintan pathak
 
National Cyber Security Policy 2013 (NCSP)
National Cyber Security Policy 2013 (NCSP)National Cyber Security Policy 2013 (NCSP)
National Cyber Security Policy 2013 (NCSP)
 
Its not ITs problem
Its not ITs problemIts not ITs problem
Its not ITs problem
 
Cybercrime Bill 2014: Due Diligence
Cybercrime Bill 2014: Due DiligenceCybercrime Bill 2014: Due Diligence
Cybercrime Bill 2014: Due Diligence
 
Cyber security landscape
Cyber security landscapeCyber security landscape
Cyber security landscape
 
Impressions from Caribbean ICT Stakeholder Meeting, CyberSecurity
Impressions from Caribbean ICT Stakeholder Meeting, CyberSecurityImpressions from Caribbean ICT Stakeholder Meeting, CyberSecurity
Impressions from Caribbean ICT Stakeholder Meeting, CyberSecurity
 
Data Leak Protection Using Text Mining and Social Network Analysis
Data Leak Protection Using Text Mining and Social Network AnalysisData Leak Protection Using Text Mining and Social Network Analysis
Data Leak Protection Using Text Mining and Social Network Analysis
 
Combating cyber crimes chinatu
Combating cyber crimes chinatuCombating cyber crimes chinatu
Combating cyber crimes chinatu
 
National Strategies against Cyber Attacks - Philip Victor
National Strategies against Cyber Attacks - Philip VictorNational Strategies against Cyber Attacks - Philip Victor
National Strategies against Cyber Attacks - Philip Victor
 
Day 1 Enisa Setting Up A Csirt
Day 1 Enisa Setting Up A CsirtDay 1 Enisa Setting Up A Csirt
Day 1 Enisa Setting Up A Csirt
 
CERT Australia Update, by Scott Brown [APNIC 38 / Network Abuse BoF]
CERT Australia Update, by Scott Brown [APNIC 38 / Network Abuse BoF]CERT Australia Update, by Scott Brown [APNIC 38 / Network Abuse BoF]
CERT Australia Update, by Scott Brown [APNIC 38 / Network Abuse BoF]
 
Tech 2 Tech - security
Tech 2 Tech - securityTech 2 Tech - security
Tech 2 Tech - security
 
Need for Improved Critical Industrial Infrastructure Protection
Need for Improved Critical Industrial Infrastructure ProtectionNeed for Improved Critical Industrial Infrastructure Protection
Need for Improved Critical Industrial Infrastructure Protection
 

Viewers also liked

Advertising pitch presentation
Advertising pitch presentationAdvertising pitch presentation
Advertising pitch presentation
chappleaaron00
 
k to 12 learning module electrical installtion and maintenance
k to 12 learning module electrical installtion and maintenancek to 12 learning module electrical installtion and maintenance
k to 12 learning module electrical installtion and maintenance
kristine policarpio
 
UX Australia 28 August 2015
UX Australia 28 August 2015UX Australia 28 August 2015
UX Australia 28 August 2015
John Murphy
 

Viewers also liked (10)

Advertising pitch presentation
Advertising pitch presentationAdvertising pitch presentation
Advertising pitch presentation
 
Mitos y leyendas
Mitos y leyendasMitos y leyendas
Mitos y leyendas
 
Who am I?
Who am I?Who am I?
Who am I?
 
6 amparo nova forum
6 amparo nova forum6 amparo nova forum
6 amparo nova forum
 
k to 12 learning module electrical installtion and maintenance
k to 12 learning module electrical installtion and maintenancek to 12 learning module electrical installtion and maintenance
k to 12 learning module electrical installtion and maintenance
 
Personal Chefs Br
Personal Chefs BrPersonal Chefs Br
Personal Chefs Br
 
8 sm arcanjo forum microbacias_2015
8 sm arcanjo forum microbacias_20158 sm arcanjo forum microbacias_2015
8 sm arcanjo forum microbacias_2015
 
Presentación Gabriel Cabrera - eCommerce Day Bogotá 2016
Presentación Gabriel Cabrera - eCommerce Day Bogotá 2016Presentación Gabriel Cabrera - eCommerce Day Bogotá 2016
Presentación Gabriel Cabrera - eCommerce Day Bogotá 2016
 
UX Australia 28 August 2015
UX Australia 28 August 2015UX Australia 28 August 2015
UX Australia 28 August 2015
 
videojuegos
videojuegosvideojuegos
videojuegos
 

Similar to National policy and strategy

Creating cyber forensic readiness in your organisation
Creating cyber forensic readiness in your organisationCreating cyber forensic readiness in your organisation
Creating cyber forensic readiness in your organisation
Jacqueline Fick
 
WCIT 2014 Som Mittal - Managing risks in an interdependent economy risks rela...
WCIT 2014 Som Mittal - Managing risks in an interdependent economy risks rela...WCIT 2014 Som Mittal - Managing risks in an interdependent economy risks rela...
WCIT 2014 Som Mittal - Managing risks in an interdependent economy risks rela...
WCIT 2014
 
npCert Initiatives in Nepal (Nepal Computer Emergency Response Team)
npCert Initiatives in Nepal (Nepal Computer Emergency Response Team)npCert Initiatives in Nepal (Nepal Computer Emergency Response Team)
npCert Initiatives in Nepal (Nepal Computer Emergency Response Team)
OneCoverNepal
 
ACOP - Safer Cyber Space for Children - final
ACOP - Safer Cyber Space for Children - finalACOP - Safer Cyber Space for Children - final
ACOP - Safer Cyber Space for Children - final
Mercy Wanjau
 
Qatar's NIA Policy Program
Qatar's NIA Policy ProgramQatar's NIA Policy Program
Qatar's NIA Policy Program
Samir Pawaskar
 
Lessons learned from Capacity Building on International Cyber Norms in Southe...
Lessons learned from Capacity Building on International Cyber Norms in Southe...Lessons learned from Capacity Building on International Cyber Norms in Southe...
Lessons learned from Capacity Building on International Cyber Norms in Southe...
Benjamin Ang
 

Similar to National policy and strategy (20)

Singapore's National Cyber Security Strategy
Singapore's National Cyber Security StrategySingapore's National Cyber Security Strategy
Singapore's National Cyber Security Strategy
 
Curbing Cyber Menace BY: Kenneth Adu Amanfoh Deputy Director IT,NCA
Curbing Cyber Menace BY: Kenneth Adu Amanfoh Deputy Director IT,NCACurbing Cyber Menace BY: Kenneth Adu Amanfoh Deputy Director IT,NCA
Curbing Cyber Menace BY: Kenneth Adu Amanfoh Deputy Director IT,NCA
 
Achieving Caribbean Cybersecuirty
Achieving Caribbean CybersecuirtyAchieving Caribbean Cybersecuirty
Achieving Caribbean Cybersecuirty
 
ITU Cybersecurity Capabilities
ITU Cybersecurity CapabilitiesITU Cybersecurity Capabilities
ITU Cybersecurity Capabilities
 
CNCERT Conference 2017: Capacity development in the Asia Pacific
CNCERT Conference 2017: Capacity development in the Asia PacificCNCERT Conference 2017: Capacity development in the Asia Pacific
CNCERT Conference 2017: Capacity development in the Asia Pacific
 
UN Singapore Cyber Programme 15 july19
UN Singapore Cyber Programme 15 july19UN Singapore Cyber Programme 15 july19
UN Singapore Cyber Programme 15 july19
 
Creating cyber forensic readiness in your organisation
Creating cyber forensic readiness in your organisationCreating cyber forensic readiness in your organisation
Creating cyber forensic readiness in your organisation
 
ISOC Update
ISOC UpdateISOC Update
ISOC Update
 
WCIT 2014 Som Mittal - Managing risks in an interdependent economy risks rela...
WCIT 2014 Som Mittal - Managing risks in an interdependent economy risks rela...WCIT 2014 Som Mittal - Managing risks in an interdependent economy risks rela...
WCIT 2014 Som Mittal - Managing risks in an interdependent economy risks rela...
 
Session 5.3 Alexander Ntoko
Session 5.3 Alexander NtokoSession 5.3 Alexander Ntoko
Session 5.3 Alexander Ntoko
 
GROUP-1 (1).pdf
GROUP-1 (1).pdfGROUP-1 (1).pdf
GROUP-1 (1).pdf
 
The Nigerian Cybersecurity Space-How Regulated Are We?
The Nigerian Cybersecurity Space-How Regulated Are We?The Nigerian Cybersecurity Space-How Regulated Are We?
The Nigerian Cybersecurity Space-How Regulated Are We?
 
ICT4D in Catholic Relief Services (CRS)
ICT4D in Catholic Relief Services (CRS) ICT4D in Catholic Relief Services (CRS)
ICT4D in Catholic Relief Services (CRS)
 
npCert Initiatives in Nepal (Nepal Computer Emergency Response Team)
npCert Initiatives in Nepal (Nepal Computer Emergency Response Team)npCert Initiatives in Nepal (Nepal Computer Emergency Response Team)
npCert Initiatives in Nepal (Nepal Computer Emergency Response Team)
 
ACOP - Safer Cyber Space for Children - final
ACOP - Safer Cyber Space for Children - finalACOP - Safer Cyber Space for Children - final
ACOP - Safer Cyber Space for Children - final
 
National Cyber Security Strategy 2020 DSCI submission.pdf
National Cyber Security Strategy 2020 DSCI submission.pdfNational Cyber Security Strategy 2020 DSCI submission.pdf
National Cyber Security Strategy 2020 DSCI submission.pdf
 
Qatar's NIA Policy Program
Qatar's NIA Policy ProgramQatar's NIA Policy Program
Qatar's NIA Policy Program
 
Singapore Asean cyber conflict and cybersecurity strategy - for Columbia Univ...
Singapore Asean cyber conflict and cybersecurity strategy - for Columbia Univ...Singapore Asean cyber conflict and cybersecurity strategy - for Columbia Univ...
Singapore Asean cyber conflict and cybersecurity strategy - for Columbia Univ...
 
Lessons learned from Capacity Building on International Cyber Norms in Southe...
Lessons learned from Capacity Building on International Cyber Norms in Southe...Lessons learned from Capacity Building on International Cyber Norms in Southe...
Lessons learned from Capacity Building on International Cyber Norms in Southe...
 
Cyber security general perspective a
Cyber security general perspective aCyber security general perspective a
Cyber security general perspective a
 

More from Bright Boateng

Presentation icann igf_accra_oct_2015_final
Presentation icann igf_accra_oct_2015_finalPresentation icann igf_accra_oct_2015_final
Presentation icann igf_accra_oct_2015_final
Bright Boateng
 
Strengthening critical internet infrastructure
Strengthening critical internet infrastructureStrengthening critical internet infrastructure
Strengthening critical internet infrastructure
Bright Boateng
 
Presentation on e services gepp for igf programme at kace
Presentation on e services gepp for igf programme at kacePresentation on e services gepp for igf programme at kace
Presentation on e services gepp for igf programme at kace
Bright Boateng
 

More from Bright Boateng (6)

Presentation icann igf_accra_oct_2015_final
Presentation icann igf_accra_oct_2015_finalPresentation icann igf_accra_oct_2015_final
Presentation icann igf_accra_oct_2015_final
 
E form a sp-registration
E form a sp-registrationE form a sp-registration
E form a sp-registration
 
Garnet kace 28_oct_15
Garnet kace 28_oct_15Garnet kace 28_oct_15
Garnet kace 28_oct_15
 
Strengthening critical internet infrastructure
Strengthening critical internet infrastructureStrengthening critical internet infrastructure
Strengthening critical internet infrastructure
 
Towards affordable internet access
Towards affordable internet accessTowards affordable internet access
Towards affordable internet access
 
Presentation on e services gepp for igf programme at kace
Presentation on e services gepp for igf programme at kacePresentation on e services gepp for igf programme at kace
Presentation on e services gepp for igf programme at kace
 

Recently uploaded

Pirangut | Call Girls Pune Phone No 8005736733 Elite Escort Service Available...
Pirangut | Call Girls Pune Phone No 8005736733 Elite Escort Service Available...Pirangut | Call Girls Pune Phone No 8005736733 Elite Escort Service Available...
Pirangut | Call Girls Pune Phone No 8005736733 Elite Escort Service Available...
SUHANI PANDEY
 
VIP Model Call Girls Hadapsar ( Pune ) Call ON 9905417584 Starting High Prof...
VIP Model Call Girls Hadapsar ( Pune ) Call ON 9905417584 Starting High Prof...VIP Model Call Girls Hadapsar ( Pune ) Call ON 9905417584 Starting High Prof...
VIP Model Call Girls Hadapsar ( Pune ) Call ON 9905417584 Starting High Prof...
singhpriety023
 
💚😋 Salem Escort Service Call Girls, 9352852248 ₹5000 To 25K With AC💚😋
💚😋 Salem Escort Service Call Girls, 9352852248 ₹5000 To 25K With AC💚😋💚😋 Salem Escort Service Call Girls, 9352852248 ₹5000 To 25K With AC💚😋
💚😋 Salem Escort Service Call Girls, 9352852248 ₹5000 To 25K With AC💚😋
nirzagarg
 
Wadgaon Sheri $ Call Girls Pune 10k @ I'm VIP Independent Escorts Girls 80057...
Wadgaon Sheri $ Call Girls Pune 10k @ I'm VIP Independent Escorts Girls 80057...Wadgaon Sheri $ Call Girls Pune 10k @ I'm VIP Independent Escorts Girls 80057...
Wadgaon Sheri $ Call Girls Pune 10k @ I'm VIP Independent Escorts Girls 80057...
SUHANI PANDEY
 
Thalassery Escorts Service ☎️ 6378878445 ( Sakshi Sinha ) High Profile Call G...
Thalassery Escorts Service ☎️ 6378878445 ( Sakshi Sinha ) High Profile Call G...Thalassery Escorts Service ☎️ 6378878445 ( Sakshi Sinha ) High Profile Call G...
Thalassery Escorts Service ☎️ 6378878445 ( Sakshi Sinha ) High Profile Call G...
Call Girls In Delhi Whatsup 9873940964 Enjoy Unlimited Pleasure
 
Dubai=Desi Dubai Call Girls O525547819 Outdoor Call Girls Dubai
Dubai=Desi Dubai Call Girls O525547819 Outdoor Call Girls DubaiDubai=Desi Dubai Call Girls O525547819 Outdoor Call Girls Dubai
Dubai=Desi Dubai Call Girls O525547819 Outdoor Call Girls Dubai
kojalkojal131
 
➥🔝 7737669865 🔝▻ mehsana Call-girls in Women Seeking Men 🔝mehsana🔝 Escorts...
➥🔝 7737669865 🔝▻ mehsana Call-girls in Women Seeking Men 🔝mehsana🔝 Escorts...➥🔝 7737669865 🔝▻ mehsana Call-girls in Women Seeking Men 🔝mehsana🔝 Escorts...
➥🔝 7737669865 🔝▻ mehsana Call-girls in Women Seeking Men 🔝mehsana🔝 Escorts...
nirzagarg
 
All Time Service Available Call Girls Mg Road 👌 ⏭️ 6378878445
All Time Service Available Call Girls Mg Road 👌 ⏭️ 6378878445All Time Service Available Call Girls Mg Road 👌 ⏭️ 6378878445
All Time Service Available Call Girls Mg Road 👌 ⏭️ 6378878445
ruhi
 
Shikrapur - Call Girls in Pune Neha 8005736733 | 100% Gennuine High Class Ind...
Shikrapur - Call Girls in Pune Neha 8005736733 | 100% Gennuine High Class Ind...Shikrapur - Call Girls in Pune Neha 8005736733 | 100% Gennuine High Class Ind...
Shikrapur - Call Girls in Pune Neha 8005736733 | 100% Gennuine High Class Ind...
SUHANI PANDEY
 
Sarola * Female Escorts Service in Pune | 8005736733 Independent Escorts & Da...
Sarola * Female Escorts Service in Pune | 8005736733 Independent Escorts & Da...Sarola * Female Escorts Service in Pune | 8005736733 Independent Escorts & Da...
Sarola * Female Escorts Service in Pune | 8005736733 Independent Escorts & Da...
SUHANI PANDEY
 
pdfcoffee.com_business-ethics-q3m7-pdf-free.pdf
pdfcoffee.com_business-ethics-q3m7-pdf-free.pdfpdfcoffee.com_business-ethics-q3m7-pdf-free.pdf
pdfcoffee.com_business-ethics-q3m7-pdf-free.pdf
JOHNBEBONYAP1
 
Ganeshkhind ! Call Girls Pune - 450+ Call Girl Cash Payment 8005736733 Neha T...
Ganeshkhind ! Call Girls Pune - 450+ Call Girl Cash Payment 8005736733 Neha T...Ganeshkhind ! Call Girls Pune - 450+ Call Girl Cash Payment 8005736733 Neha T...
Ganeshkhind ! Call Girls Pune - 450+ Call Girl Cash Payment 8005736733 Neha T...
SUHANI PANDEY
 
VIP Call Girls Pollachi 7001035870 Whatsapp Number, 24/07 Booking
VIP Call Girls Pollachi 7001035870 Whatsapp Number, 24/07 BookingVIP Call Girls Pollachi 7001035870 Whatsapp Number, 24/07 Booking
VIP Call Girls Pollachi 7001035870 Whatsapp Number, 24/07 Booking
dharasingh5698
 
WhatsApp 📞 8448380779 ✅Call Girls In Mamura Sector 66 ( Noida)
WhatsApp 📞 8448380779 ✅Call Girls In Mamura Sector 66 ( Noida)WhatsApp 📞 8448380779 ✅Call Girls In Mamura Sector 66 ( Noida)
WhatsApp 📞 8448380779 ✅Call Girls In Mamura Sector 66 ( Noida)
Delhi Call girls
 

Recently uploaded (20)

Pirangut | Call Girls Pune Phone No 8005736733 Elite Escort Service Available...
Pirangut | Call Girls Pune Phone No 8005736733 Elite Escort Service Available...Pirangut | Call Girls Pune Phone No 8005736733 Elite Escort Service Available...
Pirangut | Call Girls Pune Phone No 8005736733 Elite Escort Service Available...
 
VIP Model Call Girls Hadapsar ( Pune ) Call ON 9905417584 Starting High Prof...
VIP Model Call Girls Hadapsar ( Pune ) Call ON 9905417584 Starting High Prof...VIP Model Call Girls Hadapsar ( Pune ) Call ON 9905417584 Starting High Prof...
VIP Model Call Girls Hadapsar ( Pune ) Call ON 9905417584 Starting High Prof...
 
💚😋 Salem Escort Service Call Girls, 9352852248 ₹5000 To 25K With AC💚😋
💚😋 Salem Escort Service Call Girls, 9352852248 ₹5000 To 25K With AC💚😋💚😋 Salem Escort Service Call Girls, 9352852248 ₹5000 To 25K With AC💚😋
💚😋 Salem Escort Service Call Girls, 9352852248 ₹5000 To 25K With AC💚😋
 
Wadgaon Sheri $ Call Girls Pune 10k @ I'm VIP Independent Escorts Girls 80057...
Wadgaon Sheri $ Call Girls Pune 10k @ I'm VIP Independent Escorts Girls 80057...Wadgaon Sheri $ Call Girls Pune 10k @ I'm VIP Independent Escorts Girls 80057...
Wadgaon Sheri $ Call Girls Pune 10k @ I'm VIP Independent Escorts Girls 80057...
 
"Boost Your Digital Presence: Partner with a Leading SEO Agency"
"Boost Your Digital Presence: Partner with a Leading SEO Agency""Boost Your Digital Presence: Partner with a Leading SEO Agency"
"Boost Your Digital Presence: Partner with a Leading SEO Agency"
 
Thalassery Escorts Service ☎️ 6378878445 ( Sakshi Sinha ) High Profile Call G...
Thalassery Escorts Service ☎️ 6378878445 ( Sakshi Sinha ) High Profile Call G...Thalassery Escorts Service ☎️ 6378878445 ( Sakshi Sinha ) High Profile Call G...
Thalassery Escorts Service ☎️ 6378878445 ( Sakshi Sinha ) High Profile Call G...
 
Dubai=Desi Dubai Call Girls O525547819 Outdoor Call Girls Dubai
Dubai=Desi Dubai Call Girls O525547819 Outdoor Call Girls DubaiDubai=Desi Dubai Call Girls O525547819 Outdoor Call Girls Dubai
Dubai=Desi Dubai Call Girls O525547819 Outdoor Call Girls Dubai
 
➥🔝 7737669865 🔝▻ mehsana Call-girls in Women Seeking Men 🔝mehsana🔝 Escorts...
➥🔝 7737669865 🔝▻ mehsana Call-girls in Women Seeking Men 🔝mehsana🔝 Escorts...➥🔝 7737669865 🔝▻ mehsana Call-girls in Women Seeking Men 🔝mehsana🔝 Escorts...
➥🔝 7737669865 🔝▻ mehsana Call-girls in Women Seeking Men 🔝mehsana🔝 Escorts...
 
All Time Service Available Call Girls Mg Road 👌 ⏭️ 6378878445
All Time Service Available Call Girls Mg Road 👌 ⏭️ 6378878445All Time Service Available Call Girls Mg Road 👌 ⏭️ 6378878445
All Time Service Available Call Girls Mg Road 👌 ⏭️ 6378878445
 
APNIC Updates presented by Paul Wilson at ARIN 53
APNIC Updates presented by Paul Wilson at ARIN 53APNIC Updates presented by Paul Wilson at ARIN 53
APNIC Updates presented by Paul Wilson at ARIN 53
 
Shikrapur - Call Girls in Pune Neha 8005736733 | 100% Gennuine High Class Ind...
Shikrapur - Call Girls in Pune Neha 8005736733 | 100% Gennuine High Class Ind...Shikrapur - Call Girls in Pune Neha 8005736733 | 100% Gennuine High Class Ind...
Shikrapur - Call Girls in Pune Neha 8005736733 | 100% Gennuine High Class Ind...
 
Sarola * Female Escorts Service in Pune | 8005736733 Independent Escorts & Da...
Sarola * Female Escorts Service in Pune | 8005736733 Independent Escorts & Da...Sarola * Female Escorts Service in Pune | 8005736733 Independent Escorts & Da...
Sarola * Female Escorts Service in Pune | 8005736733 Independent Escorts & Da...
 
Microsoft Azure Arc Customer Deck Microsoft
Microsoft Azure Arc Customer Deck MicrosoftMicrosoft Azure Arc Customer Deck Microsoft
Microsoft Azure Arc Customer Deck Microsoft
 
pdfcoffee.com_business-ethics-q3m7-pdf-free.pdf
pdfcoffee.com_business-ethics-q3m7-pdf-free.pdfpdfcoffee.com_business-ethics-q3m7-pdf-free.pdf
pdfcoffee.com_business-ethics-q3m7-pdf-free.pdf
 
Call Girls Ludhiana Just Call 98765-12871 Top Class Call Girl Service Available
Call Girls Ludhiana Just Call 98765-12871 Top Class Call Girl Service AvailableCall Girls Ludhiana Just Call 98765-12871 Top Class Call Girl Service Available
Call Girls Ludhiana Just Call 98765-12871 Top Class Call Girl Service Available
 
Real Men Wear Diapers T Shirts sweatshirt
Real Men Wear Diapers T Shirts sweatshirtReal Men Wear Diapers T Shirts sweatshirt
Real Men Wear Diapers T Shirts sweatshirt
 
Ganeshkhind ! Call Girls Pune - 450+ Call Girl Cash Payment 8005736733 Neha T...
Ganeshkhind ! Call Girls Pune - 450+ Call Girl Cash Payment 8005736733 Neha T...Ganeshkhind ! Call Girls Pune - 450+ Call Girl Cash Payment 8005736733 Neha T...
Ganeshkhind ! Call Girls Pune - 450+ Call Girl Cash Payment 8005736733 Neha T...
 
VIP Call Girls Pollachi 7001035870 Whatsapp Number, 24/07 Booking
VIP Call Girls Pollachi 7001035870 Whatsapp Number, 24/07 BookingVIP Call Girls Pollachi 7001035870 Whatsapp Number, 24/07 Booking
VIP Call Girls Pollachi 7001035870 Whatsapp Number, 24/07 Booking
 
20240507 QFM013 Machine Intelligence Reading List April 2024.pdf
20240507 QFM013 Machine Intelligence Reading List April 2024.pdf20240507 QFM013 Machine Intelligence Reading List April 2024.pdf
20240507 QFM013 Machine Intelligence Reading List April 2024.pdf
 
WhatsApp 📞 8448380779 ✅Call Girls In Mamura Sector 66 ( Noida)
WhatsApp 📞 8448380779 ✅Call Girls In Mamura Sector 66 ( Noida)WhatsApp 📞 8448380779 ✅Call Girls In Mamura Sector 66 ( Noida)
WhatsApp 📞 8448380779 ✅Call Girls In Mamura Sector 66 ( Noida)
 

National policy and strategy

  • 1. Ghana’s Experience Eric Akumiah Head, CERT-GH National Cyber Security Policy and Strategy: Ghana’s Experience
  • 2. Ghana’s Experience Agenda Background • Existing Policy and Law on the fight against cybercrime • Gaps in Existing Policy/laws and Need for Policy & Strategy National Cyber Security Policy • Policy Development Process • 9 Pillars of Our Policy 5 Year Strategic Action Plan • Special Initiatives Way Forward 11/12/2015 2
  • 4. Ghana’s Experience Existing Policy & ACTS • ICT4AD (Pillar 14) 2003 – ICT4AD is Ghana’s policy guidelines for ICT development – Comprise 14 Pillars address all ICT needs in Ghana – Pillar 14 • Policy measures and mechanisms to address – national security – law and order issues • Electronic Transaction Act (ACT 772) 2008 – Legal text embracing key instrument for the fight against cyber crime • ICT Tribunal • Cyber Inspectors • Electronic Government Services • Cyber Offenses • Protected computers and Databases • Consumer protection • Data Protection Act (843) 2012 – Focuses on application of Principles of Data Protection • Privacy of Individual • Collection of personal data • Security measures – Data Protection & Enforcement – Disclosure of information 411/12/2015
  • 5. Ghana’s Experience Why the need for Cybersecurity Policy? Some shortfall in policy & Laws • ICT4AD does not adopt a PPP approach to ensuring cyber security • All prospective target audience not properly addressed by Pillar 14 • Protection of CNII not properly addressed under policy and ETA • Culture of cyber security across sectors not properly covered • In adequate cyber laws and capacity building for National security agencies and law enforcement to fight cybercrime Challenges • Prevalence of Cyber Frauds called “Sakawa” • Defacement of multiple government websites • Several Financial establishments hit with funds of customer stolen • Prevalent SIM Box Fraud – loss revenue to Government on International call traffic • Lack of awareness of risk to mobile data users on the Internet • Low awareness of risk of children using the Internet • Uncoordinated cyber initiatives across Ghana/ no information sharing • Lack of Information security technology framework in place 11/12/2015 5
  • 6. Ghana’s Experience Person Specific •Consumer User •Corporate user Device Specific • Telephones • Wireless Cell Devices • Personal Digital Assistant (PDA) Network Specific • Wireless Carrier’s Transport • Local Area, Metropolitan Area and Wireless Area • Internet Targets: National Cyber Security Framework 11/12/2015 6
  • 7. Ghana’s Experience Level 1:Home and Small Business users Level 2: Large Enterprise Users Level 3: Critical Sectors Level 4: National Priorities Level 5: Global 11/12/2015 7 Levels
  • 8. Ghana’s Experience CNII Sectors Identified for Ghana 1.National Defense and Security 2. Banking and Finance 3. Information and Communications 4. Energy 5. Transportation 6. Water 7. Health Services 8. Government 9. Emergency services 10. Food and Agriculture 11/12/2015 8
  • 9. Ghana’s Experience DRAFT NATIONAL CYBER SECURITY POLICY 11/12/2015 9
  • 10. Ghana’s Experience Initiated by Ministry of Communications in 2011 with support from UNECA National Stakeholder Meeting to review areas for upgrade in National ICT needs Adhoc Technical committee established by MOC to develop policy and strategy Stakeholder meeting to review draft Final review by Adhoc committee to include comments Validation Workshop 11/12/2015 10 Policy Development Process 2011 2015
  • 11. Ghana’s Experience Policy Development Process-2 • Step 1: Multi-stakeholder Adhoc Technical Committee formed • Step 2: Defined Terms to be used • Step 3: Reviewed existing Policy and Laws to determine gaps • Step 4: Reviewed conventions and country specific policies and strategies. – Budapest Convention, AU draft Convention • Step 5: Developed text of Policy 11/12/2015 11
  • 12. Ghana’s Experience Vision & Mission • Vision A secure and stable connected Ghana with Internet users working and creating wealth in a safe cyber space, with a well-researched and trained academic and professional community protecting Ghana’s cyber space equipped with global standards and responding swiftly to cyber incidents, and with up-to-date laws and systems in place to efficiently prosecute cyber criminals. . • Mission Our mission is to determine, analyze and address the immediate cyber security threats posed on identified critical national information infrastructure by providing adequately protection for the critical national information infrastructure and over time become a self sufficient country attending to its cyber security needs. 11/12/2015 12
  • 13. Ghana’s Experience 9 Pillars of Our Policy Effective Governance Legislative & Regulatory Framework Cyber Security Technology Framework Culture of security and Capacity Building Research & Development towards Self-Reliance Compliance and Enforcement Child Online Protection Cyber Security Emergency Readiness International Cooperation 11/12/2015 13
  • 14. Ghana’s Experience FIVE YEAR STRATEGIC PLAN (2016- 2020) TO BE REVIEWED ANNUALLY 11/12/2015 14
  • 15. Ghana’s Experience Special Initiative 1: National Cybersecurity Awareness Program Program to train different stakeholders on different aspects of cyber security with the intent of helping them provide a reasonable security consummate with the risks to avoid incidences of cyber attacks. Will take the form of identification, need assessment, training and evaluation of different sets of stakeholders. The program will include a cyber security awareness portal that will establish a permanent awareness campaign on the internet 11/12/2015 15
  • 16. Ghana’s Experience Special Initiatives 2: Computer Emergency Response Teams Establishment of National Computer Emergency response Team (CERT-GH) Phase I Established with support ITU/IMPACT In August 2014 In January 2015 11 Government website defaced but brought under control with 24 hours by CERT-GH Sharing Alerts and Advisories with constituents to proactive lyimprove security of systems Working to establish phase II in 2015 Introducing probes on Ghanaian networks and subscribing to HORNET and AWARE early warning systems Phase III to be implemented in 2016 Establishment of National Forensic Laboratory 11/12/2015 16
  • 17. Ghana’s Experience Special Initiative 3: National Cyber Security Centre • Defines, communicates and updates (when necessary) the national cyber security programs to all the CNII. National Cyber Security Policy Implementation: • Closely coordinates cyber security initiatives of various key Agencies and organizations in Ghana.National Coordination: •Promote and facilities formal and informal mechanism for information sharing across the CNII. This includes promoting cyber security awareness, training and education programs to grow the competency of information security professionals and the industry as a whole. Outreach: • Facilitiate the monitoring of compliance to cyber security policies and standards across the CNII.Compliance Monitoring: • Assesses and identifies cyber security threats exploiting vulnerabilities and risks across the CNII.Risk Assessment: • Assist the National Cyber Security Council in all its function activities and help industry to test its emergency plansSupport: • Contribute to application of international standards on cyber security as well as on accreditation and certification of ICT infrastructure, services and suppliers.Contribution: 11/12/2015 17
  • 18. Ghana’s Experience Special Initiative 4: National Cyber Security Council Governance institution with full oversight of policy and ensuring full implementation of policy after its creation To serve as the highest-level liaison body for cyber security Responsible for adopting or approving the policies put forward for implementation of the function centre. To ensure that appropriate policies are in place to make Ghana a safe destination for cyber activity To boost national image in its sphere of influence and make it a leader in the region To ensure Ghana is part of international conventions and is playing its role as a leader in the region 11/12/2015 18
  • 19. Ghana’s Experience Special Initiative 5: National Cybersecurity Crisis Management Plan Conceived to ensure that a coordinated swift response is made to any cyber incidences having a bearing on national security. Objective is to: Increase preparedness of country against cyber attacks Enhance capability to respond to cyber security issues Provide coordinated effort in handling cyber attacks Minimize impact to socio – economic activities A management committee which will be under the council where ultimate decisions are made on any major attacks and a working group created as PPP and having membership from the center, the national CERT, CNII sectors and any related agencies to enforce any tactic adopted for resolving any major attacks 11/12/2015 19
  • 20. Ghana’s Experience11/12/2015 20 STRATEGY TIMELINE ACTIVITIES Short Term Year 1 -2 Holistic assessment of CNII and addressing immediate Concerns & Awareness Creation – Identify issues with CNII, analyze vulnerabilities and put in place stop gap intervention to safeguard systems while setting up institutional structures and creating public awareness Medium Term Year 3 - 4 Building the infrastructure for Cyber security - Setting-up the necessary systems, process, standards and institutional arrangements (mechanisms) and building capacity amongst researchers and information security professionals Long Term Year 5+ Developing self-reliance & international Cooperation – Adopting technology and developing capacity of professionals, monitoring the mechanisms for compliance, evaluating and improving the mechanisms and creating the culture of cyber security Implementation Timelines
  • 21. Ghana’s Experience Way Forward • Ghana’s Draft Policy Develop started in 2011 • Submitted to Cabinet to review and approve in 2013. • Validation workshop held in 2015 for final cabinet approval • Development of detailed implementation framework of each policy Pillar after Cabinet approval • To develop or not to develop new Cyber security and Cybercrime laws - discussion 11/12/2015 21
  • 24. Ghana’s Experience Definitions-1 Cyber Security is “Enhancing security and building confidence in the use of ICT applications” (ITU GCA) Cyber Security means the collection of tools, policies, guidelines, risk management approaches, actions, training, best practices, assurance and technologies that can be used to protect organization and user’s assets on the cyber environment. Organization and user’s assets include connected computing devices, computing users, applications/services, communications systems, multimedia communication, and the totality of transmitted and/or stored information in the cyber environment. (ITU-T Recommendation X.1205) Cybersecurity ensures the attainment and maintenance of the security properties of the organization and user’s assets against relevant security risks in the cyber environment. The security properties include one or more of the following: – Availability – Integrity, which may include authenticity and non-repudiation – Confidentiality 11/12/2015 24
  • 25. Ghana’s Experience Definitions -2 • Critical Infrastructures (CI) are generally considered as the key systems, services and functions whose disruption or destruction would have a debilitating impact on public health and safety, commerce, and national security, or any combination of those matters. – Economic and industrial sectors have their own physical assets which today depend upon reliable functioning of Critical Information Infrastructure (CII) to deliver their services and to conduct business. – Critical Information Infrastructure Protection (CIIP) protects virtual elements (such as systems and data) of the CII. 11/12/2015 25
  • 26. Ghana’s Experience Policy Pillar 1 & 2 • Effective Governance Government will centralize coordination of national cyber security initiatives and promote effective cooperation between public and private sectors. In order to sustain the gains from any initiatives, government will establish formal and encourage informal information sharing exchanges. • Legislative & Regulatory Framework Government will in collaboration with the Attorney General’s department setup a periodic process of reviewing and enhancing Ghana’s laws relating to cyber space to address the dynamic nature of cyber security threats. In order to empower national law enforcement agencies to properly prosecute cyber security crimes, government will establish progressive capacity building programs to acquire new skills and effective ways of enforcing cyber laws. Government will ensure that all applicable local legislation is complementary to and in harmony with international laws, treaties and conventions. 11/12/2015 26
  • 27. Ghana’s Experience Policy Pillar 3 & 4 • Cyber Security Technology Framework Policy measures will be put in place to develop a national cyber security technology framework that specifies cyber security requirement controls and baselines for CNII elements. This will be accompanied will mechanism to implement an evaluation/certification program for cyber security product and systems. • Culture of security and Capacity Building Government will invest every resource needed to develop, foster and maintain a national culture of security. As part of the process of development of culture of cyber security, government will support the standardization and coordination of cyber security awareness and education programmes across all elements of the CNII. Government will also: – Establish an effective mechanism for cyber security knowledge dissemination at the national level – Identify minimum requirements and qualifications for information security professionals 11/12/2015 27
  • 28. Ghana’s Experience Policy Pillar 5 & 6 • Research & Development towards Self-Reliance In order Ghana become self-reliant in protecting the CNII to a level that is commensurate with the risk, government will formalize the coordination and prioritization of cyber security research and development activities enlarge and strengthen the cyber security research community. Research and development will be encouraged by promoting the development and commercialization of intellectual properties, technologies and innovations through focused research and development. Government will also put measures in place to nurture the growth of cyber security industry • Compliance and Enforcement In order to ensure compliance and enforcement, policy measures and mechanism will be put in place to standardize cyber security systems across all elements of the CNII. Government will also strengthen the monitoring and enforcement of standards and develop a standard cyber security risk assessment framework 11/12/2015 28
  • 29. Ghana’s Experience Policy Pillar 7 & 8 • Child Online Protection Policy measures will be implemented through multi-stakeholder working by government industry, Civil Society, and relevant international child online protection agencies. Government will encourage dialogue at national and local levels to engage all concerned and create awareness of the possibilities and dangers of the Internet. • Cyber Security Emergency Readiness To ensure cyber security emergency readiness, government together with all stakeholders will develop effective cyber security incident reporting mechanisms. This will include the development and strengthening of the national computer security incidence response team (CSIRT) and sector CSIRTs, dissemination of vulnerability advisories and threat warnings in a timely manner and the development of a standard business continuity management framework. The government will also encourage all elements of the CNII to monitor cyber security events and perform periodic vulnerability assessment programs. 11/12/2015 29
  • 30. Ghana’s Experience Policy Pillar 9 • International Cooperation Policy measures will be put in place to encourage active participation of Ghana in all relevant international cyber security bodies, panels and multi- national agencies. Government will make every effort to promote active participation in all relevant international cyber security activities by hosting an annual international cyber security conference. 11/12/2015 30
  • 31. Ghana’s Experience Action Plan 2016 -2020 31 Item Thrust Actions and Special Initiatives Policy Drivers 1. Effective Governance Setup Governance Structure and institutions to enable long –term substance of Cyber Security activity including information exchange. Institutions include:  National Cyber Security Council  National Cyber Security Center  National Cyber Security Policy Working Group Ministry of Communications, National Security Council, NITA, NCA 2. Legislative and Regulatory Framework Setup Cyber Law Review Committee under the Attorney General’s Department to do a study on the laws of Ghana to accommodate legal challenges in the Cyber environment and review every three year  Stage 1: identifications of issues in the cyber environment  Stage 2. Review current laws on cyber environment  Stage 3. Make recommendations for amendment of national laws Attorney General’s Department 3. Cyber Security Technology Framework  Review and adopt international cyber security standard such as MS ISO/IEC 27001 to increase robustness of CNII sectors  Expansion of national certification scheme for information security management & assurance Ministry of Communications, NITA NSC 11/12/2015
  • 32. Ghana’s Experience Action Plan 2016 -2020 32 Item Thrust Actions and Special Initiatives Policy Drivers 4. Culture of Cyber Security & Capacity Building  Reduce number of Information security incidents through improved awareness & skill level o Increase Certification course on information and cyber security,  Develop a National Cyber Security Awareness program and portal targeted at stakeholders by content providers using different packaging for different demographics Ministry of Communications, Ministry of Information, (National Cyber Security Council, National Cyber Security Center, National CSIRT , National Cyber Security Policy Working Group) 5. Research & Development towards Self–Reliance  Develop National R&D Roadmap for Cyber Security o Identify technologies relevant & desirable for CNII o Provide domain competency development o Nature growth of Cyber Security Industry o Update roadmap regularly National Cyber Security Council, National Cyber Security center, National CERT , Universities, CSIR, Professional certification Centers 6. Compliance & Enforcement Develop Risk Assessment framework for CNII 11/12/2015
  • 33. Ghana’s Experience Action Plan 2016 - 2020 11/12/2015 33 Item Thrust Actions & Special Initiatives Policy Drivers 7. Child Online Protection Develop a framework for the protection of children as they engage with the Internet which ensures that agencies and stakeholders work together to address children’s online risk by 1. Ensuring that Organizational Structures put in place for  A Monitoring Framework  Technical and Procedural Measures for working with all stakeholders 1. Capacity Building – Awareness raising and public education. 2. Legal Measures 3. Implementation and International Cooperation Ministry of Communications Ministry of Gender, Children and Social Protection; Ministry of Interior, Ministry of Educations
  • 34. Ghana’s Experience Action Plan 2016 -2020 Item Thrust Actions & Special Initiatives Policy Drivers 8 Cyber Security Emergency Readiness Frame work for cyber attack responds – Mitigation of Cyber attacks  National and sector CSIRTs  National Cyber Crises management Committee  National Cyber Crises Management WG Private Sector and Government Network Operators, Academic, Financial Sectors, Security agencies, Utilities, National Cyber Security Council, 9. International Cooperation  Engage in relevant international cyber security meetings  Prioritize international engagements, sign and ensure compliance of International/regional conventions Ministry of Communications Ministry of Foreign Affairs Attorney Generals’ Department National Security Council 11/12/2015 34