Commonwealth Telecommunication Organisation,
Cybersecurity Forum 2013
Yaoundé, Cameroon, 22-26 May 2013
African Union Pers...
OUTLINE
• Cybersecurity and Cybercrime issues:
Introduction and overview
• Cybersecurity and Cybercrime in the AUC
• AU Pe...
• Almost two thirds of all adult web users globally have fallen victim to some
sort of cybercrime, from spam email scams t...
• The growth rate of cyberspace has been enormous, roughly doubling every 100
days.
• Cybercrime in Africa is growing fast...
Internet Development
5
The term
“cybercrime” is
usually referred to as
any criminal offense
committed against or
with the use of
a computer or
co...
“The Information Society Division”
• Core function:
– Enhancing the development of African ICT Networks between and among
...
AU Challenges face to Cyber security/crime
8
Low capacity systems that increases the vulnerability;
Low technical capacity...
AU response to Cybersecurity and Cybercrime
Many regional conferences, forums and workshop ( i.e.
the 1st African regional...
AU Convention on the Confidence
and security in Cyberspace
Legal framework-1
The Oliver Tambo Declaration (Ext/CITMC/Min/D...
Legal framework -2
The Khartoum Declaration (AU/CITMC-4/MIN/Decl.(IV)Khartoum, The Sudan,
2-6 September 2012
Endorsement o...
Objective and goal
Its objective is to harmonize e-legislation related to e-transactions
development, personal data protec...
Strategic Orientations
The Convention defines a legal mechanism based on the following five strategic
orientations:
1. It ...
Expected results
Definitions on key cyber terminologies in legislation
Harmonised cyber legislation and provisions for the...
The Convention main parts
PART I: ORGANIZATION OF ELECTRONIC COMMERCE
PART II: PROTECTION OF PERSONNAL DATA
PART III: COMB...
PART III: COMBATING CYBER CRIME
Section 1: Terminology
Electronic communication, Computerized data, Racism and xenophobia ...
PART III: COMBATING CYBER CRIME (Cont’d)
Chapter IV: National cyber security monitoring structures
• Cyber security govern...
PART III: COMBATING CYBER CRIME (Cont’d)
Section II: Material penal law
Chapter I: Offenses specific to ICTs
• Attack on c...
I. Policy, Legal, and Regulatory Enabling Framework.
II. Awareness and Capacity Building.
III. Response and Recovery Mecha...
I. Policy, Legal, and Regulatory Enabling
Framework
1. Development of National Cyber-Security Legislation;
2. Implementati...
VALIDATION
• Validation Workshops (RECs, national
experts, independent resource persons)
TRANSLATION
• Translation into AU...
AU draft Convention
I. Policy, Legal, and Regulatory Enabling
Framework
22
II. Awareness and Capacity Building
1. Development and distribution of toolkits to
facilitate the ratification of the AU C...
III. Response and Recovery Mechanisms
• Facilitate the setting up of National CERTs to contribute to
the continental and g...
THANK YOU FOR
YOUR ATTENTION
***
Auguste YANKEY (Mr.)
AU Commission
Email: yankeyka@africa-union.org
Website: www.AU.int/i...
Upcoming SlideShare
Loading in …5
×

CTO Cybersecurity Forum 2013 Auguste Yankey

2,971 views
2,933 views

Published on

Supporting the global efforts in strengthening the safety, security and resilience of Cyberspace, the Commonwealth Cybersecurity Forum 2013, organised by the Commonwealth Telecommunications Organisation. The ceremonial opening examined how Cyberspace could be governed and utilised in a manner to foster freedom and entrepreneurship, while protecting individuals, property and the state, leading to socio-economic development. Speakers of this session, Mr Mario Maniewicz, Chief, Department of Infrastructure, Enabling Environment and E-Applications, ITU; Mr David Pollington, Director, International Security Relations, Microsoft; Mr Alexander Seger, Secretary, Cybercrime Convention Committee, Council of Europe; Mr Nigel Hickson, Vice President, Europe, ICANN and Mr Pierre Dandjinou, Vice President, Africa, ICANN, added their perspectives on various approaches to Cybergovernance, with general agreement on the role Cyberspace could play to facilitate development equitably and fairly across the world.

Hosted by the Ministry of Posts and Telecommunications of Cameroon together with the Telecommunications Regulatory Board of Cameroon and backed by partners and industry supporters including ICANN, Council of Europe, Microsoft, MTN Cameroon, AFRINIC and Internet Watch Foundation, the Commonwealth Cybersecurity Forum 2013 seeks to broaden stakeholder dialogue to facilitate practical action in Cybergovernance and Cybersecurity, some of which will be reflected in the CTO’s own work programmes under its Cybersecurity agenda.

Published in: Technology, Business
0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total views
2,971
On SlideShare
0
From Embeds
0
Number of Embeds
244
Actions
Shares
0
Downloads
0
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide

CTO Cybersecurity Forum 2013 Auguste Yankey

  1. 1. Commonwealth Telecommunication Organisation, Cybersecurity Forum 2013 Yaoundé, Cameroon, 22-26 May 2013 African Union Perspectives on Cybersecurity and Cybercrime Issues: The AU Draft Convention on Cybersecurity and related activities Auguste YANKEY (Mr.) AU Commission Email: yankeyka@africa-union.org Website: www.AU.int
  2. 2. OUTLINE • Cybersecurity and Cybercrime issues: Introduction and overview • Cybersecurity and Cybercrime in the AUC • AU Perspectives on Cybersecurity and Cybercrime Issues 2
  3. 3. • Almost two thirds of all adult web users globally have fallen victim to some sort of cybercrime, from spam email scams to having their credit card details stolen. (the 2011 Norton Cybercrime Report: The Human Impact study) • The study, of over 7,000 Internet users found that 80% of people believed the perpetrators would never be brought to justice. Fewer than half ever bother to report the crime to police. • Africa: the fastest development of mobile banking and money. Ex: Kenya with M-Pesa: 70% of adult transfer money each other by mobile means USD 320 million, almost a quarter of Kenya’s GNP. • Africa is currently the social network’s fastest growing continent. There are also local success stories such as South African social network, MXit which currently has more than two times the number of Facebook users in South Africa. FACTS AND FIGURES 3
  4. 4. • The growth rate of cyberspace has been enormous, roughly doubling every 100 days. • Cybercrime in Africa is growing faster than any other continent. • Out of the top ten countries in the world with a high level of cybercrime prevalence, Africa is host to four of these countries (Nigeria, Cameroon, Ghana and South Africa). • Africa = 2% of world trade but 10% of Cybercrime attacks (ITU) FACTS AND FIGURES 4
  5. 5. Internet Development 5
  6. 6. The term “cybercrime” is usually referred to as any criminal offense committed against or with the use of a computer or computer network A set of activities and other measures, technical and non- technical intended to protect data, information and information systems from unauthorized access, use, disclosure, disruption, modification and destruction. Virtual world of information networks. The global information space. The digital era. is a term used to describe the legal issues related to use of ICTs, particularly cyberspace What does Cyber…refer to ? 6
  7. 7. “The Information Society Division” • Core function: – Enhancing the development of African ICT Networks between and among regions and at the international level (Pan-African e-Network +VSAT projects). – Establish effective institutional linkages and essential mechanisms for cooperation and coordination in ICT fields. – Provide AU Member States with the necessary capacity and tools for harnessing the Information Society for continental integration & development. – Promotion, coordination and harmonization of telecommunication, ICT and Post Policies and Regulation for an inclusive African information society . Cybersecurity and Cybercrime issues in the AUC 7
  8. 8. AU Challenges face to Cyber security/crime 8 Low capacity systems that increases the vulnerability; Low technical capacity and human capacity building IT skills. Systems poorly made and poorly managed. Relay for attacks (bandwidth consumption, server downtime ...) Proliferation of cyber centres without legal framework against users' perpetration and the protection of the others Fear of e-commerce and its impact on the development lack of protection mechanisms at local and regional level Unemployment of young graduates
  9. 9. AU response to Cybersecurity and Cybercrime Many regional conferences, forums and workshop ( i.e. the 1st African regional forum on cybersecurity, Yamoussoukro, 11/2008, 1st African Internet Governance Forum, Cairo, 10/2012) Drafting of an African Union Convention on the confidence and security in Cyberspace. 9
  10. 10. AU Convention on the Confidence and security in Cyberspace Legal framework-1 The Oliver Tambo Declaration (Ext/CITMC/Min/Decl.(I) Johannesburg, South-Africa, 5 Nov. 2009) Adoption of the resolution The 14th AU Summit of Head of State and government Declaration on “Information and Communication Technologies in Africa: Challenges and Prospects for Development” ([Assembly/AU/11(XIV)], Addis Ababa, Ethiopia, 31 January - 2 February 2010) Endorsement of this resolution The Abuja Declaration, CITMC-3 ([AU/CITMC/MIN/Decl.(III)], Abuja (Nigeria), 03-07 August 2010. Confirmation of this resolution We, African Ministers in charge of CIT, request the AU Commission to “Jointly finalize with the United Nations Economic Commission for Africa, within the framework of the African Information Society Initiative (AISI), the Draft Convention on Cyber Legislation and support its implementation in Member States by 2012”; 10
  11. 11. Legal framework -2 The Khartoum Declaration (AU/CITMC-4/MIN/Decl.(IV)Khartoum, The Sudan, 2-6 September 2012 Endorsement of the AU Final Draft Convention on Cyberlegislation by the 4th Ministerial Conference of the African Union Ministers in charge of Communication and Information Technologies (CITMC-4) AU Convention on the Confidence and security in Cyberspace 11
  12. 12. Objective and goal Its objective is to harmonize e-legislation related to e-transactions development, personal data protection, cyber security promotion and fight against cybercrime. Particularly: Define key cyber terminologies in legislation Develop general principles and specific provisions related to cyber legislation Outline cyber legislative measures required at Member State level Develop general principles and specific provision on international cooperation as related to cyber legislation Its ultimate goal is eminently protective given that it is geared to protecting: Institutions against the threats and attacks capable of endangering their survival and efficacy; The rights of persons during data gathering and processing against the threats and attacks capable of compromising such rights. AU Convention on the Confidence and security in Cyberspace 12
  13. 13. Strategic Orientations The Convention defines a legal mechanism based on the following five strategic orientations: 1. It spells out the options for an African Union wide cyber security policy; 2. It lays the foundations for an African Union wide cyber ethics and enunciates fundamental principles in the key areas of cyber security; 3. It organizes electronic commerce, electronic signature and electronic publicity; 4. It organizes the legal and institutional framework for protection of personal data; 5. It lays the foundation for a penal cyber law and a penal procedure for the treatment of cyber crime. AU Convention on the Confidence and security in Cyberspace 13
  14. 14. Expected results Definitions on key cyber terminologies in legislation Harmonised cyber legislation and provisions for the African Union AU Convention on the Confidence and security in Cyberspace 14
  15. 15. The Convention main parts PART I: ORGANIZATION OF ELECTRONIC COMMERCE PART II: PROTECTION OF PERSONNAL DATA PART III: COMBATING CYBER CRIME PART IV: COMMON AND FINAL PROVISIONS webpage for the Draft Convention: www.au.int/cyberlegislation AU Convention on the Confidence and security in Cyberspace 15
  16. 16. PART III: COMBATING CYBER CRIME Section 1: Terminology Electronic communication, Computerized data, Racism and xenophobia in information and telecommunication technologies, Minor, Child pornography, Computer system, Exceeds authorized access, Damage Chapter 1: National cyber security framework • National policy • National strategy Chapter 2: Legislative measures • Legislations against cybercrime • National Regulatory authorities • Rights of citizens • Protection of critical information infrastructure www.au.int/cyberlegislation AU Convention on the Confidence and security in Cyberspace 16
  17. 17. PART III: COMBATING CYBER CRIME (Cont’d) Chapter IV: National cyber security monitoring structures • Cyber security governance • Institutional framework Chapter V: International cooperation • Harmonization AU Convention on the Confidence and security in Cyberspace 17 www.au.int/cyberlegislation
  18. 18. PART III: COMBATING CYBER CRIME (Cont’d) Section II: Material penal law Chapter I: Offenses specific to ICTs • Attack on computer systems • Attack on computerized data • Content related offenses • Offenses relating to electronic message security measures Chapter II: Adapting certain ICTs offenses • Violation of property • Criminal liability for corporate persons Chapter III: Adapting certain sanctions to the ICTs • Penal sanctions • Other penal sanctions • Procedural law • Offenses specific to Information and Communication Technologies AU Convention on the Confidence and security in Cyberspace 18
  19. 19. I. Policy, Legal, and Regulatory Enabling Framework. II. Awareness and Capacity Building. III. Response and Recovery Mechanisms. AU Perspectives on Cybersecurity and Cybercrime Issues. 19
  20. 20. I. Policy, Legal, and Regulatory Enabling Framework 1. Development of National Cyber-Security Legislation; 2. Implementation of AU Cybersecurity Convention Implementation status 1. A draft Convention on Cyber Security has been developed (2010-11) 2. Regional Workshops have been organized on Cyber Legislation and on the AU Draft Convention on CyberSecurity: a. ECCAS: Libreville, Gabon, November 2011 b. ECOWAS: Abidjan, Côte d’Ivoire, February 2012 c. Tripartite [COMESA, SADC, CEAC] + UMA (Northern Africa): Addis-Ababa, ETHIOPIA, June 2012 3. Final Expert Group meeting to finalize the Draft Convention before the CITMC-4 Addis-Ababa, Ethiopia, August 2012 4. Endorsement by the Conference of African Ministers in Charge of Communication and Information Technologies (CITMC-4) in Khartoum, the Sudan, September 2012 20
  21. 21. VALIDATION • Validation Workshops (RECs, national experts, independent resource persons) TRANSLATION • Translation into AU 4 languages VALIDATION ENDORSEMENT • By the Telecom/ICT experts meeting and endorsed by the CITMC LEGAL VALIDATION •By the AU legal experts meeting and endorsed by the Conference of AU Ministers in charge of Justice VALIDATIOVALIDATIOVALIDATIONNN ADOPTION • Submission to the Executive Council for transmission to the AU Assembly of Heads of State and Government for adoption. Adoption process of the Convention by the AU HoSG I. Policy, Legal, and Regulatory Enabling Framework 21
  22. 22. AU draft Convention I. Policy, Legal, and Regulatory Enabling Framework 22
  23. 23. II. Awareness and Capacity Building 1. Development and distribution of toolkits to facilitate the ratification of the AU Convention on Cybersecurity 2. Organize and/or participate in workshops for capacity building and Heightened awareness and capacity to facilitate the development of national cyber security legislation and in each AU MS; With UNCTAD With US DoJ, CoE, UNODC 232232223323333222233322223333
  24. 24. III. Response and Recovery Mechanisms • Facilitate the setting up of National CERTs to contribute to the continental and global cooperation and fight against cybercrime 1. National CERTs 2. Regional CSIRTs (in collaboration with RECs) 3. Cybersecurity Unit within the AUC 24
  25. 25. THANK YOU FOR YOUR ATTENTION *** Auguste YANKEY (Mr.) AU Commission Email: yankeyka@africa-union.org Website: www.AU.int/infosoc 25

×