The Realities andChallenges of Cyber Crimeand Cyber Security in Africa Prof Raymond Akwule President/CEO Digital Bridge Institute 2011 Workshop on Cyber Security and Global Affairs With focus on International Cyber Security Governance, Human Factors, Policies and Technologies DBH, Budapest, Hungary May 31 to Jun 2, 2011
The Dilemma of the Information Society The benefits of the Information Society are well known … But the Information society has also created the new problems of Cyber Crime and Cyber Security
Cybercrime and Cyber Security in the Information Society Definition Cybercrime -- all criminal offences which are committed with the aid of, or targeted at, communication devices in a network. This can be for example the Internet, the telephone line or the mobile network.
Cybercrime and Cyber Security in the Information SocietyWhy are Cyber Crimes on the Rise? 1. They are easy to learn how to commit; 2. They require few resources relative to the potential damage caused; 3. They can be committed in a jurisdiction without being physically present in it; 4. They are often not clearly illegal.
Issues and Challenges of Cyber security in Africa Internet penetration is still relatively low but it is growing in Africa Broadband penetration is very low Mobile Telecommunications is growing exponentially
Issues and Challenges of Cyber Security in African Increasingly more Cybercrimes are perpetrated through mobile phones Social networking is on the rise and increasingly cybercrimes are perpetrated through the social networks (facebook, etc) Cyber criminals target people inside and outside their national boundaries
Issues and Challenges of Cyber Security in African Cloud computing is just being introduced into the continent but it has met with a lot of skepticism. Uncertainty about cloud security is evident in a Global Risk Survey by IBM’s Institute for Business Value, with 77% of respondents believing cloud made protecting privacy more difficult and 50% expressing worries about data breach or loss. In a further IBM survey 66% cite security as their top concern when considering cloud. The good news is that enterprises and governments around the world are addressing cloud’s privacy, authentication and security issues, and turning the promise of cloud computing into reality .
Cyber Security Initiatives in Africa The United Nations Economic Commission for Africa (UNECA) is addressing cyber security within the framework of African Information Society Initiative (AISI). It advocates coherent and coordinated continental and regional approach to cyber security, as well as enhanced consideration of the issue in national ICT and Information Society strategies and action plans.
Cyber security Initiatives in Africa According to the UNECA, African governments are demonstrating increased awareness of cyber security issues, but existing capability to deter, monitor or pursue cyber security is relatively low. The UNECA cyber security initiative is implemented in cooperation with the African Union in order to arrive at harmonized legal framework, and especially with guidelines on: Cyber crime; Personal data protection; Electronic transactions; e-Signature / Certification; Cyber security.
Cyber security Initiatives for Africa CTOs Cyber security Forum 2011 aims to build on the achievements made in 2010 by encouraging a discourse on Cyber security between principal policy makers and ICT regulators from across the Commonwealth, particularly from Africa, with Global experts. The event will examine eight critical aspects of Cyber security: Protecting Government networks Protecting banking networks International Cooperation Protection of children online Security in the Cloud SPAM Identity theft and data protection Privacy on the Net
Cyber security Initiatives in Africa Mauritius adopted a holistic approach in ensuring cyber security as the country views ICT as a pillar of national development and plans to make the country a national ICT hub. The country’s National Information Security Strategic Plan is a part of the National Information Communication Technologies Strategic Plan 2007 – 2011 and Mauritius has set up a comprehensive legal framework along with an implementation and institutional framework. Enforcement has been improved with the setting up of the Police Cyber crime unit in 2000 and the CERT-Mu in 2008.
Cyber security Initiatives in Africa The cyber security taskforce of East African Communications Organization (EACO) consisting of ICT Regulators and Operators of Kenya Uganda and Tanzania, Rwanda and Burundi, was formed in 2008 to coordinate the development and of a cyber security management framework for the EACO region. It is tasked with establishment of national CERTs, coordinating responses to cyber security incidents at the regional level; establishing regional and international partnership; and providing Regional Cyber security Incident Reports annually to the EACO member countries.
Cyber security Initiatives in Africa Managing Cyber security in the EACO member countries is hampered by the lack of policy, legal and regulatory frameworks; lack of national security management frameworks; and limited cyber security awareness among other factors
Conclusions/Recommendations African governments are demonstrating increased awareness of cyber security issues, but existing capability to deter, monitor or pursue cyber security is relatively low. Efforts to promote cyber security should focus on the following: Create awareness and build capacity of key decision- makers to implement robust Cybersecurity frameworks Help identify resilient technical measures, appropriate organizational structures and strong laws and regulations Facilitate partnerships between different stakeholders to facilitate the flow of information, expertise and resources Promote international cooperation
Conclusions/Recommendations Efforts to promote cyber security in Africa should specifically target the following: Capacity Building International Cooperation Security for Mobile communications Establishment of Policy and Legal frameworks Protection of children online Security in the Cloud Identity theft and data protection Privacy on the Net
Thank You!!!Prof Raymond AkwulePresident, Digital Bridge Institute email@example.com firstname.lastname@example.org 16
Cybercrime and Cyber Security in the Information Society Types of Cybercrime Auction Fraud Auction Fraud — Romania Counterfeit Cashiers Check Credit Card Fraud Debt Elimination Parcel Courier Email Scheme Employment/Business Opportunities Escrow Services Fraud Identity Theft Internet Extortion Investment Fraud Lotteries Nigerian Letter or "419" Phishing/Spoofing Ponzi/Pyramid Reshipping Spam Third Party Receiver of Funds Telecom Fraud
Top Ten Countries (Cyber CrimePerpetrators) 2008 1. United States 66.1% 2. United Kingdom 10.5% 3. Nigeria 7.5% 4. Canada 3.1% 5. China 1.6% 6. South Africa 0.7% 7. Ghana 0.6% 8. Spain 0.6% 9. Italy 0.5% 10. Romania 0.5% 2010 1. United States 91.2% 2. Canada 1.5% 3. United Kingdom 1.0% 4. Australia 0.7% 5. India 0.5% 6. South Africa 0.2% 7. Germany 0.2% 8. Mexico 0.2% 9. France 0.2% 10. Philippines 0.2% 18 FBI Reports