Discussion: Shaping Kenya’s Cybersecurity Ecosystem
On 15/08/2024 12.54, Adam Lane via KICTANet wrote:
> Hi David
>
> In my engagements with policy makers I emphasize the need for the
> government to intentionally identify relevant cybersecurity standards
> (either international, local or international ones that are localized)
> and then implement them within government and encourage the rest of the
> industry in the country to also adopt and implement. These standards are
> a good benchmark to define “secure” (though one must never accept
> reaching a standard as the end goal and not get complacent) and can be
> specific to certain areas (such as cloud, telcom networks, software etc)
> or be about certain processes and can be tested and certified against.
> This can grow the cybersecurity ecosystem (labs, certifiers, standards
> consultants etc) and support talent training and development as well.
>
>
>
> Such standards may not need to be legally required necessarily, but this
> would be a discussion worth having.
> Hi David
>
> In my engagements with policy makers I emphasize the need for the
> government to intentionally identify relevant cybersecurity standards
> (either international, local or international ones that are localized)
> and then implement them within government and encourage the rest of the
> industry in the country to also adopt and implement. These standards are
> a good benchmark to define “secure” (though one must never accept
> reaching a standard as the end goal and not get complacent) and can be
> specific to certain areas (such as cloud, telcom networks, software etc)
> or be about certain processes and can be tested and certified against.
> This can grow the cybersecurity ecosystem (labs, certifiers, standards
> consultants etc) and support talent training and development as well.
>
>
>
> Such standards may not need to be legally required necessarily, but this
> would be a discussion worth having.
Probably more effort is required in keeping upto date with international
standards and perhaps influencing their development. As an example,
many of the laws are available as pdf only downloads from kenyalaw.org.
County legislation is more difficult to obtain. Standards such as Akoma
Ntoso [1] would make searching legislative documents much easier, and in
particular improve hyperlinks in web versions. This would aid people
doing dissemination work to be more effective.