Kenya IGF Online Discussions Day 2: Strengthening Data Security in the Context of Emerging Trends

Stolen >> \”every app on your phone is allowed un-monitored access to
everything and that with your full consent..\”

On Wed, Jul 11, 2018 at 9:46 AM Admin CampusCiti via kictanet <
[email protected]> wrote:

> Grace and all
>
> This is a pertinent issue in 2018. First let me address this in the
> context of Policy and Legislation.
>
> 1. In the absence of solid Policy and laws regarding Data Security we are
> really groping in the dark. I appreciate that there are various initiatives
> ongoing to remedy this situation. From a personal data security there’s
> always the issue of who is accessing my data – this needs to be viewed from
> a personal security angle i.e hackers, unauthorized use of data by
> corporates, unsolicited communication using data mining tools, government
> subpoenas etc.
>
> 2. From a Corporate perspective the above is relevant but from a body
> corporate perspective. This becomes more important considering the
> magnitude of data some corporates hold and the potential liabilities and
> losses that can arise through data breaches. For example it is alleged that
> Kenyan banks lost Kshs.30 billion in the last 3 years.
>
>
> www.standardmedia.co.ke/business/article/2001232241/how-kenyan-banks-lost-sh30-billion-in-two-years-to-tech-savvy-criminals
>
> 3. From a government perspective it takes on a National Security
> perspective. As the proliferation of Cloud Computing becomes standard
> operating procedure for most organizations governments are starting to ask
> pertinent questions about control, access to data etc. One critical issue
> that is now a major block is the one about Data Sovereignty. In a nutshell
> the issues around Data Sovereignty can be encapsulated in one sentence.
>
> *Data sovereignty* comes into play when an organisation\’s *data* is
> stored outside of their country and is subject to the laws of the country
> in which the *data* resides. The main concern with *data sovereignty* is
> maintaining privacy regulations and keeping foreign countries from being
> able to subpoena *data*.
>
> Bottom line I’d urge us to expedite the building of both hard (roads,
> bridges, fiber etc) and soft (enabling policy, laws and regulations etc)
> infrastructure. Soft Infrastructure is not going in tandem with hard
> Infrastructure. Data Security is a key component of this. Without this in
> place we cannot expect Tier 4 Data Centre operators to even think about
> investing in Kenya.
>
> *Ali Hussein*
>
> +254 0713 601113
>
> Twitter: @AliHKassim
>
> Skype: abu-jomo
>
> LinkedIn: ke.linkedin.com/in/alihkassim
> <ke.linkedin.com/in/alihkassim>
>
> Blog: www.alyhussein.com
>
> \”Discovery consists in seeing what everyone else has seen and thinking
> what no one else has thought\”. ~ Albert Szent-Györgyi
>
> Sent from my iPad
>
> On 11 Jul 2018, at 7:52 AM, Grace Bomu via kictanet <
> [email protected]> wrote:
>
> Listers,
> Thank you to all who contributed to yesterday\’s topic. The thread is still
> open for those who may have further thoughts on content regulation.
> Welcome to Day 2 of online pre KIGF debates where out topic today is Strengthening
> Data Security in the Context of Emerging Trends. We shall look at
> cybersecurity in the context of data.
>
> Barely a few weeks ago, social media was awash with memes of Wazir
> Boniface Chacha, the young man alleged to have conned MPs after getting
> access to their phone data. Later when this was used as a justification in
> debates for the Cybercrime Act, some wondered whether the political process
> had used the Chacha saga to justify the quick passage of a law creating
> offences.
>
> But beyond \”small data\” in our personal possession, many SMEs ,
> corporations, institutions, societies and other bodies are holding
> significant amounts of data.
> In this community, the wider issue of cyber security has been a recurring
> theme in KIGF. It is generally agreed that the best approach is a
> multi-pronged one that includes the law, good practices, effective
> mitigation and response to incidences at multiple levels, creation of
> awareness and technical solutions among others. Having gotten a new law in
> the form of the Cybercrimes Act, are we assured of data security?
> Are our existing mechanisms for mitigation and response to incidences
> adequate for emerging threats?
> Do we have positive cases or good practices to imitate?
> What challenges that remain and how can we address them?
>
> Welcome to the discussion.
>
> —
> Grace Mutung\’u
> Skype: gracebomu
> @Bomu
> PGP ID : 0x33A3450F
>
> _______________________________________________
> kictanet mailing list
> [email protected]
> lists.kictanet.or.ke/mailman/listinfo/kictanet
> Twitter: http://twitter.com/kictanet
> Facebook: www.facebook.com/KICTANet/
> Domain Registration sponsored by www.eacdirectory.co.ke
>
> Unsubscribe or change your options at
> lists.kictanet.or.ke/mailman/options/kictanet/info%40campusciti.com
>
> The Kenya ICT Action Network (KICTANet) is a multi-stakeholder platform
> for people and institutions interested and involved in ICT policy and
> regulation. The network aims to act as a catalyst for reform in the ICT
> sector in support of the national aim of ICT enabled growth and development.
>
> KICTANetiquette : Adhere to the same standards of acceptable behaviors
> online that you follow in real life: respect people\’s times and bandwidth,
> share knowledge, don\’t flame or abuse or personalize, respect privacy, do
> not spam, do not market your wares or qualifications.
>
> _______________________________________________
> kictanet mailing list
> [email protected]
> lists.kictanet.or.ke/mailman/listinfo/kictanet
> Twitter: http://twitter.com/kictanet
> Facebook: www.facebook.com/KICTANet/
> Domain Registration sponsored by www.eacdirectory.co.ke
>
> Unsubscribe or change your options at
> lists.kictanet.or.ke/mailman/options/kictanet/murigi.muraya%40gmail.com
>
> The Kenya ICT Action Network (KICTANet) is a multi-stakeholder platform
> for people and institutions interested and involved in ICT policy and
> regulation. The network aims to act as a catalyst for reform in the ICT
> sector in support of the national aim of ICT enabled growth and development.
>
> KICTANetiquette : Adhere to the same standards of acceptable behaviors
> online that you follow in real life: respect people\’s times and bandwidth,
> share knowledge, don\’t flame or abuse or personalize, respect privacy, do
> not spam, do not market your wares or qualifications.
>