Kenya IGF Online Discussions Day 2: Strengthening Data Security in the Context of Emerging Trends

Haha.. Muraya\’s \’steal\’ deserves its own thread. privacy is what you have
never told your smartphone.

On Wed, 11 Jul 2018, 19:41 S.M. Muraya via kictanet, <
kictanet@lists.kictanet.or.ke> wrote:

> Stolen >> \”every app on your phone is allowed un-monitored access to
> everything and that with your full consent..\”
>
> On Wed, Jul 11, 2018 at 9:46 AM Admin CampusCiti via kictanet <
> kictanet@lists.kictanet.or.ke> wrote:
>
>> Grace and all
>>
>> This is a pertinent issue in 2018. First let me address this in the
>> context of Policy and Legislation.
>>
>> 1. In the absence of solid Policy and laws regarding Data Security we are
>> really groping in the dark. I appreciate that there are various initiatives
>> ongoing to remedy this situation. From a personal data security there’s
>> always the issue of who is accessing my data – this needs to be viewed from
>> a personal security angle i.e hackers, unauthorized use of data by
>> corporates, unsolicited communication using data mining tools, government
>> subpoenas etc.
>>
>> 2. From a Corporate perspective the above is relevant but from a body
>> corporate perspective. This becomes more important considering the
>> magnitude of data some corporates hold and the potential liabilities and
>> losses that can arise through data breaches. For example it is alleged that
>> Kenyan banks lost Kshs.30 billion in the last 3 years.
>>
>>
>> www.standardmedia.co.ke/business/article/2001232241/how-kenyan-banks-lost-sh30-billion-in-two-years-to-tech-savvy-criminals
>>
>> 3. From a government perspective it takes on a National Security
>> perspective. As the proliferation of Cloud Computing becomes standard
>> operating procedure for most organizations governments are starting to ask
>> pertinent questions about control, access to data etc. One critical issue
>> that is now a major block is the one about Data Sovereignty. In a nutshell
>> the issues around Data Sovereignty can be encapsulated in one sentence.
>>
>> *Data sovereignty* comes into play when an organisation\’s *data* is
>> stored outside of their country and is subject to the laws of the country
>> in which the *data* resides. The main concern with *data sovereignty* is
>> maintaining privacy regulations and keeping foreign countries from being
>> able to subpoena *data*.
>>
>> Bottom line I’d urge us to expedite the building of both hard (roads,
>> bridges, fiber etc) and soft (enabling policy, laws and regulations etc)
>> infrastructure. Soft Infrastructure is not going in tandem with hard
>> Infrastructure. Data Security is a key component of this. Without this in
>> place we cannot expect Tier 4 Data Centre operators to even think about
>> investing in Kenya.
>>
>> *Ali Hussein*
>>
>> +254 0713 601113
>>
>> Twitter: @AliHKassim
>>
>> Skype: abu-jomo
>>
>> LinkedIn: ke.linkedin.com/in/alihkassim
>> <ke.linkedin.com/in/alihkassim>
>>
>> Blog: www.alyhussein.com
>>
>> \”Discovery consists in seeing what everyone else has seen and thinking
>> what no one else has thought\”. ~ Albert Szent-Györgyi
>>
>> Sent from my iPad
>>
>> On 11 Jul 2018, at 7:52 AM, Grace Bomu via kictanet <
>> kictanet@lists.kictanet.or.ke> wrote:
>>
>> Listers,
>> Thank you to all who contributed to yesterday\’s topic. The thread is
>> still open for those who may have further thoughts on content regulation.
>> Welcome to Day 2 of online pre KIGF debates where out topic today is Strengthening
>> Data Security in the Context of Emerging Trends. We shall look at
>> cybersecurity in the context of data.
>>
>> Barely a few weeks ago, social media was awash with memes of Wazir
>> Boniface Chacha, the young man alleged to have conned MPs after getting
>> access to their phone data. Later when this was used as a justification in
>> debates for the Cybercrime Act, some wondered whether the political process
>> had used the Chacha saga to justify the quick passage of a law creating
>> offences.
>>
>> But beyond \”small data\” in our personal possession, many SMEs ,
>> corporations, institutions, societies and other bodies are holding
>> significant amounts of data.
>> In this community, the wider issue of cyber security has been a recurring
>> theme in KIGF. It is generally agreed that the best approach is a
>> multi-pronged one that includes the law, good practices, effective
>> mitigation and response to incidences at multiple levels, creation of
>> awareness and technical solutions among others. Having gotten a new law in
>> the form of the Cybercrimes Act, are we assured of data security?
>> Are our existing mechanisms for mitigation and response to incidences
>> adequate for emerging threats?
>> Do we have positive cases or good practices to imitate?
>> What challenges that remain and how can we address them?
>>
>> Welcome to the discussion.
>>
>> —
>> Grace Mutung\’u
>> Skype: gracebomu
>> @Bomu
>> PGP ID : 0x33A3450F
>>
>> _______________________________________________
>> kictanet mailing list
>> kictanet@lists.kictanet.or.ke
>> lists.kictanet.or.ke/mailman/listinfo/kictanet
>> Twitter: http://twitter.com/kictanet
>> Facebook: www.facebook.com/KICTANet/
>> Domain Registration sponsored by www.eacdirectory.co.ke
>>
>> Unsubscribe or change your options at
>> lists.kictanet.or.ke/mailman/options/kictanet/info%40campusciti.com
>>
>> The Kenya ICT Action Network (KICTANet) is a multi-stakeholder platform
>> for people and institutions interested and involved in ICT policy and
>> regulation. The network aims to act as a catalyst for reform in the ICT
>> sector in support of the national aim of ICT enabled growth and development.
>>
>> KICTANetiquette : Adhere to the same standards of acceptable behaviors
>> online that you follow in real life: respect people\’s times and bandwidth,
>> share knowledge, don\’t flame or abuse or personalize, respect privacy, do
>> not spam, do not market your wares or qualifications.
>>
>> _______________________________________________
>> kictanet mailing list
>> kictanet@lists.kictanet.or.ke
>> lists.kictanet.or.ke/mailman/listinfo/kictanet
>> Twitter: http://twitter.com/kictanet
>> Facebook: www.facebook.com/KICTANet/
>> Domain Registration sponsored by www.eacdirectory.co.ke
>>
>> Unsubscribe or change your options at
>> lists.kictanet.or.ke/mailman/options/kictanet/murigi.muraya%40gmail.com
>>
>> The Kenya ICT Action Network (KICTANet) is a multi-stakeholder platform
>> for people and institutions interested and involved in ICT policy and
>> regulation. The network aims to act as a catalyst for reform in the ICT
>> sector in support of the national aim of ICT enabled growth and development.
>>
>> KICTANetiquette : Adhere to the same standards of acceptable behaviors
>> online that you follow in real life: respect people\’s times and bandwidth,
>> share knowledge, don\’t flame or abuse or personalize, respect privacy, do
>> not spam, do not market your wares or qualifications.
>>
>
>
> —
> SMM
>
> *\”Better a patient person than a warrior, one with self-control than one
> who takes a city.\” Prov 16:32*
> _______________________________________________
> kictanet mailing list
> kictanet@lists.kictanet.or.ke
> lists.kictanet.or.ke/mailman/listinfo/kictanet
> Twitter: http://twitter.com/kictanet
> Facebook: www.facebook.com/KICTANet/
> Domain Registration sponsored by www.eacdirectory.co.ke
>
> Unsubscribe or change your options at
> lists.kictanet.or.ke/mailman/options/kictanet/kmachuhi%40gmail.com
>
> The Kenya ICT Action Network (KICTANet) is a multi-stakeholder platform
> for people and institutions interested and involved in ICT policy and
> regulation. The network aims to act as a catalyst for reform in the ICT
> sector in support of the national aim of ICT enabled growth and development.
>
> KICTANetiquette : Adhere to the same standards of acceptable behaviors
> online that you follow in real life: respect people\’s times and bandwidth,
> share knowledge, don\’t flame or abuse or personalize, respect privacy, do
> not spam, do not market your wares or qualifications.
>

_______________________________________________
kictanet mailing list