By Macharia Kamau
IT students in a software development class. ICT Cabinet Secretary Fred Matiang’i wants owners of cyber cafes to keep tabs on their clients as the government intensifies war on cyber crime. [PHOTO: FILE /STANDARD]
Cyber-security will be enhanced further if initiatives to curb the growing wave of crime perpetrated by use of technology are led by the private sector.
Several initiatives to prop up cyber security, like the Kenya Computer Incidence Response (KE-CIRT), are in place. They are driven by the State and have had little impact in fighting cyber crime in Kenya.
SEE ALSO: Time to rethink your approach towards password change
Other initiatives in the country targeted at increasing awareness as well as fighting crime on technology platforms include the Public Key Infrastructure (PKI) and a planned National Cyber-security Master plan.
Industry players note that government programmes take long to roll out, which has in the past hampered the effectiveness of the KE-CIRT).
Sam Keiru Dimension Data’s pre-sales lead for East Africa said the government should consider letting the private sector take the lead in the initiatives aimed at fighting cyber-crime. An industry led initiative, he said, would yield better results. “State initiatives take time roll out. Even then, people do not generally trust governments and it would be easier and fast if these initiatives are driven by the private sector,” he said.
“A CIRT that is private sector driven would mean we have a pool of skills that understand the threats and have mechanism to respond early enough to prevent a threat from taking place.” “Such a skill set can then be outsourced to organisations. Companies realise that setting up such a unit internally is high,” he noted.
SEE ALSO: Proposed law could take us back to the dark days
He observed that the level of threats by cyber-criminals has over time escalated. “We are unprepared for the threats that are out there… there are very enterprising criminals out there offering denial of service attacks,” said Keiru.
“This means that a threat to an organisation might not necessarily be an IT expert by someone motivated enough to hire the services of such criminals.” “It is almost impossible to police cyber crime. It is hard to tell whether the people within your organisation are members of online activist or hacking groups,” he noted .
“There are however innovative ways through which you can minimise the risk and also be able to repel attackers.”
Ida Jallow, a senior official with the International Telecommunications Union (ITU) office for Africa said governments should collaborate with companies in the fight against cyber crime.
“There is need for more private sector involvement. Industry players and government should collaborate on fighting cyber crime,” she said. Jallow added that if needed, ITU would offer to bring together private and public ICT sector players together to forge the way forward in a bid to bring down incidences of cyber crime that are on the rise in the region.
SEE ALSO: Massive spying on users of Google's Chrome shows new security weakness
Kenya has had its fair share including banking and mobile money fraud, defacement of websites – including one run by the police force, impersonation of people on social media.
“Concerted efforts in the effective management of cyber security and the collaboration at the national, regional and international elves are key to winning the fight against this menace,” said Jallow. “Cyber security is a global concern and a key item on the ICT agenda of many nations and is occupying space at various international forums.
Local banks have increasingly become targets of electronic fraud and e-commerce development greatly hampered by this wave of crimes.”
The ICT ministry early this week said it would put new rules in place that would see cyber cafes held responsible for the acts of their users. Fred Matiang’i Cabinet Secretary ICT said owners of cyber cafes would be required to keep tabs on their clients as the government intensifies war on cyber crime.
“Cyber cafes are a big problem in the country because many acts of cyber crime have been traced back to public cyber cafes,” he said. “When we ask operators who has used a particular machine at a particular time, they are often not in a position to provide this information.”
Dr Matiang’i stated that it was time owners and operators of cyber cafés in the country took responsibility for acts of insecurity perpetrated on their premises using their systems.