Cybersecurity in Nepal

Transcription

1 Cybersecurity in Nepal Presenter: Ambika Shrestha Chitrakar PhD candidate at Gjøvik University College Representing Nepal Linkedin: IFIP TC3 ISES (Information Security Education & Solidarity) Initiative

2 Outline Nepal Geography Profile in general Internet services in Nepal Cybersecurity challenges in Nepal Types of cyber-crimes experienced in Nepal Cybersecurity strategy in general Cybersecurity necessity of international harmonization Cybersecurity in Nepal Possible next steps for Nepal Summary

3 Nepal - Geography

4

5 Nepal profile in general

6 Internet Services in Nepal The Internet was first introduced in Nepal in 1993 in a venture of Royal Nepal Academy of Science and Technology (RONAST) and Merchantile Office Systems (MOS) Now almost all big cities have Internet facilities with local ISP

7 Internet Services in Nepal (contd.) Table1: Statistics of data/internet service in Nepal based on the annual report of NTA (Nepal Telecom Authority) Table2: objectives of national broadband policy 2013/2014 by NTA (draft - section 8)

8 Cybersecurity challenges in Nepal Targeting to provide better Internet service Computer science education and Software industry is in high demand However in general, most of the people are not aware of cybersecurity people still use pirated softwares government has very weak regulations to govern cyber-crimes very few/no skilled security specialists Because of such reasons, Nepal is vulnerable to cyber-crimes and it's control could be very challenging

9 Types of cyber-crimes experienced in Nepal Cyber crime is handled by Nepal Police against the FIR and Kathmandu District court has been fixed to look after the cyber crimes. Following types of cyber crimes have been committed in Nepal: ATM pin steal Cloning of ATM Card Hacking Financial fraud in Internet banking Phishing Social networking related crime

10 Cybersecurity strategy in general It is necessary to have a regulatory body and strategy to set standards, prevent and handle cyber security related issues. In general, cybersecurity strategy should be able to ensure: Confidentiality, integrity and accessibility of electronic information and services provided in cyberspace, Safegurding of electronic communication networks, information systems and critical infrastructure against incidents and cyber attacks, Protection of personal data and privacy etc.

11 Cybersecurity - Necessity of international harmonization Lack of proper cyber security strategy creates an opportunity to the attackers to easily compromise the systems and then carry out the serious attacks even in the developed countries. It is difficult to prosecute the attacker if the attack is performed from a country whose regulation does not address the violated regulations of the country where attack took place.

12 Cybersecurity in Nepal Table 3: cybersecurity in Nepal updated by ITU on 10th march 2015

13 Possible next steps for Nepal Implementing a national cybersecurity strategy Implementation of national and sector-specific cybersecurity strategy Capacity building: awareness, education, R&D, certification Cooperation: intra-state, intra-agency, public sector partnership

14 Summary Cybersecurity is a global issue and there should be balance in cybersecurity strategy all over the world It is necessary to have internationally harmonized cybersecurity strategy even in developing countries like Nepal Currently, there is no/few manpower related to information security and no national cybersecurity strategy in Nepal Nepal needs international cooperation and support for capacity building and development of information security

15 Thank you!