Kenya s Experience in CERT Implementation Commonwealth Cybersecurity Forum 2015 22-24 th April 2015, London, UK
Outline Cybersecurity Agenda in Kenya Cybersecurity Governance Framework in Kenya ITU Technical support The National KE-CIRT/CC The National PKI Conclusions and Recommendations
Why Cybersecurity Agenda in Kenya? WSIS: Governments have a role to Promote Confidence and Trust in the use of ICTs as a key driver of economic development The landing of four undersea fiber optic cables (TEAMS/SEACOM/EASSy/Lion-2) brought an additional capacity to the country, resulting in faster Internet connectivity rates and growth in Internet usage. The country is increasingly becoming dependent on computer networks and information infrastructure, and that dependency is growing.
Why Cybersecurity Agenda in Kenya? In Kenya there are: o 33.6 M mobile subscribers in (82.6% penetration). o 26M mobile money subscribers (65% penetration). o 26.1 M Internet users (64.3% penetration). Internet Social Networking tools such as blogs, Facebook and Twitter, amongst others, have gained popularity throughout the country. Kenya Cybersecurity Report 2014 by TESPOK and SERIANU: In 2013 the rate of increase of Cybersecurity attacks is 108% (2.6M to 5.4M attacks). The Borderless nature of the Internet.
Cybersecurity Governance Framework in Kenya Policy and Strategy National ICT Sector Policy of 2006 addresses ELECTRONIC SECURITY. Under review. National Cybersecurity Strategy of 2014. Legislation and Regulations Kenya Information and Communications Act of 1998 (Part VI A on E-transactions) as amended in 2013. Kenya Information and Communications (Electronic Certification and Domain Name Administration) Regulations, 2010. Currently under review. Currently developing regulations on Cybersecurity and E-Commerce. Technical The National KE-CIRT/CC) under the Communications Authority of Kenya (CA). National trusted Point of Contact (POC) for cyber crime management in Kenya. Phased implementation in collaboration with the ITU through the Global Cybersecurity Agenda (GCA).
Why the ITU? Mandated by WSIS Action Line C5 and ITU Plenipotentiary 2006 Has capacity within and through collaboration with IMPACT Has a CIRT Capacity Building Program under GCA: o 64 National CIRT assessments so far in all continents o Supported establishment of 9 National CIRTs with 6 in progress o Conducted 9 cyber drill exercises involving more than 100 countries from all continents o Facilitating the joining of FIRST to expand the trust network of National CIRTs
The National Kenya Computer Incident Response Team - Coordination Centre (National KE-CIRT/CC) Enhancing Internet Security in Kenya
Enhanced Mandate: Review of the KICA 1998 1 To promote and facilitate the efficient management of Critical Internet Resources 2 3 Develop a framework to facilitating the investigation and prosecution of cybercrime offenses To develop regulations with respect to Enhancing Cybersecurity
About the National KE-CIRT/CC A technical means of Cybercrime management. Implemented by the Communications Authority of Kenya in Oct. 2012. ITU/IMPACT, under the GCA, provided technical support. Has speeded up resolution of cybercrime Consulting with the ITU to upgrade the operations of the National KE-CIRT/CC to include proactive services.
Overview of Kenya s National Cybersecurity Framework VISION 2030 ICT Sector Policy Kenya Information & Communications Act of 1998 National Cybersecurity Strategy National Computer Incident Response Team/Co-ordination Centre (National KE-CIRT/CC) National Public Key Infrastructure (NPKI)
Kenya s Cybersecurity Governance National Security Council (NSC) (Chaired by the President) National Security Advisory Committee (NSAC) (Chaired by the Head of Public Service) National Cybersecurity Steering Committee (NCSC) (Chaired by the PS/MoICT) National KE-CIRT/CC (Co-ordinated by CA) Threat Intelligence (Co-ordinated by NIS) E-Government Programmes (Co-ordinated by ICTA)
The National KE-CIRT/CC Establish Collaboration (National, Regional & International) on Cybersecurity Implement National Cybersecurity Policies, Laws & Regulations Cybersecurity Awareness & Capacity Building at the National Level Research & Development (R&D) on Cybersecurity National KE- CIRT/CC Technical Co-ordination & Response to Cybersecurity Incidents Development & Implementation of a National Public Key Infrastructure (NPKI) Early Warning & Technical Advisories
National KE-CIRT/CC Collaboration (Stakeholders) Law Enforcement National, Regional & International CIRTs Directorate of Public Prosecutions (DPP) National KE-CIRT/CC Academia Mobile Telecom Operators & ISPs Financial Institutions
The National KE-CIRT/CC operates as follows: 1.Users report cybersecurity incidents to the National KE-CIRT/CC: http://www.ca.go.ke (Information Security) OR http://www.ke-cirt.go.ke, incidents@ke-cirt.go.ke, Telephone OR a letter OR by visiting our offices; 2.The National KE-CIRT/CC conducts technical analysis; 3.The National KE-CIRT/CC responds to the cybersecurity incidents; 4.Escalation of the cybersecurity incidents of criminal nature to the law enforcement (for investigation and possible prosecution); 5.Providing Network Early Warning information (advisories) to stakeholders and the general public.
The National Public Key Infrastructure (NPKI) Enhancing Internet Security in Kenya
THE NATIONAL PKI The NPKI comprises of two parts: The Root Certification Authority (RCA) A function of the Communications Authority of Kenya (CA) and is used as a regulatory tool in the licensing of Electronic Certification Service Providers (E-CSPs). The RCA accredits (endorses) the E-CSPs so that the digital certificates they issue are recognized by the law at the national level The Government-owned E-CSP ICT Authority (ICTA) will be licensed to operate the government-owned E-CSP to issue digital certificates (virtual identities) to Internet users using government services. This will be the first E-CSP licensee for the Communications Authority of Kenya (CA).
The National Public Key Infrastructure (NPKI) Root Certification Authority (RCA) Technical Standards Development Awareness Creation & Capacity Building Licensing & Accreditation of E-CSPs International Co-operation Government-owned E-CSP Private-owned E-CSPs Issue Digital Certificates Issue Digital Certificates Key: E-CSP: Electronic Certification Service Provider licensed by the Communications Authority of Kenya (CA) to issue Digital Certificates (Internet IDs).
Conclusions and Recommendations Put in place relevant Policies, Strategy, Laws and Regulatory frameworks. Implement a National CIRT/sector CIRTs. Create awareness and capacity building in Cybersecurity. Put in place National, Regional and international partnership for effective cybercrime management. Implement National Public Key Infrastructure (NPKI).
Thank You!