By a Correspondent, TUNISIA
DESPITE fast advancement and multiple benefits of Information Telecommunication Technologies (ICTs), issues of Security, Privacy and Trust remain major concern both at National and Global levels.
Addressing the World Telecommunication Standardization Assembly (WTSA-16) in Jasmine Hammamet, Tunisia recently at the Global Standardization Symposium, the Tanzania Communications Regulatory Authority (TCRA) Director General Engineer James Kilaba (pictured right) said emerging technologies in ICTs play a central role on security (Networks, systems, devices, data and Users), privacy (data and Users) and trust (Networks, systems, devices, data and Users).
“At any ICTs discussion platforms like this, we normally don’t miss talking about ICTs related Services, Devices, Growth, subscriptions or Users, Network and Signal coverage and even revenues. Today, we are discussing the impact of emerging technologies on security, privacy and trust in ICTs” the TCRA DG told the WTS Assembly.
Eng. Kilaba said there has been technological shift from an internet dominated by Personal Computers (PCs) with wired connections, to the current mobile devices connected by wireless signals. He further said this has facilitated more access to communications and by extension, through Internet, to the cyber world. He added that the main cause of discussions at the Assembly was about ICTs related Services, Devices, Growth, subscriptions or Users, Network and Signal coverage.
“Regulators around the world are being challenged by the role/demands of Users (people) and evolutions of Devices irrespective of where they are mounted, fitted, connected or used as far as Security, Privacy or Trust are concerned. So, it is basically the People who also have cultural diversity complemented by time-zone differences”. said the TCRA Chief.
Now, from the perspective of developing countries, Tanzania has done a lot on cyber security. Eng. Kilaba narrated that from the perspective of developing countries, the United Republic of Tanzania has National Cyber Security System in place and stakeholders are involved.
“We have implemented our National Computer Emergency Response Team (TZ-CERT) and is used for dissemination of cyber security knowledge, information and skills to various stakeholders and Users, to be able to acquire necessary levels of expertize needed to actively tackle serious cybercrime incidents. We have implemented DNSSEC at our Domain Name Registry System. We have a newly established National Data Centre. We have also started to deploy mechanisms so as to prevent misuse of data or information from a stolen mobile device in the country.” He said.
The TCRA Boss added that at East African Region, Computer Emergency Response Teams (CERTs) has been implemented in four countries and to a large extent, the countries share and exchange information on cyber security incidents and threats. He also said through the regional our Organization EACO, member countries also meet and discuss issues on the cyber-security. He explained that the particular challenges faced in the context of security, privacy and trust in ICTs could be categorized in five basic factors like inadequate harmonization on Standards, Policies, Laws and Strategies.
“Standards, Laws and Strategies are required to improve a nation's cyber defense posture. As the matter does not end within one country’s borders, the established Standards, Laws and Regulations need to be harmonized within regions and globally. It is believed that there are few world-class cyber experts to adequately handle cyberspace offenses and defense”. He elaborated further.
The TCRA DG also under-scored the need for National Cyber-security Strategies that would promote dissemination of cyber security knowledge, information and skills to various stakeholders and Users, to be able to acquire necessary levels of expertizes needed to actively tackle serious cybercrime incidents. Eng. Kilaba told the Assembly that there was need for proper Management of Cyber-Security – Beyond National borders.
“Some of our developing countries have no well-established and adequately equipped National Computer Incident Response Teams (CIRTs) or Computer Emergency Response Teams (CERTs). These kinds of facilities when well established provide national approach for coordination, analysis, responses and secure information sharing in regards to cyber security incidents and threats.
He explained that there was a need therefore, for developing countries to have hand-shaking National-CERTs that would assist on early detection, monitoring and countering attacks, intrusions, new forms of malicious code distribution or any other type of malicious behavior.
“Effective and collaborative management of cyber security is a critical capability for the defense and preservation of civil society. Cybercrime is one of the world’s largest and fastest-growing categories of crime in cyberspace”. He noted with concern.
On Critical Infrastructures, he sighted that some of the critical infrastructures like Domain Names Registry Systems in respective countries are not well secured, and therefore vulnerable to attacks. Such kind of attacks when successful, they cause economic impact to our countries, adding that it was important that all critical infrastructures like Domain Names Registry Systems in our countries are properly secured and monitored.
He named Numbering Resources Management for Internet of Things (IoTs) and Machine to Machine (M2M) communications as very key, as the area was also emerging as new and therefore, requiring special attention in developing countries. The TCRA Chief said with caution that inadequate education and awareness to citizens was similarly detrimental.
“Education to enable Users to understand issues relating to security, privacy and trust in ICT is lacking. This education if provided will enable users to make informed decisions on the trustworthiness of ICT applications and services including social contacts and selective information sharing. There is unlawful use of ICTs by irresponsible people who use Human Rights and Privacy issues as their defenses”. Said Eng. Kilaba and appealed to Experts coordinated by ITU to play their part, so as to mitigate the challenges paused by Security, Privacy and Trust in ICTs.
The World Telecommunication Standardization Assembly is held every four years and defines the next period of studies for ITU-T. WTSA-16 is being held in Yasmine Hammamet, Tunisia, from 25 October to 3 November 2016 preceded by the Global Standardization Symposium on 24 October 2016.