Maximizing the Impact of Kenya's IT Department Mandate

presentation during new staff induction n.w
1 / 32
Embed
Share

Explore the critical role of Kenya's Information Technology Department in aligning IT systems, fostering e-commerce development, and advancing cybersecurity initiatives. Gain insights into the national cybersecurity framework, ICT policies, and more.

  • Kenya IT
  • E-commerce
  • Cybersecurity
  • National Framework
  • Technology
rayaanacharya
belde Follow

Uploaded on | 0 Views

Download Presentation

Please find below an Image/Link to download the presentation.

The content on the website is provided AS IS for your information and personal use only. It may not be sold, licensed, or shared on other websites without obtaining consent from the author. If you encounter any issues during the download, it is possible that the publisher has removed the file from their server.

You are allowed to download the files provided on this website for personal or commercial use, subject to the condition that they are used lawfully. All files are the property of their respective owners.

Download Presentation

The content on the website is provided AS IS for your information and personal use only. It may not be sold, licensed, or shared on other websites without obtaining consent from the author.

E N D

Presentation Transcript

  1. PRESENTATION DURING NEW STAFF INDUCTION ON THE INFORMATION TECHNOLOGY (IT) DEPARTMENT BY: MICHAEL K. KATUNDU, Director, Information Technology (IT)

  2. Mandate of the IT Department 1. Align Information Technology (IT) systems to the Authority s Strategy 2. Facilitate the development of the Commerce (E-Commerce) Electronic framework in Kenya 3. Conduct technical Research and on new and Development (R&D) emerging technologies and trends

  3. ALIGN INFORMATION TECHNOLOGY (IT) SYSTEMS TO THE STRATEGY AUTHORITY S

  4. Align the Information Technology (IT) systems to the Authority s Strategy Automation of the Authority s systems and processes Management of the Authority s IT systems Awareness creation and capacity building on IT issues (Internal and Regulatory) Advise on IT issues (Internal and Regulatory)

  5. FACILITATE THE DEVELOPMENT OF THE ELECTRONIC COMMERCE (E-COMMERCE) FRAMEWORK IN KENYA

  6. Overview of Kenyas National Cybersecurity Framework VISION 2030 ICT Sector Policy Kenya Information & Communications Act of 1998 National Cybersecurity Strategy National Computer Incident Response Team/Co-ordination Centre (National KE-CIRT/CC) National Public Key Infrastructure (NPKI)

  7. Facilitate the development of the Electronic Commerce) framework in Kenya Commerce (E- 2.1. Coordination of the implementation of the national Cybersecurity framework 2.2. Coordination of the implementation of a framework for the administration and management of the dot KE country code Top (ccTLD) Level Domain

  8. Coordination of the implementation of the national Cybersecurity framework i. What is Cybersecurity: Cybersecurity is also referred to as Information Technology (IT) security; It s the protection of computers, networks, programs and data from unintended or unauthorized access, change or destruction. https://encrypted-tbn1.gstatic.com/images?q=tbn:ANd9GcQ4bt44XY33fdSKf6RU1zD67V4IvsUI7zw_eMDBV2xdN-dtukB7ow https://encrypted-tbn2.gstatic.com/images?q=tbn:ANd9GcTX92h9Zqe2RSANNSqQVcqa-WV6zu5toXDscGyzt1i3dbRaSRNsPw

  9. Coordination of the implementation of the national Cybersecurity framework (Cont d) ii. Types of Cybersecurity incidents Hate messages propagated through the Internet/Computer; Distributed Denial of Service (DDOS); Phishing; Website Defacement; Espionage https://encrypted-tbn1.gstatic.com/images?q=tbn:ANd9GcSVFTU0nNA-NhNoocPlNGs8XWSlb5wkJI38JOVfd4mP3KgimIZf https://encrypted-tbn2.gstatic.com/images?q=tbn:ANd9GcTJ_HB_RupYCRtXBxcIBrBsuxIPD1vKF3PlBMDdv2Nvo1GR4DiJ https://encrypted-tbn1.gstatic.com/images?q=tbn:ANd9GcTOL6NWr_gZ_YsWgfUAJxfqOybdwl6_An4JIgdzUv69DkOD6uixfA https://encrypted-tbn2.gstatic.com/images?q=tbn:ANd9GcRcEpbiMnRCN3g3AdnNHwfkhm6DqBHpP-LSqK0eIgXeasdSH2aP https://encrypted-tbn3.gstatic.com/images?q=tbn:ANd9GcTgNyWQ_gQIw8340h2oJaYaaurmhF0dNK6RRcB1sb7tD9x9CnQW6A

  10. The National Computer Incident Response Team - Coordination Centre (National KE-CIRT/CC) Enhancing Internet Security in Kenya

  11. Implementation of the national Cybersecurity framework (Cont d) The National Computer Incident Response Team-Coordination Centre (National KE-CIRT/CC) The Authority implemented the National KE-CIRT/CC in Oct. 2012 with the technical support of the ITU The Authority is currently liaising with the ITU to upgrade the services of the National KE-CIRT/CC The functions of the National KE-CIRT/CC are to: a) Coordinate technical response to cybersecurity incidents in Kenya in collaboration with the national, regional and international cybersecurity actors;

  12. Implementation of the national Cybersecurity framework (Contd) The National Computer Incident Response Team-Coordination Centre (National KE-CIRT/CC) The Authority implemented the National KE-CIRT/CC in Oct. 2012 with the technical support of the ITU The Authority is currently liaising with the ITU to upgrade the services of the National KE-CIRT/CC The functions of the National KE-CIRT/CC are to: a) coordinate technical response to cybersecurity incidents in Kenya in collaboration with the national, regional and international cybersecurity actors; https://encrypted-tbn0.gstatic.com/images?q=tbn:ANd9GcQAcNiBKLNzhy7Y71fvoMmb6jVnKrIf-_oK9uYU6nGf_81f0nxicA https://encrypted-tbn3.gstatic.com/images?q=tbn:ANd9GcQtA_956tw5LvXmi-JmUxBKugx79oQUKGqIABN1PctCjqGiOVkqmCDkWw

  13. The functions of the National KE-IRT/CC (Contd): b) To create awareness and build capacity on Cybersecurity in Kenya https://encrypted-tbn1.gstatic.com/images?q=tbn:ANd9GcR0qr1n6ExUfdVKHh5sUAQ3dnzLAfoNNAKu1relkdQlV-gUOoXqzA https://encrypted-tbn2.gstatic.com/images?q=tbn:ANd9GcRGSyCy5zO4nctA29y1uy8xctR4tI6Zgcq_r_MUQW4OczzGgXQP https://encrypted-tbn1.gstatic.com/images?q=tbn:ANd9GcTxJp4MC09pq_oZHwE5NSdDxFhMVURwWxh6hZ__gFD6WwP03U9S https://encrypted-tbn3.gstatic.com/images?q=tbn:ANd9GcR9UxRXFwPn1NDirqeuDIlxYPJyP9tVoXlcwb2iDOgO6W7Nkv4s https://encrypted-tbn0.gstatic.com/images?q=tbn:ANd9GcTZXNOF-BPJWFBGyd-um6vrfgBeaR3iBMxRj7bek7oENQmtso1WRw

  14. Functions (c) Put in place Network Early Warning Systems (NEWS) in order to identify possible cybersecurity incidents of the National KE-CIRT/CC: in advance. (d) Collect, compile and disseminate national statistics on cybersecurity incidents. https://encrypted-tbn0.gstatic.com/images?q=tbn:ANd9GcSx8pi61mJha0Fbx96uhMy2SyIAmOljAbtHUY1AyG0lM6LjX6hk https://encrypted-tbn0.gstatic.com/images?q=tbn:ANd9GcQDt9V5V8VLav1AVS0Zd3MGPzx6Bt37ZlfYX-sh6zzhN3W8-fkXvg

  15. The National KE-CIRT/CC operates as follows: i. Users report cybersecurity incidents to the National KE-CIRT/CC (via the website, email, telephone, a letter or by visiting) ii. The National KE-CIRT/CC conducts technical analysis iii. Respond to the cybersecurity incidents iv. Escalation of the cybersecurity incidents of criminal nature to the law enforcement (for investigation and possible prosecution) v. Providing Network Early (advisories) to stakeholders Warning information

  16. Summary of the Functions of the National KE-CIRT/CC Implement National Cybersecurity Policies, Laws & Regulations Establish Collaboration (National, Regional & International) on Cybersecurity Cybersecurity Awareness & Capacity Building at the National Level Technical Research & Development (R&D) on Cybersecurity National KE- CIRT/CC Co-ordination & Response to Cybersecurity Incidents Development & Implementation of a National Public Key Infrastructure (NPKI) Early Warning & Technical Advisories Collect, collate and disseminate national statistics on cybersecurity incidents

  17. National KE-CIRT/CC Collaboration (Stakeholders) National Police Service (NPS) National, Regional & International CIRTs National Intelligence Service (NIS) National KE-CIRT/CC Kenya Defence Forces (KDF) Academia Directorate of Public Prosecutions (DPP) Financial Institutions Mobile Telecom Operators & ISPs

  18. The National Public Key Infrastructure (NPKI) Enhancing Internet Security in Kenya

  19. The National PKI Anonymity on the Internet drives the tendency towards abuse. On the Internet, nobody knows who really is on the other end

  20. The National PKI The ICT Sector Policy of 2006 and the Kenya Information and Communications Act of 1998 mandate the Communications Authority of Kenya (CA) to license entities to provide Electronic Certification Service Provider (E-CSP) services. E-CSP entities issue digital certificates (virtual identities) to Internet users to enable them carry out safe and secure electronic transactions.

  21. The National PKI The Ministry of ICT in collaboration with the Communications Authority of Kenya (CA) and the ICT Authority (ICTA) have implemented the National Public Key Infrastructure (NPKI).

  22. The National PKI The NPKI comprises of two parts: The Root Certification Authority (RCA) A function of the Communications Authority of Kenya (CA) and is used as a regulatory tool in the licensing of Electronic Certification Service Providers (E-CSPs). The RCA accredits (endorses) the E- CSPs so that the digital certificates they issue are recognized by the law at the national level The Government-owned E-CSP ICT Authority (ICTA) will be licensed to operate the government- owned E-CSP to issue digital certificates (virtual identities) to Internet users using government services. This will be the first E- CSP licensee for the Communications Authority of Kenya (CA).

  23. The National PKI REAL WORLD CYBERSPACE National Identity (ID) Card bearing an individual s photo and finger print is used for identification. An identity) bearing an individual s public key identification. Digital Certificate (virtual is used for A re-usable hand signature or signature-seal authentication. A signature), using an asymmetric encryption method, is used for authentication. The signature is unique for each e-transaction. For example, if a document is changed, the digital signature also changes. digital signature (virtual is used for

  24. The National Public Key Infrastructure (NPKI) Root Certification Authority (RCA) International Technical Standards Development Awareness Creation & Capacity Building Licensing & Accreditation of E-CSPs Co-operation Private-owned E-CSPs Government-owned E-CSP Issue Digital Certificates Issue Digital Certificates Key: E-CSP: Electronic Certification Service Provider licensed by the Communications Authority of Kenya (CA) to issue Digital Certificates (Internet IDs).

  25. The National PKI Accredit Certificate Authorities International Cooperation Issue and manage E- CSP certificate; Audit E-CSP Technical Specifications Develop and standardize Support for mutual recognition Root Certification Authority (RCA) Research and development User Public awareness and Capacity Building Environment For Electronic Signatures Legal and Policy Issue 25

  26. The National PKI Subscribers Generate & issue certificates Storage and management of Certificate revocation lists Government- owned E-CSP Directory Services Auditing Unit Logs, History and Integrity Checks Act as agents of Certificate Authorities Registration Authorities 26

  27. Benefits of a NPKI Ability to digitally sign electronic data and information to ensure integrity of the data and non-repudiation Ability to encrypt electronic data and information to ensure confidentiality.

  28. Implementation of a framework for the dot KE country code Top Level Domain (ccTLD) the management of i. What is a Domain Name System (DNS)? A system that maps IP addresses to EASY-TO-REMEMBER Domain Names (CA.GO.KE). Include ccTLDs (country identity) and gTLDs (generic). ii. What is a ccTLD? country code Top-Level Domain, and acts as an Internet Identity for a country or territory. Examples are: dot KE (Kenya), dot TZ (Tanzania), dot UK (United Kingdom), dot US (USA). iii. Licensing framework for dot KE ccTLD Kenya Network Information Centre (KENIC) started in 2002 under facilitation by CA The Law (KICA) requires that dot KE Registry and Registrars are licensed The Licensing framework is awaiting final approval by the Board

  29. CONDUCT TECHNICAL RESEARCH AND DEVELOPMENT (R&D) ON NEW AND EMERGING TECHNOLOGIES AND TRENDS

  30. Conduct technical Research and Development (R&D) on new and emerging technologies and trends Development of White papers on new and emerging technologies Research and Development (R&D) in Cybersecurity trends https://encrypted-tbn3.gstatic.com/images?q=tbn:ANd9GcQ4I3K1ALPabI_wk5PToR2qZu4TfRLHijqdxHWABl-vkz94dcISKw https://encrypted-tbn0.gstatic.com/images?q=tbn:ANd9GcQ_0Jufn5DbY7NnXBEHsGIDSiiwQVB9BK3ICM-9S6AhG71z3sRoyg

  31. Structure of the IT Department Director Information Technology (IT) Assistant Director Assistant Director Information Systems E-Commerce (EC) (IS) Manager Manager Manager E-Security Systems Development & Administration Technical Research & Development (ES) (SDA) (TRD)

  32. https://encrypted-tbn1.gstatic.com/images?q=tbn:ANd9GcRkFuWp_Fi4VmtJMpgbdVY0JKb2Neflbs0krMj905SoR7Qk5pawhttps://encrypted-tbn1.gstatic.com/images?q=tbn:ANd9GcRkFuWp_Fi4VmtJMpgbdVY0JKb2Neflbs0krMj905SoR7Qk5paw

Related


PLACEMENT & INDUCTION

PLACEMENT & INDUCTION

kamiyah
Guidelines for Induction of Labor in Family Medicine Forum 2023

Guidelines for Induction of Labor in Family Medicine Forum 2023

finbar
FY1 Doctors Induction 2023-24 Overview

FY1 Doctors Induction 2023-24 Overview

pixie
Challenges in Philosophy of Science: Explanation and Induction

Challenges in Philosophy of Science: Explanation and Induction

mercutio
Line and Staff Authority in Organizational Structure

Line and Staff Authority in Organizational Structure

khaleesi
Poly Phase Induction Motor Construction

Poly Phase Induction Motor Construction

blade
Induction Motor Characteristics and Modeling in Power Systems

Induction Motor Characteristics and Modeling in Power Systems

dominykas
Overview of Induction of Labour for Obstetric Practice

Overview of Induction of Labour for Obstetric Practice

davian
Strong Induction in Computer Science: CSE 311 Lecture Insights

Strong Induction in Computer Science: CSE 311 Lecture Insights

cher_7
Complete Guide to Staff Management in Healthcare System

Complete Guide to Staff Management in Healthcare System

prospe
Induction of Parturition in Mammals

Induction of Parturition in Mammals

aggi_84
National Honor Society Induction Guide

National Honor Society Induction Guide

myhr_j
Buprenorphine Induction and Maintenance Guidelines

Buprenorphine Induction and Maintenance Guidelines

montalbo_a
Induction Motors: Construction and Characteristics

Induction Motors: Construction and Characteristics

jazae
Induction Furnaces: Efficient Heating for Industrial Purposes

Induction Furnaces: Efficient Heating for Industrial Purposes

kiyannaw
CWVYS Induction Programme: A Pathway to Youth Work Excellence

CWVYS Induction Programme: A Pathway to Youth Work Excellence

ken_rol
Induction of Labor: Methods and Considerations

Induction of Labor: Methods and Considerations

mgiu
Staff Development Discussions 2016 Overview

Staff Development Discussions 2016 Overview

spoe
Automated Knowledge Base Construction: Taxonomy Induction and Entity Disambiguation Overview

Automated Knowledge Base Construction: Taxonomy Induction and Entity Disambiguation Overview

leonetti_t
Junior Doctor Local Induction Pack at Guy's and St Thomas NHS Foundation Trust

Junior Doctor Local Induction Pack at Guy's and St Thomas NHS Foundation Trust

adkison_e
Faraday's Law of Induction and Electromagnets

Faraday's Law of Induction and Electromagnets

marifer
Six Degrees of Separation Theory Through Induction

Six Degrees of Separation Theory Through Induction

wachowiak_i

More Related Content