Meeting scheduled for 30 May 2016

Time: From 0900hours

Subject Matter: The Cyber Security Challenge

AIM: Protecting our National Cyberspace from cyber threats (particularly in government)
We start with our DIS Information assets then elevate to the national level
1. First understand the current network and systems infrastructure (in terms of layout up
to the DIT site). i.e. Identify the information systems Assets
2. Identify whether our current network systems require improvement to achieve better
security
3. The current security products installed on the existing systems- Do require update?
4. Identify the trending cyber threats-most costly cybercrimes are those caused by denial
of service and eavesdropping attacks, forgery and redirection attacks, malicious insiders
(phishing attacks) and malicious code.
5. Relevant stakeholder engagement/cooperation both nationally and internationally on
fighting cybercrime/terrorism
6. Any means of threat detection and prevention mechanisms adopted so far (means of
hunting for indicators of compromise in real time, using various toolsets, based on
intelligence gathered)- Do we currently follow the protection principles of Deter-ReactDetect and Prevent. (E.g. Note that the modern IPSs combine firewall, intrusion
detection, antivirus and vulnerability assessment capabilities). Do we presently have
such capability?- harden our system configurations.
7. Forensic Investigation Tools require enhancement?
8. The current legislation on cybercrime (law enforcement)- Any cybercrime laws in areas
such as computer misuse, electronic signatures, data protection, intellectual property,
liability and dispute resolution;
9. The National cybercrime laws are globally applicable and interoperable with the existing
regional and global legislative measures; and (b) National cybercrime legislation allows
global cooperation on cybercrime investigations and prosecution.
10. Any procedures of communicating the threats feeds obtained via intelligence monitoring
and Surveillance
11. Any means of analyzing the threats (Security Auditing using Security Assessment
tools)-log management and audit trailing procedures in place?
12. Communication procedures to leadership in response to security intelligence findings
(Any incident response team in place, CIRTs)
13. What can be done to improve security? Cyber security strategy available? Does it
comply with the current versions of security standards (ISO27000 series/PCI-DSS),
14. Give alternative intelligent security solutions and compare (e.g. Kaspersky widely used
by London Metropolitan Police UK, Cisco security systems, NCR security system, etc)
15. Capacity building (involves security training and awareness, transfer knowledge and
boost cybersecurity on the national policy agenda, JUDICIAL CAPACITY that enforces
cybersecurity legal measures).
16. DIS Physical Assets, are they intelligently monitored and protected from the central
point?
17. Annual review of the current IS Policy? Accountability
18. Roles and responsibilities need to be defined appropriately under the Cyber Security
Team
19. We (the security team) can reduce our administrative workload by becoming more
dynamic and precise in identifying and responding to the trending threats and adapting
defenses.
20. Cost implications of adopting the way forward.
21. Website Development (professional layout, About us, What we do, etc)

Drafted by Dr. Mapoka