curbing cyber menace by: kenneth adu amanfoh deputy director it,nca
TRANSCRIPT
Ghana IGF 2016
18 August 2016AITI-KACE
Curbing the Cyber Menace
BYKENNETH ADU-AMANFOH, DEPUTY DIRECTOR, IT, NCA
01/05/2023
2Agenda
Introduction: Ghana’s Connectedness Challenges in cyberspace National Cyber Security Policy & Strategy Special Interventions Security Governance Initiative
Ghana’s Cyberspace Today
Market No. of Subscribers
Percentage
Voice 31,028,253 115.64%Data 16,106,218 59.78%Source: National Communications Authority, March 2015 Statistics
01/05/2023
3
Ever Expanding
ICT infrastructur
e
Six Network Operators
Government Network
Infrastructure
5 Submarine Cables with over
12.3 Tbps
State of art Tier III National Datacenter
Eastern Corridor Fiber and Private
Operator national fiber
optics backbone criss-crossing
Vibrant Ghana IXP operated by
GISPAE-government InitiativesCashless BankingSocial CommunicationE-Commerce DevelopmentsOther Cyber Developments
Many Interactions based on Improving Infrastructure
Hacking
Social Engineering
Attacks (Phishing,
Identity Theft, etc.)
Botnets/Malware Attacks
Insider ThreatsChild Online Safety
Cyber Fraud
Data Breaches
01/05/2023
4Interaction open to Cyber attacks
01/05/2023
5
Person Specific• Consumer User• Corporate user
Device Specific• Telephones• Wireless Cell Devices• Personal Digital Assistant (PDA)
Network Specific• Wireless Carrier’s Transport• Local Area, Metropolitan Area and Wireless Area• Internet
Targets of Attacks
01/05/2023
6
Level 1:Home and Small Business users
Level 2: Large Enterprise Users
Level 3: Critical Sectors
Level 4: National Priorities
Level 5: Global
Levels of Protection Required
01/05/2023
7CNII Sectors - Ghana1.National
Defense and Security
2. Banking and Finance
3. Information and
Communications
4. Energy
5. Transportation
6. Water
7. Health Services
8. Government
9. Emergency services
10. Food and Agriculture
01/05/2023
8Ghana’s Draft Policy & Strategy
Effective Governance
Legislative & Regulatory Framework
Cyber Security Technology Framework
Culture of security and Capacity Building
Research & Development towards Self-Reliance
Compliance and Enforcement
Child Online Protection
Cyber Security Emergency Readiness
International Cooperation
01/05/2023
9Special Initiative 1:
National Cybersecurity Awareness Program
Program to train different stakeholders on different aspects of cyber security with the intent of helping them provide a reasonable security consummate with the risks to avoid incidences of cyber attacks.
Will take the form of identification, need assessment, training and evaluation of different sets of stakeholders.
The program will include a cyber security awareness portal that will establish a permanent awareness campaign on the internet
01/05/2023
10Special Initiatives 2:
Computer Emergency Response Teams
Establishment of National Computer Emergency
response Team (CERT-GH)
Established with support
ITU/IMPACTIn August 2014
In January 2015 11 Government website defaced
but brought under control
with 24 hours by CERT-GH
Sharing Alerts and Advisories
with constituents to proactively
improve security of systems
01/05/2023
11Special Initiative 3:National Cyber Security Centre
• Defines, communicates and updates (when necessary) the national cyber security programs to all the CNII.
National Cyber Security Policy Implementation:
• Closely coordinates cyber security initiatives of various key Agencies and organizations in Ghana. National Coordination:
•Promote and facilities formal and informal mechanism for information sharing across the CNII. This includes promoting cyber security awareness, training and education programs to grow the competency of information security professionals and the industry as a whole.
Outreach:
•Facilitiate the monitoring of compliance to cyber security policies and standards across the CNII. Compliance Monitoring:
•Assesses and identifies cyber security threats exploiting vulnerabilities and risks across the CNII. Risk Assessment:
•Assist the National Cyber Security Council in all its function activities and help industry to test its emergency plans Support:
•Contribute to application of international standards on cyber security as well as on accreditation and certification of ICT infrastructure, services and suppliers. Contribution:
01/05/2023
12Information Sharing - Public Private Info Sharing
01/05/2023
13Ghana USA Security Governance Initiative
US Government support to build cyber security and cybercrime capacity of :- National CERT- Law Enforcement & Judiciary- Government IT Employees - Network Operators Signed in February 2016- Program kicking off soon
01/05/2023
14Way Forword - Questions for discussion
What Interventions must be put in place to curb arising Incidents of attacks?
What are different Stakeholders doing to curb Cyber Security? What are best practice for Public Private Partnership in the fight
against? Cybercrime ? What capacity build is needed to make this happen?