Sri Lanka just came out with a draft bill for a proactive, national cyber-defense entity. This entity functions by designating systems as Critical Information Infrastructure (CII) and then appointing people responsible for reporting security breaches and so on and so forth. The legalese looks like this: Part V 18(1) states that “the Agency shall identify and recommend to the Minister the designation of a computer or computer system as CII for the purposes of this Act, if the Agency is satisfied that- (a) the computer or computer system is necessary for the continuous delivery of essential services for the public health, public safety, privacy, economic stability, national security, international stability and for the sustainability and restoration of critical cyberspace or for any other criteria as may be prescribed and the disruption or destruction of which would likely to have serious impact on the public health, public safety, privacy, national security, international stability or on the effective functioning of the government or the economy; and (b) the computer or computer system is located wholly or partly in Sri Lanka… The current proposed version gives the Agency the right to designate even corporate computer systems as CIIs, bust down their doors, inspect […]
Cybersecurity of developing countries is most at risk! Gartner projects that more than 20 billion IoT devices will be connected by 2020. The security of these Internet Of Things (IOT), relating to cyber security, in a broader sense hinges on service continuity and availability. Whether it be a DDoS attack that affects the availability or a malicious attack on the configuration that brings down the IoT device(s) or exposes private data, they all converge on the concept of cybersecurity. LIRNEasia partnered with Vanuatu Office of the Government Chief Information Officer, Prime Minister’s Office, Netherlands Radio communications Agency / University of Twente and the Internet Society (ISOC) in introducing the Raster Tool and engaging the participants in an IOT cybersecurity assessment exercise.
In a wide-ranging interview, Htaike Htaike Aung and Phyu Phyu Thi talk about MIDO and how they approach policy problems in the ICT space. The article.