Embed Size (px)
Citation preview
International Conference on Cybercrime, DBI, Abuja 1 - 2 Nov., 2010
PROTECTION OF CRITICAL PROTECTION OF CRITICAL INFORMATION INFORMATION
INFRASTRUCTUREINFRASTRUCTURE
By
Emmanuel E. Ekuwem,PhD, MIEEE, NPOM
CEO, Teledom GroupImmediate Past National President, Association of Telecom
Companies of Nigeria (ATCON)[email protected]
Bro a d b a n d IC T In fra stru c ture s
International Conference on Cybercrime, DBI, Abuja 1 - 2 Nov., 2010Bro a d b a n d IC T In fra stru c ture s
Where are we coming from and where are we heading to?
How slowly have we been moving; what happened?
President Obasanjo’s “Presidential Committee on 419 on the Internet under Basil Udotai, Esq’s excellent Coordinatorship
Representative of the then relevant Law Enforcement Agencies: Police, EFCC, ICPC, NSA, SSS, etc and the Ministries of S &T, Justice; NCC, NITDA; NIG, ATCON, ALTON, NCS, CPN, etc.
Ministers of S & T and Justice/Attorney General as Co-Chairmen
International Conference on Cybercrime, DBI, Abuja 1 - 2 Nov., 2010Bro a d b a n d IC T In fra stru c ture s
Where are coming from and where are heading to?--2
Many very constructive meetings of the committee
Extensive consultations with stakeholders
Report submitted to the President with recommendations containing, among others, the subject of this international conference: CERT Implementation
International Conference on Cybercrime, DBI, Abuja 1 - 2 Nov., 2010Bro a d b a n d IC T In fra stru c ture s
Where are we coming from and where are we heading to?--3
Mr. President commended the committee for a “brilliant work”
A draft Executive bill sent to the National Assembly
Commencement of Public Hearings by relevant committees of Senate and House of Representatives
International Conference on Cybercrime, DBI, Abuja 1 - 2 Nov., 2010Bro a d b a n d IC T In fra stru c ture s
Needless Controversies on the Draft Bill--1
While the 419 Committee deliberations lasted, the majority always had their way……as it should be in a democracy
Those who did not have their way during those deliberation sessions of the 419 Committee took their fight to the Public Hearings of the National Assembly
High level lobby set in
International Conference on Cybercrime, DBI, Abuja 1 - 2 Nov., 2010Bro a d b a n d IC T In fra stru c ture s
Issues that Triggered Controversies-1
No need for an independent Agency or Body of whatever form
Almost every law enforcement agency claimed that it had sufficient provisions within the law setting it up to host the Cyber security outfit
International Conference on Cybercrime, DBI, Abuja 1 - 2 Nov., 2010Bro a d b a n d IC T In fra stru c ture s
Issues that Triggered Controversies-2
Should the Cyber security agency or body be:
• A department (Directorate) in NITDA?• A department in EFCC?• A department of the Police?• A department in the office of the NSA?• An autonomous Agency that reports to
the NSA?• etc
International Conference on Cybercrime, DBI, Abuja 1 - 2 Nov., 2010Bro a d b a n d IC T In fra stru c ture s
Issues that Triggered Controversies-3
If Cyber security matters can be handled under the ambit of existing laws, did we need a new legislation?
What would constitute Critical Information Infrastructure?
Do we need a law to designate Critical Information Infrastructure and criminalize its attack with stiff penalties
International Conference on Cybercrime, DBI, Abuja 1 - 2 Nov., 2010Bro a d b a n d IC T In fra stru c ture s
Chaos of Draft Bills
Every shade of opinion on the scope, form and hosting of the Cyber security outfit had a tendency to want to sponsor a draft bill.
Which shade or version is in the House? Probably the product of compromises for the good of the country
International Conference on Cybercrime, DBI, Abuja 1 - 2 Nov., 2010Bro a d b a n d IC T In fra stru c ture s
Critical Information Infrastructure
Major ICT service media for Access (IP and GSM/CDMA cellular), Switching, Transport, Billing, Storage, Processing and Interconnectivity upon which national economic activities and productivity depends; impairment of which impedes, disrupts and eventually sabotages the nation’s economy. This impairment can be considered an ACT of WAR against Nigeria.
International Conference on Cybercrime, DBI, Abuja 1 - 2 Nov., 2010Bro a d b a n d IC T In fra stru c ture s
Information Infrastructure for the Critical Sectors
Security Telecommunication Financial Services….banking, insurance,
NSE, NDIC, PENCOM, etc Aviation Petroleum Power Health Water Governments
International Conference on Cybercrime, DBI, Abuja 1 - 2 Nov., 2010Bro a d b a n d IC T In fra stru c ture s
Critical Information Infrastructure Protection (CIIP)
Enabling laws to define, designate and criminalize attacks
Physical Virtual
International Conference on Cybercrime, DBI, Abuja 1 - 2 Nov., 2010Bro a d b a n d IC T In fra stru c ture s
CIIP
Redundancies, backups, distributed architecture
CERTsFIRSTs
International Conference on Cybercrime, DBI, Abuja 1 - 2 Nov., 2010Bro a d b a n d IC T In fra stru c ture s
CIIP: CERT to the Rescue
Barring physical attacks, CERT action
Inter-CERT collaborations Some form of CERT coordination
International Conference on Cybercrime, DBI, Abuja 1 - 2 Nov., 2010Bro a d b a n d IC T In fra stru c ture s
Seek Yee First Self-Protection
Sector designation of its CIISector CERT establishmentPartnership with the Police and
other relevant law enforcement agencies
Show CERT value in CII by reporting incidents
International Conference on Cybercrime, DBI, Abuja 1 - 2 Nov., 2010Bro a d b a n d IC T In fra stru c ture s
Thank YouThank You
