SlideShare a Scribd company logo

Ethiopia reba paper

W
Wesen Tegegne
Education
1 of 7
Download to read offline
ETIOPIAN TELECOMMUNICATIONS AGENCY STATE OF CYBER SECURITY IN ETHIOPIA By Mr. Balcha Reba Ethiopian Telecommunications Agency Standards and Inspection Department Head, Standards Division email: tele.agency@ethionet.et June 2005
Table of Contents 1. INTRODUCTION ................................................................................... 2 2. BACKGROUND ...................................................................................... 2 3. STATUS OF CYBERSPACE SECURITY IN ETHIOPIA................. 4 4. EXISTING SECURITY TECHNOLOGY............................................. 5 5. CONCLUSION ......................................................................................... 6 1
1. INTRODUCTION Information security (InfoSec) is the protection of information and its critical elements, including the systems and hardware which use, store and transmit that information. Information security includes the broad areas of information security management, computer and data security management, computer and data security, and network security. To protect information and its related systems, tools such as policy, awareness, training and education, and technologies are of vital importance. Security is the quality or state of being secure, to be free from danger. In other words, security can be defined as building protection against adversaries. The security of information and its systems entails securing all components and protecting them from potential misuse by unauthorized users. As global networks expand the interconnection of the world’s information systems, the smooth operation of communication and computing solutions becomes vital. However, recurring events such as virus and worm attacks and the success of criminal attackers illustrate the weaknesses in current information technologies and the need to provide heightened security for these systems. To put in another way, as the world becomes more and more dependent on networks of computers, it also becomes increasingly and dangerously vulnerable to cyber intrusion and cyber terrorism. Thus, requiring implementation of information security. Now days, the internet has brought millions of unsecured computer networks into communication with each other. The security of each computer’s stored information is contingent on the level of security of every other computer to which it is connected. 2. BACKGROUND The creation of information security program begins with the creation and/or review of the organization’s information security policies, standards and practices. Policies shall be considered as the basis for all information security planning, design, and deployment. 2
Policies do not specify the proper operation of equipment or software. This information should be placed in the standards, procedures and practices of users’ manuals and systems documentation. A policy is a plan or course of action used by an organization to convey instructions from its senior- most management to those who make decisions, take actions, and perform other duties on behalf of the organization. Polices are organizational laws in that they dictate acceptable and unacceptable behavior within the context of the organization’s culture. Like laws, policies must define what is right, and what is wrong, what the penalties are for violating policy, and what the appeal process is. Standards, on the other hand, are more detailed statements of what must be done to comply with policy. The information technology revolution has changed the way business is transacted, government operates, and national defense is conducted. These three functions now depend on an interdependent network of critical information infrastructures that we refer to as “cyberspace” to secure this cyberspace a national policy shall be defined in such a way that to prevent or minimize disruptions to critical information infrastructures and thereby protect the people, the economy, the essential human and government services and the national security. Disruptions that do occur should be infrequent, of minimal duration and manageable and cause the least damage possible. Consistent to the policy in force, the national strategy to secure cyberspace shall have the following objectives: - Prevent cyber attacks against critical infrastructures. - Reduce national vulnerabilities to cyber attack and, - Minimize the damage and recovery time from cyber attacks that do occur. Despite the facts mentioned above there is no functional cyberspace security policy in Ethiopia. Currently, the Ethiopian ICT Development Authority is preparing national information security standards. However, information security policy should have been 3
developed earlier to guide the preparation of standards. Due to lack of national cyberspace security policy and associated standards, ICT development programs have very little focus on security components. Similarly, the national network infrastructure and telecommunications service provider, the Ethiopian Telecommunications Corporation, also performs its duties without clearly defined national strategic procedures and guidelines in place. Instead, the Corporation is relying on security elements proposed by vendors and system installers. 3. STATUS OF CYBERSPACE SECURITY IN ETHIOPIA In 2001, a national taskforce coordinated by the National Computer and Information Center of the Ethiopian Science and Technology Commission initiated Data Disaster Prevention and Recovery Management (DDPRM) program which mainly sought to address data integrity and physical security. The objective of this project was to formulate a policy, which facilitates enabling environment and paves the way for designing of a secure institutional data center. The over all intention was to protect data stored, processed and transmitted through computer system. In addition to this, the project was also supposed to develop guidelines and procedures that support corporate enterprises to put in place their own organizational data security in house policy. As compared to data security, information security is a broader system which deals with all critical elements and components of an information system namely: Software, Hardware, Data, People, Procedures and Networks. With regard to this, the Data Disaster Prevention and Recovery Management guideline developed by a taskforce organized by Ethiopian Science and Technology Commission is a good move towards adopting strategies to determine the level of protection required for applications, systems, facilities in ICT development and recover from any disaster without serious business discontinuity and major damages and loss to the system and data. However, escalation of the specific data security issue to more general information security systems was found to be mandatory. 4
In 2004, not long after the restructuring of IT sectors, the Ethiopian Telecommunications Agency took the initiative to invite the Ethiopian Information and Communication Technology Development Authority (EICTDA) and the Ethiopian Telecommunications Corporation (ETC) to discuss on issues of cyberspace security and encryption policy. On this initiative, the three institutions agreed on importance of cyberspace security policy and formed a joint technical committee, which follows up the process of formulating information security policy and standards. The institutions have also reached at a common understanding that EICTDA has more broader legal framework and resources to lead the initiative. On the basis of this, EICTDA has employed a consultant to conduct a general assessment on how to go forward to develop a national information security strategy and action plan. Currently, the Ethiopian ICT Development Authority is working on preparation of information security standards. The final document is expected to be finalized and endorsed by the government for implementation as of September 2005. As part of the capacity building process for the ongoing information security programs, the EICTDA has organized training on Information Security Principles to selected government employees working on ICT and related sectors. 4. EXISTING SECURITY TECHNOLOGY As mentioned in earlier sections, Ethiopia has not yet formulated information security policy and standards. However, currently the ISP is utilizing firewalls, network Intrusion Prevention Systems (IPS), Dial-up protection and packet filtering mechanisms to protect the internet infrastructure, corporate VPNs and Leased lines. Latest spam guards to get rid of viruses or malicious software (malware) are also in place to protect the system. The existing ISP security systems are based on technical proposal submitted by network installers and vendors. Therefore, it cannot be referred to as a system developed fulfilling all-rounded national information security policy and standards. In addition to this, when 5
implementing information security in an organization, there are many human resource issues that must be addressed. The organization should thoroughly examine the options possible for staffing information security function. In this regard, in Ethiopia there is a shortage of information security professionals. Hence, organizations are forced to draw on the current pool of information security practitioners. 5. CONCLUSION In Ethiopia, currently cyber security policy and standards are inexistent. Information security law, ethics and relevant legislation and regulation concerning the management of information in an organization is not yet developed. With absence of these conditions, it will be impossible to think of reliable cyber security issues. Therefore, formulation of cyber security policy and standards shall be given due attention. Furthermore, to develop more secure computing environments in the future, staffing of information security function has to count on the next generation of professionals to have the correct mix of skills and experience necessary to anticipate and mange the complex information security issues. Accordingly, trainings on information security principles are needed to prepare and create professionals of technology to recognize the threats and vulnerabilities present in existing systems and to learn to design and develop the security systems needed in near future. To this effect, the supports being given by Ministry of Capacity Building (MoCB) on promotion of ICT programs is encouraging. The training arranged in collaboration with Ethiopian ICT Development Organization and Kennesaw State University of USA on principles of information security is one to be cited. To put concisely, information security issue is not only a problem that technology can address alone but also a problem of a management to solve. Therefore, legal frameworks in the form of policy and standards are the most prerequisites to establish efficient and reliable cyber security systems. In line with this, Ethiopia has to do a lot yet to address the requirements for cyber security in the evolvement of information society. 6

Recommended

GUL Network Infrastructure
GUL Network InfrastructureGUL Network Infrastructure
GUL Network InfrastructureMuhammad Zeeshan
 
Information System Security Policy Studies as a Form of Company Privacy Prote...
Information System Security Policy Studies as a Form of Company Privacy Prote...Information System Security Policy Studies as a Form of Company Privacy Prote...
Information System Security Policy Studies as a Form of Company Privacy Prote...Editor IJCATR
 
Legal, ethical & professional issues
Legal, ethical & professional issuesLegal, ethical & professional issues
Legal, ethical & professional issuesDhani Ahmad
 
Introduction to the management of information security
Introduction to the management of information security Introduction to the management of information security
Introduction to the management of information security Sammer Qader
 
2015_ICMSS_Institutional_Cybersecurity_s02
2015_ICMSS_Institutional_Cybersecurity_s022015_ICMSS_Institutional_Cybersecurity_s02
2015_ICMSS_Institutional_Cybersecurity_s02Government
 
Unit v: Cyber Safety Mechanism
Unit v: Cyber Safety MechanismUnit v: Cyber Safety Mechanism
Unit v: Cyber Safety MechanismArnav Chowdhury
 
NGN integrated information security v3 DetikNas
NGN integrated information security v3 DetikNasNGN integrated information security v3 DetikNas
NGN integrated information security v3 DetikNasEmyana Ruth
 
20111010 The National Security Framework of Spain for Guide Share Europe, in ...
20111010 The National Security Framework of Spain for Guide Share Europe, in ...20111010 The National Security Framework of Spain for Guide Share Europe, in ...
20111010 The National Security Framework of Spain for Guide Share Europe, in ...Miguel A. Amutio
 

Recommended

GUL Network Infrastructure
GUL Network InfrastructureGUL Network Infrastructure
GUL Network InfrastructureMuhammad Zeeshan
 
Information System Security Policy Studies as a Form of Company Privacy Prote...
Information System Security Policy Studies as a Form of Company Privacy Prote...Information System Security Policy Studies as a Form of Company Privacy Prote...
Information System Security Policy Studies as a Form of Company Privacy Prote...Editor IJCATR
 
Legal, ethical & professional issues
Legal, ethical & professional issuesLegal, ethical & professional issues
Legal, ethical & professional issuesDhani Ahmad
 
Introduction to the management of information security
Introduction to the management of information security Introduction to the management of information security
Introduction to the management of information security Sammer Qader
 
2015_ICMSS_Institutional_Cybersecurity_s02
2015_ICMSS_Institutional_Cybersecurity_s022015_ICMSS_Institutional_Cybersecurity_s02
2015_ICMSS_Institutional_Cybersecurity_s02Government
 
Unit v: Cyber Safety Mechanism
Unit v: Cyber Safety MechanismUnit v: Cyber Safety Mechanism
Unit v: Cyber Safety MechanismArnav Chowdhury
 
NGN integrated information security v3 DetikNas
NGN integrated information security v3 DetikNasNGN integrated information security v3 DetikNas
NGN integrated information security v3 DetikNasEmyana Ruth
 
20111010 The National Security Framework of Spain for Guide Share Europe, in ...
20111010 The National Security Framework of Spain for Guide Share Europe, in ...20111010 The National Security Framework of Spain for Guide Share Europe, in ...
20111010 The National Security Framework of Spain for Guide Share Europe, in ...Miguel A. Amutio
 
Cyber Security Intelligence
Cyber Security IntelligenceCyber Security Intelligence
Cyber Security Intelligenceijtsrd
 
Ethics in IT Security
Ethics in IT SecurityEthics in IT Security
Ethics in IT Securitymtvvvv
 
Cybersecurity
CybersecurityCybersecurity
Cybersecuritypronab Kurmi
 
Compliance for Real-Time communications-June2016
Compliance for Real-Time communications-June2016Compliance for Real-Time communications-June2016
Compliance for Real-Time communications-June2016Mohan C. de SILVA
 
Chapter 11 laws and ethic information security
Chapter 11 laws and ethic information securityChapter 11 laws and ethic information security
Chapter 11 laws and ethic information securitySyaiful Ahdan
 
02 Legal, Ethical, and Professional Issues in Information Security
02 Legal, Ethical, and Professional Issues in Information Security02 Legal, Ethical, and Professional Issues in Information Security
02 Legal, Ethical, and Professional Issues in Information Securitysappingtonkr
 
INFORMATION SECURITY
INFORMATION SECURITYINFORMATION SECURITY
INFORMATION SECURITYAhmed Moussa
 
Deep Learning for Cybersecurity Innovation Insights from Patents
Deep Learning for Cybersecurity Innovation Insights from PatentsDeep Learning for Cybersecurity Innovation Insights from Patents
Deep Learning for Cybersecurity Innovation Insights from PatentsAlex G. Lee, Ph.D. Esq. CLP
 
Module 5 ig presentation iran 2
Module 5 ig presentation iran 2Module 5 ig presentation iran 2
Module 5 ig presentation iran 2Habib Noroozi
 
Workplace Surveillance
Workplace SurveillanceWorkplace Surveillance
Workplace SurveillanceSampath
 
MIS 21 Security and Ethical Challenges
MIS 21 Security and Ethical ChallengesMIS 21 Security and Ethical Challenges
MIS 21 Security and Ethical ChallengesTushar B Kute
 
Workplace Surveilance
Workplace SurveilanceWorkplace Surveilance
Workplace SurveilanceSampath
 
Niche Konsult Limited Section By Section Analysis Of Cyber Security And Infor...
Niche Konsult Limited Section By Section Analysis Of Cyber Security And Infor...Niche Konsult Limited Section By Section Analysis Of Cyber Security And Infor...
Niche Konsult Limited Section By Section Analysis Of Cyber Security And Infor...Niche Konsult Ltd
 
VTU - MIS Module 8 - Security and Ethical Challenges
VTU - MIS Module 8 - Security and Ethical ChallengesVTU - MIS Module 8 - Security and Ethical Challenges
VTU - MIS Module 8 - Security and Ethical ChallengesPriya Diana Mercy
 
Cyber Security - ICCT Colleges
Cyber Security - ICCT CollegesCyber Security - ICCT Colleges
Cyber Security - ICCT CollegesPotato
 
Global Perspective Cyberlaw, Regulations and Compliance
Global Perspective Cyberlaw, Regulations and ComplianceGlobal Perspective Cyberlaw, Regulations and Compliance
Global Perspective Cyberlaw, Regulations and Complianceijtsrd
 
Information Security and Privacy - Public Sector actions, policies and regula...
Information Security and Privacy - Public Sector actions, policies and regula...Information Security and Privacy - Public Sector actions, policies and regula...
Information Security and Privacy - Public Sector actions, policies and regula...The University of Texas (UTRGV)
 
Indian perspective of cyber security
Indian perspective of cyber securityIndian perspective of cyber security
Indian perspective of cyber securityAurobindo Nayak
 
Wearable Technology for Enhanced Security.
Wearable Technology for Enhanced Security.Wearable Technology for Enhanced Security.
Wearable Technology for Enhanced Security.Dr. Michael Agbaje
 
Http Kultaevo Ru
Http Kultaevo RuHttp Kultaevo Ru
Http Kultaevo RuИлья Бондаренко
 
Apple iPhone 4S
Apple iPhone 4SApple iPhone 4S
Apple iPhone 4SJJ Wu
 
Picture presentation 10 sec
Picture presentation 10 secPicture presentation 10 sec
Picture presentation 10 secdcaliyah
 

More Related Content

What's hot

Cyber Security Intelligence
Cyber Security IntelligenceCyber Security Intelligence
Cyber Security Intelligenceijtsrd
 
Ethics in IT Security
Ethics in IT SecurityEthics in IT Security
Ethics in IT Securitymtvvvv
 
Compliance for Real-Time communications-June2016
Compliance for Real-Time communications-June2016Compliance for Real-Time communications-June2016
Compliance for Real-Time communications-June2016Mohan C. de SILVA
 
Chapter 11 laws and ethic information security
Chapter 11 laws and ethic information securityChapter 11 laws and ethic information security
Chapter 11 laws and ethic information securitySyaiful Ahdan
 
02 Legal, Ethical, and Professional Issues in Information Security
02 Legal, Ethical, and Professional Issues in Information Security02 Legal, Ethical, and Professional Issues in Information Security
02 Legal, Ethical, and Professional Issues in Information Securitysappingtonkr
 
INFORMATION SECURITY
INFORMATION SECURITYINFORMATION SECURITY
INFORMATION SECURITYAhmed Moussa
 
Deep Learning for Cybersecurity Innovation Insights from Patents
Deep Learning for Cybersecurity Innovation Insights from PatentsDeep Learning for Cybersecurity Innovation Insights from Patents
Deep Learning for Cybersecurity Innovation Insights from PatentsAlex G. Lee, Ph.D. Esq. CLP
 
Module 5 ig presentation iran 2
Module 5 ig presentation iran 2Module 5 ig presentation iran 2
Module 5 ig presentation iran 2Habib Noroozi
 
Workplace Surveillance
Workplace SurveillanceWorkplace Surveillance
Workplace SurveillanceSampath
 
MIS 21 Security and Ethical Challenges
MIS 21 Security and Ethical ChallengesMIS 21 Security and Ethical Challenges
MIS 21 Security and Ethical ChallengesTushar B Kute
 
Workplace Surveilance
Workplace SurveilanceWorkplace Surveilance
Workplace SurveilanceSampath
 
Niche Konsult Limited Section By Section Analysis Of Cyber Security And Infor...
Niche Konsult Limited Section By Section Analysis Of Cyber Security And Infor...Niche Konsult Limited Section By Section Analysis Of Cyber Security And Infor...
Niche Konsult Limited Section By Section Analysis Of Cyber Security And Infor...Niche Konsult Ltd
 
VTU - MIS Module 8 - Security and Ethical Challenges
VTU - MIS Module 8 - Security and Ethical ChallengesVTU - MIS Module 8 - Security and Ethical Challenges
VTU - MIS Module 8 - Security and Ethical ChallengesPriya Diana Mercy
 
Cyber Security - ICCT Colleges
Cyber Security - ICCT CollegesCyber Security - ICCT Colleges
Cyber Security - ICCT CollegesPotato
 
Global Perspective Cyberlaw, Regulations and Compliance
Global Perspective Cyberlaw, Regulations and ComplianceGlobal Perspective Cyberlaw, Regulations and Compliance
Global Perspective Cyberlaw, Regulations and Complianceijtsrd
 
Information Security and Privacy - Public Sector actions, policies and regula...
Information Security and Privacy - Public Sector actions, policies and regula...Information Security and Privacy - Public Sector actions, policies and regula...
Information Security and Privacy - Public Sector actions, policies and regula...The University of Texas (UTRGV)
 
Indian perspective of cyber security
Indian perspective of cyber securityIndian perspective of cyber security
Indian perspective of cyber securityAurobindo Nayak
 
Wearable Technology for Enhanced Security.
Wearable Technology for Enhanced Security.Wearable Technology for Enhanced Security.
Wearable Technology for Enhanced Security.Dr. Michael Agbaje
 

What's hot (19)

Cyber Security Intelligence
Cyber Security IntelligenceCyber Security Intelligence
Cyber Security Intelligence
 
Ethics in IT Security
Ethics in IT SecurityEthics in IT Security
Ethics in IT Security
 
Cybersecurity
CybersecurityCybersecurity
Cybersecurity
 
Compliance for Real-Time communications-June2016
Compliance for Real-Time communications-June2016Compliance for Real-Time communications-June2016
Compliance for Real-Time communications-June2016
 
Chapter 11 laws and ethic information security
Chapter 11 laws and ethic information securityChapter 11 laws and ethic information security
Chapter 11 laws and ethic information security
 
02 Legal, Ethical, and Professional Issues in Information Security
02 Legal, Ethical, and Professional Issues in Information Security02 Legal, Ethical, and Professional Issues in Information Security
02 Legal, Ethical, and Professional Issues in Information Security
 
INFORMATION SECURITY
INFORMATION SECURITYINFORMATION SECURITY
INFORMATION SECURITY
 
Deep Learning for Cybersecurity Innovation Insights from Patents
Deep Learning for Cybersecurity Innovation Insights from PatentsDeep Learning for Cybersecurity Innovation Insights from Patents
Deep Learning for Cybersecurity Innovation Insights from Patents
 
Module 5 ig presentation iran 2
Module 5 ig presentation iran 2Module 5 ig presentation iran 2
Module 5 ig presentation iran 2
 
Workplace Surveillance
Workplace SurveillanceWorkplace Surveillance
Workplace Surveillance
 
MIS 21 Security and Ethical Challenges
MIS 21 Security and Ethical ChallengesMIS 21 Security and Ethical Challenges
MIS 21 Security and Ethical Challenges
 
Workplace Surveilance
Workplace SurveilanceWorkplace Surveilance
Workplace Surveilance
 
Niche Konsult Limited Section By Section Analysis Of Cyber Security And Infor...
Niche Konsult Limited Section By Section Analysis Of Cyber Security And Infor...Niche Konsult Limited Section By Section Analysis Of Cyber Security And Infor...
Niche Konsult Limited Section By Section Analysis Of Cyber Security And Infor...
 
VTU - MIS Module 8 - Security and Ethical Challenges
VTU - MIS Module 8 - Security and Ethical ChallengesVTU - MIS Module 8 - Security and Ethical Challenges
VTU - MIS Module 8 - Security and Ethical Challenges
 
Cyber Security - ICCT Colleges
Cyber Security - ICCT CollegesCyber Security - ICCT Colleges
Cyber Security - ICCT Colleges
 
Global Perspective Cyberlaw, Regulations and Compliance
Global Perspective Cyberlaw, Regulations and ComplianceGlobal Perspective Cyberlaw, Regulations and Compliance
Global Perspective Cyberlaw, Regulations and Compliance
 
Information Security and Privacy - Public Sector actions, policies and regula...
Information Security and Privacy - Public Sector actions, policies and regula...Information Security and Privacy - Public Sector actions, policies and regula...
Information Security and Privacy - Public Sector actions, policies and regula...
 
Indian perspective of cyber security
Indian perspective of cyber securityIndian perspective of cyber security
Indian perspective of cyber security
 
Wearable Technology for Enhanced Security.
Wearable Technology for Enhanced Security.Wearable Technology for Enhanced Security.
Wearable Technology for Enhanced Security.
 

Viewers also liked

Apple iPhone 4S
Apple iPhone 4SApple iPhone 4S
Apple iPhone 4SJJ Wu
 
Picture presentation 10 sec
Picture presentation 10 secPicture presentation 10 sec
Picture presentation 10 secdcaliyah
 
GISImplementationInDesignWorkflows
GISImplementationInDesignWorkflowsGISImplementationInDesignWorkflows
GISImplementationInDesignWorkflowsZeev Somer
 
ONLINE E-WASTE COLLECTION SYSTEM project Report (Approved)
ONLINE E-WASTE COLLECTION SYSTEM project Report (Approved)ONLINE E-WASTE COLLECTION SYSTEM project Report (Approved)
ONLINE E-WASTE COLLECTION SYSTEM project Report (Approved)Amit Mangukiya
 
Status of soil resources in Ethiopia and priorities for sustainable managemen...
Status of soil resources in Ethiopia and priorities for sustainable managemen...Status of soil resources in Ethiopia and priorities for sustainable managemen...
Status of soil resources in Ethiopia and priorities for sustainable managemen...FAO
 
Inside the Wikileaks Headquarters
Inside the Wikileaks Headquarters Inside the Wikileaks Headquarters
Inside the Wikileaks HeadquartersNubia **
 
Estimating sewage discharge and peak drainage discharge
Estimating sewage discharge and peak drainage dischargeEstimating sewage discharge and peak drainage discharge
Estimating sewage discharge and peak drainage dischargeAnkit Gola
 
Agile Tool Hacking - Taking Your Agile Development Tools To The Next Level
Agile Tool Hacking - Taking Your Agile Development Tools To The Next LevelAgile Tool Hacking - Taking Your Agile Development Tools To The Next Level
Agile Tool Hacking - Taking Your Agile Development Tools To The Next LevelCraig Smith
 
Ethiopian Presentation
Ethiopian PresentationEthiopian Presentation
Ethiopian Presentationguest54c257
 
Design of sewerage collection system and cost estimation
Design of sewerage collection system and cost estimationDesign of sewerage collection system and cost estimation
Design of sewerage collection system and cost estimationVijay Kumar
 
Collection and estimation of sewage
Collection and estimation of sewageCollection and estimation of sewage
Collection and estimation of sewageBibhabasu Mohanty
 
CE6605 Environmental Engineering II - Course Presentation
CE6605 Environmental Engineering II - Course PresentationCE6605 Environmental Engineering II - Course Presentation
CE6605 Environmental Engineering II - Course PresentationRathnavel Ponnuswami
 
Environmental Engineering -II Unit I
Environmental Engineering -II Unit IEnvironmental Engineering -II Unit I
Environmental Engineering -II Unit IGAURAV. H .TANDON
 
Cybercrime.ppt
Cybercrime.pptCybercrime.ppt
Cybercrime.pptAeman Khan
 
Characteristics of Waste-Water (Unit-I)
Characteristics of Waste-Water (Unit-I)Characteristics of Waste-Water (Unit-I)
Characteristics of Waste-Water (Unit-I)GAURAV. H .TANDON
 

Viewers also liked (20)

Http Kultaevo Ru
Http Kultaevo RuHttp Kultaevo Ru
Http Kultaevo Ru
 
Apple iPhone 4S
Apple iPhone 4SApple iPhone 4S
Apple iPhone 4S
 
Picture presentation 10 sec
Picture presentation 10 secPicture presentation 10 sec
Picture presentation 10 sec
 
Ahmedcv32
Ahmedcv32Ahmedcv32
Ahmedcv32
 
GISImplementationInDesignWorkflows
GISImplementationInDesignWorkflowsGISImplementationInDesignWorkflows
GISImplementationInDesignWorkflows
 
ONLINE E-WASTE COLLECTION SYSTEM project Report (Approved)
ONLINE E-WASTE COLLECTION SYSTEM project Report (Approved)ONLINE E-WASTE COLLECTION SYSTEM project Report (Approved)
ONLINE E-WASTE COLLECTION SYSTEM project Report (Approved)
 
Status of soil resources in Ethiopia and priorities for sustainable managemen...
Status of soil resources in Ethiopia and priorities for sustainable managemen...Status of soil resources in Ethiopia and priorities for sustainable managemen...
Status of soil resources in Ethiopia and priorities for sustainable managemen...
 
Inside the Wikileaks Headquarters
Inside the Wikileaks Headquarters Inside the Wikileaks Headquarters
Inside the Wikileaks Headquarters
 
Estimating sewage discharge and peak drainage discharge
Estimating sewage discharge and peak drainage dischargeEstimating sewage discharge and peak drainage discharge
Estimating sewage discharge and peak drainage discharge
 
Agile Tool Hacking - Taking Your Agile Development Tools To The Next Level
Agile Tool Hacking - Taking Your Agile Development Tools To The Next LevelAgile Tool Hacking - Taking Your Agile Development Tools To The Next Level
Agile Tool Hacking - Taking Your Agile Development Tools To The Next Level
 
Ethiopian Presentation
Ethiopian PresentationEthiopian Presentation
Ethiopian Presentation
 
Design of sewerage collection system and cost estimation
Design of sewerage collection system and cost estimationDesign of sewerage collection system and cost estimation
Design of sewerage collection system and cost estimation
 
Collection and estimation of sewage
Collection and estimation of sewageCollection and estimation of sewage
Collection and estimation of sewage
 
CE6605 Environmental Engineering II - Course Presentation
CE6605 Environmental Engineering II - Course PresentationCE6605 Environmental Engineering II - Course Presentation
CE6605 Environmental Engineering II - Course Presentation
 
Environmental Engineering -II Unit I
Environmental Engineering -II Unit IEnvironmental Engineering -II Unit I
Environmental Engineering -II Unit I
 
Ethical hacking presentation
Ethical hacking presentationEthical hacking presentation
Ethical hacking presentation
 
Cybercrime.ppt
Cybercrime.pptCybercrime.ppt
Cybercrime.ppt
 
Hacking ppt
Hacking pptHacking ppt
Hacking ppt
 
Cyber-crime PPT
Cyber-crime PPTCyber-crime PPT
Cyber-crime PPT
 
Characteristics of Waste-Water (Unit-I)
Characteristics of Waste-Water (Unit-I)Characteristics of Waste-Water (Unit-I)
Characteristics of Waste-Water (Unit-I)
 

Similar to Ethiopia reba paper

Using cloud services: Compliance with the Security Requirements of the Spanis...
Using cloud services: Compliance with the Security Requirements of the Spanis...Using cloud services: Compliance with the Security Requirements of the Spanis...
Using cloud services: Compliance with the Security Requirements of the Spanis...Miguel A. Amutio
 
National Cyber Security Policy-2013
National Cyber Security Policy-2013National Cyber Security Policy-2013
National Cyber Security Policy-2013Vidushi Singh
 
INFORMATION AND COMMUNICATIONS TECHNOLOGY PROGRAM
INFORMATION AND COMMUNICATIONS TECHNOLOGY PROGRAMINFORMATION AND COMMUNICATIONS TECHNOLOGY PROGRAM
INFORMATION AND COMMUNICATIONS TECHNOLOGY PROGRAMChristopher Nanchengwa
 
SECURITY AND SAFETY OF THE POWER GRID AND ITS RELATED COMPUTER INF.docx
SECURITY AND SAFETY OF THE POWER GRID AND ITS RELATED COMPUTER INF.docxSECURITY AND SAFETY OF THE POWER GRID AND ITS RELATED COMPUTER INF.docx
SECURITY AND SAFETY OF THE POWER GRID AND ITS RELATED COMPUTER INF.docxbagotjesusa
 
Paper Titled Information Security in an organization
Paper Titled Information Security in an organizationPaper Titled Information Security in an organization
Paper Titled Information Security in an organizationMohammed Mahfouz Alhassan
 
WIRELESS SECURITY MEASUREMENT USING DATA VALUE INDEX
WIRELESS SECURITY MEASUREMENT USING DATA VALUE INDEXWIRELESS SECURITY MEASUREMENT USING DATA VALUE INDEX
WIRELESS SECURITY MEASUREMENT USING DATA VALUE INDEXIJNSA Journal
 
AN EFFECTIVE METHOD FOR INFORMATION SECURITY AWARENESS RAISING INITIATIVES
AN EFFECTIVE METHOD FOR INFORMATION SECURITY AWARENESS RAISING INITIATIVESAN EFFECTIVE METHOD FOR INFORMATION SECURITY AWARENESS RAISING INITIATIVES
AN EFFECTIVE METHOD FOR INFORMATION SECURITY AWARENESS RAISING INITIATIVESijcsit
 
National_Cyber_Security_Strategy.pdf
National_Cyber_Security_Strategy.pdfNational_Cyber_Security_Strategy.pdf
National_Cyber_Security_Strategy.pdfAlexandre Pinheiro
 
CYBER Crime Cyber Security Cyber Law INDIA
CYBER Crime Cyber Security Cyber Law INDIACYBER Crime Cyber Security Cyber Law INDIA
CYBER Crime Cyber Security Cyber Law INDIAAnish Rai
 
Dr Dev Kambhampati | Strategic Principles for Securing the Internet of Things...
Dr Dev Kambhampati | Strategic Principles for Securing the Internet of Things...Dr Dev Kambhampati | Strategic Principles for Securing the Internet of Things...
Dr Dev Kambhampati | Strategic Principles for Securing the Internet of Things...Dr Dev Kambhampati
 
Fundamentals of-information-security
Fundamentals of-information-security Fundamentals of-information-security
Fundamentals of-information-security madunix
 
National cyber security policy final
National cyber security policy finalNational cyber security policy final
National cyber security policy finalIndian Air Force
 
CTO-CybersecurityForum-2010-Trilok-Debeesing
CTO-CybersecurityForum-2010-Trilok-DebeesingCTO-CybersecurityForum-2010-Trilok-Debeesing
CTO-CybersecurityForum-2010-Trilok-Debeesingsegughana
 
Finland s cyber security strategy background dossier
Finland s cyber security strategy background dossierFinland s cyber security strategy background dossier
Finland s cyber security strategy background dossierYury Chemerkin
 
ITU Security in Telecommunications & Information Technology
ITU Security in Telecommunications & Information TechnologyITU Security in Telecommunications & Information Technology
ITU Security in Telecommunications & Information TechnologyITU
 
Chapter 3.docx
Chapter 3.docxChapter 3.docx
Chapter 3.docxAmir Khan
 

Similar to Ethiopia reba paper (20)

Conference Paper at International Conference on Enterprise Information System...
Conference Paper at International Conference on Enterprise Information System...Conference Paper at International Conference on Enterprise Information System...
Conference Paper at International Conference on Enterprise Information System...
 
Using cloud services: Compliance with the Security Requirements of the Spanis...
Using cloud services: Compliance with the Security Requirements of the Spanis...Using cloud services: Compliance with the Security Requirements of the Spanis...
Using cloud services: Compliance with the Security Requirements of the Spanis...
 
National Cyber Security Policy-2013
National Cyber Security Policy-2013National Cyber Security Policy-2013
National Cyber Security Policy-2013
 
INFORMATION AND COMMUNICATIONS TECHNOLOGY PROGRAM
INFORMATION AND COMMUNICATIONS TECHNOLOGY PROGRAMINFORMATION AND COMMUNICATIONS TECHNOLOGY PROGRAM
INFORMATION AND COMMUNICATIONS TECHNOLOGY PROGRAM
 
SECURITY AND SAFETY OF THE POWER GRID AND ITS RELATED COMPUTER INF.docx
SECURITY AND SAFETY OF THE POWER GRID AND ITS RELATED COMPUTER INF.docxSECURITY AND SAFETY OF THE POWER GRID AND ITS RELATED COMPUTER INF.docx
SECURITY AND SAFETY OF THE POWER GRID AND ITS RELATED COMPUTER INF.docx
 
Paper Titled Information Security in an organization
Paper Titled Information Security in an organizationPaper Titled Information Security in an organization
Paper Titled Information Security in an organization
 
820 1961-1-pb
820 1961-1-pb820 1961-1-pb
820 1961-1-pb
 
WIRELESS SECURITY MEASUREMENT USING DATA VALUE INDEX
WIRELESS SECURITY MEASUREMENT USING DATA VALUE INDEXWIRELESS SECURITY MEASUREMENT USING DATA VALUE INDEX
WIRELESS SECURITY MEASUREMENT USING DATA VALUE INDEX
 
AN EFFECTIVE METHOD FOR INFORMATION SECURITY AWARENESS RAISING INITIATIVES
AN EFFECTIVE METHOD FOR INFORMATION SECURITY AWARENESS RAISING INITIATIVESAN EFFECTIVE METHOD FOR INFORMATION SECURITY AWARENESS RAISING INITIATIVES
AN EFFECTIVE METHOD FOR INFORMATION SECURITY AWARENESS RAISING INITIATIVES
 
National_Cyber_Security_Strategy.pdf
National_Cyber_Security_Strategy.pdfNational_Cyber_Security_Strategy.pdf
National_Cyber_Security_Strategy.pdf
 
CYBER Crime Cyber Security Cyber Law INDIA
CYBER Crime Cyber Security Cyber Law INDIACYBER Crime Cyber Security Cyber Law INDIA
CYBER Crime Cyber Security Cyber Law INDIA
 
Dr Dev Kambhampati | Strategic Principles for Securing the Internet of Things...
Dr Dev Kambhampati | Strategic Principles for Securing the Internet of Things...Dr Dev Kambhampati | Strategic Principles for Securing the Internet of Things...
Dr Dev Kambhampati | Strategic Principles for Securing the Internet of Things...
 
Fundamentals of-information-security
Fundamentals of-information-security Fundamentals of-information-security
Fundamentals of-information-security
 
Cyber Security.pptx
Cyber Security.pptxCyber Security.pptx
Cyber Security.pptx
 
National cyber security policy final
National cyber security policy finalNational cyber security policy final
National cyber security policy final
 
Ict security essay
Ict security essay Ict security essay
Ict security essay
 
CTO-CybersecurityForum-2010-Trilok-Debeesing
CTO-CybersecurityForum-2010-Trilok-DebeesingCTO-CybersecurityForum-2010-Trilok-Debeesing
CTO-CybersecurityForum-2010-Trilok-Debeesing
 
Finland s cyber security strategy background dossier
Finland s cyber security strategy background dossierFinland s cyber security strategy background dossier
Finland s cyber security strategy background dossier
 
ITU Security in Telecommunications & Information Technology
ITU Security in Telecommunications & Information TechnologyITU Security in Telecommunications & Information Technology
ITU Security in Telecommunications & Information Technology
 
Chapter 3.docx
Chapter 3.docxChapter 3.docx
Chapter 3.docx
 

Recently uploaded

Student Profile Sample - We help schools to connect the data they have, with ...
Student Profile Sample - We help schools to connect the data they have, with ...Student Profile Sample - We help schools to connect the data they have, with ...
Student Profile Sample - We help schools to connect the data they have, with ...Seán Kennedy
 
MULTIDISCIPLINRY NATURE OF THE ENVIRONMENTAL STUDIES.pptx
MULTIDISCIPLINRY NATURE OF THE ENVIRONMENTAL STUDIES.pptxMULTIDISCIPLINRY NATURE OF THE ENVIRONMENTAL STUDIES.pptx
MULTIDISCIPLINRY NATURE OF THE ENVIRONMENTAL STUDIES.pptxAnupkumar Sharma
 
Q4-PPT-Music9_Lesson-1-Romantic-Opera.pptx
Q4-PPT-Music9_Lesson-1-Romantic-Opera.pptxQ4-PPT-Music9_Lesson-1-Romantic-Opera.pptx
Q4-PPT-Music9_Lesson-1-Romantic-Opera.pptxlancelewisportillo
 
Concurrency Control in Database Management system
Concurrency Control in Database Management systemConcurrency Control in Database Management system
Concurrency Control in Database Management systemChristalin Nelson
 
THEORIES OF ORGANIZATION-PUBLIC ADMINISTRATION
THEORIES OF ORGANIZATION-PUBLIC ADMINISTRATIONTHEORIES OF ORGANIZATION-PUBLIC ADMINISTRATION
THEORIES OF ORGANIZATION-PUBLIC ADMINISTRATIONHumphrey A Beña
 
Daily Lesson Plan in Mathematics Quarter 4
Daily Lesson Plan in Mathematics Quarter 4Daily Lesson Plan in Mathematics Quarter 4
Daily Lesson Plan in Mathematics Quarter 4JOYLYNSAMANIEGO
 
AUDIENCE THEORY -CULTIVATION THEORY - GERBNER.pptx
AUDIENCE THEORY -CULTIVATION THEORY - GERBNER.pptxAUDIENCE THEORY -CULTIVATION THEORY - GERBNER.pptx
AUDIENCE THEORY -CULTIVATION THEORY - GERBNER.pptxiammrhaywood
 
ICS2208 Lecture6 Notes for SL spaces.pdf
ICS2208 Lecture6 Notes for SL spaces.pdfICS2208 Lecture6 Notes for SL spaces.pdf
ICS2208 Lecture6 Notes for SL spaces.pdfVanessa Camilleri
 
USPS® Forced Meter Migration - How to Know if Your Postage Meter Will Soon be...
USPS® Forced Meter Migration - How to Know if Your Postage Meter Will Soon be...USPS® Forced Meter Migration - How to Know if Your Postage Meter Will Soon be...
USPS® Forced Meter Migration - How to Know if Your Postage Meter Will Soon be...Postal Advocate Inc.
 
Transaction Management in Database Management System
Transaction Management in Database Management SystemTransaction Management in Database Management System
Transaction Management in Database Management SystemChristalin Nelson
 
Millenials and Fillennials (Ethical Challenge and Responses).pptx
Millenials and Fillennials (Ethical Challenge and Responses).pptxMillenials and Fillennials (Ethical Challenge and Responses).pptx
Millenials and Fillennials (Ethical Challenge and Responses).pptxJanEmmanBrigoli
 
HỌC TỐT TIẾNG ANH 11 THEO CHƯƠNG TRÌNH GLOBAL SUCCESS ĐÁP ÁN CHI TIẾT - CẢ NĂ...
HỌC TỐT TIẾNG ANH 11 THEO CHƯƠNG TRÌNH GLOBAL SUCCESS ĐÁP ÁN CHI TIẾT - CẢ NĂ...HỌC TỐT TIẾNG ANH 11 THEO CHƯƠNG TRÌNH GLOBAL SUCCESS ĐÁP ÁN CHI TIẾT - CẢ NĂ...
HỌC TỐT TIẾNG ANH 11 THEO CHƯƠNG TRÌNH GLOBAL SUCCESS ĐÁP ÁN CHI TIẾT - CẢ NĂ...Nguyen Thanh Tu Collection
 
4.16.24 Poverty and Precarity--Desmond.pptx
4.16.24 Poverty and Precarity--Desmond.pptx4.16.24 Poverty and Precarity--Desmond.pptx
4.16.24 Poverty and Precarity--Desmond.pptxmary850239
 
ENG 5 Q4 WEEk 1 DAY 1 Restate sentences heard in one’s own words. Use appropr...
ENG 5 Q4 WEEk 1 DAY 1 Restate sentences heard in one’s own words. Use appropr...ENG 5 Q4 WEEk 1 DAY 1 Restate sentences heard in one’s own words. Use appropr...
ENG 5 Q4 WEEk 1 DAY 1 Restate sentences heard in one’s own words. Use appropr...JojoEDelaCruz
 
Choosing the Right CBSE School A Comprehensive Guide for Parents
Choosing the Right CBSE School A Comprehensive Guide for ParentsChoosing the Right CBSE School A Comprehensive Guide for Parents
Choosing the Right CBSE School A Comprehensive Guide for Parentsnavabharathschool99
 
Active Learning Strategies (in short ALS).pdf
Active Learning Strategies (in short ALS).pdfActive Learning Strategies (in short ALS).pdf
Active Learning Strategies (in short ALS).pdfPatidar M
 
4.18.24 Movement Legacies, Reflection, and Review.pptx
4.18.24 Movement Legacies, Reflection, and Review.pptx4.18.24 Movement Legacies, Reflection, and Review.pptx
4.18.24 Movement Legacies, Reflection, and Review.pptxmary850239
 
Activity 2-unit 2-update 2024. English translation
Activity 2-unit 2-update 2024. English translationActivity 2-unit 2-update 2024. English translation
Activity 2-unit 2-update 2024. English translationRosabel UA
 

Recently uploaded (20)

Student Profile Sample - We help schools to connect the data they have, with ...
Student Profile Sample - We help schools to connect the data they have, with ...Student Profile Sample - We help schools to connect the data they have, with ...
Student Profile Sample - We help schools to connect the data they have, with ...
 
MULTIDISCIPLINRY NATURE OF THE ENVIRONMENTAL STUDIES.pptx
MULTIDISCIPLINRY NATURE OF THE ENVIRONMENTAL STUDIES.pptxMULTIDISCIPLINRY NATURE OF THE ENVIRONMENTAL STUDIES.pptx
MULTIDISCIPLINRY NATURE OF THE ENVIRONMENTAL STUDIES.pptx
 
Q4-PPT-Music9_Lesson-1-Romantic-Opera.pptx
Q4-PPT-Music9_Lesson-1-Romantic-Opera.pptxQ4-PPT-Music9_Lesson-1-Romantic-Opera.pptx
Q4-PPT-Music9_Lesson-1-Romantic-Opera.pptx
 
Concurrency Control in Database Management system
Concurrency Control in Database Management systemConcurrency Control in Database Management system
Concurrency Control in Database Management system
 
YOUVE GOT EMAIL_FINALS_EL_DORADO_2024.pptx
YOUVE GOT EMAIL_FINALS_EL_DORADO_2024.pptxYOUVE GOT EMAIL_FINALS_EL_DORADO_2024.pptx
YOUVE GOT EMAIL_FINALS_EL_DORADO_2024.pptx
 
THEORIES OF ORGANIZATION-PUBLIC ADMINISTRATION
THEORIES OF ORGANIZATION-PUBLIC ADMINISTRATIONTHEORIES OF ORGANIZATION-PUBLIC ADMINISTRATION
THEORIES OF ORGANIZATION-PUBLIC ADMINISTRATION
 
Daily Lesson Plan in Mathematics Quarter 4
Daily Lesson Plan in Mathematics Quarter 4Daily Lesson Plan in Mathematics Quarter 4
Daily Lesson Plan in Mathematics Quarter 4
 
AUDIENCE THEORY -CULTIVATION THEORY - GERBNER.pptx
AUDIENCE THEORY -CULTIVATION THEORY - GERBNER.pptxAUDIENCE THEORY -CULTIVATION THEORY - GERBNER.pptx
AUDIENCE THEORY -CULTIVATION THEORY - GERBNER.pptx
 
ICS2208 Lecture6 Notes for SL spaces.pdf
ICS2208 Lecture6 Notes for SL spaces.pdfICS2208 Lecture6 Notes for SL spaces.pdf
ICS2208 Lecture6 Notes for SL spaces.pdf
 
Paradigm shift in nursing research by RS MEHTA
Paradigm shift in nursing research by RS MEHTAParadigm shift in nursing research by RS MEHTA
Paradigm shift in nursing research by RS MEHTA
 
USPS® Forced Meter Migration - How to Know if Your Postage Meter Will Soon be...
USPS® Forced Meter Migration - How to Know if Your Postage Meter Will Soon be...USPS® Forced Meter Migration - How to Know if Your Postage Meter Will Soon be...
USPS® Forced Meter Migration - How to Know if Your Postage Meter Will Soon be...
 
Transaction Management in Database Management System
Transaction Management in Database Management SystemTransaction Management in Database Management System
Transaction Management in Database Management System
 
Millenials and Fillennials (Ethical Challenge and Responses).pptx
Millenials and Fillennials (Ethical Challenge and Responses).pptxMillenials and Fillennials (Ethical Challenge and Responses).pptx
Millenials and Fillennials (Ethical Challenge and Responses).pptx
 
HỌC TỐT TIẾNG ANH 11 THEO CHƯƠNG TRÌNH GLOBAL SUCCESS ĐÁP ÁN CHI TIẾT - CẢ NĂ...
HỌC TỐT TIẾNG ANH 11 THEO CHƯƠNG TRÌNH GLOBAL SUCCESS ĐÁP ÁN CHI TIẾT - CẢ NĂ...HỌC TỐT TIẾNG ANH 11 THEO CHƯƠNG TRÌNH GLOBAL SUCCESS ĐÁP ÁN CHI TIẾT - CẢ NĂ...
HỌC TỐT TIẾNG ANH 11 THEO CHƯƠNG TRÌNH GLOBAL SUCCESS ĐÁP ÁN CHI TIẾT - CẢ NĂ...
 
4.16.24 Poverty and Precarity--Desmond.pptx
4.16.24 Poverty and Precarity--Desmond.pptx4.16.24 Poverty and Precarity--Desmond.pptx
4.16.24 Poverty and Precarity--Desmond.pptx
 
ENG 5 Q4 WEEk 1 DAY 1 Restate sentences heard in one’s own words. Use appropr...
ENG 5 Q4 WEEk 1 DAY 1 Restate sentences heard in one’s own words. Use appropr...ENG 5 Q4 WEEk 1 DAY 1 Restate sentences heard in one’s own words. Use appropr...
ENG 5 Q4 WEEk 1 DAY 1 Restate sentences heard in one’s own words. Use appropr...
 
Choosing the Right CBSE School A Comprehensive Guide for Parents
Choosing the Right CBSE School A Comprehensive Guide for ParentsChoosing the Right CBSE School A Comprehensive Guide for Parents
Choosing the Right CBSE School A Comprehensive Guide for Parents
 
Active Learning Strategies (in short ALS).pdf
Active Learning Strategies (in short ALS).pdfActive Learning Strategies (in short ALS).pdf
Active Learning Strategies (in short ALS).pdf
 
4.18.24 Movement Legacies, Reflection, and Review.pptx
4.18.24 Movement Legacies, Reflection, and Review.pptx4.18.24 Movement Legacies, Reflection, and Review.pptx
4.18.24 Movement Legacies, Reflection, and Review.pptx
 
Activity 2-unit 2-update 2024. English translation
Activity 2-unit 2-update 2024. English translationActivity 2-unit 2-update 2024. English translation
Activity 2-unit 2-update 2024. English translation
 

Ethiopia reba paper

  • 1. ETIOPIAN TELECOMMUNICATIONS AGENCY STATE OF CYBER SECURITY IN ETHIOPIA By Mr. Balcha Reba Ethiopian Telecommunications Agency Standards and Inspection Department Head, Standards Division email: tele.agency@ethionet.et June 2005
  • 2. Table of Contents 1. INTRODUCTION ................................................................................... 2 2. BACKGROUND ...................................................................................... 2 3. STATUS OF CYBERSPACE SECURITY IN ETHIOPIA................. 4 4. EXISTING SECURITY TECHNOLOGY............................................. 5 5. CONCLUSION ......................................................................................... 6 1
  • 3. 1. INTRODUCTION Information security (InfoSec) is the protection of information and its critical elements, including the systems and hardware which use, store and transmit that information. Information security includes the broad areas of information security management, computer and data security management, computer and data security, and network security. To protect information and its related systems, tools such as policy, awareness, training and education, and technologies are of vital importance. Security is the quality or state of being secure, to be free from danger. In other words, security can be defined as building protection against adversaries. The security of information and its systems entails securing all components and protecting them from potential misuse by unauthorized users. As global networks expand the interconnection of the world’s information systems, the smooth operation of communication and computing solutions becomes vital. However, recurring events such as virus and worm attacks and the success of criminal attackers illustrate the weaknesses in current information technologies and the need to provide heightened security for these systems. To put in another way, as the world becomes more and more dependent on networks of computers, it also becomes increasingly and dangerously vulnerable to cyber intrusion and cyber terrorism. Thus, requiring implementation of information security. Now days, the internet has brought millions of unsecured computer networks into communication with each other. The security of each computer’s stored information is contingent on the level of security of every other computer to which it is connected. 2. BACKGROUND The creation of information security program begins with the creation and/or review of the organization’s information security policies, standards and practices. Policies shall be considered as the basis for all information security planning, design, and deployment. 2
  • 4. Policies do not specify the proper operation of equipment or software. This information should be placed in the standards, procedures and practices of users’ manuals and systems documentation. A policy is a plan or course of action used by an organization to convey instructions from its senior- most management to those who make decisions, take actions, and perform other duties on behalf of the organization. Polices are organizational laws in that they dictate acceptable and unacceptable behavior within the context of the organization’s culture. Like laws, policies must define what is right, and what is wrong, what the penalties are for violating policy, and what the appeal process is. Standards, on the other hand, are more detailed statements of what must be done to comply with policy. The information technology revolution has changed the way business is transacted, government operates, and national defense is conducted. These three functions now depend on an interdependent network of critical information infrastructures that we refer to as “cyberspace” to secure this cyberspace a national policy shall be defined in such a way that to prevent or minimize disruptions to critical information infrastructures and thereby protect the people, the economy, the essential human and government services and the national security. Disruptions that do occur should be infrequent, of minimal duration and manageable and cause the least damage possible. Consistent to the policy in force, the national strategy to secure cyberspace shall have the following objectives: - Prevent cyber attacks against critical infrastructures. - Reduce national vulnerabilities to cyber attack and, - Minimize the damage and recovery time from cyber attacks that do occur. Despite the facts mentioned above there is no functional cyberspace security policy in Ethiopia. Currently, the Ethiopian ICT Development Authority is preparing national information security standards. However, information security policy should have been 3
  • 5. developed earlier to guide the preparation of standards. Due to lack of national cyberspace security policy and associated standards, ICT development programs have very little focus on security components. Similarly, the national network infrastructure and telecommunications service provider, the Ethiopian Telecommunications Corporation, also performs its duties without clearly defined national strategic procedures and guidelines in place. Instead, the Corporation is relying on security elements proposed by vendors and system installers. 3. STATUS OF CYBERSPACE SECURITY IN ETHIOPIA In 2001, a national taskforce coordinated by the National Computer and Information Center of the Ethiopian Science and Technology Commission initiated Data Disaster Prevention and Recovery Management (DDPRM) program which mainly sought to address data integrity and physical security. The objective of this project was to formulate a policy, which facilitates enabling environment and paves the way for designing of a secure institutional data center. The over all intention was to protect data stored, processed and transmitted through computer system. In addition to this, the project was also supposed to develop guidelines and procedures that support corporate enterprises to put in place their own organizational data security in house policy. As compared to data security, information security is a broader system which deals with all critical elements and components of an information system namely: Software, Hardware, Data, People, Procedures and Networks. With regard to this, the Data Disaster Prevention and Recovery Management guideline developed by a taskforce organized by Ethiopian Science and Technology Commission is a good move towards adopting strategies to determine the level of protection required for applications, systems, facilities in ICT development and recover from any disaster without serious business discontinuity and major damages and loss to the system and data. However, escalation of the specific data security issue to more general information security systems was found to be mandatory. 4
  • 6. In 2004, not long after the restructuring of IT sectors, the Ethiopian Telecommunications Agency took the initiative to invite the Ethiopian Information and Communication Technology Development Authority (EICTDA) and the Ethiopian Telecommunications Corporation (ETC) to discuss on issues of cyberspace security and encryption policy. On this initiative, the three institutions agreed on importance of cyberspace security policy and formed a joint technical committee, which follows up the process of formulating information security policy and standards. The institutions have also reached at a common understanding that EICTDA has more broader legal framework and resources to lead the initiative. On the basis of this, EICTDA has employed a consultant to conduct a general assessment on how to go forward to develop a national information security strategy and action plan. Currently, the Ethiopian ICT Development Authority is working on preparation of information security standards. The final document is expected to be finalized and endorsed by the government for implementation as of September 2005. As part of the capacity building process for the ongoing information security programs, the EICTDA has organized training on Information Security Principles to selected government employees working on ICT and related sectors. 4. EXISTING SECURITY TECHNOLOGY As mentioned in earlier sections, Ethiopia has not yet formulated information security policy and standards. However, currently the ISP is utilizing firewalls, network Intrusion Prevention Systems (IPS), Dial-up protection and packet filtering mechanisms to protect the internet infrastructure, corporate VPNs and Leased lines. Latest spam guards to get rid of viruses or malicious software (malware) are also in place to protect the system. The existing ISP security systems are based on technical proposal submitted by network installers and vendors. Therefore, it cannot be referred to as a system developed fulfilling all-rounded national information security policy and standards. In addition to this, when 5
  • 7. implementing information security in an organization, there are many human resource issues that must be addressed. The organization should thoroughly examine the options possible for staffing information security function. In this regard, in Ethiopia there is a shortage of information security professionals. Hence, organizations are forced to draw on the current pool of information security practitioners. 5. CONCLUSION In Ethiopia, currently cyber security policy and standards are inexistent. Information security law, ethics and relevant legislation and regulation concerning the management of information in an organization is not yet developed. With absence of these conditions, it will be impossible to think of reliable cyber security issues. Therefore, formulation of cyber security policy and standards shall be given due attention. Furthermore, to develop more secure computing environments in the future, staffing of information security function has to count on the next generation of professionals to have the correct mix of skills and experience necessary to anticipate and mange the complex information security issues. Accordingly, trainings on information security principles are needed to prepare and create professionals of technology to recognize the threats and vulnerabilities present in existing systems and to learn to design and develop the security systems needed in near future. To this effect, the supports being given by Ministry of Capacity Building (MoCB) on promotion of ICT programs is encouraging. The training arranged in collaboration with Ethiopian ICT Development Organization and Kennesaw State University of USA on principles of information security is one to be cited. To put concisely, information security issue is not only a problem that technology can address alone but also a problem of a management to solve. Therefore, legal frameworks in the form of policy and standards are the most prerequisites to establish efficient and reliable cyber security systems. In line with this, Ethiopia has to do a lot yet to address the requirements for cyber security in the evolvement of information society. 6