Huawei Kenya has announced its support for the drive towards development of a culture and structures that build digital trust in Kenya.
Speaking during the commencement of the ISACA Kenya chapter annual conference in Mombasa, Ms. Maureen Mwaniki, Huawei Technologies Vice Director for Programs Management stated that the firm was fully rallying behind the process of developing standards, regulations and collaboration between the public and private sectors.
“It is clear from the conference that there are a lot of cybersecurity problems out there, and it is hard to know who to trust, so it was a relief to know that there are systems and standards out there that we can indeed trust. If anything, we need more such standards that are checked by experts that can give us the confidence our technology that we need, alongside the training for users on how to use technology safely,” said Ms. Mwaniki.
Some of the key topics addressed at the conference included how new technologies and greater connectivity are bringing new challenges due to the risk of data leaks from increased user data being collected, lack of digital skills amongst users, and more sensitive information being shared online. With the government’s priority of expanding the Digital Superhighway to facilitate increased access by individuals and organizations, a corresponding rise in risks and challenges can also be expected.
Echoing her remarks, Cabinet Secretary for Ministry of Information, Communication and the Digital Economy Eliud Owalo noted that as more business and public services move online, users will need to trust the applications they use as well as systems they are work with for their varied transactions.
He highlighted the quality of the existing legal regime and the need to strengthen implementation of the existing laws and regulations through capacity building of the agencies in charge of implementation as well as of the ICT industry who need to follow the laws.
“We recognise the role of standards in facilitation of such collaboration. A technical standard sets a common definition for what “good” looks like, allows other experts to test that equipment to check it meets the standard, and then issue a certification so that the industry knows that equipment can be trusted. This also enables different equipment or software to be able to connect with each other easily, and safely know that information won’t be compromised,” he explained, pointing out that it necessitates greater collaboration between the governments and businesses as well as ICT equipment suppliers.
Fortunately, there is progress with the development of the Network Equipment Security Assurance Scheme (NESAS), to address the requirement for a system that can validate the ICT equipment’s trustworthiness. NESAS is preferred as it addresses both the processes used to make a product and the actual product itself.
Independent audit teams use it to assess a company’s product development processes whilst a test laboratory (itself also accredited by another third party) actually assesses the products themselves according to some very specific technical standards. All the reports are provided and thus there is proof that the products are secure and were made through a secure process. This then means they can be trusted and is an interesting approach that others in the industry can also consider learning from.