Tumwebaze: Why we need robust cyber security measures


Uganda’s ICT Minister Frank Tumwebaze said Wednesday that there is need for countries in Africa to collaborate and step up their efforts in fighting cyber crime since it is a huge threat to both social and economic development.

The minister who was speaking at the East Africa Cybersecurity Clinic, emphasised that boosting cybersecurity is crucial, citing observed positive return on investment in ICT.

“These returns must be secured against intrusions and cyber threats,” he said, as quoted on Twitter by National Information Technology Authority (NITA).

Globally, there are over more than 3.5 billion people that are connected to the internet, which is approximately 50% of the 7.6 billion population estimated by the United Nations in May 2018.

Reports indicate that the Internet accounts for, on average, 3.4 percent of GDP across the large economies that make up 70 percent of global GDP, indicating that if Internet consumption and expenditures were a sector, its weight in GDP would be bigger than the energy or agriculture industry.

In Uganda, more than 30% of the population is already connected to the internet, and the curve, according to estimates, will continue to grow higher.

As more people continue to embrace technology, analysts say, crime will now increasingly move to online.

For instance, Roi Yarom, the head of Policy Planning, Strategy and Capacity Division, Israel National Cyber Directorate (INCD) told officials on Wednesday at Lake Victoria Serena Golf Resort & Spa in Entebbe that cybercrime is the second most reported crime in the world, observing that e-services cover wide-ranging sectors like private enterprises and infrastructure networks.

Against that backdrop, Tumwebaze says that for countries to manage cyber related threats, they need to develop enabling laws, policies and regulation to increase access to internet and applicability of ICT.

In Uganda, he said government was already taking big steps to regulate the cyber space by coming up with laws like the Computer Misuse Act, the Electronic Signatures Act and Electronic Transactions Act, which in combination speak to the various aspects of punishing cybercrime as well as providing security and trust in the use of digital IT enabled services.

The Data Protection and Privacy Bill is already before parliament and if enacted into law it will address the key aspects of protection of personal data, “especially now where we are increasingly relying on our personal data to access services in both the public and private sector,” he said.

Aside from regulations, government instituted the Uganda National Computer Emergency Response Team/Coordination Centre (National CERT/CC) in 2014 to mitigate and prevent major cyber incidents, to protect valuable assets as well as keep track of developments in the security field; the National Cybersecurity Strategy was also launched in 2015 to among others define an approach through which Uganda’s knowledge, skills and capacity can be grown to improve our cybersecurity capabilities.

Uganda police has also embraced technology by setting up an ICT directorate to fight cybercrime and an application to helping in tracing lost items was rolled out recently.

A number of countries have come up with various measures to boost cybersecurity, though some have faced resistance from the public, with a section of people arguing that some rules are meant to stifle freedom of speech.

To address cybercrime, Frank Tumwebaze said countries can join force on some of the following steps:

– Creating uniformity in countries’ strategies and laws in fighting cybercrime to eliminate safe havens for organized crime.

– Establishing mechanisms  for Mutual Legal Assistance through which countries may access assistance from each other; and

-Creating avenues for building human resource capacity, learning, sharing experiences and best practices in the formulation and implementation of effective cybersecurity measures.

Running from May 30 to June 2, 2018, the event is being organised by the World Bank Group (WBG), the National Information Technology Authority Uganda (NITA-U), the East African Community (EAC) and the Government of Israel.

The clinic targets public officials responsible for cybersecurity policies in their jurisdictions, to help them expand their knowledge of cyber operations, technology and policy.

Participants include governmental officials from East African Community members countries such as Burundi, Kenya and Rwanda, and representatives from other countries of the region like Djibouti, Ghana, Malawi, Nigeria and Somalia.

The clinic will also lay the foundation to support regional integration of cybersecurity protection.

The 3-day conference can be followed online via Facebook and Twitter, using #WBNITASecure.

Kenya will also be hosting a continental summit on cybersecurity in July.

To Top