There is need for government to address issues of standards and inclusiveness while safeguarding Uganda’s critical infrastructure, ICT experts have said.
The country has been making efforts to ensure that the cyber space is secure especially within government departments and agencies but they say there’s still work to be done.
This was discussed during a workshop on Critical Information Protection (CIIP) organized by the Commonwealth Telecommunications Organisation (CTO) along with Uganda Communications Commission (UCC) on Monday.
The two day event taking place at Sheraton Hotel, Kampala is aimed at creating awareness on what constitutes critical infrastructure, enlightening operators on the threats as well as discussing mechanisms of protecting this critical infrastructure.
Critical infrastructure refers to the basic physical and organizational structures that provide services with socioeconomic implications in the event that it was unavailable.
In 2014, CTO conducted an assessment on the maturity of Uganda’s cyber security posture and identified a number of gaps which later informed the development of the Cyber Security Strategy.
While Martin Koyabe, the Head of Technical Support and Consultancy at CTO agrees that Uganda is on the right path to safeguard its critical infrastructure noting that some agencies and departments have already embarked on identifying critical systems in their sectors.
Koyabe told ChimpReports in an interview that; “To have secure cyber space, it requires that Uganda prioritizes the critical national infrastructure in order to identify the critical sectors ad provide a risk registry so as to mitigate future attacks.”
“The other gap we identified during the assessment was the issue of standards. Critical infrastructure must also be all inclusive to include other sectors like health and agriculture which are crucial for Uganda’s economy.”
Koyabe said that sectors using this infrastructure must also allow information sharing and interdependence between themselves as well as identify service level agreements.
On his part, Arnold Mangeni, the Director of Information Security at the National Information Technology Association – Uganda (NITA-U) said that recent allegations on electoral systems tampering in the U.S and neighbouring Kenya underscore the importance of mitigating any similar threats in the case of Uganda.
“Through the National Information Security Advisory Group, we have done risk assessment of various threats facing this infrastructure and we are coming up with a National Information Risk Register. The register includes the infrastructure, the threats and potential mitigants,” Mangeni told journalists.