South Region: ANTIC schools public establishments personnel on cybersecurity.

This is at a five-day capacity building workshop in Kribi, South Region, organised by the National Agency for Information and Communication Technologies, ANTIC.

The participants are also updating their knowledge on promoting electronic governance, optimising the performances of public services and knowing the techniques to secure information systems and social networks

ANTIC Director General, Prof Ebot Ebot Enow, who officially opened the workshop on Wednesday July 5, emphasised on the need for a secured cyberspace, given the ever growing threats and attacks on information systems. 

“…The adoption of ICTs is not without risks, because malicious individuals exploit the vulnerabilities inherent in information systems, to commit malicious acts, commonly called cybercrimes,” Prof Ebot said.

According to the ANTIC boss, his institution “has identified, in the Information Systems of Public Administrations, approximately 30,652 vulnerabilities of various types…,about 70% of which are related to the use of non-genuine software which, by its nature, generally contains backdoors, and does not always allow updates”.

Establishments are increasing are increasing using teleworking and videoconferencing platforms today, hence the need for their information systems to be up to date. 

Curbing attacks, threats on information systems

Prof Ebot Ebot revealed that on the proposal of ANTIC, the Prime Minister, Head of Government, had signed, on June 10, 2014, a circular instructing the Heads of Ministerial Departments to proceed with the acquisition of authentic software, and to prohibit the use of so-called pirated software.

He however regretted that although 42.33% of government structures complied with it, ANTIC found, through security audits, that this software is still in use, in 57.67% of public establishments, making them more vulnerable to cybercriminal attacks.

To prevent these security breaches, ANTIC has moved to collecting alerts relating to recent vulnerabilities detected on their products from international security centers and IT solution publishers, including Microsoft, Cisco, WordPress among others. 

In order to support public structures in the implementation of robust, resilient and secure information systems, ANTIC has developed several security reference systems

One of them is the Guide to the development of master plans, which defines, for a structure, the strategic orientations in terms of digital transformation over a given horizon.

Mbu Godlove Mbu, Sub Director of Preventive Security at ANTIC’s Computer Incident Response Team, CIRT, told reporters that “human resources are the weakest link in the cybersecurity chain and training them will reinforce this element because no matter the technical measures put in place, so far as the human resource managing those infrastructure are not trained, they will involuntarliy expose such systems to cyber-attacks,”. 

Pre-empting cyber attacks

The ANTIC boss challenged the IT personnel of public establishment to always remain alert and sharpen their cybersecurity capabilities, particularly with regard to the pro-active search for vulnerabilities through penetration testing.

He also pointed out “countless false information disseminated en masse on the Internet, mainly through social networks; false information that is not without harmful effects on social behavior, often threatening public order and state security”.

To him, it is necessary for the government to strengthen its presence in these new communication spaces that are the social networks, in order to provide the right information to the populations, to counter or thus anticipate the destabilising initiatives or maneuvers of certain slayers of the Republic.

“Government must upgrade the Information Systems in the light of cybersecurity standards and benchmarks, in order to protect them against computer attacks and, by extension, to solidify digital trust, a guarantee of the adoption, by populations, electronic governance,” Prof Ebot underlined.

By the close of the training workshop today July 7, the participants should have gained technical skills in order to correct vulnerabilities detected during ANTIC scans, implement the reference systems drawn up by ANTIC, manage cybernetic incidents, carry out IT risk analysis, secure professional messaging, business continuity plans as well as secure accounts on social networks.