Professional Documents
Culture Documents
Cyber Security
CS Project 1: Establishment of National Cyber Security Research Centre (NSRC) Linkage with NICI II Prerequisites and linkages Prerequisites: Linkages: Ownership Implementation Agencies Ministry of ICT, RDB, Minadef, RNP RDB
Project Details
Description: In order to respond to and minimize cyber security threats and vulnerabilities, the government together with relevant academia and industries need to set up a NSRC with the aim of researching current cyber threats and developing high performance network security system technology.
Activities: a) b) c) d) e) Conduct research to identify emerging threats and/or vulnerabilities Develop innovative (home-grown) solutions to existing and emerging cyber threats Organize, and participate in, conferences on (Information) Security Provide expert advice (policy and technical) to Government and Industry on cyber security issues Test and identify vulnerabilities in currently deployed systems (hardware and software/ critical infrastructure), and recommend solutions f) Test cyber security tools, and provide expert advice to Government and Industry on appropriate security tools for ensuring and assuring cyber security g) Test new systems (hardware and applications) before they are integrated into the Government's cyberinfrastructure, to identify vulnerabilities, and recommend their suitability for integration
Outcome:
1. Home grown solutions (tools and designs) addressing cyber security threats 2. Awareness of current and emerging cyber security threats 3. A well informed Government and Industry on Cyber security issues 4. Awareness of existing vulnerabilities in deployed systems 5. Awareness and usage of the most appropriate tools for ensuring and assuring the security of cyber infrastructure
CS Project 2: Cyber Security Awareness Campaign and Training Linkage with NICI II Prerequisites and linkages Prerequisites: Linkages: Ownership Implementation Agencies Ministry of ICT, RDB, MINEDUC RDB
Project Details
Description: Besides being extremely useful, connectivity might be harmful for unprotected networks. Hence the paramount need for increasing awareness in the populace. This project will address this need by putting in place adequate awareness campaign material to facilitate mass communication and thus create a safe cyber space.
Activities: a) b) c) d) Develop and distribute sensitization materials Sensitize all public and private organizations to establish an internal security policies and regulations Develop policies to enforce the above Encourage institutions to regularly attend cyber security trainings
Outcome: 1. 2. 3. Increase level of Cyber security awareness Adoption of cyber security policies and regulations by local organizations Increased number of cyber security training
CS Project 3: Cyber Security Capacity building Linkage with NICI II Prerequisites and linkages Prerequisites: Linkages: Ownership Implementation Agencies Minadef, RDB RDB
Project Details
Description: Based on the limited amount of local cyber security experts as well as the need to upgrade the existing skills set, this project shall contribute toward increasing the number of trained cyber security people as well as popularize cyber security skills.
Activities: a) b) c) Add cyber security curriculum in computer classes at primary and secondary level Incorporate cyber security courses in tertiary, technical and professional ICT education Enforce hire of one certified cyber security engineer at least in all critical ICT led companies
Outcome:
4. 5. 6.
Cyber security concepts are taught at all level of education ICT engineer given the opportunity to easily upgrade the cyber security skills during their career Sensitive institutions are better prepared to manage cyber security related matters
Objective CS-03: Protect Rwandas infrastructure and systems from cyber attacks
CS Project 4: Establishment of Public Key Infrastructure (PKI) Linkage with NICI II Prerequisites and linkages Prerequisites: Linkages: Ownership Implementation Agencies RDB RDB
Project Details
Description: As the Government of Rwanda is putting more and more resources online there is a need to build trust among users. A Public Key Infrastructure (PKI) system that validates users digital identity over a public or private network should be set up.
Outcome: 1. 2. 3. 4. Use of trusted digital certificates Confidentiality, Integrity and Availability of system and application guaranteed Reduction of using external digital certificates People privacy guaranteed
CS Project 5: Logical and Physical Protection of critical Information Infrastructure Linkage with NICI II Prerequisites and linkages Prerequisites: Linkages: Ownership Implementation Agencies RDB, National Security Services? RURA RDB, RURA
Project Details Purpose: Protection of critical ICT infrastructure Description: The Government of Rwanda is implementing network communication infrastructure facilities across the country such as the National Backbone (NBB), Kigali Metropolitan Network (KMN), Wireless Broad Band (WiBro), National Data Center (NDC), Karisimbi Project, Energy Infrastructure, Banking and Finance systems, etc. This infrastructure needs to be highly protected from cyber attacks.
Activities: a) Develop and Enforce Network communication security policy b) Develop and implement Network Security solutions (Firewalls, Intrusion Prevention Systems (IPS), and Intrusion Detection Systems (IDS)) c) Implement Access Control Systems
CS Project 6: Security Operation Centre (SOC) Linkage with NICI II Prerequisites and linkages Prerequisites: Linkages:
Project Details
Description: Strengthening the trust framework, including information security and network security, authentication, privacy and consumer protection, is a prerequisite for the development of the Information Society and for building confidence among users of ICTs.
Activities: a) Detect, prevent and report cyber security threats b) Analysis of internet traffic flow c) Centralize the management of Security Devices (Firewalls, IPSs and IDS)
Outcome: 1. Real time cyber space monitoring 2. First cyber security incident response 3. Security management facilities
CS Project 7: Computer Emergency Response Team or Computer Security Incident Response Team (Rw-CERT/CSIRT) Linkage with NICI II Prerequisites and linkages Prerequisites: Linkages:
Project Details
Description: As other developing countries, Rwanda is connected to the global economy through the use of ICT. There are increasing cyber threats to linking up with the global cyberspace. As Rwanda is putting more and more resources online, there is no doubt that Rwanda will also face cyber threats to its critical ICT infrastructure. Activities: a) b) c) d) e) f) Gathering domestic and international security information in real time Rwanda Cyber space monitoring Research on hacking, virus and countermeasures Swift response in case of an emergency Computer security incident handling Cooperation and Coordination between other CERTs
Outcome: 1. Dedicated team for providing computer security support and respond to cyber threats 2. CERT will provide center for internet security experts
Objective CS-04: Foster national and international cyber security cooperation to handle cyber crimes and threats
CS Project 8: Cooperation and Coordination of Cyber security efforts Linkage with NICI II Prerequisites and linkages Prerequisites: Linkages:
RDB RDB
Project Details
Description: To secure the cyberspace, regional and international collaboration is neccessary given the trend of global interconnection of ICTs. As an active member of EAC and ITU, the country should urgently promote extensive collaboration with other countries to achieve its cyber security objectives. Rwandas interventions to address cybercrime should focus on the development of partnerships between business, government and civil society. Unless these spheres of society work together, Rwandas effort to achieve its cyber security policy objectives will be compromised.
Activities: a) b) c) d) Creating institutional (public, private and civil society) collaboration Establishment of structures for information collecting and sharing. Establishment of National Cyber Security Advisory Board (NCAB) Promote and Encourage active participation in all relevant international cyber security bodies, panels, taskforces and multi-national agencies (ITU, EAC cyber security taskforce).
Outcome: 1. 2. A coordinated approach in dealing with cyber security issues. Institutional and international collaboration