WELCOME !

THANK YOU FOR VISITING THIS SITE. I HAVE BEEN USING BOTH SWAHILI AND ENGLISH LANGUAGE TO EXPRESS ISSUES - I HAVE ATTACHED ENGLISH VERSION TO SOME OF THE SWAHILI NEWS/STORY AT THE END.

Friday 31 July 2015

THE NEED OF CAPACITY BUILDING TO MINIMIZE SKILLS SHORTAGE IN THE FIELD OF CYBERSECURITY

The CEO of the world's largest security software vendor Symantec has said in reports that the demand for the cybersecurity workforce is expected to rise by 6 million professionals globally by 2019, with a projected shortfall of 1.5 million. That will leave companies and information less protected than they should be against cybercriminals.

Apparently, despite of skills shortage in the field of cybersecurity – There is a very low effort done to increase the number of experts in the field. I have said several times we have a small number of people with cybersecurity knowledge divided into three groups. The ones who protect our cyberspace (Good ones), the ones who do our cyberspace harm (Cybercriminals) and those who are in between (A very big number are in this group)

As the time goes on – We keep losing good ones because of misusing their skillsets. Sadly, with companies facing more cybersecurity threats every year, the importance of cybersecurity experts is climbing. 

Ruben Portillo, who oversees issues like cybersecurity for Northeast Independent School District's Safety Department, said the necessity for cybersecurity even expands to the public sector.

"The districts (are) going into a paperless system more and more, so as we do so, we put a lot more stuff online and a lot more information online and it's important we have security," Portillo said.

Portillo joined other security enforcers and local business owners at a video conference Wednesday at Northeast Lakeview College. 
Richard Harris, director of Homeland Security's Cyber Infrastructure Resilience Division, led the conference, teaching organizations how to protect their data against cyber threats.

Part of that, he said, has to do with the number of experts helping fight those threats.
"Even though government has a cybersecurity workforce issue itself, it's really important that the critical industry develop their workforce," Harris said.

Thursday 30 July 2015

KONGAMANO LA C2C LAKAMILIKA – USALAMA MITANDAO WAJADILIWA SIKU ZOTE MBILI

Nchi ya Tanzania ya bahatika tena kwa mara ya tatu kua mwenyeji wa mkutano wa “Connect 2 Connect” ambapo kauli mbiu ya mwaka huu imekua ni Kuunganisha bara la afrika mwambao hadi mwambao. Katika hotuba iliyotolewa siku ya kwanza katika ufunguzi wa mkutano huo ili elezea changamoto kubwa za usalama mitandao na namna unavyoweza kuleta athiri kwa kiwango kikubwa endapo usalama huu mtandao hautaangaziwa macho. Hotuba hiyo pamoja na mjadala nilio ongoza kwa siku ya kwanza unaweza kusomeka na kuonekana kwa “KUBONYEZA HAPA”.

Mkutano huu wa mara hii uliokusanya washiriki kutoka katika mataifa 30 duniani kote  ulihusisha wafanya maamuzi ya juu, watengeneza sera na wadau wengine kadhaa ambapo Mawaziri na Manaibuwaziri  wa Nchi kadhaa wkiwa ni miongoni mwa waliopata kuongoza mijadala pamoja na kuunganisha mawazo katika maswala mbali mbali ya barani Afrika.

Kongamano hili la mwaka huu lililoandaliwa kwa kushirikiana wizara ya Mawasiliano, Sayansi na Teknolojia  pamoja na kampuni ya simu ya TTCL limeonyesha mafanikio makubwa sana kwa kuwezesha kauli mbiu ya mwaka huu kufikiwa kwa kiasi kikubwa kupitia mijadala mbali mbali iliyo jadiliwa katia kongamano hili.

Mbali na mada nyingine mbai mbali – Kwa siku zote mbili za mkutano huu mijaadala mizito ya usalama mtandao ilipata kujadiliwa kwa kina ambapo nilipata bahati ya kuongoza mjadala wa siku ya kwanza na kuhutubia kwa siku ya pili juu ya maswala ya usalama mitandao. 

Katika hotuba yangu ya siku ya pili katika mkutano huu nilipata kuangazia hali ilivyo duniani kote na kueleza kwa kifupi kuhusiana na Mkutano mkuu wa mwaka ulioangazia maswala ya usalama mitandao jijini Johannesburg ambapo pia nilihutubia kwa niaba ya Bara la Afrika tulipo kutana wataalam wa maswala haya katika ngazi ya dunia. Zaidi niliweza kuainisha mapungufu makuu tuliyo nayo yanayo sababisha vita dhidi ya uhalifu mtandao kuenekana kutushinda kutokana na uhalifu huu mtandao kuendelea kushamiri.

Wednesday 29 July 2015

MANAGING CYBERSECURITY RISK TO MINIMIZE CYBERTHREATS

As the Connect to connect summit started on 28th of July 2015, one of the key things addressed was the cybersecurity. From an opening speech -  The Ministry of Communication, Science and Technology noted the issue of cyber threats being one of the serious problems to any country if right measures to minimize the risk are not implemented.

Added to that, I took part in a Workshop (Panel discussion) discussing the trends of cybersecurity where we agreed that cyber threats have become a top concern for today’s security, risk, finance, legal and technology leaders. With notable data breaches leading evening newscasts and malicious e-mails zipping through inboxes, the Internet is quickly becoming a combat zone. And the war rages on not only between white hats and black hats, but also with outside parties, such as government officials, who are paying increasing attention to the issue.


As businesses prepare to fend off large-scale attacks, they often overlook the lesser-publicized threats that don’t reach for news headlines as often. If left unmonitored, these smaller threats can wreak just as much havoc on a company’s bottom line and brand reputation as the large ones. Thankfully, the information required to identify these risks and the tools to mitigate them often don’t even need a third party to become involved.

Therefore, politicians are not as likely to invest their time and rallying power into these threats — but that doesn’t mean the long-lasting impact is any less potent.


Friday 24 July 2015

USHIRIKIANO NI MUHIMU KATIKA UTHIBITI WA UHALIFU MTNDAO

Itakumbukwa Mwishoni mwa mwezi wa tano mwaka huu katika hotuba yangu niliyo iwasilisha kwa wanausalama mitandao tulipo kutana  jijini Johannesburg mbali na mambo mengine nilihimiza sana ushirikiano baina yetu kwani wahalifu mtandao wameendelea kua mbele yetu kutokana na ushirikiano mkubwa waliokua nao. Ushirikiano unao mabatana na kusambaza vitendea uhalifu mtandao bure auu kwa gharama nafuu mitandaoni.

Baada ya kulizungumza hili laushirikiano wazungumzaji wengine wote walionekana kuniunga mkono na hatimae kuonekana ni swala muhimu lakufanyiwa kazi mapema. Nafarijika kuona Uingereza tayari mukuu wake wa CERT ametilia mkazo kauli hii (Ya ushirikiano) kupitia kikao kilicho malizika London ambapo taarifa kamili kuhusiana na hili inaweza kusomeka kwa “KUBOFYA HAPA”

Aidha, Marekani na Israel baada ya kutia saini makubaliano ya kuboresha ushirikiano katika maswala ya usalama mitandao paliambatana na kuhimiza mataifa mengine kuona umuhimu wa kushirikiana katika vita hii ya uhalifu mtandao.

Nilipata kuzungumza tena katika mkutano wa wanausalama Nchini Cyprus ambapo pia nilizungumza kwa mara ya kwanza kuhusiana na ushirikiano huku nikipongeza umoja wa ulaya kwa kuungana kwao katika hili la usalama mitandao kupitia chombo chao kiitwacho ENISA kinacho hudumia mataifa yote yaliyo ndani muungano wa nchi za ulaya katika maswala ya Usalama mitandao.


Saturday 18 July 2015

US EXPECTS MORE MASSIVE CYBERATTACKS

It is no longer a matter of if the U.S. will fall victim to massive cyberattacks, it is just a matter of when. At least that seems to be the consensus of the National Security Agency, among other high-profile watchdogs.

The NSA recently stated that the country needs to be prepared for the possibility of more high-level cyberattacks — attacks like the one which targeted the U.S. Office of Personnel Management (OPM), leaving millions of sensitive government records exposed. And considering the massive attack is believed to have gone undetected for a year, there’s certainly plenty of cause for concern.

Last week the U.S. government confirmed the two cyberattacks on OPM ultimately compromised over 21 million Social Security numbers, 19.7 million forms with data and 1.1 million fingerprint records, THE WALL STREET JOURNAL REPORTED.

Navy Admiral Michael Rogers, who currently serves as both the Director of NSA and Commander of the U.S. military Cyber Command, is quite sure this will not be the last time attacks of this magnitude hit the U.S.

“I don’t expect this to be a one-off,” Rogers said while speaking at the London Stock Exchange as part of an effort to raise awareness of cybersecurity threats in the financial sector, adding the incidents have forced the government to take a closer look at its cybersecurity policies, WSJ reported.

While no official communication may be sent to victims of the recent attacks for some time, OPM confirmed anyone who went through a security clearance background investigation performed by the office since 2000 should assume their information was affected by the data breach.

Earlier this month the agency outlined the steps it plans to take in order to assist potential victims. The office will offer a comprehensive suite of monitoring and protection services to individuals whose sensitive information was compromised, including full service identity restoration support and victim recovery assistance and identity theft insurance.

Friday 17 July 2015

MKURUGENZI MKUU WA CERT YA UINGEREZA AUNGA MKONO KAULI YA WANAUSALAMA MITANDAO

Bwana Chris Gibson, Mkurugenzi mkuu wa CERT (Computer Emergence Response Team) ya Nchini Uingereza yenye dhamana ya kubaini na kudhibiti uhalifu mtandao nchini humo ametangaza rasmi kuunga mkono kauli  ya mwaka huu ya wanausalama mitandao ambayo Niliizungumzia rasmi na kuitolea ufafanuzi katika mkutano wa wanausalama mitandao tulipo kutana jijini Johannesburg mwaka huu mwezi wa Tano mwishoni.

Kauli hii ya ushirikiano nilipo izungumzia, wataalam wote katika mkutano huo waliiunga mkono na sasa kupitia mkutano wa wanausalama mitandao wanchi ya uingereza uliokamilika Jijini London Mkuurugenzi mkuu wa CERT ya nchini Uingereza amesisitizia  hili kwa kusema vita dhidi ya uhalifu mtandao itakua ngumu kama ushirikiano utakua hafifu.

Itakumbukwa mwaka 2013 CERT ya uingereza ilizindua CISP – Cybersecurity Information Sharing Partnership, iliyodhamiria kutoa fursa ya kukuza ushirikiano wa kubadilishana taarifa za uhalifu mtandao nchini humo huku mashirika binafsi na serikali zikitegemewa kupiga hatua dhidi ya uhalifu mtandao.

Hili la kushirikiana kwa taarifa za uhalifu mitandao baina ya makampuni pamoja na serikali nililitolea ufafanuzi katika mkutano wa wanausalama mitandao 2014 Nchini Cyprus na kusema imefika wakati makampuni yakawa na tabia ya kutoa twakwimu stahiki za uhalifu mtandao sanjari na inteligensia ya uhalifu huu ili kuhakiki namna ya uhalifu huu unavyo fanyika unabainishwa na kutoa fursa ya udhibiti kupatikana mapema.

Maelezo hayo ambayo baadae yaliweza kuingizwa katika moja ya jarida la usalama mitandao, Nilielezea kwa kina namna hatua ya ushirikiano wa kupeana taarifa za uhalifu mtandao baina ya Makampuni inavyoweza kusababisha uhalifu ulioathiri kampuni moja au nchi moja kutojirudia kwa nyingine kwani tayari kutakua na ufahamu wa uhalifu usika kutokana na kushirikiana katika kubadilishana taarifa za uhalifu mtandao baina ya makampuni au Nchi.

Aidha, katika kuongezea juu ya hili bado naona changamoto kubwa  kwa mataifa mengi ikiwemo Tanzania ni kutokuwepo na mikakati madhubuti ya kutambua na kubaini uhalifu mtandao sanjari na kuchukua hatua za haraka kudhibiti mara unapokua umetokea kituambacho kimeendelea kusababisha uhalifu huu kuendelea kushika kasi zaidi hivi sasa.


Tuesday 14 July 2015

SECURITY IS NO LONGER JUST ABOUT PROTECTING A BUSINESS’S INFORMATION.

It has reached a point were companies should no longer ask if they are going to be hacked and instead when. With every company becoming digital, the pace of change is only accelerating and our ability to make the right decisions on cybersecurity needs to move even faster. Some estimate that between $9 and $21 trillion of global economic value creation could be at risk if companies and governments are unable to successfully combat cyber threats.

As cities, countries and companies navigate at the fast pace of change in this new era of the internet, security will become more essential to the business and in many cases, will help drive growth.  Businesses will be driven by security embedded in the network, architecture, data at the edge and convergence of applications.  Transformations such as the one we are experiencing now will also require smart leadership from the board and the c-suite.

Connected devices are predicted to grow to 50 billion by the year 2020. The average connected device has over 20 identified security vulnerabilities. Cyber-attacks are gaining the ability to become more and more complex, increasing the risk they pose for companies everywhere.  The pace of change, as businesses continue to transform, will require boards and the C-Suite to make fast and effective security decisions that protect the company business – both from a market perspective and a reputation perspective.

Security is no longer just about protecting a business’s information. It is critical to maintaining trust with the public and customers, building company reputation, as well as safeguarding data, IP and critical infrastructure. This can all influence higher-level issues like maintaining competitiveness in the market, stock price, and shareholder value.

With no common set of standards in place, Internet security is lagging behind the sophistication of hackers. The global economy is not adequately protected. Of companies that were attacked in 2014, 81 percent were not able to identify the breach themselves and on average it took them 188 days to realize their security had been compromised. For companies to take action now, security needs to become an issue from the top down. Both the board and CEO must ensure that they are making the right decisions about security through the following ways:-

Sunday 5 July 2015

GHANA YAJIPANGA KUPAMBANA NA UHALIFU MTANDAO

Moja ya udhaifu mkubwa unao kumba mataifa mengi hasa barani Afrika ni kutokua na mikakati ya uzuizi na endelevu dhidi ya uhalifu mtandao. Imethibitika kua Nchi nyingi zimekua zikingoja tatizo litokee ndio jitihada zinachukuliwa kutatua tatizo huku athari ikiwa imeshaonekana.

Mwaka huu baada ya Nchi ya Ghana kua miongoni mwa waathirika wa uhalifu mtandao ambapo  mtandao mkuu wa serikali ya nchi hiyo inao hudumia tovuti 58 za serikali ulidukuliwa na kusababisha tovuti 11 kuingiliwa na kuathiriwa na wahalifu mtandao; waziri wa mawasiliano wanchi hiyo Dr. Edward Omane Boamah ametangaza mapambano dhidi ya uhalifu mtandao ili kulinda usalama mtandao wanchi hiyo.

Tukio hilo la udukuzi  baadae CERT ya nchi hiyo yenye dhamana ya kutambua na  kuzuia uhalifu mtandao kabla haujatokea pamoja na na kuhakiki usalama mtandao wan chi hiyo unaendelea kubeba sura njema ilisema wahalifu mtandao walifanikiwa kudukua tovuti hizo za serikali na kuziathiri vibaya kutokana na mapungufu ya kutokua na program zinazoendana na wakati  katika tuvuti hizo.

Katika hotuba iliyosomwa na Patricia Dovi Sampson kwa niaba ya waziri wa mawasiliano wa Nchi hiyo katika jukwaa la wadau wa maswala ya usalama mitandao Julai Mosi  mwaka huu 2015, iliainisha kua nchi hiyo tayari imetengeneza sera na mkakati wa taifa wa usalama mtandao (National Cyber Security Policy and Strategy (NCSPS) document) ili kupambana na uhalifu mtandao nchini humo.

Ikisisitiza Hotuba hiyo  ilieleza, Nchi hiyo inatambua kua uhalifu mtandao hauna mipaka kwani wahalifu udukuzi wa tovuti za serikali ya  nchi hiyo ulionekana wametokea nchini Uturuki. Hivyo ikaelezwa, Nchi hiyo itaimarisha zaidi ufanyaji kazi dhidi ya uhalifu mtandao kwa ushirikiano na mataifa mengine ili kufikia malengo.