cybersecurity strategies in nepal - ict-21.chict-21.ch/sic/img/pdf/itu-ises-ambika-nepal.pdf ·...
TRANSCRIPT
Cybersecurity in Nepal
Presenter: Ambika Shrestha Chitrakar
PhD candidate at Gjøvik University College
Representing Nepal
Linkedin: https://no.linkedin.com/in/ambikash
IFIP TC3 – ISES (Information Security Education & Solidarity) Initiative
Outline
Nepal• Geography• Profile in general
Internet services in Nepal
Cybersecurity challenges in Nepal
Types of cyber-crimes experienced in Nepal
Cybersecurity strategy in general
Cybersecurity – necessity of international harmonization
Cybersecurity in Nepal
Possible next steps for Nepal
Summary
Nepal - Geography
Nepal – profile in general
Internet Services in Nepal
The Internet was first introduced in Nepal in 1993 in a venture of Royal Nepal Academy of Science and Technology (RONAST) and MerchantileOffice Systems (MOS)
Now almost all big cities have Internet facilities with local ISP
Internet Services in Nepal (contd.)
Table1: Statistics of data/Internet service in Nepal based on the annual report of NTA (Nepal Telecom Authority)
Table2: objectives of national broadband policy 2013/2014 by NTA (draft - section 8)
Cybersecurity challenges in Nepal
Targeting to provide better Internet service
Computer science education and Software industry is in high demand
However in general, • most of the people are not aware of cybersecurity
• people still use pirated softwares
• government has very weak regulations to govern cyber-crimes
• very few/no skilled security specialists
Because of such reasons, Nepal is vulnerable to cyber-crimes and it's control could be very challenging
Types of cyber-crimes experienced in Nepal
Cyber crime is handled by Nepal Police against the FIR and Kathmandu District court has been fixed to look after the cyber crimes.
Following types of cyber crimes have been committed in Nepal:• ATM pin steal
• Cloning of ATM Card
• Hacking
• Financial fraud in Internet banking
• Phishing
• Social networking related crime
Cybersecurity strategy in general
It is necessary to have a regulatory body and strategy to set standards, prevent and handle cyber security related issues.
In general, cybersecurity strategy should be able to ensure:• Confidentiality, integrity and accessibility of electronic information and services provided in cyberspace,
• Safegurding of electronic communication networks, information systems and critical infrastructure against incidents and cyber attacks,
• Protection of personal data and privacy etc.
Cybersecurity - Necessity of internationalharmonization
Lack of proper cyber security strategy creates an opportunity to the attackers to easily compromise the systems and then carry out the serious attacks even in the developed countries.
It is difficult to prosecute the attacker if the attack is performed from a country whose regulation does not address the violated regulations of the country where attack took place.
Cybersecurity in Nepal
Table 3: cybersecurity in Nepal updated by ITU on 10th march 2015
Possible next steps for Nepal
Implementing a national cybersecurity strategy
Implementation of national and sector-specific cybersecurity strategy
Capacity building: awareness, education, R&D, certification
Cooperation: intra-state, intra-agency, public sector partnership
Summary
Cybersecurity is a global issue and there should be balance in cybersecurity strategy all over the world
It is necessary to have internationally harmonized cybersecuritystrategy even in developing countries like Nepal
Currently, there is no/few manpower related to information security and no national cybersecurity strategy in Nepal
Nepal needs international cooperation and support for capacity building and development of information security
Thank you!