cyber defence east africa 2017 - nrdcs.lt · executive summary organising committee cyber defence...

Cyber DefenCe east afriCa 2017financial sector security

COnferenCerePOrt

9-10 august 2017Kampala, Uganda

www.cybersecurity.ug

content 4-7 executive summary 8-29 policy sessions30-33 declaration 34-35 in the news36-42 practical trainings43-57 organisers & partners58-59 previous conferences

www.nrdcompanies.com n [email protected] n www.nrdcompanies.com n [email protected] www.nrdcompanies.com n [email protected] n [email protected] n 5

executivesummary

organising committeeCyber Defence east africa 2017

“We are very pleased that NIta-U has agreed to co-host thIs coNfereNce here, IN Kampala, It shoWs the commItmeNt of the goverNmeNt of UgaNda to bUIld a stroNg aNd secUre dIgItal NatIoN”, commeNted secUrIty goverNaNce expert at Nrd cyber Security and cdea 2017 conference moderator akvilė Giniotienė.

Cyber security is very important for countries embracing digitization. true digital nation needs to build up its cyber capacity to manage a new array of threats and to be ready to deal with them. Cyber capacity includes national abilities, processes, resources, institutions and knowledge that would allow east africa to build a safe, secure, peaceful and prosperous cyber environment.

That is why NRD Companies organised the fifth conference in East africa dedicated to cyber security to assist east african organisations in creating a secure digital environment for states, corporations and citizens. this year’s conference was dedicated to the security of the financial sector because disruption in accessibility of financial services, failure to ensure data integrity or loss of confidence in the system can potentially cripple the entire economy.

During the two days, participants discussed cyber security-related issues, policies and potential solutions as well as learnt how open source data and information analysis can increase the resilience of financial sector by preventing, deterring and investigating cyber-attacks.

In this report you will find the summary of main ideas that were brought up by the participants of Cyber Defence east africa 2017 conference.

www.nrdcompanies.com n [email protected] n 54 n www.nrdcompanies.com n [email protected]

almost 150 cyber security stakeholdersfrom East African commercial and central banks, ministries of ICT and finance, President’s Office, communications regulators, CERTs, financial intelligence, law enforcement and academia have engaged in cyber security capacity building and cyber defence ecosystem development.


1cyber security

isa management

issue

policysessions

The purpose of the first day of the conference was to emphasize that cyber security is first and foremost – a management issUe, and therefore it featured high-level keynote speeches and panel sessions on cyber security threats to the financial sector, critical infrastructure protection and information sharing.

the Policy day was concluded by signing of a Declaration on Cyber security that calls to action the stakeholders, responsible for the stability and security of the financial sector in the East African Community.


the conference was opened by mr. bagiire Vincent Waiswa - Permanent secretary, ministry of iCt & national guidance - who greeted the participants to this very important capacity building activity, reminded them of the importance of cyber security skills, and wished them good deliberations.

“I thINK IN all e-coUNtrIes, Where yoU have a dIgItal vIsIoN or yoU have a dIgItal strategy, cyber secUrIty iS one of the key pillarS. from the goverNmeNt perspectIve, We are SpendinG time developinG e-ServiceS. e-servIces caN also be compromIsed”, Said mr. BaGiire vincent WaiSWa.

policy sessions

the participants were also welcomed by the executive Director of nita-U mr. James saaka and head of e-government services at nita-U mr. Peter Kahiigi.

“We have beeN bUIldINg loNg-haUl NetWorKs across the coUNtry, to connect the country. the idea of that Was to help brINg the cost of INterNet doWn and increaSe the capacity. <…> the other thINg We have beeN doINg Is to pUt the servIces oN-lINe so that We speed Up the process for yoU to get the goverNmeNt servIces bUt also to remove the hUmaN coNtact WhIch uSually cauSeS proBlemS. <..> What has that doNe to Us, It has exposed Us, obvIoUsly, becaUse We

KNoW that WhIle We are tryINg to achIeve good, there are these people Who have other motiveS. therefore for Us thIs cyber defeNce Is aN ImportaNt coNfereNce aNd We are excIted aboUt It, We are excIted aboUt What iS cominG next”, Said mr. peter kahiiGi.

mr. Kahiigi also mentioned that there are currently about 174 government services available on-line but they are dispersed, they do not “talk” to each other. the government of Uganda is now moving towards integration of these different systems, intending to give institutions access to the information they need.


He also reminded the participants about the ransomware attack that has paralysed the companies all over the world just a few months back. He pointed out the real life implications of such attack – not getting medical assistance, not being able to pay bills or travel.

“It Is Not the theory, It Is Not somethINg that happeNs IN a movIe – It Is lIfe, It Is What you See outSide of the WindoW. <..> We are all here to enSure that our frIeNds aNd oUr famIlIes aNd oUr felloW cItIzeNs eNjoy the prIvIlege of that lIfe outSide. <..> you – are the forefront of today’s cyber secUrIty aNd cyber defence”, commented mr. hirShi.

the honorary consul of Lithuania in Uganda mr. Hirshi radwani gave a warm welcome, stating the importance of continuous commitment to the promotion of cyber security in the region and reminding the participants this is already the fifth annual Cyber Defence east africa conference.

“jUst that NUmber fIve – fIve years of recogNIzINg aNd acKNoWledgINg the

importance of cyBer Security. it’S a BiG step aNd a bIg coNtINUatIoN IN maKINg sUre that We Keep oUr coUNtrIes safe and our World a Safer place. lithuania has advaNced IN 25 years so mUch so that today It’s at the forefroNt of techNology IN the World, It has oNe of europe’S faSteSt internet connection. But it’S not StoppinG there. it WantS to help the World to become a safer place, partIcUlarly here, IN east afrIca”, saId mr. hirShi.

policy sessions


mr. Wilbrod Humphreys Owor, eD Uganda bankers association gave the 1st Keynote at the conference.

He stressed the importance of cybersecurity awareness at the board level, the need for technical standards to be consistently embedded into the development process, aand the necessity of

user awareness and collaboration among banks as well as other security stakeholders.

mr oWor provIded a lIst of recommeNdatIoNs oN What shoUld aNd shoUld Not fINaNcIal sector orgaNIsatIoNs do to be more secUre --->>>

do:Understand the banks business data footprint and crown jewels that could be targeted.ask CiOs, Ops risk and Security Officers about the cyber risk profile of the various applications and in particular the health of the application stack.Give sufficient airtime to cyber security in your risk Committees and make this a priority for the various teams.Understand emerging cyber risks and get updates on significant cyber incidents globally e.g. spate of sWift and atm “touchless jackpotting” fraud.Have a roadmap of security control improvements commensurate with the threat environment.Ensure sufficient focus on logical access management

•

•

•

•

•

•

KPis in every risk Committee.manage logical access of critical applications within risk appetite.implement two factor authentication (biometrics, tokens, etc.) on critical applications as passwords are no longer good enough.for critical payments systems, ensure that you have a fraud / anomaly detection capability. Create and rehearse response plans, particularly for extreme scenarios e.g. tesco bank.

don’t:assume it won’t happen to us.assume that cyber security is it’s problem.Partner third parties / cloud providers without the necessary due diligence.Promote functional requirements over non-functional requirements e.g. security.

•

•

•

•

••

•

•

keynote. Uganda bankers association


some of the maIN poINts, provIded by mr olUpot-tUKeI:

financial Crime is fast evolving, in tandem with technology and innovation.technology and innovation will continue to provide the best means to counter financial crime.increased liberalization and globalization of communication and commerce will continue to make durable goods and

•

•

•

services more available and present opportunities for organized cross-border crime.swift and deterrent punishments must be enforced to make financial crime more risky; in addition ill-gotten assets/wealth must be confiscated.strong and deeper domestic and regional institutional cooperation, coordination and commitment must be built.

•

•

Cyber attacks in the banking industry 2016mr. Wilbrod Humphreys Owor, eD Uganda bankers association

mr michael Olupot-tukei, Deputy executive Director at financial intelligence authority gave the 2nd Keynote at the conference.

“If left UNchecKed, fINaNcIal crIme caN UNdermINe INdIvIdUal fINaNcIal INstItUtIoNs aNd UltImately the eNtIre financial Sector. exiStence and

developmeNt of fINaNcIal marKets StronGly dependS on truSt. <...> fINaNcIal crIme caN damage the repUtatIoN aNd INtegrIty of the fINaNcIal system, thereby dIscoUragINg hoNest BuSineSS tranSactionS. reputation iS oNe of the most valUed assets of fIs, INvestors aNd ecoNomIes alIKe”, saId mr olupot-tukei.

keynote. financial intell igence authority


panel. cyber threats landscape: financial sector perspective

the panellists mr Walusimbi andrew, representing Uganda bankers association, mr Herculs bizure, representing national information security advisory group and isaCa Kampala Chapter, and ms esther aikiriza, representing financial intelligence authority, have each expressed their views on current cyber security situation in the financial sector in east africa and suggested means for improving it.

“for Us to be secUre Is goINg to Need real tIme collaboratIoN”, saId mr WalUsImbI aNdreW from UgaNda BankerS aSSociation. “there iS a need for Us to be eNgaged WIth the telecoms, WIth the cyber crIme UNIt of the UgaNda polIce, bUt What Is very ImportaNt here, iS the timinG. it iS very critical that thIs INformatIoN Is shared, preferably in real time. <…> the other people that We Need to be IN toUch WIth IN the fINaNcIal servIces sector are the

people that are recordINg cUstomer information. <…> if there iS any Way aNd a ceNtralIsed system Where We caN assess thIs [cUstomer IdeNtIfIcatIoN] INformatIoN, It WIll maKe It easy for Us, possIble to tracK fraUd, fraUd cells, We’ll be able to IdeNtIfy them bUt most ImportaNtly – We’ll be able to IdeNtIfy the cartels aNd partNers aNd be able to pUt coNtrols IN place that caN preveNt WIdespread fraUd across the fINaNcIal servIces INdUstry”, commeNted mr WaluSimBi.

He also stressed that it is crucial to share this information without compromising its confidentiality and security.

another panelist, ms esther aikiriza from financial intelligence authority, agreed on the need for collaboration among different organisations such as the central bank, nita-U, financial intelligence authority,

UCC, Uganda Police force, nira and Ursb. she said that before Uganda has a regulator, appointed for this particular area, all these institutions should work hand in hand to towards better regulation of cyber security in the financial sector.

ms aikiriza also provided some suggestions on what should financial institutions focus on:“you need to integrate your cyber security, fraud and money

laundering efforts. this will improve your ability to guard from threats by combining analytics from point data, strengthen your risk management capacity and allow you to implement controls more effectively. <…> We need to focus first on building a robust risk based cyber security program. this can help you achieve your broad strategic objectives while also complying with regulatory requirements. We also need to establish an in independent


the third keynote was presented by Chief Project architect at the bank of Lithuania mr Darius Povilaitis. He delivered a recorded presentation on responding to contemporary security challenges in today’s financial sector.

Central bank of Lithuania supervises all financial institutions which operate in Lithuania (banks, insurance companies, fintech companies, etc). the bank applies local and european Central bank regulations and laws. resilience assessments, conducted by the bank’s Cybersec team, is a part of

the supervision process. applying innovative approach, bank’s experts perform pentests against financial sector networks and use attacks captured in the wild to check and evaluate the resilience of Lithuanian financial market to cyber-attacks.

“attackS are GloBal. the Same BotnetS aNd attacKs are operatINg WorldWIde – they are the same IN lIthUaNIa, UgaNda and other countrieS. <...> defenSe aNd preveNtIve measUres agaINst these threats also caN be the same”, explaINed mr povilaitiS.

keynote. bank of Lithuaniapanel. cyber threats landscape: financial sector perspective

second line of defence, as financial institutions, and keep your security governance oversight capacities separate from cyber security design, implementation and operations. <…> you also need to anticipate risks from third parties, recognize the potential for increased risks when outsourcing, collaborating with third party vendors to make sure they take the right measures to protect your data. And finally – speed innovation by focusing on cybersecurity upfront”, argued ms esther aikiriza.

mr Herculs bizure, representing national information security advisory group and isaCa Kampala Chapter, added on the topic of regulation by pointing out the limitations in regulation of third parties.

“sadly, all of Us are coNNected oNe WIth the other, to the other baNKs – eIther throUgh atm sWItches, throUgh INterNet baNKINg, so oN aNd So forth. <...> from the financial INstrUmeNts, the baNKs are regUlated bUt there are other players Who are WorKINg WIth baNKs aNd that have got more traNsactIoNs thaN baNKs bUt that are not reGulated. and What We’re actUally seeINg Is that from a rIsK poINt of vIeW, they coUld probably be havINg the most rIsKs IN terms of exposINg the eNtIre sector”, commeNted mr hercUls bIzUre from NatIoNal INformatIoN secUrIty advIsory groUp aNd Isaca kampala chapter.

mr bizure also stressed the importance of intelligence and strong reaction mechanisms in financial organisations as well as nationally.


panel. do banks constitute national critical infrastructure: who does what and why?

the panellists mr noah baalessanvu and mr Patrick Okiring, both representing national information security advisory group, ms Janey rachel nakato from Uganda bankers association, and mr sebastian marondo, CeO norway registers Development east africa have discussed the role of banks in ensuring the national security.

mr noah baalessanvu explained that the national information security advisory group (nisag) brings together all critical infrastructure holders in Uganda under one umbrella. this umbrella is the mandated body to address the risks to critical national infrastructure “of which the banking sector is a member”, according to mr noah baalessanvu. Uganda bankers association represents the

banking sector in nisag. nisag derives their mandate to protect critical national infrastructure from national information security strategy which was passed by the Cabinet about four years ago.

“the UNIqUeNess of crItIcal NatIoNal INfrastrUctUre Is that It brINgs together goverNmeNt orgaNIsatIoNs aNd prIvate orGaniSationS. So, uSually, you have theSe tWo to Be dealt With Separately. bUt What Is a treNd NoW, WheN It comes to NatIoNal secUrIty, there haS to Be collaBoration acroSS Body. So that iS What the niSaG doeS. oUr maIN gUIdINg docUmeNt Is the NatIoNal rIsK regIster, WhIch maNy of yoUr orgaNIsatIoNs have already popUlated, aNd It WIll sooN be ratIfIed By the caBinet aS an official document. that Is a lIvINg docUmeNt that We Keep addressINg, looKINg at to maKe sUre that oUr crItIcal INfrastrUctUre

rIsKs are beINg adhered to”, saId mr BaaleSSanvu.

ms Janey rachel nakato from Uganda bankers association argued that even if an individual bank rises to the challenge to improve its cyber security posture, the criminals usually target the weakest link in the chain of the interconnection between different financial institutions. therefore, there is a need for a systemic approach

in how the financial institutions should work together - a shared strategy to reduce the risk.

“baNKs have taKeN oN [the challeNge] by, sayINg, performINg a rIsK-based analySiS internally. thiS iS a Good thinG that thIs Is beINg doNe bUt the qUestIoN that shoUld be asKed at thIs poINt IN tIme Is – Is thIs sUffIcIeNt, really? Who are the other players that shoUld come in to reGulate thiS?” aSked mS nakato.accordINg to her, “baNKs have a role to play by havINg a secUre aNd


panel. do banks constitute national critical infrastructure: who does what and why?

staNdard operatINg systems aNd cyber defeNce techNology IN place, they shoUld be able to moNItor aNd to have dIsaster recovery aNd emergeNcy reSponSe proGramS in place. But juSt aS ImportaNt Is that regUlator aNd other goverNmeNt INstItUtIoNs, say lIKe NIta, aNd other goverNmeNt players IN that area, develop cyber secUrIty staNdards aNd a goverNaNce frameWorK that Should actually Guide the BankS”.

ms nakato also pointed out the need for structured routines for information sharing in a timely manner as well as for collaborative public-private partnerships in the industry. she also suggested that there should be a discussion about setting up a cyber security analysis centre as well as a neutral certification body for pre-qualification of third-party solutions.

mr Patrick Okiring, also representing national information security advisory group, commented that organisations should pursue threat intelligence-driven security to be aware of the risk universe beyond their own perimeter. He also stressed the importance of actionable disaster recovery plans that that the industry needs to implement.

“very ofteN the dIsaster recovery plaNs are aboUt regUlatory reqUIremeNts <…> But actually, Should a diSaSter hIt, It Is very doUbtfUl that servIce WIll continue”, Said mr okirinG.

He also pointed out that the disaster is often considered in a more traditional sense, meaning fire, flood and similar tragedies. but they are actually not that commonplace – a ransomware attack is more likely, and organisations should be ready to deal with that and continue operations when such an attack happens.

“most eNvIroNmeNts are Not

forenSically ready. <..> forenSicS Is ImportaNt becaUse It has some INtellIgeNce valUe asIde from gIvINg yoU INformatIoN oN cUlpabIlIty of the internet. you Want to Be aBle to knoW hoW the INcIdeNt UNfolded aNd to be able to remedIate, aNd preveNt agaINst recurrence. it iS important that aS you ImplemeNt systems, as yoU acqUIre Whatever It Is yoU are acqUIrINg, It Is ImportaNt to coNsIder foreNsIc oUtcomes, to maKe yoUr ImplemeNtatIoNs With forenSicS aS an inteGral part”.

mr. sebastian marondo, CeO nrD east africa, shared his view on the issues that the financial sector is facing in tanzania. He suggested that if the financial sector is not treated as critical, then all efforts to form working groups and other collaboration platforms are overshadowed by the lack of skills and capabilities of people delegated to such groups. “the regUlatIoN shoUld be set-Up that reqUIres Not oNly to comply WIth some sort of a checKlIst, lIKe the drp reqUIremeNts, bUt rather to have people With the SkillSet”, Said mr marondo.


keynote. national information technology authority Uganda

the fourth keynote of the conference was presented by security Operations manager at national information technology authority Uganda (nita-U) mr emmanuel mugabi. He gave an introduction to the next panel about information sharing against cyber-crime.

“If someoNe asKs What the goverNmeNt has doNe, We have What We call NatIoNal INformatIoN secUrIty advIsory groUp, aNd It Is startINg oUt to shape hoW the goverNmeNt aNd prIvate sector collaborate to share thIs information. it iS mainly lookinG at the crItIcal INfrastrUctUre for the NatIoN", Said mr muGaBi.

panel. information sharing against cyber-crime: inter-agency, public private and cross-border co-operation

Panel members mr emmanuel mugabi, representing national information technology authority Uganda (nita-U), mr Hosea naturinda from Uganda bankers association, mr Jimmy Haguma, from Uganda Police force Cyber Crime Unit and Jacqueline muna musiitwa, esq., representing financial sector Deepening Uganda, discussed what cyber threat related information should be shared, in what ways and who should lead the process.

mr Hosea naturinda from Uganda bankers association (Uba) spoke about the Cyber security forum that was set-up within the Uba, and how they have dealt with the risk of brand damage when sharing information of the exploits that happen in the sector.

“taKe oUt the detaIls that yoU belIeve

mIght be damagINg or harmfUl to yoUr braNd bUt share the INformatIoN, IN good faIth, that caN be Used by other orgaNIsatIoNs to better protect themSelveS“, adviSed mr naturinda.

He also suggested that legislation should be put in place making it mandatory for all financial institutions to carry out an it audit, performed by external auditors. the report would have to be shared with the bank of Uganda before a set deadline. the central bank would then be able to track what the institutions are doing to mitigate the exposures that appear in these reports. “thIs WoUld be a sIgNIfIcaNt step forWard”, commented to mr naturinda.

He also explained how a private-public partnership between banks and law enforcement is necessary, and how it all sides are


panel. information sharing against cyber crime: inter-agency, public private and cross-border co-operation

equally responsible for sharing information. for example, law enforcement needs banks when it comes to freezing accounts, and banks need intelligence information from the law enforcement to make informed decisions on where to focus their security efforts.

mr Jimmy Haguma from Uganda Police force Cyber Crime Unit agreed that collaboration among different stakeholders is crucial.

“If We Were to looK specIfIcally at aN area of fINaNcIal attacKs aNd threats, yoU realIse that yoU caNNot INvestIgate aNy cyber- related matter as a sINgle entity. it iS a joint effort”, Said mr haGuma.

He mentioned that especially in terms of financial fraud, there should be a platform where

the stakeholders involved in investigation could cooperate.

“I thINK It Is a rIght tIme NoW that We shoUld come Up joINtly to pUt all these Names together – fINaNcIal INtellIgeNce aUthorIty shoUld Not WorK WIthoUt the cert, aNd theN the baNKers aSSociation, all theSe thinGS”.

He also suggested looking at an example from south africa where in a private-public partnership south african banks are sharing information with law enforcement on daily basis.

Jacqueline muna musiitwa, esq., representing financial sector Deepening Uganda, offered the participants a view from consumer protection and literacy perspective. she suggested that rather than just talking about the PPP between public and private

sector, civil society should also be involved because cyber security is something that is affecting the masses. “the beNefIt of INclUdINg cIvIl socIety Is to brIdge some of the GapS. for inStance – Within the area of capacIty aNd traININg”, commeNted jacqueline muna muSiitWa, eSq.

she suggested that Civil society provides the opportunity not only to build capacity within the public sector but also “to have a coNversatIoN IN a NeUtral space WIthIN the private Sector”.

the executive Director of financial

sector Deepening Uganda also reminded the participants that financial services is about trust, and that cyber security is an issue that needs to be tackled at top level management, board level of the organsations.

finally, she suggested that “the stIgma shoUld be taKeN aWay from INstItUtIoNs that are attacKed aNd the coNversatIoN shoUld be oN hoW qUIcKly they are able to provIde solUtIoNs, aNd more ImportaNtly – hoW qUIcKly they are able to protect theIr coNsUmers”, commeNted jacqUelINe mUNa mUsIItWa, eSq.


Declaration 2017 on strengthening Cybersecurity in financial sector

On behalf of the participants of the conference, the Declaration was signed by Permanent secretary, ministry of iCt and national guidance, nita-U, bankers association and financial intelligence authority.

We DeCLareEvery financial organization needs to establish effective governance structures with clear responsibilities for cyber security.Cyber security is management issue and not a technological one.effective response to cyber incidents is paramount to the stability of financial sector across East Africa.Board of directors of every financial institution must act without delay:

Cyber-conscious organizations are to update their org-charts identifying a role, responsible for cyber secure operations of the organisation, entrusted with clear mandate, responsibilities and budget.Cyber-conscious organizations are to ensure that the member of staff appointed to Cyber security role will report directly to the top management. reporting to Head of it keeps cybersecurity as purely technological issue and is not sufficient.Cyber-conscious organizations are to develop an actionable cybersecurity roadmaps, approved and monitored by the top management.

financial, law enforcement and other public institutions must embrace the availability of digital data to enhance their decision making and address the threats.

•

••

•

1.

2.

3.

•

“thIs declaratIoN Is Not legally bINdINg bUt It Is a demoNstratIoN of commItmeNt from the partIcIpaNts of thIs coNfereNce that they are goINg fIrst of all Improve hygIeNe of cyber secUrIty practIces WIthIN theIr jUrIsdIctIoN before We caN thINK aboUt collaboratINg oN a broader level”, commeNted mr arNold maNgeNI, dIrector of INformatIoN Security at nita-u.

He also said nita is ready to support institutions towards implementation of the declaration: “oNe of the commItmeNts that We caN maKe as secretary for

NIsag, Is We caN folloW throUgh WIth INstItUtIoNs, to try aN pUsh yoU aNd sUpport yoU toWards ImplemeNtINg some of the INItIatIves that are IN thIs commItmeNt to the exteNt that yoU WIsh to”.

“as NIsag, We INteNd to eNdorse aNy practIce that sets Us to the rIght dIrectIoN, meaNINg that We are ready to WorK WIth all crItIcal INfrastrUctUre players, We are ready to WorK WIth both prIvate aNd pUblIc sector IN aNy aNd every Way We caN”, saId Noah BaaleSSanvu, niSaG.


conference in the news


2practical trainings

the second day of the conference was dedicated to practical trainings, divided into two parallel tracks:

track 1. information analysis; track 2. Open source intelligence.

the participants had a chance to learn how open

•

•

source data and information analysis can increase the resilience of financial sector by preventing, deterring and investigating cyber-attacks.

technical trainings were delivered by a specialized northern european company nrD Cyber security.

building cyber

security capacity


training track 1: information analysis

being ahead: how data analysis can help you make right decisions and address the threats.

in the age of increasing access to different data sources and data flows as well as closer deadlines for presenting results, the demand for intelligence analysis and specialised employees – analysts – is ever growing.

Organisations increasingly value employees that are able to use special analytical techniques and software for fast, effective data collection, information analysis and production of comprehensive results. Well-prepared analysts and their progressive efforts of putting together diverse pieces of information and placing them in a context is a key of success for making right decisions.

During the training, participants were introduced to:information analysis cycle;Different analytical techniques;information visualisation and visual analysis.

The training was provided by Mrs Rūta Jašinskienė - Intelligence analysis expert at nrD Cyber security with 20+ years of experience and an extensive background in international police cooperation and investigations, intelligence monitoring, tactical and strategic analysis.

•••


training track 2: open source intell igence

methods and techniques for targeted information gathering.

increasing availability of open source and on line data urged a more intense and focused investment in open source collection and analysis. Open source and social media monitoring can help organizations anticipate, prepare for and understand events. Open source intelligence is recognized as an empowering methodology that exploits and combines the capabilities of human intelligence with the machine intelligence of search engines.

today open source intelligence methods are not an exclusive government domain and are increasingly employed by businesses, non-governmental organizations, journalists, and alike.

During the training, participants were introduced toadvanced techniques for using search engines;tools and practices for social media analysis;Domains and iP addresses.

the training was provided by mr Kazimieras sadauskas - Open source intelligence expert at nrD Cyber security with broad knowledge on Osint methodologies, information analysis and information security topics.

•••


participantsreceivedcertificates ofparticipation 3organisers &

partners

the 5th annual Cyber Defence east africa 2017 conference (CDea) was organised by nrD Companies together with the national information technology authority – Uganda (nita-U) and sponsored by

Lithuania-based critical it infrastructure company baiP.

technical trainings were delivered by a specialized northern european cyber defence company nrD Cyber security.


nrD Companies is a global information technology and consulting group of companies specialized in governance and economic digital infrastructure development with headquarters in norway.

since our start in 1995, we have built more than 150 state-of-art registries, information systems and delivered other projects of all imaginable types across 4 continents and more than 50 countries worldwide.

Over the years we have expanded our offering to secure maximum efficiency of ecosystems we build with solutions and services like digital signature, digital platforms for finance and retail sectors, information distribution and other economic digital infrastructure solutions.

Our home markets are nordics, baltics and frontier

markets of sub-saharan africa and south/southeast

asia and our strategic growth is focused in the related areas of digital platforms for state taxes, banking, digital licenses, digital documents and other.

nrD Companies is a part of inVL technology, a nasDaQ baltic listed iCt investment fund.

nVL technology owned companies with expertise in it infrastructure, cyber security and e-government solutions, such as baiP, nrD Cyber security, algoritmu sistemos and andmevara to name a few, organically compliment nrD Companies offering and is a natural choice for a constant collaborations on various projects.

Cybersecurity technology consulting, incident response and applied research company nrD Cyber security facilitates nrD Companies mission of creating secure digital environment.

www.nrdcompanies.com

www.nrdcompanies.com n [email protected] n 45

enabling the business environment & job creation

nrD Companies have evidence-based hands-on experience in the regulatory, organizational, governance, systems and service sides of improvements in various country settings. Our engagement has supported countries’ progress on a number of indicators under the Wb Doing business annual report.

Increasing efficiency of government services

nrD Companies support governments in delivering public sector reforms, strengthening institutions, building e-government and enabling e-services for citizens. building on legal, organizational, governance, systems and services analysis, nrD Companies bring an evidence-based approach from around the world and back it with ICT solutions for the efficient and effective government functioning and services.

Facilitating financial inclusion and access to finance

nrD Companies contribute to building necessary infrastructure

•

•

•

components that facilitate financial inclusion and access to financing. We work with central banks and other oversight institutions to improve and support regulatory frameworks with iCt solutions, identification solutions and we develop systems to facilitate financial services provision.

supporting domestic resource mobilization

for separate components that build enabling infrastructure for domestic resource mobilization, nrD Companies develop evidence-based enabling solutions adapted to a specific country environment. Our top-level experts, who have extensive experience in tax administration and related systems building, also support clients in enabling legal and organizational environment-building related to system development.

improving accessibility of social services

facilitating environmental sustainability

securing the digital environment

•

•

•

•

guided by the broader development agenda, nrD Companies focus on the following areas:


Let’s cooperate on

SECURING Digital Environment

find out more at nrdcs.lt

SecuringDigitalEnvironment

Find out more atwww.nrdcs.lt

nrD Cyber security is a cybersecurity technology consulting, incident response and applied research company. the company focuses on services for specialized public service providers (law enforcement, national Certs, telecoms, national communication regulators, national critical infrastructure), the finance industry and corporations with high data sensitivity.

nrD Cyber security roots go back to 2008 when baltic amadeus infrastructure services (now - baiP) started developing cyber security expertise. as a separate company nrD Cyber security was established in 2013.

nrD Cyber security is a facilitator of norway registers Development as mission to create a secure digital environment for states, governments, corporations and citizens. in addition to specialized services, nrD Cyber security through its own Cirt provides cyber security consulting, performs security audits as well as compliance and risk assessments, validates and promotes Critical Controls implementations, designs and implements technologies for cybersecurity defence and information system security, and provides training for corporate information security departments.

nrD Cyber security is controlled by inVL technology, Utib - nasdaq Vilnius listed closed-end investment in it businesses company. inVL technology managed companies operate as a cluster and implement joint projects in more than 50 countries worldwide.


introducing banKtrOn - an omnichannel digital banking solution. banKtrOn combines all powerful features that enable you to serve your clients seamlessly and be a step ahead in fintech world.

irOnCLaD seCUritymulti-factor authentication, advanced session management, personalization-based protection and other ways to reach highest level of security.

OmniCHanneL aPPrOaCHsophisticated digital banking platform optimized for different channels

OPtimiZeD time-tO-marKetrapid development and seamless integration into your existing it infrastructure

DigitaL banKingtaking financial institutions a step ahead

www.etronika.com

“in the competitive environment financial institutions operate today, we have to be very swift and innovate smart. banKtrOn is a modular solution for almost any challenge financial institution might face in mobile and internet banking.” - michailas traubas, solution architect.

www.nrdcompanies.com n [email protected] www.nrdcompanies.com n [email protected] n 51

e-iDentityPlatform for mobile iD (wireless PKi) & e-signaturewww.etronika.com

Back in 2005, Lithuanian company ETRONIKA was the first in the world to demonstrate and implement commercial mobile signature pilot and has been implementing it in different banks ever since. in 2009-2013, the company implemented and maintained trusted service Provider, uniting all mobile operators in Lithuania, the state enterprise Centre of registers in Lithuania and Centre of registers and information systems in estonia, developing aPi and service development kit for enterprises, banks, state, commercial institutions to be easily implemented.

Case stUDiesEstablishment of mobile and digital signature for Norway’s largest bank financial services Dnb in estonia;

implementation of mobile and digital signature for Ukio bankas;

implementation of mobile and digital signature for medicinos bankas;

implementation of trusted service provider at the state enterprise Center of registers in Lithuania and the Center of registers and information systems in estonia;

establishment of mobile digital signature and securities trading e-platform for sauliu bankas.

•

•

•

•

•

benefitsConsultancies on e-identity infrastructure establishment.

User identity integration using PKi and banklink.

Portal for contract signing.

server-based solution for PDf generation functions and electronic signatures.

Verification of electronic signatures validity on PDf document.

signing PDf document using mobile electronic signature.

signing PDf document using corporate electronic signature.

services provision to safely store corporate electronic signature.

•

•

•

•

•

•

•

•

www.nrdcompanies.com n [email protected] www.nrdcompanies.com n [email protected] n 53

We understand that your it infrastructure mUst be up and running 24/7 no matter what: electricity outage, human error, natural disaster or else.

at baiP we have a team of critical it infrastructure architects, engineers and administrators who are experienced in:

integrating resilience into your it infrastructure’s architecture;

selecting the best building blocks for deploying it infrastructure – software and hardware solutions by global market leaders;

maintaining existing it infrastructure and making sure it is running smoothly;

Disaster recovery: in case of emergency, bringing your most important operations back to work as soon as possible.

baiP is a Lithuania-based critical it infrastructure company providing its services in the baltic, nordic and east african regions.

•

•

•

•

it infrastrUCtUre tHat neVer sLeePswww.baip.lt


The National Information Technology Authority-Uganda (NITA-U) is an autonomous statutory body established under the NITA-U Act 2009, to coordinate and regulate Information Technology services in Uganda. NITA-U is under the general supervision of the Ministry of Information and Communication Technology (MoICT). NITA-U is mandated with coordinating national information security.

As part of the Authority, the National Computer Emergency Response Team/Coordination Center (CERT.UG/CC) was setup to help to ensure the protection of the nation’s Critical Information Infrastructure, assist in drafting the overall plan on the country’s approach to cyber security related issues and thus can serve as a focal point for further building and implementing the National Culture of cyber security.

CERT-UG/CC aims at providing the necessary services to handle incidents and support the affected parties to recover from breaches. The advice, services and support provided by the National CERT takes form of the website content provided for its audience in need. It is a trusted source of information and advice on cyber security issues in Uganda that provides advice, support and guidance in many forms from written advisories to sectoral briefs.

CERT-UG/CC provides a variety of services including email, hotline support, technical guidance on incident response support, mitigating cyber threats, information collaboration and capacity building. Their aim is to help and support all Ugandans in awareness of information on major issues on cyber security.

ORGANISERS

http://www.nita.go.ug

http://www.cert.ug/

www.nrdcompanies.com n [email protected]

PreViOUs COnferenCes

in order to assist east african organisations in creating secure digital environment for states, governments, corporations and citizens, nrD companies have been organising annual Cyber Defence east africa (CDea) conferences since 2013.

The first three CDEA conferences took place in tanzania and were organised together with isaCa tanzania Chapter in years 2013 and 2014, and in cooperation with tanzania Communications regulatory authority (tCra) in 2015.

in 2016, CDea took place in Kampala, Uganda and was organised together with nita-U. representatives from the President’s Office, Ministry of Finance, Uganda Police force, Uganda revenue authority, national Identification and Registrations Authority, ministry of internal affairs, makerere University and many other organisations.

CDea 2016, Kampala,

Uganda. 70+ participants.

With nita-U.

CDea 2015, Dar es salaam,

tanzania. 100+ participants.

With tCra.

CDea 2014, arusha,


With isaCa tanzania.

CDea 2013, morogoro,


With isaCa tanzania.

www.nrdcompanies.com n [email protected] n [email protected] n 59

CYB

ER D

EFEN

CE

EAST

AFR

ICA 20

17. FI

NANCIAL SECTOR SECURITY

KAMPALA, UGANDA 9-10 AUGUST’17

Norway Registers Development AS

Løkketangen 20 B, 1337 Sandvika, Norway

www.nrdcompanies.comPhone: +47 219 50 158

E-mail: [email protected]

www.cybersecurity.ug

cyber defence east africa 2017 - nrdcs.lt · executive summary organising committee cyber defence...

Documents