SECOND AFRICAN INTERNET SUMMIT / AFRICA INTERNET SUMMIT (AIS) – DJIBOUTI, MAY 24 – JUNE 6, 2014
AfricaCERT PRESS RELEASE
As part of the second African Internet Summit, the African Forum of Incident Response Teams, AfricaCERT, organized a series of activities on cyber security in
Djibouti from May 26 to 31, 2014, with the support of the Organization International of Francophonie (Organisation Internationale de la Francophonie, OIF).(1).
Thirty-five people from 22 countries participated in a training workshop with two components. Two instructors of the Forum of Incident Response and Security Teams (FIRST) presented the first workshop on the organizational, legal and operational aspects of managing a Computer Security Incident Response Team (CSIRT). They provided a course based on the TRANSITS I curricula. The second part, animated by Japan Computer Emergency Response Team Coordination Center (JPCERT), focused on techniques of Network forensics. (2).
Propositions for the implementation of a strategy for cyber security in Djibouti were developed on May 29 with local professionals of the information community, as a part of AfricaCERT Cybersecurity Talks initiatives. The AfricaCERT Cybersecurity Day, on May 31, was mainly devoted to the exchange of experiences and cyber security best practices in Africa. Thus, experts from the Asia Pacific computer Emergency Response Team as well as those from Egypt,
Tunisia, Cameroon, Tanzania, Burkina Faso and Ivory Coast shared their experience and best practices. The ongoing establishment process of the Computer Emergency Readiness Response Team of the National Information Technology Development Agency (NITDA) in Nigeria (CERRT.ng) was also presented. The civil society raised the need for openness, privacy and transparency in Africa in the digital age.
Exchanges between the participants showed that the effectiveness of cyber hygiene begins with the establishment in each country of a national cyber security strategy. Such strategy needs to take into account the set up of legislative and regulatory framework, the organization of awareness campaigns, training of law enforcement officers and the creation of a CSIRT. It also became clear to participants that the success of the tasks assigned to CSIRTS is conditioned by the development of sub-regional, regional and international cooperation. This shows the relevance of the AfricaCERT forum whose mission is to propose solutions to challenges for a better cyber hygiene in the African Internet Ecosystem. A stronger cooperation with the FIRST is also needed as wells as with other actors such the OIC-CERT (Organization of The Islamic Cooperation – Computer Emergency Response Teams), APCERT (Asia Pacific Computer Emergency Response Team) and sister organizations.
The Conference also addressed the Open source tools in Information Security proof of concept and outlined the areas of collaboration between CSIRTS and law
enforcement agencies. All participants and observers commended Djibouti for its hospitality and thank the organizers and presenters of the workshops. The parties scheduled to meet at AfricaCERT VII in Mauritius from November 24 – 28, 2014 to measure the progress and continue to work towards a stronger AfricaCERT that meets the expectations of the People and Governments in the African Internet Ecosystem. Djibouti, May 31, 2014
Jean Robert Hountomey
AfricaCERT Global Coordination