Internet Society, African Union Unveil Africa Guidelines for Internet Infrastructure Security

L to R: Michuki Mwangi, Senior Development Manager, ISOC - Africa and Dawit Bekele, ARB Director, ISOC

Internet Infrastructure Security Guidelines for Africa have been made public by the Internet Society (ISOC) and Commission of the African Union at the African Internet Summit that is taking place at the Boma Hotel till 2 June.

Before you take a dive into the detais of the guidelines linked at the end of this piece, it is vital to understand that ISOC is an American, non-profit organization that was formed 25 years ago. ISOC headquarters are in Reston, Virginia in the United States. Its mandate has not changed since its inception, and that is to provide leadership in matters related to the Internet. ISOC is concerned in supervising processes in education, access as well as policy provided they are tied to the internet. At the same time, the organization works in conjunction with other bodies such as the Internet Research Task Force (IRTF) to support and promote preset standards.

The aforementioned guidelines have been developed owing to the fact that the Internet is all-encompassing. Governments and the people depend on its offerings, which is why it is paramount to secure online existence as a step to getting rid of intrusions and malicious or criminal activities.

As a measure toward meeting Internet security needs, global security experts have formulated guidelines that are aimed at boosting the security of the internet infrastructure of African Union member states. The guidelines have not been outed before in Africa, which is why ISOC is partnering with ISPs on regional, national and organizational levels in setting the guidelines into motion.

The security guidelines have been motivated by the need to rethink Internet security requirements. This is because ISOC understands that incorporating security measurements and privacy controls onto the African and in extension, the global communication platform is challenging, but Dawit Bekele, African regional Bureau Director of ISOC argues that it is absolutely necessary to do so.

“Africa has achieved major strides in developing its Internet Infrastructure in the past decade. However, the Internet won’t provide the aspired benefits unless we can trust it. We have seen from recent experiences that Africa is not immune to cyber-attacks and other security threats. These guidelines, developed in collaboration with the African Union Commission, will help African countries put in place necessary measures to increase the security of their Internet Infrastructure,” says Dawit Bekele.

The Internet Infrastructure Security Guidelines for Africa strike curiosity as whether the Internet is insecurely built – which is not the case. To quote Dawit, ‘the Internet won’t provide the aspired benefits unless we can trust it.’ Ideally, the initial design of the Internet considered a world filled with honest and trustworthy people. During its early days, the use of the internet involved researchers and academics who communicated with trusted parties in sharing knowledge, which is why such interactions were not secure by default. If we fast-forward to modern times that are plagued by all kinds of cybercrimes and breaches, it is clear why fresh, effective and solid guidelines have to be put in place to meet the challenge of protecting Internet infrastructure.

Admittedly, the cybersecurity environment in Africa is prone to multiple security setbacks such as lack of awareness of the risks involved when people use technology. For instance, out of 127 countries that were investigated in the 2015 Deloitte Global Threat Index, Kenya was ranked 69th most vulnerable country. The report shed more light into this matter, stating that lack of awareness, talent shortage as well as underinvestment were among the reasons why the country performed poorly. Furthermore, Deloitte estimated that Kenya lost $171 million to cybercrime in 2016.

These statistics are obviously saddening, and the guidelines couldn’t be unveiled at a better time, owing to the urgency of building and strengthening systems that tackle cybercrime to the global digital economy. Stakeholders, including governments, operators and educational organizations, among other parties, must find it necessary to adopt and implement the guidelines.

Compared to other parts of the world, Internet penetration in Africa is low. Approximately 25.1% of Africans have Internet access based on the ITU ICT Facts and Figures. However, such numbers could rise thanks to sustained double-digit growth penetration in the past decade. Penetration has been aided by heightened uptake of mobile internet due to the availability of favourably-priced smart handhelds to the young, tech-savvy population.

The path to secure Internet infrastructure is laced by great ideas that have been included in the guidelines. It should be noted that the guidelines have been tuned to meet African cybersecurity needs in terms of support, developing of momentum and eliciting sustained commitments in keeping the Internet safe.

The guidelines can be found here.