The following are the remarks made by PORTAZ Director-General Dr Gift Machengete at the ITU World Summit on the Information Society (WSIS) Forum this afternoon.
DIRECTOR GENERAL’S POLICY STATEMENT
Question 1: What are the most common fears for businesses, organisations and ordinary people that can be a barrier to the use of ICTS?
Question 2: What should be done to allay or overcome these fears and deal with their cause?
The ITU Secretary General – Mr Houlin Zhao
The WSIS 2021 Chairperson – His Excellency Maxim Parshin
Excellencies
Ladies and Gentlemen:
The rate at which ICTs have advanced has resulted in increased cyber-attacks, computer and network security breaches. Cybercriminals hack economic institutions, government websites and power infrastructures, in order to steal or extort money or advance an ideological agenda. Reported intrusions on government computer systems, networks and websites for both developed and developing countries are enough to scare governments from adopting new telecommunications applications. A look at wikileaks releases of leaked sensitive information, shows the gravity of cyber threats. Publicized attacks in entities that are well- versed in technology, such as Equifax, eBay, Adobe, yahoo, face book and Google, can make any ordinary person reluctant to connect to the internet or use cloud storage facilities, let alone adopt emerging technologies and applications.
For governments, the greatest fears emanate from the threats of cyber terrorism, data breaches, espionage and human error by employees. Fear of Cyber-terrorism, keeps every nation more alert than the possibility of an attack by a physical army, as the former can be executed at the click of a button, with consequential damage to organisations and individuals, while the latter can easily be spotted coming.
For corporate entities and businesses, the fears include competitor driven hackings designed to steal business secrets, sabotage and spying by competitors, in order to gain strategic advantage.
For individuals, the fears of identity theft, theft of passwords, fraud through access to bank accounts, breach of privacy, tracking of personal activity and information by tech giants and governments, technophobia, form a composite of fears.
Fears by older persons deserve special mention, as they form a psychological barrier to the adoption of ICTs. Some of them fear that they may not be skilled enough to use a particular technology and therefore steer clear of it. This explains the reluctance by some older persons to use social media.
Given these fears, we have seen Government Departments lagging behind in computerising their records and transaction systems, thereby continuing to use manual record systems to store data.
For businesses, the worry that data breaches may occur due to electronic data storage, as well as electronic transactions, is not taken lightly. This is in view of the heavy fines that are levied by regulators on institutions such as Banks, Hospitals, Schools and other businesses, when a data breach occurs. Damages that can be claimed by individuals against entities in whose hands their personal data is illegally accessed make things worse. Hearing that large entities were hacked at some point makes smaller entities and governments even more reluctant to embrace technology.
Stories about bank records and hospital records being dumped on the internet for all to see, would give any ordinary person, or individual, technophobia. Individuals also fear personal information tracking by their governments and employers, as well as artificial intelligence .In this regard they fear drones, robots and home surveillance technology. Public reports concerning the Cambridge data analytical scandal, the commonwealth Bank‘s loss of customer financial accounts for 20 million accounts and the running down of a pedestrian by a self-driven car in Arizona, also exacerbate these kind of fears.
There are a number of ways and solutions that can be used to allay these fears and avert attacks, thereby building confidence and security in the use of ICTs.
For governments, training of Government Officials on how to protect their ICT systems can improve the situation. Such training includes training on password rules, as passwords are the first line of defence against breach. Use of secure and sophisticated hardware, as well as robust anti-virus solutions, can help not only allay fears of Cyber terrorism, data theft and any breach of privacy, but also provide real protection.
Overall, fears for both government and corporates can be reduced through monitoring of data assets, creating an effective risk plan, which is well known and owned by employees, enforcing security protocols ,providing firewall security, securing Wi-Fi networks, limiting employee access to data and updating protective solutions, as technology improves and changes. These measures can help governments and commercial entities, as well as individuals
For individuals, the biggest measure other than technical measures that policy–makers can take, to build trust and confidence in the use of ICTs, is to have a strong and robust legal framework that can protect users.
Perhaps the biggest confidence booster would be to ensure that the level of knowledge is synchronized from the current asymmetry between those that create and use emerging technologies and, those that regulate the technologies.
Having a robust legal framework gives assurance to users that they are protected online, the same way they are protected offline.
As Zimbabwe, the draft Cyber Security Bill and a Data Protection bill, are essential for building trust in the use of ICTs. We have also commissioned a sizable local Data Centre and a Regional Internet Exchange Point, which gives assurance to users of telecommunication/ICTs that their personal data does not get exported. Furthermore, the country is in the process of setting up a National Computer Incidence Response Team.
This should go a long way in building confidence and security in the use of ICTs in Zimbabwe, and other administrations may be well advised to do the same.
I will leave you with one point of advice. It takes many years to build a business, a country, a customer base, a reputation and respect, but it can take just one cyber-incident, to destroy it all, if we do not take cyber security seriously.
Thank you for your attention.