Developing Nations Face The Biggest Cyber Security Challenges

Uploaded on 2022-10-17 in NEWS-Cybersecurity News, INTELLIGENCE--International, FREE TO VIEW

The Internet, online services and cyberspace play a vital part in the economic development of any country and a strong cyber capacity is crucial for states to progress and develop in economic, political and social spheres. The need to integrate digital connectivity and infrastructure development policies has been documented by both the telecoms and technology industries as well as policy makers.

Information and Communication Technology (ICT) has assumed a critical role in facilitating social-economic development in many countries. 

The investment in securing cyberspace affects the success rate of other policy initiatives as well, however, there is a clear need for a deeper dialogue with the development community and recipient countries to better understand how to implement cyber capacities in practice.  

Some countries have taken advantage of the effectiveness and productivity of cyberspace and are in the process of transforming their economies into an information and knowledge based economy. In developing world, ICT is a key component in improving the quality of life and participation in global economic activities. However, these benefits are being challenged by increasingly sophisticated cyber threats where there is no global consensus on how to regulate cyberspace. 

Developing countries, specifically those in Africa, have traditionally lagged developed countries in adoption and use of the Internet. 

Recent reports from the International Telecommunication Union show that “developing countries now account for the vast majority of Internet users, with 2.5 billion users compared with one billion in developed countries.” These developments, though, should be put in context of the Internet penetration rates, which is 81% in developed countries, compared with 40% in developing countries and 15% in the least-developed countries.

Despite poor Internet penetration, developing countries are changing the Internet usage landscape by becoming one of the key players. They are taking advantage of the multitude of benefits that the Internet provides. 

For example, organisations can now forge international relationships with new vendors (to lower costs) and new customers (to increase sales), thereby decreasing communication costs, and resulting in higher efficiency and quicker transaction processing. Despite these benefits, organisations also face many challenges when using the Internet,, for example, the threat from attackers, spammers, and criminal corporations. 

This danger is more real for developing countries and more so for the SMEs, who tend to have limited resources to acquire and implement cybersecurity mechanisms in their organizations.

Current guidance on implementing cyberspace defence is based on the single model of nations with mature infrastructures and broad adoption of Internet usage. The result is that the available guidance does not directly address the challenges encountered by nations with emerging ICT infrastructures. Policy makers, such as those in Rwanda who viewed current guidance as not implementable, have assessed that a strategy based on existing guidance would not solve their problem, is not reflective of their needs and is not implementable with their national resources.

Benefits:    Securing the Internet enables numerous consequence, both beneficial and malicious actions. The beneficial activities include: e-shopping, e-communications, e-business and e-learning. It also has the capability to transform healthcare, education, and government. These transformations are the result of the Internet fostering countless beneficial activities. But there are drawbacks.

Drawbacks:     Inevitably, cyber criminals have realised the potential of the Internet for malicious purposes. They have been honing their skills and capabilities since before the mass adoption of the Internet. Some have become extremely capable and dangerous while the majority is less capable but still often effective especially on soft targets. Many of their attacks presently exploit financially rewarding targets, which has spared the less well connect countries and the recent adopters. 

One relevant cyber threat to national interests of an ICT emerging countries is the potential harm to economic growth.  Governments can best ensure the protection of critical assets in cyberspace by following eight key principles for authentication policy:

  1.      Have a plan that explicitly addresses authentication. While a sound approach to authentication is just one element of a proper approach to cyber risk management, any cyber initiative that does not include a focus on strong authentication is woefully incomplete.
  2.     Recognise the security limitations of shared secrets. Policymakers should understand the limitations of first-generation MFA technologies such as OTPs that rely on shared secrets and look to incent adoption of more secure alternatives, such as those that utilise public key cryptography where keys are always stored on, and never leave, the user’s device.
  3.     Ensure authentication solutions support mobile. As mobile transaction usage grows, any policy that is not geared toward optimizing use of MFA in the mobile environment will fail to adequately protect transactions conducted in that environment.
  4.     Don’t prescribe any single technology or solution — focus on standards and outcomes. Authentication is in the midst of a wave of innovation, and new, better technologies will continue to emerge. For this reason, governments should focus on a principles-based approach to authentication policy that does not preclude the use of new technologies.
  5.    Encourage widespread adoption by choosing authentication solutions that are easy to use. Poor usability frustrates users and prevents widespread adoption. Next-generation MFA solutions dramatically reduce this “user friction” while offering even greater security gains. Policymakers should look for incentives to encourage use of next-generation MFA that addresses both security and user experience.
  6.     Understand that the old barriers to strong authentication no longer apply. One of the greatest obstacles to MFA adoption has been cost, previously, few organisations could afford to implement first-generation MFA technologies. Today, there are dozens of companies delivering next-generation authentication solutions that are stronger than passwords, simpler to use and less expensive to deploy and manage.
  7.     Know that privacy matters. MFA solutions can vary greatly in their approach to privacy, some track users’ every move or create new databases of consumer information. Such solutions raise privacy concerns and create new, valuable caches of information that are subject to attack. 
  8.    Use biometrics appropriately. The near ubiquity of biometric sensors in mobile devices is creating new options for secure authentication, making it easier to use technology such as fingerprint and face recognition. Biometrics are best used as just one layer of a multi-factor authentication solution, matching a biometric on a device to then unlock a second factor. 

The Internet is a borderless globally connected network that enables cyber attackers to harm other countries using computers in countries with poor security to launch attacks, use as proxies to remain anonymous and to add to the global level of cyber insecurity. 

Consequently, the openness of the Internet requires all nations to have effective cyber security policies to have a safe and secure Internet. Having trustworthy guidance on building cyberspace defenses in  emerging countries is an important objective for all countries.

ITU:     HBR:   Salah KabandaSabir Sadique:    ICT21:     Carnegie Mellon University:     Daniel Otieno:    CYBIL

You Might Also Read: 

The Global Cyber Security Market Set To Grow  By $190 Billion:

 

« Average Cost Of A Cyber Attack Increases By 80%
Security Patching As A Service »

CyberSecurity Jobsite
Check Point
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

Directory of Cyber Security Suppliers

Directory of Cyber Security Suppliers

Our Supplier Directory lists 8,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

4Secure

4Secure

For over two decades, 4Secure has specialised in cyber security consultancy, safeguarding the worlds critical Infrastructure through securely bridging air gapped networks.

DataGuidance

DataGuidance

DataGuidance is a platform used by privacy professionals to monitor regulatory developments, mitigate risk and achieve global compliance.

ZeroFox

ZeroFox

ZeroFox safeguards modern organizations from dynamic security risks across social, mobile, surface, deep and dark web, email and collaboration platforms.

Australian Signals Directorate (ASD)

Australian Signals Directorate (ASD)

The Australian Signals Directorate is an intelligence agency in the Australian Government Department of Defence.

Blue Lights Digital

Blue Lights Digital

Blue Lights Digital have developed a range of platforms to support digital investigations, as well as providing continued support and education for investigations professionals.

Swiss CyberSecurity

Swiss CyberSecurity

Swiss CyberSecurity is a non-profit group based in Geneva, set up to provide information and as a forum for discussion of topics related to CyberSecurity.

DANAK

DANAK

DANAK is the national accreditation body for Denmark. The directory of members provides details of organisations offering certification services for ISO 27001.

SPARTA Consortium

SPARTA Consortium

SPARTA tackles hard innovation challenges, leading the way in building transformative capabilities and forming a world-leading cybersecurity competence network across the EU.

Netlawgic Legal Services

Netlawgic Legal Services

Netlawgic is exclusively focused on delivering cyber law solutions to the industry. We provide our clients with specialized attention and problem solving in all aspects of cyber law.

Agile Underwriting

Agile Underwriting

Agile, an underwriting agency, insurtech and Coverholder at Lloyd's, provides niche insurance products across Aviation, Marine & Cargo, Cyber and Financial Lines.

Sevco Security

Sevco Security

Sevco Delivers Real-time Asset Intelligence to Identify and Close Unknown Security Gaps.

Sourcepass

Sourcepass

Sourcepass is an IT consulting company that focuses on providing expert IT services, cloud computing solutions, cybersecurity services, website, and application development.

PCCW Global

PCCW Global

PCCW Global is a leading communications service provider, offering mobility, voice and data solutions to multinational enterprises, telecomms partners, cloud and application service providers.

Backslash Security

Backslash Security

With Backslash, AppSec teams gain visibility into critical risks in their apps based on reachability and exploitability.

M6iT Consulting

M6iT Consulting

M6iT Consulting is an industry-leading solution partner managing the IT requirements for a full range of companies.

Prequel

Prequel

Prequel is your real-time problem detection and resolution platform, powered by the global reliability community.