Presentation on theme: "Tanzania Communications Regulatory Authority - TCRA Response to Cyber incidences in Tanzania: Where are we? Presented at Cyber Security Mini Conference."— Presentation transcript:
Tanzania Communications Regulatory Authority - TCRA Response to Cyber incidences in Tanzania: Where are we? Presented at Cyber Security Mini Conference Serena Hotel, Dar es Salaam 26 th June 2012 Connie Francis
1.Tanzania Communication Regulation Authority 1. Legislation Tanzania Communication Regulation Authority (TCRA) an independent Authority for the Postal, Broadcasting and Electronic communications industries in the United Republic of Tanzania was established by the TCRA Act no. 12 of 2003 It merged the former Tanzania Communications Commission and the Tanzania Broadcasting Commission. The Electronic and Postal Communications Act – EPOCA of 2010 came into act after repeal of Tanzania Communications Act No.18/1993 and Tanzania Broadcasting Services Act No.6/1993
TCRA…(2) 2. TCRA’s Role Includes licensing and regulating the Postal services, Broadcasting services and Electronic Communications sectors in the United Republic of Tanzania. Specifically the Authority is responsible for enhancing the welfare of Tanzanians through: Promotion of effective competition and economic efficiency; Protecting the interests of consumers; Promoting the availability of regulated services; Monitoring the performance of the regulated sectors. Monitoring the implementation of ICT applications …
TCRA…(3) 3. Licencing Framework Converged Licensing Framework (CLF) The CLF was introduced in 2005, consisting of four licenses: Network Facility License (NFL) Network Services License (NSL) Application Services License (ASL) Content Services License (CSL) The Converged licensing framework is Technology Neutral and Service Neutral.
2.Computer Emergency Response Team 1. Current Situation Tanzania like many if not all other countries in the world are prone to be affected by the development and sometimes misuse of the information communications facilities. Issues of cyber security and the like are of global nature and therefore require more collective attention of the world community than ever before. TCRA has been exploring for a long term solution since 2008 as a result, cyber security measures were incorporated into the legislation the Electronic and Postal Communications Act (EPOCA) number 3 of 2010.
CERT…(2) 2. Regulation Computer Emergency Response Team In the EPOCA, Section 124 calls for establishment of the National Computer Emergency Response Team (CERT), the name given to expert groups that handle computer security incidents. New Regulations were published in December 2012, by the Hon. Minister for Communication, Science and Technology. The electronic and postal communications (computer Emergency response team) regulations,
CERT…(3) Most groups append the abbreviation CERT, CIRT or CSIRT to their designation where the latter stands for Computer Security Incident Response Team. For some teams the abbreviation CERT refers to Computer Emergency Readiness Team while handling the same tasks. Pursuant to Section 4(1) of the Electronic and Postal Communications (Computer Emergency Response Team) Regulations 2011, the Tanzania Communications Regulatory Authority (TCRA) is mandated to appoint members from stakeholders to form a Steering Committee for the establishment of a National CERT in Tanzania.
CERT is a service organization that is responsible for receiving, reviewing, and responding to computer security incident reports and activity. Their services are usually performed for a defined constituency that could be a parent entity such as a corporation, governmental, or educational organization; a region or country; a research network; or a paid client.
CERT…(4) 3. Where are we? 1.The Steering Committee for establishment of National CERT with diverse composed is in place. Representatives are from different sectors including: Ministries Government Agencies Academic Bank Service Provider Policy Military Media
CERT…(5) 2. Joint initiative within East Africa under the umbrella of East Africa Communications Organizations (EACO) 3.Administrative agreement with International Telecommunication Union and International Multilateral Partnership Against Cyber Threats (ITU/IMPACT) for Technical Assistance 4.Collaborate with AfNOG (African Network Operators' Group) /AfriNIC (African Network Information Centre) initiative - AfriCERT 5.Procurement of equipment for National CERT operations 6.Training workshop for the Steering Committee
CERT…(6) 4. Responsibilities of Steering Committee Develop comprehensive set of rules and guidelines for effective operations of the National CERT Identify and propose CERT Stakeholders and Constituencies and Technical Advisory Committee which will include members from the public and private sector
CERT…(7) 5. CERT responsible to: National Coordinate response to Cyber Security incidents at National Level Cooperate with Regional and International entities involved with management of Cyber Security incidents
CERT…(8) 6. Complimenting initiatives - EPOCA Numbers and addresses Database Registration of SIM card Cooperate with Regional and International entities involved with management of Cyber Security incidents Users and licensees obligations
CERT…(9) 5. Where to? Cyber Peace/ Build confidence in Cyber Space National CERT Sector CERTs Enforcement of the regulations Capacity building/ Knowledge transfer Awareness programs