Presentation on theme: "Solving National Security challenges with Information Technology Which way forward? Presentation at the ITPA 2014 conference organized by Computer Professionals."— Presentation transcript:
Solving National Security challenges with Information Technology Which way forward? Presentation at the ITPA 2014 conference organized by Computer Professionals Registration Council of Nigeria (CPN) Tope S. Aladenusi, CISSP, CRISC, CISA, CBCI, CEH, CIA, ISO27001LA Partner, Deloitte Nigeria 18 June 2014
Outline → Introduction → What needs to be protected? → Security Challenges → Technology in National Security → Around the world → Where do we begin? → Concluding thoughts
- 3 - National security is an appropriate and aggressive blend of political resilience and maturity, human resources, economic structure and capacity, technological competence, industrial base and availability of natural resources and finally the military might. Introduction: National Security Source: National Defence College of India
- 4 - Introduction: National Security Parameters Source: Stockholm International Peace Research Institute (SIPRI) Research Report No. 20 Technology and Security in the 21ST century Threat Perceptions National Sovereignty Techno-military Superiority Industrial Infrastructure Quality of People Combating Terrorism World Power Equations Socio-economic Strength Regional Cooperation Natural Resources Self Reliance External Threats Border Disputes Internal Security /Stability Law and Order
- 5 - The making, usage and knowledge of information processing, including software, hardware, communications technologies and related services to solve a problem or perform a specific function. Introduction: Information Technology
- 6 - What needs to be protected? Human Lives Social Infrastructure Communication equipment Public Institutions Transportation Systems Technology Infrastructure Lands and properties
- 7 - Poverty and unemployment Insurgences – Boko haram, militants, religious or ethnic wars Insecurity of lives – kidnapping, armed robbery, ritual killings Corruption – Rigging of election, fake licenses, etc. Theft – Oil pipeline, public funds or piracy Information security – defacing government websites, theft of critical data, Denial of Service attacks Insider threats - Moles within security agencies, disgruntled employees Over-reliance on foreign technology Inadequate regulations: e.g. cyber security Some Security Challenges
- 8 - The use of information technology for national security has many benefits as well as some risks. Most common uses include: Intelligence gathering Secure communication Education and Awareness Military platforms - Smart weapons, stealth aircraft etc. Cyber Attack and Defense Aids Research and Development - Simulation For tackling Natural Disasters Information Technology in National Security
- 9 - Around the World Cyber attack Surveillance Fraud Election Military In April 2011, Germany set up its National Cyber Defense Center involving the military, police, secret service and other security organizations. The center was responsible for detecting, analyzing and disabling cyber threats. U.S. National Security Agency (NSA) surveillance program as exposed by Edward Snowden revealed that the program collected telephone records, online communications from internet firms such as Facebook, Google, Microsoft and Yahoo etc. In Sweden, all Government agencies have been handling invoices electronically since July 2008 In the 2011 parliamentary elections in Estonia, 24.3% of participating voters gave their vote over the Internet. Israel developed the first military drone (A drone or unmanned aerial vehicle (UAV), is a pilotless plane which can be guided by remote control or automatically based on pre-programmed software) technology after the 1973 Arab-Israeli war.
- 11 - Where do we start? In order to effectively overcome the challenges of national security and begin adopting technology solutions, four key components must be in place. Shared Vision Committed Leadership Addressing root causes of challenges Sense of Urgency
- 12 - Where do we start? Safety ad Security A well thought-out, proactive strategy must be in place to counter the current security challenges. Strategy should clearly define how IT acts as an enabler. Vision Adequately communicating the vision to citizens Security awareness and enlightenment programs using internet, e-learning, etc. Encourage development of local technology solutions in institutions Education Robust identity management framework. Asset inventory (people, infrastructure, national assets, equipment, etc) Identification
- 13 - Where do we start? Safety ad Security Assessment of identified assets for categorization into critical and non-critical assets.. Use of data analysis and data analytics to further classify high-volume data based on their criticality and other relevant criteria (E.g. Analysis of Census, Business, Telecommunication, Internet usage data.) Classification Adequate regulations and roadmaps guiding adoption of technology and surveillance mechanisms for security services need to be developed. Cyber security bill review and passage. Regulation Implementation of data analytics mechanisms to establish patterns for suspicious activities. Implementation of security leading practices such as COBIT5 / ISO27001 to protect critical assets. Implementation
- 14 - Where do we start? Safety ad Security Collaboration amongst government, private sectors such as Financial and Telecommunication institutions and security agencies for access to data required to combat insurgence. Collaboration Continuous monitoring of implemented IT Strategies and Frameworks, Regulations and information from surveillance satellites for efficiency and effectiveness. Monitoring Prompt and secure communication of the effectiveness of implemented strategies and intelligence to senior government executives in order to guide decision making. Periodic status updates to citizens and international communities to ensure a level of safety and encourage foreign investments Communication
- 15 - The inevitable future… Nations are going to depend extensively on cyber connected financial markets, transportation networks, energy grids, taxation, health and safety and security. In other to address both the present and future security challenges, we must have a determined, focused and technology savvy cadre of national security professionals. Concluding thoughts
Thank You Many thanks to Omobolaji Vincent, Cynthia Elodimo and Kayode Ayinoluwa for their assistance in putting this presentation together. The views and opinions expressed in this presentation are those of the author and do not in any way represent the views of the author’s employer. You should not act upon the information contained in this publication without obtaining specific professional advice. No representation or warranty (express or implied) is given as to the accuracy or completeness of the information contained in this publication. The author does not accept or assume any liability, responsibility or duty of care for any consequences of you or anyone else acting, or refraining to act, in reliance on the information contained in this publication or for any decision based on it.