The Kenya Police website got defaced, as did the official State House site; what now? While there was a furore on local mailing lasts and twitter as to why government sites were being “hacked”, I think this points to a more deep seated issue that should be addressed, sooner rather than later to avert attacks that may have dire consequences.
As we move to a more knowledge based society, information is power and this information is stored on online systems, with online here meaning connected systems that allow for sharing and transfer of data. Traditionally securing information could be as simple as digging a hole and burying whatever it is that you want to protect.
As more systems go online, and with the government looking at leveraging information technology to better deliver services to its citizens, it is imperative that any service rollout, whether on web or on mobile undergo rigorous security testing. The defacing of the government websites is really nothing to write home about, what I am more concerned with is the fact that as we have more of our government centric and personally identifiable information online, we become a target of espionage.
While this may sound like the stuff movies are made of, the repercussions are very real and may hinder the adoption of services as the citizenry become more aware of the risks posed by insecure systems that hold their information. The government in a bid to get online, has ignored this area of security. Most online government properties are built on top open source frameworks, and while this could see the deployment done at lower costs, I believe there are certain things that one should not skimp on.
Dr. Bitange Ndemo the Permanent Secretary in the Ministry of Information and Communications mentioned that government cannot compete with the salary scales that private sector has for security experts and government cannot also create a new job group to cater for such a need.
While I acknowledge that government more often than not, is a slow moving organization, we should not wait for an online “terror” attack to fastrack policies and set up structures to protect us.
If information technology is to help us leapfrog into the digital age and become a major source of revenue for the country, competing with agriculture and tourism, we need to have the foundations right and the basics right. If not done, government may have to spend a lot of resources to win citizen confidence and drive adoption of web and mobile based government services.