The East African Information Security Managers Forum (ISMF), aiming to involve security practitioners across the region to share experiences on information management, was launched at the East Africa ICT summit.
The forum will address the gap that information security practitioners are facing today including issues of attaining required security standards, meeting compliance challenges, achieving cloud security and developing information management security systems among others.
In October, AITEC Africa had partnered the Institute of Electrical and Electronics Engineers (IEEE) to review the state of internet security in East Africa by identifying weaknesses and challenges as well as resources that need to be addressed.
The ISMF has been set up to discuss these issues at length and develop the necessary solutions and systems that will help East Africa in attaining maximum security in information delivery.
The forum kicked off the discussions with a major focus on information security standards and how organisations should work to achieve certification with the current standards.
Speaking at the launch, Almerindo Graziano, chief executive officer (CEO) at Silensec Kenya, said: “We have come up with a new information security standard, the ISO 27001 that emphasises on leadership and senior management responsibilities in organisations.
“This new standard accounts for the iPad revolution, the digital age where technology is the catalyst of economic growth and surpasses the standards of the previous one that was last reviewed in 2005.”
He said in order to implement the new standard, organisations will have to document all their information security objectives and give a detailed explanation on how they plan to achieve them unlike before where documentation was not given priority.
Salome Kanyugo, representing the Kenya Revenue Authority (KRA), said: “The increased automation in services has become a major challenge for us and this has brought about the need to secure our information so it is not easily accessible to the wrong people.
“To cover this challenge and others such as internal threats and web cloning, we have implemented various information security standards and currently we are in the process of implementing the new ISO 27001.”
She said implementing the new standards will ensure customers are able to trust their information is secure with the organisation.