Due to the increasing competition and
need to cut costs, pressure is mounting on corporations and businesses in
Uganda. The aim is to automate their business functions and enable client’s
access to services using ICTs, especially the Internet and mobile technologies.
This, however, is leading to increased exposure of corporate ICT systems and
data to greater risk than ever before.
Due to lack of data, it is difficult
to know whether businesses and corporations in Uganda actually manage their
information security. The recent
incidences of fraud at URA, MTN, Stanbic Bank, and the Office of the Prime
Minister are indications that these entities may not be doing this. We will never know and be able to quantify how
much financial and other losses those incidents caused since the affected
companies will never disclose the truth to the public to avoid damage to their
reputation.
Cybercrime, whether
committed against private enterprise or government facilities and services, has
the potential to negatively impact the economy, disrupt services such as
electricity and water supplies, as well as endanger national security. Although
100 per cent security of e-services cannot be guaranteed, an information
security management programme built on integrated information security
architecture, should be effective in mitigating the impact of such incidents.
Therefore, businesses and corporations
in Uganda need to make information security governance part of their corporate
governance programme. An information security governance programme helps an
organisation achieve its strategic business goals and deliver value and
security assurance to all stakeholders.
On the other hand, there is need for
greater government involvement by enacting and implementing appropriate laws
relating to electronic transactions, data protection and user privacy, and
computer misuse. There is also need for effective regulation, especially
compliance enforcement.
Rahman Sanya,
Computer Science and Information
Security lecturer at Uganda Martyrs University
rsanya@umu.ac.ug
Computer Science and Information
Security lecturer at Uganda Martyrs University
rsanya@umu.ac.ug
Daily Monitor Uganda