12
The Malta Independent | Thursday 4 June 2015
Malta’s security within the realm of cyber space
Keith Cilia-Debono
I
t is every Government’s interest to ensure the wellbeing, security and safety of the country for which it is responsible for. Up to a few decades ago, a country’s security interests focussed on protecting its borders, its waters and its airspace. Today, we are living in a world of cyber space, where Information and Communications Technology (ICT) leads the way in day to day interaction within and outside of a country’s territory and where its disruption may potentially affect life. Hence, cyber space cannot be left out of a country’s span of protection. It would be a mistake if we simply were to limit our understanding of cyber space as to interactive ICT infrastructure alone. We need to keep in view all the information that flows within it and also to whom it belongs to - Government, private enterprise or the citizen. Hence cyber space also revolves around who is using it. The Government of Malta does no longer depend exclusively upon traditional forms of service delivery, but understands the importance of cyber space as a means of reaching out to society and enterprise. Digital Malta, Malta’s National Digital Strategy for 2014-2020, envisions the ability to securely carry transactions with Government via various ICT channels, as one of its key objectives. Cyber space is also increasingly seen as a platform to promote dialogue and participation. Indeed, Government is committed to encourage citizens to take part in democratic decisions through
ICT, as a means to enhance its visibility, transparency and accountability. The economy increasingly depends on a resilient and effective digital infrastructure as a means to foster innovation and growth. The adoption of innovative technologies serves as a means to improve decision-making in critical areas such as finance, healthcare, transport and the utilities, as long as it is performed within a robust risk management practice. Indeed, trust and confidence of a society that increasingly resorts to the cyber space to acquire a service or product, is of utmost importance. As an EU Member State, Malta must maximise on the benefits and opportunities derived from legislation adopted within the Union. Malta is no island within the realm of cyber space! Cyber space knows no boundaries. It transcends national borders, promoting online opportunities of dialogue and cooperation beyond our shores. However, as we all know, the cyber world makes no distinction between its users of good intent or not. Therefore, as opportunities are limitless, so are cyber threats. Such malicious attempts in cyber space may be launched anywhere, in any vulnerable area of a digital network, instantaneously leaving no time for an appropriate response and
with very minimal traceability or detection of its perpetrator. Ultimately, cyber space is man-made and like anything else of its sort, it is never perfect. The rapid advances of technology itself and the opportunities that arise which we actively pursue to adopt, do not allow it either. In all this, it would be argued that protecting against cyber threats is a mammoth task. It would be equally argued that Government has the resource and capability so as to take a leading role in cyber security. After all, global findings do suggest that public administration is the key target of cyber threats. Indeed, Government is committed and is taking a leading role in cyber security. From a legislative perspective alone, Digital Malta highlights Government’s commitments to review existing legislation to ensure relevance and effectiveness in the cyber world. Moreover, Government intends pursuing measures to maintain privacy, safety and security during surfing, transacting and operating online. Legislation will address several matters, such as, safeguarding intellectual property rights, patents, sensitive and personal information, cloud computing and data ownership, and net neutrality. Planning and investment is con-
tinuously being made in information infrastructure and systems so as to ensure cyber protection, prevention, detection, remediation and business continuity within Government. However Government’s effort alone does not suffice. Every private enterprise and every individual has a role to fulfil, relatively small as it may be. Defence of a country does not depend on bravery of the soldier alone, but on resiliency, cooperation and support of the civilian too. Thus, within the realm of cyber space, the private enterprise needs to brace itself against attacks that may incur heavy financial losses and reputational damage as experienced on a global scale in recent years. It too needs to ensure that its customers’ rights and freedoms are safeguarded. Top management needs to actively promote a risk culture that rightly apportions a balance between costs for security safeguards and the risks involved. Widely recognised norms and best practises need to be actively considered and adopted accordingly. Ultimately, cyber security necessitates that no one works in isolation, as essentially we are all digitally inter-connected in some way or another. The digital citizen is not expected to invest financial amounts that go beyond what is
essentially necessary to protect personal ICT devices used. However at least, an awareness of what lies beyond the safe confines of home through cyber space and what one can do in case of any form of attack is increasingly a must. Here too, Government is already advocating the safe use of the internet on a national level. The BeSmartOnline! initiative led by the Malta Communications Authority (MCA), aims at raising awareness amongst children on how to use the Internet safely and to consider the effects of their posts such as comments and photos. It also aims to bridge the gap with parents and carers who sometimes are not as well-versed with technology and social media platforms as their children. Similarly, in December 2014, MITA was critical for the organisation of #StopHate - a national cyber bullying public awareness campaign. Malta’s security of our cyber space is the responsibility of each and every one of us. It ultimately calls for a collective and systemic approach that respects our fundamental rights and freedoms whilst ensuring confidentiality, integrity and availability of our cyberspace on a day to day basis.
Wayne Lee Valentine
T
his year MITA is celebrating its 25 anniversary since its inception in 1990. Throughout these years, our organisation has evolved and transformed dramatically under three
This article is based upon a presentation delivered by Dr Keith CiliaDebono, on behalf of MITA at the 2015 ISACA Malta Cybersecurity Conference organised by ISACA Malta Chapter on 8th May 2015. Upon joining MITA in the early 1990s, Keith worked in various fields including project and contractor management, consultancy and strategic planning, mainly focussing on Geographic Information Systems within Government. In 2005, Keith formed part of the National Euro Changeover Committee, working on strategic planning and leading various national business preparations aimed at Malta’s successful transition to the euro currency in 2008. Back to MITA, Keith plays a consultancy role in Governance, Risk and Compliance within the public sector.
and its different functions. They were given information about MITA’s networking and data infrastructure, the control centre and the service call centre. They also learnt about the MITA Innovation Hub at SmartCity Malta as well as about the different careers that MITA offers. Given their young age, students were made aware and given information about the #StopHate campaign. During the visits both students and teachers have shown good interest and were impressed with the working environment that MITA offers. was also an opportunity to encourage the targeted students to take-up ICT as a future career.
During the school visits, students had the opportunity to learn basic insight of MITA’s role
Roderick Spiteri
Roderick Spiteri is Marketing and Communications Manager at MITA and editor of Malta Independent ICT feature
The Malta Independent ICT Feature
T
echnology and cyber space offer both opportunities and challenges. Opportunities include the effective use of digital infrastructure to boost the economy and foster innovation and growth. Challenges include cyber threats that every country across the world faces. The size of the country is more or
less irrelevant as every country is susceptible for the same type of information security threats. In today’s feature we look at what is being done in terms of security for Malta’s cyber space. Every young adult has access to a mobile device and a today we look at a new study which shows that almost half of them have some time or another sent
Wayne Lee Valentine is Head of Facilities Management Department, MITA
a sex-related message – either a text message or an image – known as ‘sext’. The study also found that more than seven out of ten have sent messages that they later regretted. We also look at a number of school visits that MITA has just organised as part of its 25th anniversary events planned for this year.
All ICT Features are available on www.mita.gov.mt/ictfeature
Unprotected sexting is rife among millennials
Dr Keith Cilia-Debono, B.Sc. (Maths & Computing), M.B.A. (Henley), D.B.A. (Maastricht)
500 students visit MITA Data Centre generations – MSU, MITTS and MITA. This milestone anniversary marks a quarter of a century of success stories in the IT industry and tangible results both in the Public Sector administration and to the general public. As part of the events commemorating this milestone, over the past three months the Agency hosted some 500 students hailing from 25 state, church and independent schools. The two-hour visits were specifically targeted for students aged between 12 and 16 years. The aim of these visits was to raise awareness and give exposure to the state-of-the-art ICT environment that MITA has at its Data Centre in Santa Venera. It
13
The Malta Independent | Thursday 4 June 2015
46% of millennials have sent “sext” messages via mobile devices, but only 5% of them use apps that protect their privacy, according to a new study released by Raketu, developer of RakEM – a private and encrypted communications application. The study also found that 72% of millennials have sent text messages and then regretted it, with the most prevalent reasons due to emotion or anger (almost 56%) or by accident (43%). The independent study of 1,000 consumers reveals how American millennials (those who are 28 or younger) are concerned about the privacy of their mobile communications but are either not taking
steps to protect themselves or have false assumptions about the messaging apps they are using. Privacy concerns The study found that more than 40% of people aged 30-44 are moderately to extremely concerned that their private texts or calls might be seen or heard by others. Nearly 74% of 18-29 year olds are concerned that the government has access to the info on their mobile device. Risky assumptions Consumers unanimously assume that the information on their mobile devices is secure, with phone calls considered the most private
(67%). Despite these concerns, just 50% take proactive measures to ensure their privacy, using messaging apps that allege to offer encryption and security (many of which have already been hacked, are insecure and do not support adequate encryption). And even though Facebook publicly states it collects data about users, 42% stated they use Facebook Messenger for its privacy. Additionally, 60% said they’d be eager to use a messaging/voice calling app if it truly guaranteed their privacy. “it is clear that mobile users are putting themselves at risk through sexting and other regrettable activities, and generally assuming that their communications are protected – when that’s clearly not the case,” explained Greg Parker, president and CEO at Raketu. “What’s more, we learned that they’d feel violated, angry, scared, and embarrassed should their photos, texts, and calls be hacked or shared without their permission. This study exposes an urgent need for education among consumers on how best to safeguard their mobile communications and that the claims of encryption by many are not necessarily true.”