The Communications Regulatory Authority of Namibia (CRAN) says Namibia scores low in terms of cybersecurity measures, making the country vulnerable to cybercrimes.
This comes as the regulator previously said it would be making provision of resources to operationalise the Cyber Incident Response Team, whose responsibility is to prevent, detect, monitor, and respond to security threats, thereby ensuring security and stability to critical information infrastructures.
“Namibia scores low on five metrics, those are: legal measures, technical measures, organisational measures, capacity development, and cooperative measures … Namibia scores very low. Out of a possible score of 20… On legal measures, we only score 2.8,” Executive for Cybersecurity and ICT at CRAN Elton Witbooi said.
According to Witbooi, the low score can be attributed to the lack of a legal framework that regulates cybersecurity since the bill is undergoing expert consultations and still needs to be enacted.
He further explained that Namibia also scores zero in terms of technical and organisational measures due to lack of capacity.
He said the Bill is important in order to grant the Cyber Incident Response Team a mandate for some of the activities that it will undertake.
The regulatory authority is yet to fully operationalise the Cyber Incident Response Team as a response to the lack of technical capacity and incident statistics.
“We are working very hard to find some office space as well as hardware, basically all the logistics that are needed for a Cybersecurity Incident Response Team. And that’s where we are. We also then managed to do some in-house ground laying, such as establishing the type of skills that we need, the type of people that we need here, we’ve identified especially the incident handlers and vulnerability analysts,” Witbooi said.
He noted that the digital economy is vulnerable to cyber incidents and rampant cybersecurity threats undermining consumers’ confidence.
He therefore underscored the importance of assessing cybersecurity threats as it aids in building confidence in the digital economy, while also helping in protecting critical infrastructure and critical information infrastructure.
The establishment of a Cyber Incident Response Team in the country ranks high among the priority areas contained in a three-year Integrated Business Strategic Plan of the CRAN launched early this year.
This comes after the country’s .na domain experienced a technical glitch during the upgrading of the system, sparking fears of cybersecurity breaches.