– says Minister Hughes, accuses Rohee of causing mischief
THE National Cybersecurity Incident Response Team (NCIRT) is fully operational, Minister of Public Telecommunications Cathy Hughes said, as she set the record straight on Thursday, in a direct response to a letter written by People’s Progressive Party and former Home Affairs Minister, Clement Rohee.
In a letter published in the Kaieteur News and Stabroek News late February, Rohee contended that the A Partnership for National Unity + Alliance For Change (APNU+AFC) Government had disbanded the National Cybersecurity Incident Response Team (NCIRT) but this is far from the truth, according to Minister Hughes.
Minister Hughes said the move by Rohee is a hypocritical attempt to mislead the nation and, more disingenuously, to scare and dissuade citizens from using the government’s online services.
“I wish to inform the general public that NCIRT continues to execute its mandate under the Cybersecurity Division of the National Data Management Authority (NDMA). This includes issuing cybersecurity advisories and responding to cybersecurity incidents within the public sector. NCIRT can be contacted on Tel.: (592)-231-6860, email: firstname.lastname@example.org and through its website (https://cirt.gy),” the telecommunications minister stated in a letter to the editor.
In his letter, the former home affairs minister alleged that the former staffers of NCIRT were “left jobless,” but Minister Hughes explained that the “small, but highly qualified team of computer experts, engineers and programmers,” comprised one head, one engineer, and one technician. “The head abandoned NCIRT by tendering her resignation with immediate effect when informed of its merger with the NDMA, while the technician resigned from NCIRT a mere two months after the merger was effected. The engineer remains on staff at the NDMA,” she explained.
In putting the team’s operation into perspective, Minister Hughes said in recognition of the critical role of Information Communication Technologies (ICTs) in the development of Guyana, President David Granger, in January 2016, established the Ministry of Public Telecommunications.
“This administration understood that a concerted approach was needed to leapfrog Guyana into the digital age after 23 years of wastage and mismanagement in the ICT sector. The latter is most notably evidenced in the failed over US$5million Dense Wavelength Division Multiplex (DWDM) Project which involved the laying of fibre-optic cables from Lethem to Georgetown and the US$ 32million eGovernment network which remained un-utilised and rapidly deteriorating for two years,” Minister Hughes said.
While the Dense Wavelength Division Multiplex (DWDM) Project could not have been salvaged, the eGovernment network was recovered when the APNU+AFC Government took office in 2015.
The Ministry of Public Telecommunications is responsible for Internet governance, digital skills, digital promotion, digital entrepreneurship, e-government, posts and telecommunications and ensuring cyber security.
She explained that one of its first tasks was the harmonisation and rationalisation of government’s ICT investments and operations. As such, a number of ICT initiatives undertaken by the previous administration were brought under the umbrella of the National Data Management Authority (NDMA) and included NCIRT, One Laptop Per Family (rebranded One Laptop per Teacher) and the eGovernment project unit.
The telecommunications minister said the merger with the NDMA was a deliberate decision on government’s part to advance its eGovernment agenda. NDMA, created by an Act of Parliament in 1983, is mandated, inter alia, to see to the “establishment and maintenance of reliable communication linkages in the public sector in order to achieve optimal utilisation and deployment of computer resources”.
“In order to help clean-up the mess caused by the previous administration’s mismanagement, my ministry recruited over 100 professionals, including more than 70 ICT engineers and technicians and expended considerable effort and resources to salvage and operationalise the eGovernment network, establish over 170 community ICT Hubs with free Internet access; provide Internet access to over 300 educational institutions (primary, secondary and tertiary); provide secure network connectivity and Internet access to over 120 government agencies and establish the public sector’s first IT leadership Technical Working Group (TWG),” Minister Hughes detailed.
She said given the Telecommunications Ministry’s expansive online presence, an increased number of threats to the ICT infrastructure is anticipated, and as such, several steps to mitigate and adequately respond to these threats have been taken.
In the area of cybersecurity governance, a cybersecurity technical working group was established in March 2017, aimed at creating and promoting government-relevant cybersecurity standards, policies, guidelines and best practices to the ministries, agencies, and any other relevant governmental bodies. The working group comprises representatives from 12 public sector agencies.
Additionally, the ministry has implemented a Cybersecurity Situational Awareness Programme, an improved Government ICT Ecosystem Hygiene and a Network and Cybersecurity Operations Centre, while building capacity through investment in Cybersecurity Automation and Integration Tools and Services.
It was explained that the development of the government cybersecurity incident reporting system provides resilient and secure mechanisms that enable government ministries and agencies to report cybersecurity incidents. With this measure, government can now adequately assess and monitor Guyana’s cyber-threat landscape so that its available resources can be directed to effectively address cybersecurity issues, Minister Hughes assured.
“With respect to the attack on (Guyana Power and Light) GPL’s servers, I will say that in this connected world it is not a case of if one will be attacked, but rather when. In this scenario what matters is the preparedness for and response to such attacks,” Minister Hughes stated.
It was pointed out that a similar attack was made on GWI’s infrastructure in January 2017. The investigations carried out indicated that the perpetrators in the GWI incident may have been assisted by staffers of GWI’s IT department, some of whom have close connections with high ranking members of the opposition. In this era of politically-motivated cyber-attacks, nothing can be ruled out,” Minister Hughes maintained.