Cybersecurity

Functions

      • To track cyber incidences and develop policies/guidelines on how to detect, respond, and protect its cyber space, particularly as it affects MDAs;
      • To conduct awareness campaigns to sensitize the IT community to contribute to cybersecurity policies/guidelines, and institute mechanisms for monitoring compliance with such guidelines;
      • To conduct scanning of MDAs’ networks for vulnerabilities and enforce adoption of acclaimed tools and best practices to avoid and mitigate incidences;
      • To provide national direction and policy for secure eCommerce transactions;
      • To administer and operationalize the Trust infrastructure of the PKI, ensuring the integrity, confidentiality and non-repudiation of the system is not compromised;
      • To conduct screening for admittance of new operators and delist recalcitrant CAs/RAs and relist adhering CAs/RAs in the national PKI;
      • To approve cross-certifications and legal and interoperability practices for the national PKI;
      • To establish a laboratory to research on cybersecurity tools and grow human capacity;
      • To utilize the laboratory to conduct offline tests to ensure new entrant software and operations are running perfectly before enlisting them in the live environment, conduct tests for new services and run prototypes of innovative propositions;
      • To ensure that there is a constant stream of capable human resources to satisfy the imminent insatiable needs of the cyber security industry;
      • To propose and institute mechanisms for the creation of a cybersecurity cadre in the public service, and conduct guidance in training and testing of professionals up to certifications in cyber security;
      • To conduct studies to decipher global direction of cyber activities and where knowledge in it could benefit the country both in servicing internal needs and exporting skilled human capacity;
      • To coordinate institutions with requisite curriculum and establish collaborations with certification authorities globally, and broker alliances with local vendors for national benefits;
      • To keep track of such capacity in a national database and repository where needy agencies could access;
      • To conduct research into risks and opportunities inherent in the business landscape of the Agency;
      • To conduct risk analysis to reveal risk profiles and thresholds and notify Departments/Units on what extend identified risks should be avoided.
      • To identify cybersecurity footprint of critical national information infrastructure and proffer mitigation policies to forestall service outages.