In its report to the United Nations (UN) Secretary General at the UN General Assembly regarding UN Secretary General regarding information communications technology (ICT) in the context of international security, it was noted that as the leading law enforcement agency in Brunei, RBPF so far has not been called on or become involved in any e-government initiatives, even though over the last three years much legislation has been adopted to prepare the country and many governmental and regulatory bodies have been or are being set' up to spearhead these initiatives.
In the report, information security is pointed out as an essential component of information technology and that the potential security threats and risks involved have to be carefully assessed in every situation, especially if a government is to be dependent on the safety and reliability of that technology.
This is because ICT has come to play a vital role in all sectors of society, bringing with it a world of advancement and accomplishments. However, as is the norm with any major development, the opportunity for abuse of that technology is ever present.
To ensure a full understanding and application of the appropriate security procedures, it is absolutely vital that all those concerned are made aware of the threats and risks that affect them and over which they have control of.
The report stated that Brunei's focus on the general issues of information security will be mainly on safeguarding unclassified information in networks, on the security and survivability of networks and on the reliability of network services to ensure information access.
The three main areas that RBPF will be looking into are: cryptography policy (which includes governmental information processing standards and controls), guidance on safeguarding unclassified information in governmental agencies, and legal issues and information security which includes electronic commerce, privacy and intellectual property.
The report also pointed out that security in terms of law enforcement preparations has been neither actively pursued nor given the same priority as other items on the national agenda, and its crucial role in the information age has yet to be realised.
RBPF's initiatives in the efforts taken to strengthen information security and promote international cooperation in the field at the national level demonstrate their interest in spearheading the security aspects required to enter fully into the information age.
The report states that many of its officers have undergone overseas training on internet related crimes, especially cybercrimes, and transnational crimes. However, due to lack of funding, no further advances in procuring the required IT equipment and software for investigating breaches in computer systems have been realised. Presently, Brunei has the capability to initiate investigations into cybercrime cases.
RBPF also listed down in the report the steps they have taken to further international cooperation in this field.
This includes their active participation in forums on enhancing law enforcement capabilities held throughout the world, and establishing connections to regional and international law enforcement computer networks, which furthers its capabilities to pursue fugitives.
In the report, RBPF also submitted proposals and recommendations to the UN Secretary General as to their starting points for facilitating and improving security in the context of information security.
The points mentioned in their proposal are based on the possible measures that could be' taken by the international community to strengthen the information community and information security at the global level. RBPF's recommendations lists down the areas that need to be focused on, such as reporting and monitoring threats and vulnerabilities, education and security mechanisms for safe computing and a more specific based research and development programme and facilities.
The need to establish and encourage acceptance of software security standards as a short term method to jumpstart the process of improving security in internet products and to create a government policy that requires government purchased computer equipment and software that meet specified security standards (which include having security alert service that notifies the customer of vulnerabilities and repairs) was also listed as one of the points that need to be highlighted.
Under the laws and law enforcement criteria, RBPF suggested the support of cybercops by allocating appropriate funding to law enforcement agencies for their training, physical resources and staff necessary to handle cybercrimes reported as an initial start towards better information security.
---
Autor(en)/Author(s): Syed Rory Malai Hassan
Quelle/Source: Brunei Direct, 18.12.2007
