Information Security Division

INFORMATION SECURITY DIVISION

The specific functions of the Division, will be to:

• Oversee and enforce ICT security at the national level including all Government infrastructure and establishments

• Develop and enforce strategic ICT intelligence and security initiatives within Government including oversight of incident response.

• Formulate national level and government level ICT security policies (covering physical and logical security concerning ICT infrastructure, information handling and government application systems)

• Advise the public service and Cabinet on all ICT security matters (e.g. cyber threats, risk exposure of social networking platforms, data privacy issues)

• Put in place programmes to create awareness and encourage adoption of ICT security best practices at national and government levels, targeting general public, business communities and government agencies

• Put in place a national Government Computer Emergency and Response Team (CERT)-information security incident reporting & response system

• Implement a compliance management framework (including compliance audit) to monitor adoption of all ICT policies (including ICT security) at the government level

• Undertake Supply Chain Management analysis and forensic analsysi for threats

• Work with Project Management Teams to Provide the ICT security expertise in programme/project teams that are led by the Government-Wide Programme Management Office.
• Provide such services to ministries and counties where requested:

• • ICT security advice for government ICT projects:
  • ICT risk management advice
  • ICT audit services (e.g. system penetration tests)
  • ICT security breach investigations

The Information Security division will be headed by a director and will have responsibility of Global Intelligence and Risk Management, and Information Systems Audit sections