Ensuring security is one of the major challenges for the smooth implementation of e-government services in Oman.
Information Technology Authority (ITA) has taken several measures to address these issues, said a senior ITA official.
Addressing the first enterprise IT security and compliance seminar in Oman last week, Dr Bader Al Mantheri of ITA said that there are technical and non-technical challenges.
He said ITA has set up Oman Computer Emergency Readiness Team (Oman CERT) to get international and regional cooperation and create security awareness within the country. In order to enhance IT security capability, Oman CERT has taken several initiatives and provides services to both public and private sectors.
ITA security services also aimed at protecting attacks emanating from outside the country. "Also, ITA security team works with government organizations in order to assess the security of their critical infrastructure." Also, ITA has launched a national awareness program in order to increase the security awareness among employees. The agency also provides specialized training in different areas for building national capability in this regard.
On the legal side, ITA has taken several steps along with other organizations like drafting of cyber crime law or e-transaction law. The cyber crime law was issued in 2011 for checking all kinds of cyber crimes, while e-transaction law was enacted in 2008 as a first step to legalize electronic transaction in Oman.
Rashid Al Salmi, Director of Business Development at Insight, said that a vast majority of cyber attacks are not sophisticated and can be easily avoidable. Elaborating on the security threats in local organizations, he said system administrator having complete access to services and data poses a serious threat, while employees of third parties having access to unencrypted data is another challenge.
Data stored in cloud can be located overseas and sit on physical services housed in facilities owned by any number of data centre hosts. Cloud service providers may not be implementing appropriate security measures. The event, which was attended by almost 100 IT security professionals and global renowned speakers in this field, discussed significant topics that include e-transformation from security perspective, e-government security standards, enterprise end point security, enterprise data erasure, data leakage prevention and web application security and compliance.
Source: Times of Oman
