The advent and rapid development of Information and Communication Technologies (ICTs) have paved the way for the emergence of new forms of vulnerabilities, known as cybercrimes, -defined as any act of using computer systems and networks as a tool, a target, or a place to commit criminal activities. ICTs are therefore not danger free. In fact, ill-intentioned individuals frequently use the Internet for malicious purposes, thus causing enormous harm to individuals, companies and organisations, and even States.
Faced with these new forms of crimes which have overwhelmed the cyberspace, it is imperative to develop cyber security, that is a set of preventive, security and deterrent measures aimed at achieving a set of security objectives with a view to securing our cyberspace and allowing the population to tap from the full potential of ICTs.
In this light, Government has taken a number of steps aimed at making our cyberspace safe and secure. The first major step includes providing our country with a legal and regulatory framework through the enactment of the law on electronic communications and that on cyber security and cybercrime in December 2010. This framework is critical for the effective deployment of cyber security solutions in the sense that it helps build confidence in online transactions, levels the playing field and sets the stage for tracking and convicting criminals. Thanks to this law, ANTIC is charged with securing Cameroon's cyberspace. This activity covers four key areas including: Computer Incident Response Team, Security Audits, Cryptography and Electronic Certification and the Management of Internet Resources.
The law governing electronic communications in Article 96 enjoins ANTIC to manage Internet resources in a way to enable the smooth and efficient development of the sector. This includes regulating resources such as .cm domain names, IP addresses and contents (web sites, etc.)
In the same vein, ANTIC, together with Internet Service Providers (ISPs), have put in place a national Internet Exchange Point (IXP) (essential infrastructure in the regulation of the Internet) that permits centralised control of national Internet traffic and ensures the security of Internet users.
In this context, ANTIC is committed with the help of ISPs and Local Internet Registries (LIR), to developing a platform that will improve the traceability of IP addresses on the national cyberspace.
Our national CIRT, hosted by ANTIC, monitors critical Internet resources in our cyberspace on a regular basis with a view to detecting security flaws and vulnerabilities inherent in information systems and communication networks, takes corrective measures to address these issues before they get exploited by cybercriminals to carry out cyber-attacks. Our CIRT also issues security bulletins to focal points in government agencies and departments, informing them of vulnerabilities found on their systems and steps they need to take to fix the problems identified.
To ensure the success and effectiveness of its missions of security intelligence, ANTIC will also:
- acquire a permanent exploration system for monitoring information systems of Public Administrations. This system will actually provide information about the functioning and security of government and private institutions, and quickly respond to incidents (attacks, unavailability of service, etc.);
- deploy mechanisms to secure sensitive infrastructure.
With regard to electronic certification, ANTIC is the Root Certification Authority and Certification Authority of the Administration. It assures regulation, controls and follows up activities related to electronic certification on behalf of the State.
Electronic certification is the process of managing digital identities (digital certificates). This is a process that enables secure online electronic transactions commonly called e-services (e-government, e-commerce, e-banking, e-learning, etc.) which are now key indicators for economic development for any country. It is an essential element for confidence building in the digital economy, in that it guarantees data security through:
- The identification and authentication of actors during transactions;
- Data integrity;
- Confidentiality of data exchanged;
- Non-repudiation of messages or transactions.
In a bid to carry out these electronic certification activities, ANTIC runs a Public Key Infrastructure (PKI), offered to Cameroon by the Republic of Korea. This technical infrastructure already deployed and operational ensures trust and confidence in electronic transactions, thus boosting the uptake of online services by public and private organizations.
Concerning the mission of security audit, ANTIC carries out annual security audit missions either directly or indirectly through external auditors (physical or moral persons) accredited by the Agency. These mandatory audits target information systems and electronic communication networks open to the public, specifically those of electronic communications service providers such as ISPs, telephone operators and accredited certification authorities. In this light, ANTIC ensures the regularity and effectiveness of security audits of information systems for government agencies, according to laid down norms. Security audit is a systematic review of the components and actors, policies, measures, solutions, procedures and resources used by an organization to secure its information system or its electronic communications network.
The major objectives of an audit are:
- To ensure the conformity of information systems to well defined security standards;
- To detect and evaluate security risks and vulnerabilities;
- To make recommendations for the correction of security flaws.
Apart from the new missions aforementioned, ANTIC continues to carry out its initial missions assigned to it by Presidential Decree No. 2002/092 08 April 2002, which include the promotion and monitoring of public policy in the field of ICTs. These missions were reaffirmed in the law on electronic communications and Decree No. 2019/150 of 22 March 2019 laying down the organization and functioning of ANTIC.
I wish you a good time on ANTIC's website.
God bless you.
Prof. EBOT EBOT ENAW
Director General of ANTIC