|
|
Currently, less
than 1% of Nepal's population has access to computers. However, with
the advent of increasingly cheaper computers parts and accessories,
more businesses and government offices have started using them to
improve productivity and efficiency. Internet usage has enhanced the
ability of organizations and end users to conduct their activities
in a cost-effective and efficient way, as opposed to the often
costly, perishable and cumbersome means like paper. As a result, the
dependency on computers of businesses, educational institutions,
offices and individuals, is increasing and if computers breakdown or
become inaccessible, these users loose valuable time, customer trust
and efficiency.
Even with such increasing dependency on computers,
the majority of computer systems in Nepal, are still in danger of
abuse and attacks. An attack on a business or an organization can
cause substantial financial damage and can lead to the loss of
irreplaceable data and customer trust. Similar attacks on government
institutions might cripple them and even lead to theft or damage of
sensitive data and plans. Today, sensitive customer information,
financial data, intellectual property, and strategic plans maybe
exposed to malicious intruders, over the internet. There is still a
lack of adequate knowledge about network and security among internet
users, be it an individual, or an organization. mis-configured or
outdated operating systems, vulnerabilities in software, un patched
systems, and a lack of security awareness by individual users
provide a rich environment for intruders to exploit.
Currently, almost anyone connected to the internet or any other
network is at risk. Over such networks and the internet, attacks can
occur rapidly and spread over a large area, irrespective of the
actual geographical locations of the computers. As a result, there
is a growing need to be able to communicate, coordinate, analyze,
respond to and prevent cyber attacks across different sectors. It is
paramount that coordination and cooperation occurs among government,
law enforcement, commercial organizations, the research community,
and practitioners who have experience in responding to IT security
incidents. There is also a strong need for developing a community of
educated, trained, knowledgeable, and aware practitioners who
understand the risks and issues related to cyber security incidents
and the threats and attacks from system vulnerabilities.
To address these prevalent issues the
government of Nepal has recently materialized the Electronic
Transaction Act (ETA), also popularly known as the Cyber Law of
Nepal. The act is a first of its kind in Nepal and provides for the
legal recognition of electronic records and digital signatures – the
basic building blocks of electronic transactions. However there is a
serious lack of skilled information security professionals to train,
educate and serve the various entities relying on IT. NepCERT (Nepal
Computer Emergency Response Team) has the prime objective to tackle
these issues.
|
