A recent parliamentary report revealed the reason for the large number of electronic fraud operations in Kuwait, reports Al-Seyassah daily. According to this report, the level of cybersecurity at the national level in Kuwait is ‘primitive’ in comparison with the international standards, which makes vital institutions and individuals vulnerable to hacking due to the lack of advanced protection platforms. This is despite the existence of a strategy proposed by the government for cybersecurity since 2017.

In an official assessment of the cybersecurity situation in Kuwait, the recently-issued parliamentary report revealed that the level of cybersecurity at the national level in Kuwait is “novice” in most areas based on the global standards, and the Cybersecurity Capacity Maturity Model for Nations (CMM) which is affiliated with the University of Oxford.

The report was based on a study recently conducted by the Communications and Information Technology Regulatory Authority (CITRA) regarding the assessment of the country’s cyber situation. The study revealed that the electronic attacks that most vital sector institutions are exposed to are distributed between advanced persistent threat (ApT) attacks, Distributed Denial-of-Service (DDoS) attacks, access to networks and applications from external sources, and phishing attacks that come from web pages or e-mail.

It evaluated the first international index of “Cybersecurity Strategy and Policy” as novice for Kuwait, the second index of “Electronic Culture and Quality of Society” as composited, the third index of “Training and Skills for Cybersecurity” as novice, the fourth index of “Legal and Regulatory Frameworks for Cybersecurity,” as novice, and the fifth index of “Technology and Controls Used” as novice also. The report stated that the general level of cybersecurity in Kuwait is “amateur,” indicating the presence of primitive capabilities that are barely negligible in the institutions’ practice of cybersecurity, and methods for confronting and responding to electronic risks.

As for the “comprehensive” level, it indicates the presence of indicators and evidence of the institution’s abilities and capabilities in practicing the fields of cybersecurity and managing electronic risks. The report criticized the failure to implement the National Cybersecurity Strategy 2017/2020 despite the completion of its preparation. It includes three main goals for enabling the government to achieve its vision of cybersecurity.

The goals are to enhance the culture of cybersecurity that supports the safe and correct use of cyberspace, and protect and monitor assets, vital infrastructure, national information, and the information network in Kuwait, and provide means of cooperation and information exchange among various local and international bodies in the field of cybersecurity.

The report explained that the project to launch the comprehensive cybersecurity system is the second project in digital transformation in the government work system. An Amiri decree was issued on February 2, 2022 for this purpose. Accordingly, the National Center for Cybersecurity was established to be responsible for building an effective cybersecurity system at the national level to protect the state from cyber threats and protect its vital interests in cyberspace. Based on the decree, the financial appropriations for this center will be within the budget of the General Secretariat of the Council of Ministers.

The decree also stipulated the transfer of the Cybersecurity Department of the CITRA to this center. The government indicated in its current work program its endeavor to launch the comprehensive cybersecurity system within the center’s development strategies in the first year of implementing its 2023/2024 program. To achieve this goal, the budget of the General Secretariat of the Council of Ministers included financial allocations of KD 7.840 million allocated to the cybersecurity center, including a financial allocation of KD 100,000 for the costs of official tasks.

© 2022 Arab Times Kuwait English Daily. All Rights Reserved. Provided by SyndiGate Media Inc. (Syndigate.info).