[Update] The following reports are now available:
Read also the Event announcement
The 25th Africa Network Information Center (AFRINIC) meeting will be held from 25 to 30 November 2016 at Sofitel Imperial hotel in Mauritius.
Tutorials will be held on Computer Emergency Response Teams (CERTs), IPv6 foundation training, Internet Number Resource Management, and a session on increasing participation at the Internet Engineering Task Force (IETF) in the African Region.
The session on AFRINIC Government Working Group will explore ways of involving more African governments and multilateral organisations in Internet Governance efforts.
An interesting development will be the launch of AFRINIC’s new IPv6 testing and certification platform.
The hallmark for all Regional Internet Registry meetings is usually the Policy Discussion Working Group (PDWG). The PDWG will discuss four policies among them Inbound Transfer Policy, Soft Landing policy Overhaul, the proposal to Transfer IPv4 Resource within the AFRINIC region, and Internet Number Resources Review by AFRINIC.
The last day will have the Special general members meeting, where members will vote for Special Resolutions for AFRINIC Proposed Bylaws Changes, and elections of members for the AFRINIC Governance Committee.
Read the agenda of the meeting.
by Mwendwa Kivuva, Project Manager, AFRINIC
The session on ICANN’s Africa strategy, as part of the AFRINIC 25 Public Policy Meeting, was led by by Pierre Dandjinou, Vice-President, ICANN Stakeholder Engagement - Africa; Yaovi Atohoun, Stakeholder Engagement Operations Manager – Africa; and Bob Ochieng, Stakeholder Engagement Manager - Africa.
Dandjinou gave a brief introduction of the session and mentioned that by launching the Africa Engagement Office in Nairobi, on 24 May 2016, ICANN demonstrated commitment to foster engagement in Africa. He invited Khaled Koubaa, newly elected member of ICANN and a member of the AFRINIC community, to share his perspectives.
Atohoun presented the operations of ICANN’s strategy. He explained that ICANN Africa is focusing on two objectives. The first is to transform the Domain Names System (DNS) industry in Africa through capacity development across the region. The second is to embark on promotion and awareness, and the involvement of African constituents for better engagement in the ICANN processes.
In terms of the capacity development for the DNS industry, Atohoun explained that from the existing data for 2014, there have been 21 events reaching over 3,110 individuals. The topics covered in the events included Internet governance, ICANN processes and DNS.
Atohoun proceeded to show the significant gains achieved so far through the Africa office. These included: improved visibility of ICANN in Africa; the introduction of the DNS Forum; the introduction of multiple channels of communication; and the organisation of topical workshops.
Ochieng echoed the importance of the Africa engagement office. A key focus is on capacity development for different stakeholders including civil society, government and the private sector. For the 2017 financial year, the office will focus on capacity development for the government sector, aimed at officials from government ministries, regulators, and other bodies. He mentioned the availability of funding in partnership with governments to encourage people to participate in regional and global events.
Summarising the projects that the office is focusing on, Ochieng highlighted the following:
- Various capacity development initiative;
- The Africa Internet History project, which will chronicle the key milestones and the people who contributed in shaping the Internet on the African continent;
- The Africa Internationalised Domain Names (IDNs) project aimed at bringing African languages to the internet. Here he made special mention of Ethiopia as being the first country to achieve the targets.
A comment from the floor suggested that ICANN works closely with governments to secure their buy-in to ensure that capacity-building programmes targeting people from the government sectors are successful.
by Jacob Odame, Internet Society Ghana
The session on Critical Internet Infrastructure in Mauritius, as part of the AFRINIC 25 meeting, was presented by Dr Kaleem Ahmed Usmani, Head of the Computer Emergency Response Team (CERT-MU), a unit under the National Computer Board of Mauritius. He demonstrated how Mauritius has implemented a national CERT in line IETF Request for Comment (RFC) for Expectations for Computer Security Incident Response. [Read more about critical infrastructure]
Usmani explained that CERT-MU is designed to provide three services: reactive, proactive, and security quality and management services.
Under the reactive service, CERT MU performs incident handling and vulnerability scanning, and penetration services.
Under the proactive service, CERT MU performs activities meant to prevent any threats to Mauritius’s critical infrastructures such as;
- Dissemination of virus alerts, advisories, vulnerability alerts on daily basis
- Awareness campaigns
- Organisation of community alerts
- Organisation of professional training
- Publications (guidelines, e-security newsletters, brochures, booklets, flyers and a dedicated cybersecurity portal
Finally, the objective of the security quality and management services is achieved through the following:
- Assistance to organisations for the implementation of information security management systems based on ISO 27001
- Conducting third party information security audits
- Carrying out technical security assessment of ICT infrastructure or organisation
Dr Usmani also mentioned that CERT-MU has partnership and affiliation with some international security and national CERT organisations, such as:
- National Certs: CERT-IN, JPCERT, CC KISA, US CERT
- International Multilateral Partnership against Cyber Threats (IMPACT)
- Anti-Phishing Group (APWG)
These partnerships foster collaborations and sharing of best practices.
Sharing some statistics which are captured by the MU-CERT’s centralised reporting system, Dr Usmani provided the following as the top three (3) attacks to their critical information infrastructure: zero-day threats, APT attacks, and ransomware. [Read more about cybersecurity threats]
Dr Usmani explained that based on research via questionnaire, Mauritius identified the energy, education, and heath sectors, among others, as critical infrastructures.
On conclusion, he explained that based on research, the Critical Information Infrastructure Platform (CIIP) was launched to support the CERT-MU, with the following goals: to ensure leadership and governance (through a PPP model); to mitigate risk; and to raise awareness about risks and prevention, through different campaigns.
by Jacob Odame, Internet Society Ghana
The 25th meeting of the African Network Information Center (AFRINIC) will be held on 25-30 November 2016, in Mauritius.
The meeting will bring together representatives of the various stakeholder groups in the African ICT community, for discussions and exhanges of experiences on policies governing Internet number resource distribution in the African region. Issues to be covered during the event include: the allocation and management of Internet Protocol (IP) addresses and autonomous system numbers (ASNs); technical and Internet governance issues; networking, peering, and security; domain names, cyber laws, and registrar issues; and updates from the African registry operations, other Regional Internet Registries, and ICANN. The first three dys of the meeting will be dedicated to workshops and tutorials on specific topics such as Internet Protocol version 6 (IPv6) and computer emergency response teams, while the the last three days will include plenary sessions on more broad policy topics.
For more information, visit the event website.