The Kiribati national cybersecurity strategy 2020

The Kiribati National Cybersecurity Strategy 2020 provides a detailed framework for securing the country’s cyberspace, ensuring a safer digital environment for citizens, businesses, and government operations. It was developed by the Ministry of Information, Communications, Transport and Tourism Development (MICTTD) with technical support from the International Telecommunication Union (ITU) and through multistakeholder consultations.

Purpose and vision

The strategy seeks to:

• Safeguard citizens’ rights and protect the country’s digital infrastructure.
• Enhance the resilience of Kiribati’s growing ICT ecosystem against cyber threats.
• Promote the safe use of digital technologies for sustainable prosperity and economic growth.
• Address cyber risks related to fraud, disinformation, child online safety, and cybercrime.

Core Goals

The strategy’s primary goals are:

1. Protection for citizens and businesses: Safeguard the population from cyber threats while promoting ICT for economic growth.
2. Resilient and secure infrastructure: Ensure that ICT infrastructure, including critical services, is robust and secure.
3. Effective legal and institutional framework: Strengthen cybersecurity laws, regulations, and enforcement mechanisms.

Key objectives and actions

Short-term (2020)

• Conduct a legislative gap analysis on cybersecurity and cybercrime.
• Establish two key bodies:
  • Kiribati Cybersecurity Working Group (KCSWG)
  • Child Online Protection Working Group (COPWG)
• Assess cybersecurity capacities and needs for capacity development.

Medium-term (2020–2021)

• Establish CERT Kiribati (Computer Emergency Response Team).
• Develop national cybersecurity guidelines and a national incident reporting system.
• Enact comprehensive cybercrime legislation.
• Formulate a national contingency plan for cyber incidents.
• Initiate international cooperation on cybersecurity and cybercrime.
• Develop a Critical Infrastructure Protection Plan.

Long-term (2020–2023)

• Implement a cybersecurity strategy for the outer islands.
• Integrate cybersecurity education into school curricula.
• Ensure continuous capacity development and workforce development.

Key Initiatives

• CERT Kiribati: A national hub for cybersecurity information, incident response, digital forensics, and advisory services.
• National cybersecurity guidelines: Provide concrete, practical advice for government, businesses, and citizens on cybersecurity measures and responsibilities.
• Child online protection: Develop protections, tools, and helplines to safeguard children online, in collaboration with UNICEF and other stakeholders.
• Legislative reform: Introduce laws addressing cybercrime, electronic evidence, privacy, e-commerce, and liability for digital services.
• International cooperation: Strengthen legal mechanisms for cross-border investigations and join regional/global cybersecurity networks.
• Critical infrastructure protection: Identify and safeguard sectors like healthcare, energy, water, transportation, and government services.
• National incident reporting: Encourage mandatory reporting from critical sectors and promote public reporting of incidents.

Education and awareness

• Develop cybersecurity training and integrate it into the national education system.
• Promote cybersecurity literacy through annual school programs and community outreach.

Principles and approach

• Foster a safe and secure digital environment for all citizens.
• Respect fundamental rights while enforcing cybersecurity measures.
• Balance security needs with economic and social development goals.
• Leverage existing institutions and partnerships for effective implementation.

Monitoring and implementation

• Annual reporting and periodic reviews by CERT Kiribati.
• Multistakeholder coordination involving government, private sector, academia, and civil society.
• Nationwide and regional consultations for continuous improvement.