Policies to Mitigate Cyber Risk, Learn Information Security Cyber Law

Information Technology Security Alerts in Nepal. Majority of Nepalese people use the electronic devices to acquire information, and a similar number of people use electronic devices to make transactions of that device. However, only a few people are aware of the security of their usernames and passwords. This leads to huge risks if the usernames and passwords get into the wrong hands.

The process of identifying a user in the virtual networks is by registering his username and passwords. The Office of the Controller of Certification at the Ministry of Science and Technology in coordination with Computer Association Nepal conducted a Basic Practice Workshop for Information Security realizing the necessity of security in daily use of computer networks in banking and government sectors and celebrated the national ICT day. The program targeted to generate awareness regarding information security which gained equal participation from senior officials from different banks, government ministries and members of the Computer Association Nepal.

At the workshop, the Technical consultant, RSA, Sudeep Kumar Das, presented Information Security Threats and Challenges in current time and the controller of certification, Rajan Pant presented a paper on how to follow secure password practices. Pant said, “A secure password is a collection of rules created to strengthen computer security by awareness users to use strong passwords and use them carefully. A secure password practice is sometimes the part of the organization’s official regulations and may be given awareness about it to users conducting different programs.” Pant illustrated that all the employees related to an organization must use the secure password practice to ensure the protection of data integrity, network security, and computer systems. The expert Sudeep Kumar Das on behalf of chief secretary Madhav Ghimire said that there are opportunities as well as challenges in information Technology sector. Das said, “Electronic transactions ensures efficiency but also a lot of threats arises while doing so. One cannot ignore the essence of ICT use and development whenever a threat is involved in it. Information security is a must while making a transaction.”

The Inland Revenue Department of Nepal Government has already launched ICT to secure its businesses. The officials that participated in the campaign raised some queries related to the utility and other aspects of information security systems in Nepal. The secretary of Ministry of Science and Technology, Dr. Ram Hari Aryal said, “In the present context of globalization no one can remain isolated with the development of IT sector however one must apply security measures. The ministry is functioning to promote the IT sector via the Government’s IT policy to extend the information technology in rural areas for the benefits of poor people.”

Regarding the context of growing use of IT and its security concerns, the Electronic Transaction Act 2063(2008) is a huge step. The act dictates that it is expected to make legal provisions for regularization and authentication of the validity, recognition, reliability and integrity of processing, generation, storage, production, transmission and communication system of electronic records by making the transactions via electronic data exchange or by any other means of electronic communications, secure and reliable whereas for controlling the acts of unauthorized use of electronic records or of  altering such records through illegal way.