April 18, 2020, Kathmandu
What Do CAN Members Say On The Roles Of CAN Federation During The COVID-19 Pandemic?
The COVID-19 pandemic has affected lives across the globe at a large-scale. Countries are in lockdown, and people are forced to stay in quarantine. During such time, when social distancing is essential, the services of the telco industry and online communications platforms are in demand. But what about the roles of the Computer Association of Nepal (CAN) Federation?
CAN is the umbrella organization for ICT in Nepal with a membership base ranging from ICT institutions, associations to individuals working in this sector. With people working from home with limited resources, technology has been a savior for remote work. Even the Service Providers are doing a commendable job to ease the daily lives of people during the lockdown in Nepal.
We interviewed a few CAN members to get an insight into the roles of the CAN Federation during the COVID-19 pandemic. Have a read!
Sanjay Thapa, Former Vice President at CAN Federation
Q. How is technology helping to cope with the COVID-19 crisis?
A: Technology has a massive role during the time of such a crisis. First of all, people are getting aware of information and instructions on how to fight the pandemic at an individual level. Banking sectors are also being able to provide their service to the general public. There are countless benefits that technology can offer at such a time.
Q. What are the roles of CAN during the COVID-19 crisis?
A: Not just CAN, but all the organizations in ICT or technology have to play an active role at the time of such a global crisis. Moreover, the strength of CAN is the resources, networks, and experts in the field who can collaborate with local government to address the work that has to be done. Many things CAN can do, not just at a district level but at a national level. Firstly, it can facilitate the sharing of the correct information from the government directly to the public during the lockdown. As an umbrella organization for ICT in Nepal, it can advise the government on the steps that need to be taken to fight the pandemic or at least minimize the risks.
Not just that, the experts associated with CAN have the knowledge to deal with the recent data breaches and cyber threats. CAN can equip the nation with security not just against cyberattacks but against misinformation and panic.
Q. What has CAN been doing or has done so far since the lockdown in Nepal?
A: CAN has been active in running social welfare campaigns at a local level. I am currently at Banke, working at a district level to help individuals in need of relief. We are doing all we can to address the issues of local level government and organizations. However, there is no recent news or activity at the central level or at least, not what I am aware of. I believe a criterion and a plan need to be set by CAN to use its resources to advise the government and assist in fighting the pandemic.
Q. In your view, how do the recent data breaches reflect the condition of cybersecurity in Nepal?
A: CAN has been advising the government regarding cybersecurity for a long time, whether it’s on a national-level or private sector. Unfortunately, we have to admit that we haven’t been able to reach the optimum level of security. At present, it is essential to focus on the mistakes that we are making when there are limited resources and higher risks of cyber threats. Although Nepal doesn’t fall on an ‘easy-zone’ when it comes to cybercrimes, it needs to implement plans and criteria to tackle the risks in compliance with technical standards.
Q. Does Nepal lack the resources to deal with these threats?
A: No, I don’t think Nepal lacks the resources, but what it requires are unison and cooperation. IT companies and other private sectors are working on their own. Similarly, the government is working at their level. So, there is a massive gap in synchronization among these sectors, which I feel is the major issue for the weakness in security.
We have experts who can respond to incidents and mitigate the threat. But to prevent it from happening in the first place, businesses need proper management. It’s just that companies try to invest as little as possible, and security measures are at the bottom of their priority.
Q. What lessons can be learned from the ongoing cyberattacks amid the pandemic?
A: Firstly, I strongly believe that private sectors and the government need to work collaboratively. Organizations need to use the resources they have to strengthen their security systems. Moreover, funding for new and upgraded technologies is a must. If other countries are using technology, why should Nepal fall behind? After all, it is a matter of potential risks to the heritage and property of the nation.
Bhim Dhoj Shrestha, Former General Secretary of CAN
Q. Can technology help people fight the pandemic?
A: Technology has a significant role in fighting the pandemic but not just on an individual level. The government has to implement specific policies and collaborate with ICT institutions and service providers.
Q. What roles does CAN have during the COVID-19 crisis?
A: A Federation like CAN has a considerable role as a leader and an advisor for the government. The collaboration between government and CAN will help to deal with the crisis. It is the best time to implement ICT at local and national levels. With the help of CAN’s resources and members, the government needs to implement ICT aggressively during the lockdown. It is the time when people are working remotely, and hence, the opportunity and potential of ICT become limitless.
Q. Do you think we have sufficient technical resources to make people’s lives more comfortable during the lockdown?
A: The fintech industry is doing its best, and service providers are equipped with precautions to continue their services to the public. However, I think the government should also focus on funding the ICT sector of our country. The more updated we are in technology, the more comfortable we can make the lives of people during the lockdown.
Q. Has CAN Federation notified its members of any immediate actions or plans it has set to assist the government since the lockdown?
A: Not that I am aware of.
Q. What are your views on the recent data breaches?
A: Another pandemic that Nepal is currently facing is cybercrime. I remember about 20 years ago when I advised policymakers to implement cybersecurity; they took my words lightly. They said, “We have just recently implemented online transactions; it is too early for focusing on security.” I simply told them we shouldn’t wait for thieves to walk on the road just because it has only been constructed. We still lack the proper implementation of security and cyber laws.
Q. How can organizations prevent such data breaches in the future?
A: The most important thing to understand is the concept of ‘global village.’ Everyone, not just the organizations, but individuals and the government should work in unison as if it is a global village. That is how we can draft strict policies and laws to ensure data protection. Also, the collaboration will help organizations implement better security systems.
Shaligram Parajuli, Individual Life Member
Q. As a life member, what do you think CAN should have done since the coronavirus outbreak?
A: CAN have come forward as a role model during the lockdown since it is the time to be more active, even when working from home. CAN is such a vibrant organization that has a wide variety of roles. Firstly, it could have called up its members to discuss the implementation of simple information dissemination or data analysis model. We can develop applications and run awareness campaigns.
It could have been the golden opportunity for CAN to partner with the government in assisting the Prime Minister’s समृद्ध नेपाल, सुखी नेपाली aim. With the expertise of CAN’s members and resources, it could have developed a mobile application that could collect data from rural areas. If that’s not possible, at least a simple messaging format that could collect data regarding the status, temperature checks, and other information of individuals. This could’ve helped collect massive data overnight that could facilitate immediate response.
Q. Is CAN living up to its roles and responsibilities?
A: I think CAN is missing out on a golden opportunity to come forward as a leader. CAN’s resources could help show the government and individuals a path for the next steps in fighting the pandemic. However, I am not aware of any information dissemination or call-to-action for its members. Due to this, we are losing our precious time to act as an umbrella organization of all ICT activities in Nepal.
Q. How should we take the initiative to protect people against cyberattacks?
A: In my personal view, CAN has the resources to raise awareness among the public regarding cyber threats. If it publishes an article or a notice regarding the current risks, people will follow its instructions since it is a reliable source. Therefore, it should act as a bridge to fill the connectivity gap. For example, there is news circulating that Zoom videoconferencing has loopholes. And, video conferencing is the need of the hour with people adapting remote working lifestyle. So, what CAN could at least do is spread information regarding how to use Zoom securely or what alternatives we can use.
Similarly, it should inform the educational institutes and students on how to conduct an online class securely properly. There are other applications like contact tracing, data collection, and analysis that it could focus on. These initiatives should’ve been highlighted since the lockdown. Also, it should have to urge life members to contribute to these initiatives and trust me, and we will be more than happy to help.
Q. How influential is CAN in terms of its nationwide presence?
A: Our network is quite influential and is spread all over 77 districts of Nepal. There are CAN offices and associated organizations at local and district levels. CAN has a trusted network among its members and organizations that are ready to support its action with blind faith. The only thing that CAN need to do is take the initiative and spread information. However, I am not aware of any activities that have been made or are in order.
Q. Do you think CAN has a responsibility in preventing the current cyber threats in Nepal?
A: Cyberattacks has raised a question in the security systems of Nepali companies lately. The digital frameworks are being implemented, and time is the most significant factor. With time, we learn the necessity of specific policies and actions. Unfortunately, there are still policy gaps in online transactions, online procurement, and E-governance. However, with the lockdown and future convenience of people, there will be a forceful need to bridge the policy gap. In a way, it could pave the path to better cybersecurity in Nepal. ICT has a significant role to step forward by removing all the loopholes and strengthening the system. It is a one-way tunnel, and we have to move forward by brainstorming a solution.
Similarly, CAN be a role model in disseminating information regarding the symptoms of a cyberattack and how to avoid it. It can guide the people towards a safer and secure use of ICT to prevent further online threats.
Shreedeep Rayamajhi, General Member at CAN
Q. Where is CAN be lacking in its role as an ICT Federation?
A: In the current situation, the government is failing to implement an ICT strategy for proper communication and information flow. I understand that it is a global crisis, and in such times it becomes difficult to take certain actions. But, crises demand radical solutions. For a breakthrough revolutionary solution, technology can be used with better opportunities for optimum results and efficiency.
Press releases and announcements are made through journalists covering the report on-site. Why are we not using social media platforms as an efficient alternative? There are other ways to pass the information accurately, and the approach of ICT can help with that. Thus, anything to do with ICT CAN could help with guiding the government through it. However, we have not seen any such strategy yet.
Q. What do you think CAN could have done since the COVID-19 outbreak?
A: I think they should’ve prepared a crisis management team to guide the government on how they plan to help. In my view, it should’ve proposed a strategy long before the government responded to the pandemic. Also, it could’ve approached and addressed the government on handling the crisis technology-wise and, for example, setting up high-resolution cameras to monitor activities, developing strategies to control symptoms, and mitigating the risks.
I firmly believe technology is the best solution, but unfortunately, it is not being used up to its mark. I am not saying that nothing has been done, but if the technology was used in an integrated way, we could achieve efficient results. CAN can collaborate with the local government and organization to advise them throughout the crisis.
Q. What is your view on the recent data breaches in Nepal?
A: One thing that amuses me is that people are talking about data protection when there are no specific laws on data protection in Nepal. There is an absence of the Data Protection Act in Nepal, but people are complaining about it. However, there is a Privacy Act in compliance with the General Data Protection Regulation (GDPR).
Q. Does CAN have a role in minimizing the vulnerability of systems or at least the risks due to cyberattacks?
A: As an ICT federation, CAN has experts working in the field of cybersecurity. Like I mentioned earlier, a response team can prepare a report and present it to the government. This could ultimately lead to planning and implementing strict security policies as we go. The government can’t and won’t listen to an individual like me, but it will listen to CAN. So from my point of view, a response team should be responsible for gathering data and preparing a report on the threats. It should collaborate with the government to mitigate the risks since the government can’t do it alone.
Q. How can IT industries and CAN support social distancing on a national level?
A: The IT companies may have a technology of, say, a mechanical arm so that doctors don’t have to go near the infected person. With current resources, they could focus and fund on making ventilators. Whatever support that government needs, CAN provide them.
When there is a crisis, there is an opportunity to prove, to gain knowledge, to exchange experience, and to build leadership. These things are essential during an emergency to understand it better and fight against it.
Q. How does a data breach affect the users whose data has been leaked?
A: Firstly, it is essential to understand what type of data the hackers have exposed. Companies, especially marketing agencies, can seal the chance to save these data as leads. The victims could end up getting 10-20 phone calls per day, and it becomes impossible to block all such requests. The leaked data becomes a marketing opportunity for some companies. Also, it becomes available as an asset that can be sold and bought.
Sujit Jha, General Member of CAN
Q. Can you highlight some roles of CAN during the COVID-19 pandemic?
A: CAN certainly has a huge role to play during the crisis. The utmost urgency is a collaboration with the government to facilitate proper remote activities. It can help conduct virtual classes in a better way and respond to cyberattacks efficiently. There are so many possibilities, but it lacks in its initiative.
Q. Have you received any information on CAN’s strategies for tackling the pandemic?
A: No, I haven’t received any such information. Maybe there are some strategies that I am unaware of, but I haven’t been asked to be a part of it. Also, I haven’t seen such activities on any platform. So, I would say no.
Q. How do we prevent another threat called Cyberattack?
A: CAN has the resources and expertise to put forward a strategy to prevent such threats. Unfortunately, there are no such implementations yet. As long as there is no strict implementation of existing cyber laws and policies, hackers keep gaining confidence. Another thing that we can do individually is, raise awareness. People don’t realize how prone they are to identity theft. All hackers need is your phone number, email address, and other personal information, which is readily available on the internet.
The standard-issue seems to be the lack of initiative and collaboration with individuals and government. There is a lot of potential in existing policies and technology, but we are not managing them properly. The only thing that is more saddening is the fact that we had to wait for the consequence of realizing its necessity.
Please let us know in the comments if you want to add something.