A Review of the National Cyber Security Policy 2021

By Raphaella Gegeyo


Introduction

The National Cyber Security Policy (NCSP) 2021 was formulated following the National Information and Communication Technology (ICT) Policy 2009-2014, highlighting the government's role and approaches towards cyber security threats in Papua New Guinea. The NCSP mainly focuses on the different roles that the government play when dealing with cyber security within Papua New Guinea (PNG). The NCSP was a combined effort of both the Department of Communications and Information Technology (DCIT) and the National Information and Communications Technology Authority (NICTA). This review provides both positive and negative insights into the NCSP

Summary

Upon reading the document, three key three points were identified.

The first key point was the importance of having a national cyber security policy and how vital it was to ensure protection of PNG’s national cyber space. The document highlights that it is important to have a safe and secured cyber space for the reason that technology is rapidly changing and as it continues to change, new cyber threats emerge and thus pose a threat to the national cyber space. Therefore, the NCSP provides a framework that intends to address threats to PNG’s national cyber space.

Secondly, the paper discusses the government’s role in addressing cyber security issues. The document focuses on what the government intends to do to address cyber security threats. The paper outlines that the government must establish a National Cyber Security Agency (NCSA), a National Cyber Security Advisory Committee (NCSAC) as well as a National Cyber Security Center (NCSC). These agencies will be regulated by the government and will be responsible for monitoring and addressing cyber security concerns.

The last key point identified from the document is the collaboration of national cyber security agencies and government departments, and their roles and functions towards cyber security operations. With the complex nature of cyber security in PNG, different government departments and agencies have different functions when overseeing operations on cyber security. These departments and agencies include the Office of Security Coordination and Assessment (OSCA), Department of Information and Communications Technology (DICT), PNG Defense Force (PNGDF), National Intelligence Organization (NIO), Royal PNG Constabulary (RPNGC), Department of Justice and Attorney General (DJAG) and the Office of Censorship (OOC). The document outlines their respective roles and functions towards operations on cyber security as they collaborate to address cyber security concerns.

Critique

The key strength of the document is the framework of the policy itself, which is directed towards addressing cyber security concerns.  The overall aim of the NCSP is to address cyber security issues. The NCSP precisely outlines the specific roles and functions of each agency and government department in protecting PNG’s cyber space. Dealing with cyber security is crucial and one institution alone cannot ensure the safety of the country’s cyber space as it is complex and requires collaborative efforts. As emphasized by Al Waroi (2024), collaboration between secret intelligence services and government institutions is essential for national security in the face of evolving threats.

A setback to the NCSP is that it is limited to only what the government intends to do in addressing cyber security concerns but is not inclusive of what citizens should do in contributing to a safer and secured national cyber space. Cyber Security is not just the responsibility of government and other cyber security agencies, but it is also the responsibility of the people as consumers of technology and digitalism. As supported by Robak (2014), the public has a lot to learn about cyber security issues and they can significantly contribute to the protection of both our country and ourselves by learning the fundamentals of cybersecurity, being safe online, and following best practices when using various networks and equipment. As highlighted in Chapter 1 of the National Security Policy (2021), security policies should be “people-centered”. This does not only mean formulating security policies in the best interest of the people but also guiding them to be cyber cautious by outlining their responsibilities towards cyber security.

Recommendation

It is recommended that the government amend the NCSP to include people's roles so that people understand what to do and what not to do when interacting in cyberspace. Being aware of this allows people to be more mindful of their online conduct.

Secondly, with implementation being a common issue for most current policies in the country due to inadequate resources, it is recommended that the government invest more, - through funding and resources – in the responsible government agencies to ensure effective implementation of the NCSP.

Conclusion

In conclusion, the NCSP provides a thorough framework that guides the governments and cyber security agencies towards protecting the country’s national cyber space. And this also correlates to the NSP. Through national collaboration amongst the various government departments and cyber security agencies, the NCSP will achieve its intended outcome; and that is a safe and secured cyber space.

 

 

 

References

 

Al Waroi, M. N. (2024). Coordination and Collaboration between Secret Intelligence Agencies and Government Institutions: Challenges, Opportunities and Dynamics. International Journal of Multidisciplinary Research and Analysis, 07(10), 4626 – 4635. https://doi.10.47191/ijmra/v7-i10-06

Ministry of Information and Communication Technology. (2021). National Cyber Security Policy 2021. https://www.ict.gov.pg/Policies/Cyber%20Security%20Policy.pdf

Robak, W. (2014, November 14). Setting Standards for Cyber Security. RAND. https://www.rand.org/pubs/articles/2014/setting-standards-for-cyber-security.html


Comments

  1. Anonymous22 March 2025 at 08:58

    This is a very brilliant insight of the National Cyber Security policy in PNG. As being a developing nation that is evolving in the midst of massive technological advancements, it is of concerning nature that such important policies must be discussed in detail to identify loop holes and understand the cyber security concerns in PNG.
    Thanks

    ReplyDelete
    Replies
    1. Raphaella Gegeyo24 March 2025 at 18:22

      Thank you for the comment.
      It is vital that we, as citizens, know and understand what we need to do and how we can contribute to help address concerns relating to cyber security. Not only is it the responsibility of the government but the PEOPLE as well. And I'm grateful for being given this opportunity to share what I have discovered throughout the process of this review. I hope this review helps others to develop a better understanding of the policy and I look forward to hearing from other readers as well, hence, in a way, we can collaborate well with government departments and other cyber security agencies to address this rising concern.

      Delete
  2. Anonymous22 March 2025 at 22:05

    Thank you Ms.Gegeyo for bringing this topic up as it one of the current concerns that is increasing rapidly and needs to be addressed seriously whilst time and technology is changing.

    However, there seems to be least evidences or outcomes of the work that National Cyber Security Policy 2021 (NCSP) does since it's establishment. Therefore, I am appealing to respective organisations or departments that are in charge of this policy to consistently provide their results or outcomes of achieved goals and objectives to public in general for transparency.

    I strongly believe that exercising this strategy effectively and consistently will not only reduce cyber security concerns here in PNG but also prevent these issues from happening when more awareness is made under the collaboration of these respective cyber security agencies and government departments.

    ReplyDelete
    Replies
    1. Raphaella Gegeyo30 March 2025 at 00:20

      Thank you for the comment.
      A few important points made there, that are well noted. I agree with your point on the responsible agencies coming forward to inform the general public of NCSP's progress and the work they do, for transparency's sake. This way, the general public is aware and can make them be a little more mindful of their online conduct.

      Delete

Post a Comment

Popular posts from this blog

Critical Review of the National Cyber Security Policy 2021

    Critical Review of the National Cyber Security Policy 2021   Written by: Jonathan Kunai Introduction The National Cyber Security Policy (NCSP) 2021 for Papua New Guinea (PNG) is a crucial document aimed at addressing the rapidly evolving cyber threats that the nation faces in the digital world we are in today. This policy outlines the government strategic approach to enhance the country’s cyber security’s capabilities, ensuring the protection of the citizen of PNG, critical infrastructures and the overall national security. This critical review will essentially present a mixed evaluation, recognition the strengthen of the paper while on the other hand highlighting areas that needs further improvement to adopt to emerging challenges. Summary The NCSP outlines several key objectives and strategies. It sets forth a clear vision for a secure cyber environment in PNG, stressing the need for stronger technical and intelligence capabilities to combat cyber th...
Read more

Review of National Cybersecurity Policy 2021

By Lamonai. Kenny Introduction: In today's digital era, Papua New Guinea (PNG) finds itself at a crossroads where information and communication technology (ICT) offers tremendous opportunities alongside a surge in cyber-related threats. In response, the National Information and Communication Technology Authority (NICTA) enacted the National Cybersecurity Policy in 2021. The Department of ICT Minister Honourable Timothy Masiu has emphasized that the purpose of this policy is to safeguard the cybersecurity of Papua New Guineans, ensuring that it aligns with international standards in this digital age. Throughout this policy review, I will summarize the policy clearly outlining how the policy relates to the National Security Policy, as well as share my mixed perspectives on the effectiveness and implications of the policy, exploring both the strengths and areas of improvement to take into consideration. Summary: PNG has experienced the rapid increase of ICT, and with the commissionin...
Read more