Policy Review on the National Cybersecurity Policy 2021

By: Norbertina Vogau

Introduction

The National Cybersecurity Policy 2021 for Papua New Guinea (PNG) was developed to address the rapid evolvement of cyber-related risks as the country becomes increasingly reliant on Information Communication Technology (ICT). It shows the government unwavering commitment to strengthening its cybersecurity capabilities and securing PNG from cyber threats. This review assesses the strengths of the policy and its framework, while providing recommendations for the full implementation of the policy.

Summary

The Cybersecurity Policy 2021 outlines a comprehensive strategy to address the growing challenges of cybersecurity and ensure a secure digital environment. The policy aligns the country’s cybersecurity capabilities with international best practices, inclusive of frameworks and recommendations by the International Telecommunication Union (ITU) to enhance the country’s intelligence capabilities and protect its citizens, critical infrastructure, and national security. It emphasizes several key points, including:
 

·       Establishment of governance structures such as the National Cyber Security Agency (NCSA) and advisory committees to oversee the implementation of cybersecurity. For example, NCSA coordinates with government agencies to respond to threats effectively.

·       Safeguarding of critical infrastructures: For instance, formulated measures are implemented to secure essential services like energy and telecommunication from cyberattacks.

·       Promoting education, training, and awareness to strengthen national cybersecurity capabilities, such as integrating cybersecurity education into school curricula to equip students with the knowledge about online safety.

·       Strengthening legal and regulatory frameworks to address issues related to cybersecurity. For instance, introducing legislation to address cybercrimes and protect personal data.

·       Collaborate with global partners to align with international standards and best practices. In the case of PNG, it works with organizations like the ITU to adopt global cybersecurity frameworks.

While the policy addresses numerous critical areas, such as governance, education, and legal frameworks, its practical implementation has been a key factor to PNG’s evolving cybersecurity landscape.

Critique

PNG has made notable progress in aligning its cybersecurity with international cybersecurity standards, as outlined in the 2021 National Cybersecurity Policy. The 2013 National Security Policy (NSP) laid the groundworks by addressing traditional security challenges such as military and economic while the 2021 policy shifts the focus to digital threats such as malware, data breaches, and cybercrime. This is crucial as it adheres to PNG’s increasing dependence on Information Communication Technology (ICT) and the rapid evolution of cyber threats.

One of the key strengths of the 2021 policy is the establishment of institutional structures such as the Department of Information Communication Technology (DICT) and NCSA. These agencies play a critical role in policy implementation and coordination of cybersecurity measures at both the national and local levels. Additionally, specialized key institutions, such as the National Cyber Security Centre (NCSC) Steering Committee, have been formed to focus on quality assurance in assisting the lead project authority in cybersecurity countermeasures. These bodies help to ensure that the country’s cybersecurity strategies remain adaptive to emerging threats.

Another strength is that, given PNG’s geographical vulnerability to cyber threats due to its position as a bridge between the Pacific and Southeast Asia, it is crucial to institutionalize cybersecurity education. As Ige (2023) highlights, PNG's unique position as the main gateway to the Pacific and Southeast Asia due to its advantageous geographic location is a compelling argument for the necessity of formal cybersecurity education in the country. As such, the government has taken steps to institutionalize cybersecurity education, with the goal of strengthening the nation’s defense mechanism. This is particularly important, as the policy emphasizes the need for public awareness initiatives to educate citizens about cyber safety and hygiene.

Recommendation

For the successful execution of the National Cybersecurity Policy, it is recommended that PNG must ensure that sufficient resources are allocated to cybersecurity initiatives such as providing funding for the NCSA and other related agencies to implement key aspects of the policy like training, education, and public awareness campaigns. Thus, “developing cybersecurity education for specialists allows nations to pursue cyber self-sufficiency” (Evans and Reeder, 2010, as cited in Shahid, 2024, p. 371). By implementing an effective cybersecurity plan, qualified workers at all levels of the cyber environment are required to identify, build, and staff infrastructure defense and responses to contribute to the enhancement of cybersecurity education. Furthermore, the government could partner with schools, universities, and colleges to offer training programs in areas where digital literacy is limited.

Conclusion

To conclude, cybersecurity policies serve as essential guidelines outlining how citizens should interact with technology and handle information; hence, PNG’s initiative to tackle the modern-day technological era of the country. This policy emphasizes the importance of how every citizen of PNG must inhabit a sense of cybergenic and safety mindset so we all can be educated to not only protect ourselves in the digital realm but to contribute to national security as well. Lastly, as the review has outlined, this is why allocating more resources to cyber education is important at this day and time.


 

References

Ige, O. (2023). Strategies for combating cybercrimes in Papua New Guinea. The National Research Institute. file:///C:/Users/MY%20PC/Downloads/Spotlight__Vol16_Issue_1_Strategies_for_combating_cybercrimes_in_Papua_New_Guinea.pdf

Shahid, I. (2024). Educating cybersecurity experts: analysis of cybersecurity education in Finnish universities. Proceedings of the 23rd European Conference on Cyberwarfare and Security, 23 (1), 371379. https://www.researchgate.net/publication/385163765_Educating_Cybersecurity_Experts_Analysis_of_Cybersecurity_Education_in_Finnish_Universities

 

Comments

Post a Comment

Popular posts from this blog

Critical Review of the National Cyber Security Policy 2021

    Critical Review of the National Cyber Security Policy 2021   Written by: Jonathan Kunai Introduction The National Cyber Security Policy (NCSP) 2021 for Papua New Guinea (PNG) is a crucial document aimed at addressing the rapidly evolving cyber threats that the nation faces in the digital world we are in today. This policy outlines the government strategic approach to enhance the country’s cyber security’s capabilities, ensuring the protection of the citizen of PNG, critical infrastructures and the overall national security. This critical review will essentially present a mixed evaluation, recognition the strengthen of the paper while on the other hand highlighting areas that needs further improvement to adopt to emerging challenges. Summary The NCSP outlines several key objectives and strategies. It sets forth a clear vision for a secure cyber environment in PNG, stressing the need for stronger technical and intelligence capabilities to combat cyber th...
Read more

A Review of the National Cyber Security Policy 2021

By Raphaella Gegeyo Introduction The National Cyber Security Policy (NCSP) 2021 was formulated following the National Information and Communication Technology (ICT) Policy 2009-2014, highlighting the government's role and approaches towards cyber security threats in Papua New Guinea. The NCSP mainly focuses on the different roles that the government play when dealing with cyber security within Papua New Guinea (PNG). The NCSP was a combined effort of both the Department of Communications and Information Technology (DCIT) and the National Information and Communications Technology Authority (NICTA). This review provides both positive and negative insights into the NCSP Summary Upon reading the document, three key three points were identified. The first key point was the importance of having a national cyber security policy and how vital it was to ensure protection of PNG’s national cyber space. The document highlights that it is important to have a safe and secured cyber spac...
Read more

Review of National Cybersecurity Policy 2021

By Lamonai. Kenny Introduction: In today's digital era, Papua New Guinea (PNG) finds itself at a crossroads where information and communication technology (ICT) offers tremendous opportunities alongside a surge in cyber-related threats. In response, the National Information and Communication Technology Authority (NICTA) enacted the National Cybersecurity Policy in 2021. The Department of ICT Minister Honourable Timothy Masiu has emphasized that the purpose of this policy is to safeguard the cybersecurity of Papua New Guineans, ensuring that it aligns with international standards in this digital age. Throughout this policy review, I will summarize the policy clearly outlining how the policy relates to the National Security Policy, as well as share my mixed perspectives on the effectiveness and implications of the policy, exploring both the strengths and areas of improvement to take into consideration. Summary: PNG has experienced the rapid increase of ICT, and with the commissionin...
Read more