The Commission’s Information Security Unit hosted the 4th Annual CEO Cybersecurity Breakfast on July 25, 2024, at the UCC Conference Hall. This event provided a platform for regulators (BOU and UCC), CEOs from the communications sector, and leaders from other key industries to discuss the latest trends, risks, and management strategies in cybersecurity. A Keynote speaker and a panel of executives shared valuable insights on leveraging cybersecurity as a competitive advantage.
The annual CEO Cybersecurity Breakfast aims to educate executives on the critical importance of cybersecurity, providing practical advice on safeguarding their organizations against cyber threats. This year’s theme, “Cybersecurity as a Competitive Advantage: Robust Cybersecurity Measures as a Catalyst for Innovation and Competitive Edge,” emphasized how strong cybersecurity practices can drive innovation and enhance competitiveness.
The Cyber Drill was hosted remotely and was graced by participants from cybersecurity teams of telecommunications institutions. It simulated a critical cybersecurity incident targeting a telecommunication institution.
The drill’s primary objective was to assess the preparedness and response capabilities of an organization’s cybersecurity team in handling a sophisticated Border Gateway Protocol (BGP) hijacking attack. This exercise provided valuable insights into the participating members strengths and areas for improvement in defending against such attacks.
The scenario was centered around a BGP Hijacking attack that began with a phishing attempt targeting an employee’s personal Gmail account. The phishing email, masquerading as a communication from the local tax revenue authority, tricked the user into downloading and installing malware on their machine. This malware served as the entry point for the threat actor, who subsequently moved laterally within the network, compromising the edge router. The attacker rerouted traffic to their malicious router, effectively disrupting communication between critical routers and initiating a crisis that required a coordinated response from the Telecom’s cybersecurity team and relevant stakeholders.
Participants were evaluated based on their performance in responding to the simulated attack, with scores reflecting their ability to identify, mitigate, and respond to the threat.
The International Telecommunication Union (ITU), in partnership with the Uganda Communications Commission (UCC) and the Uganda Computer Emergency Response Team (UG-CERT), with the support of AfricaCERT, hosted the Regional Cybersecurity Summit for Africa from November 20 to 23, 2023 at UCC House Bugolobi.
Summary of Day 1 – Theme: Strengthening security in the digital economy
Day 1 of the summit explored various aspects of cybersecurity, starting with a keynote on the importance of the human element and the need for personalized approaches, awareness, and digital literacy. Sessions covered international cybersecurity standards, with a focus on ITU-T X.1060, security baselines for digital infrastructure, and strategies for emerging technologies. The day concluded with an overview of ITU-D’s cybersecurity initiatives.
Summary of Day 2 – Theme: Security and cyber resilience of critical infrastructure and digital financial services
Day 2 covered a range of topics on critical infrastructure and digital financial services (DFS) security. Sessions included discussions on cybersecurity challenges, the roles of regulators and DFS providers, ITU’s work on DFS security, and country experiences with the ITU DFS Security Lab. The day also featured a deep dive into Blockchain Secure Authentication (BSA) for mobile payments and concluded with a session on bridging the standardization gap to empower developing countries in the ITU’s standards-making process.
Summary of Day 3 – CyberDrill
Day 3 opened with a keynote on the importance of cybersecurity preparedness, stressing the value of tailored cyber simulation exercises. This was followed by a session where experts shared their experiences with cyber drills. The day continued with hands-on exercises covering website defacement, DFS cyber resilience, and phishing/malware analysis, all aimed at enhancing cybersecurity readiness.
The Commission through its CERT (Computer Emergency Response Team) hosted the 3rd annual CEO Cybersecurity breakfast in the UCC (Uganda Communications Commission) Conference Hall on 5th May 2023. The theme for the event was “Cybersecurity in Digital Financial Services: Best practices, strategies, and the future.”
It served as an opportunity for CEOs of licensed operators, the financial sector, and financial technology (fintech) service providers to converge and discuss the latest trends, challenges, and solutions in cybersecurity management in the digital financial services environment. A keynote speaker and panel of banking and telecommunication executives provided insights on various aspects of cybersecurity management.
The event aimed to educate executives on the importance of cybersecurity and provide practical advice on how to protect their organizations against cyber threats in digital financial services.
Colville Street, Communications House
P.O. Box 7376
Kampala, Uganda
Tel: + 256 414 339000/ 312 339000
Fax: + 256 414 348832
E-mail: cert@ucc.co.ug