On 14 Feb 2019, we wrote that our country should prioritise and assert economic rights on our data.
We are glad to read the news on 25 Feb 2019, wherein the Minister of Communications and Multimedia announced that the country will be rolling out its Digital Economy policy by the 3rd quarter of 2019.
The rollout of a Digital Economy policy underscored the importance the government is placing in this area.
In deliberating on this policy, we hope the government and the policy makers will give due and serious consideration to include in its fundamental policies, the following:-
protecting the country’s rights on our data as highlighted in our writeup, and
the cybersecurity policies governing the landscape for the participants in the digital economy
In the world of digital economy, trust is the most important 'ingredient'. Lose this and the whole marketplace would be made redundant. Underpinning this trust is the ability of the participants in the digital economy to provide and assure the marketplace of their cyber resilience and ability to protect the data on their customers.
We expect this will pose a huge challenge to all participants in the digital economy given that cyber attacks is unlikely to show any slowdown in the coming years. With the pressing needs for organisations to migrate to IR4.0 standards and the rapid introduction of IoT enabled devices to the marketplace, it is projected that cyber attacks will continue to 'grow' at an unprecedented pace in the next few years.
Underscoring concerns in investing on their cyber defences mainly to meet the demands of the proposed policy, participants in the digital economy could be 'nudged' towards looking at shared services. E.g., instead of investing into new architectures for their IT needs to be cyber resilient compliant, these participants could engage and outsource the defence of their cybersecurity posture to managed shared services providers.
Without an effective cyber resilient framework in their operating structure, participants in the digital economy could make a mockery of the proposed policy to be introduced. To achieve greater or full compliance, the government can 'nudge' these players by asserting on more stringent compliance on their data protection measures.