<p>Nii,<br>
On Oct 25, 2012 12:15 AM, "Nii Narku Quaynor" <<a href="mailto:quaynor@ghana.com">quaynor@ghana.com</a>> wrote:<br>
> Ack. Thus failure to follow guidelines and best practices is at issue? (ignorance, social engineering etc accessed vulnerabilities )</p>
<p>In Iran's case I would say this was one of the issues. It was clear a network existed that was segmented and isolated from other networks/Internet because of threats of malware to CI, but people let themselves be socially engineered into pluging infected usb sticks into the isolated network --- the result; we all know well.</p>
<p>Broadening the discussion to the issues & what Africa needs, I would say for a start:-<br>
- Strategies, Policies and procedures<br>
- The tech resources to implement & maintain secure infrastructure in accordance to policies<br>
- Training to ensure users understand the threats & policies; and the reason they should be followed without compromise<br>
- Mechanisms to monitor and enforce compliance</p>