As the Omani society nowadays witnesses an enormous revolution in information technology, it was necessary to set a law that protects networks and devices from illegal hacking attempts. Thus, His Majesty Sultan Qaboos issued a law regarding cyber security according to the Royal Decree no (12/2011) on Cyber Crimes. The law covers the legal actions that shall be implemented on the following cases:
- Violation of the security and confidentiality of data, electronic information and informational systems.
- Misuse of Information Technology tools.
- Forgery & information Fraud.
- Content Crimes.
- Trespass on the Credit Cards.
The issuance of the Cyber-Crimes Law was based on Budapest Convention as well as local, regional and international legislations as HM Sultan Qaboos believes that every citizen and resident in Oman must obtain a total secured use of computer networks and devices. The Law helps in reducing the number of cyber-crimes with regard to information security and, hence, building the confidence in using it.
The information security framework consists of a number of guidelines, procedures, practices and, in the first place, information security management standards (ISO 270001). It enables information to be secured and supervised according to certain procedures that allow all governmental entities to implement.
It aims at securing and protecting information assets from unauthorized access and, consequently, changing the information whether during storing, processing or transferring data. It also plays a key role in setting plans for the continuation of works related to information security as well as assessing risks occurred and finding resolutions for them.
The project serves both public and private sectors as follows:
- Creating a secured environment by protecting information and database from breaching.
- Eliminating internal and external breaches.
- Building confidence among employees and customers in commercial transactions.
- Avoiding incidents, threats and risks with respect to information security.
- Solving the problems and incidents related to information security.
- Adopting a continuous improvement in information security processes.
- Providing a safe access to benefit from governmental eservices.