From Policy to Practice: Habibullah N. Karim on Cybersecurity in Bangladesh

You are currently viewing From Policy to Practice: Habibullah N. Karim on Cybersecurity in Bangladesh

From Policy to Practice: Habibullah N. Karim on Cybersecurity in Bangladesh

Habibullah N. Karim is a prominent figure in Bangladesh’s IT industry, renowned for his leadership as Founder and CEO of Technohaven Company Ltd. Since its establishment in 1986, the firm has become a leading provider of IT solutions in Dhaka. His influence extends to shaping national ICT policies, notably as Convener of the Working Group of the ICT Policy Review Committee in 2008, leading to the Bangladesh ICT Policy 2009 draft. Cofounder of the Bangladesh Association of Software & Information Services (BASIS) in 1997, he served as President for two terms. His contributions are recognised internationally, with publications in esteemed journals and co-authorship of “Going Digital – Realising The Dreams Of A Digital Bangladesh For All. With a BS in Electrical Engineering from Yale University and executive education from Stanford University, Habibullah N. Karim continues to play pivotal roles in industry associations and government committees, reflecting his commitment to advancing Bangladesh’s digital landscape.

Recently, he joined Grameenphone Ltd. Presents Bangladesh Cyber Security Summit 2024: Cyber Resilience for Bangladesh, powered by Link3 Technologies, IDEA Foundation, and in association with bKash Limited, as one of the distinguished speakers. During the event, Bangladesh Brand Forum spoke with him about the concept and reality of ethical AI policies.

 

BBF: With your pivotal role in authoring the Bangladesh ICT Policy 2009, how do you assess the progress in integrating cyber security measures within the national ICP policies?

Habibullah N. Karim: It was a policy directive. A policy is not supposed to be more than a guideline. So it had the policy directives for cyber security as well, but where we departed from standard policies is that in our policy, we also had provisions for action plans. So, of the 306 action plans we compiled under that policy, some addressed security issues.

 

BBF: With the rise of Al and machine learning, what ethical considerations should be at the forefront of cyber security practices?

Habibullah N. Karim: Well, there are two aspects to that. Firstly, cyber security itself has ethical considerations. So, systems should not be open to hackers or cyber criminals. The people responsible for the administration of those digital systems must be adequately screened so that they do not join hands with cyber criminals to create havoc. On the other side, the Al issue is slightly different in that we now have an open-source AI movement.

The AI technologies are available for anybody. It can be used by good Al practitioners and bad practitioners who can use it to create havoc or carry out criminal. activity. So, in that area, people responsible for organizations like Open Al or others should keep a close tab on the people accessing their platforms or using them to create Al applications. If access to those platforms can be managed, I believe the damage could also be contained. On the other hand, if it is like a laissez-faire, free for all, then the bad elements and bad actors will also have the full complement of Al technology, which can be disastrous for our future.

 

BBF: How do you propose the Al companies filter out which people use those for bad intentions or unethical means?

Habibullah N. Karim: See, it’s not that difficult. For example, all banks or fintech companies in the world maintain what is known as white-lists and black-lists. People who are known to be involved with financial crimes, they are automatically on the black-list. People who are guilty of, let’s say, money laundering, cyber terrorism funding or any other type of financial crime, automatically get listed in those black-lists. And people who are known to be clean are part of the white-list. So this is something even though you may not know; you are part of these white-lists or black-lists of different systems based on your behaviour. So, we need similar things for Al users and practitioners also.

 

BBF: How would you evaluate the current AI development and how do you foresee the future?

Habibullah N. Karim: From the 80s and 90s to today, it’s a quantum leap. Where Chat GPT and generative AI have taken us is mind-boggling. Even five years ago, we could not imagine these things.

Even though it has come a long way, we are still far from what is known as artificial general intelligence, AGI. In this case, computers could carry out general tasks, not just specialised tasks for which a system is trained or learned. So, that kind of general intelligence is probably still 20 years away. And then the thing that everybody fears, the singularity where machine intelligence will overtake human intelligence, that is bound to happen 30, 40 years down the road, maybe not during our lifetime. So, along that path, I think the ethical use of technology will be even more critical.

 

BBF: Will it be very difficult to decide whether an act or task on the Internet is ethical or unethical?

Habibullah N. Karim: Not necessarily. Ethical values are quite universal. Suppose you steal from somebody who is treated as a crime, whether you are in Japan, the USA, or Bangladesh. So, there is no issue with ethical values.

The issue would be how you react to that. So, if somebody steals, do you lock him away for 20 years or only five days? Different countries have different legal frameworks for that. Criminal jurisprudence is structured differently in different countries. So, there may need to be more international collaboration and rationalization of such provisions.

So today, for example, somebody spreading hate speech on Facebook may affect somebody in Bangladesh, but it might be done from somewhere outside Bangladesh. So, how do you bring that person under the purview of law? It definitely requires international collaboration. And that can happen the other way around, too.

Somebody from Bangladesh could be doing the same to somebody somewhere else. So, those kinds of collaboration and the collaboration framework must happen quickly. The UN is working on that. An UN-led general framework and then more bilateral frameworks will be necessary, where each country will have a bilateral arrangement on such things.

 

BBF: Drawing from your experience as a columnist and author, particularly with Going Digital, realising the dreams of a digital Bangladesh for all, how important is public awareness and education in building a resilient cyber security culture in Bangladesh?

Habibullah N. Karim: Very important. Well, you know, the bulk of your assets are physical today. In 10 to 20 years, most of your assets will be digital.

Even your car ownership papers will be digital. You cannot just sign away your car on a piece of paper in future. The ownership title for your land or your apartment will also be digital.

You must do more than sign a physical paper to do that. So, when everything will be digital, even your identity, digital security or cyber security would be essential. It will be a fundamental requirement, not just for the government or business but for every citizen.

Public awareness on all matters digital must be taught from primary school onwards because everybody uses technology. Even a primary school student, a 10-year-old boy or girl, uses a tablet, which is a high-tech equipment. And if the parents are not careful, those children may be given access to information they should not have access to and the parents are often not aware of such situations but should be.

So, cyber security is all-pervasive, just as digital systems are pervasive. Look around us, everything is now digital, from the cradle to the grave.

Leave a Reply