Subscribe

Keeping SA safe from cyber crime

By Charmaine Shangase
Johannesburg, 26 Jan 2016

Governance, Risk and Compliance Summit 2016

Attend ITWeb's Governance, Risk and Compliance Summit 2016 on 10 and 11 February at Summer Place, Hyde Park in Johannesburg and get more understanding of how the CyberSecurity Bill affects you and your organisation.

"Cyber crime law includes laws related to computer crime, cyber crime, information crimes, communications crimes and technology crimes. While the Internet and the digital economy represent a significant opportunity, they are also enablers for criminal activity. Crime affects everyone and in future cyber crime is going to affect people more and more. No one is safe - it impacts the rich and the poor," said attorney John Giles of Michalsons.

"Cyber crime is not some futuristic possibility. It is being committed every day right now. Thieves commit cyber crimes to steal people's money and their identity. With your identity, the thief can take out loans, incur credit, accumulate debt and, then flee without a trace. It can take years to rehabilitate your identity. A virus can destroy someone's files and a lost database can result in receiving unwanted sales calls," continued Giles.

Giles said many people will be asking: Do we need it? But cyber crime is on the increase and the Cybercrimes and Cybersecurity Bill aims to keep the people of South Africa safe from criminals, terrorists and breaches from other states. It also consolidates South Africa's cyber crime laws into one place. Essentially, it aims to stop cyber crime and improve the security of South Africa.

Cyber security is important for national security. But national security cannot override the personal freedom we fought so hard to achieve, explained Giles.

Giles is one of the speakers presenting at the ITWeb's Governance, Risk and Compliance Summit running on 10 and 11 February at Summer Place, Hyde Park, Johannesburg. He will be talking about the South African Cybercrimes and Cybersecurity Bill and its importance to compliance officers, legal advisors, information security experts, forensic investigators and information officers in particular, and what they need to know.

"The Cybercrimes and Cybersecurity Bill aims to keep the people of South Africa safe from criminals, terrorists and other states. It also consolidates South Africa's cyber crime laws into one place. Essentially, it aims to stop cyber crime and improve the security of South Africa," said Giles.

The Cybercrimes and Cybersecurity Bill creates many new offences (about 50). Some are related to data, messages, computers, and networks. For example:

* using personal information or financial information to commit an offence;
* hacking;
* unlawful interception of data;
* compute- related forgery and uttering; and
* extortion or terrorist activity.

John Giles of Michalsons will give details about the CyberSecurity Bill.
John Giles of Michalsons will give details about the CyberSecurity Bill.

The penalties range from one year to ten years' imprisonment or a R1million to R10million fine. So, this equates to a R1million fine or a year in jail. Lots of penalties are either R5million or five years' jail, or R10million or ten years' jail.

The Cybercrimes and Cybersecurity Bill gives the South African Police Service and the State Security Agency (and their members and investigators) extensive powers to investigate, search, access and seize just about anything (like a computer, database or network) wherever it might be located, provided they have a search warrant. Foreign states and South Africa will co-operate to investigate cyber crimes.

To deal with cyber crime, the minister of police must establish and operate a:

* 24/7 Point of contact centre for cyber crimes and appoint a director of it; and
* National cybercrime centre and appoint a director of it.

To improve cyber security, the Cybercrimes and Cybersecurity Bill creates a cyber response committee made up of about 13 people. The chairperson will be the director-general: state security. The minister of state security must establish and operate:

* A cyber security centre and appoint someone from the State Security Agency as its director, and
* One or more government security incident response teams and appoint someone from the State Security Agency as the head of each one.

The minister of defence must establish and operate a cyber command and appoint someone as the general officer commanding.

The minister of telecommunications and postal services must:

* Establish and operate a cyber security hub and appoint a director of it, and
* Make different sectors which provide an electronic communications service establish and operate (at their cost) private sector security incident response teams.

The Cybercrimes and Cybersecurity Bill was published on 28 August 2015.

Share