Subscribe

SA's security awareness lags

Alex Kayle
By Alex Kayle, Senior portals journalist
Johannesburg, 28 Mar 2011

ITWeb's Security Summit 2011

More information about the ITWeb's Security Summit 2011, which takes place from 10 to 12 May, at the Sandton Convention Centre, is available online here.

South Africa is behind the information security awareness curve from both an African and international perspective.

This is according to Craig Rosewarne, Information Security Group (ISG) Africa founder, who spoke at the second Deloitte School of Risk Management and the ISG Africa event held on Friday.

Rosewarne will also present at the upcoming ITWeb Security Summit being held at the Sandton Convention Centre from 10 to 12 May.

ISG Africa's main objective is to drive awareness and education around information security risk and governance.

According to Rosewarne, no central information security body exists in SA to educate the layman around Internet security.

“We don't yet have a co-ordinated response centre for the whole country to use,” said Rosewarne, adding that it's imperative to form public and private partnerships in order to effectively deal with cyber security attacks.

He said ISG Africa is aggressively striking up partnerships with various organisations such as Business Against Crime and Sabric, which deals with financial fraud in banks. “We are also in discussions with the Chamber of Commerce and other government entities.”

He pointed out that the company is looking to create a virtual cyber security centre, which is a step towards the group's plans to drive an operational Computer Security Incident Response Team (CSIRT).

“However, we still need to partner with different players that can provide us with the infrastructure and teams of experts,” noted Rosewarne.

ISG Africa last year called SA's first cyber security policy “unclear”, saying it failed to mention how the Department of Communications would roll out and manage national and sector-based CSIRTs.

“As per the cyber security policy drafted by the Department of Communications last year, this industry body still needs to be built. We need to first look at building various industry CSIRTs. We also need to reign in government and parastatals such as Eskom and Cipro.”

According to Dr Barend Taute, who also spoke at the event, security policy experts need to meet with government and Interpol to discuss how to address South African security challenges.

“Africa has unique challenges, which are different to the rest of the world. Broadband Internet is being rolled out to people with low literacy rates that have no Internet security awareness and are, therefore vulnerable to security threats.

“SA is privileged not to have seen big cyber attacks during last year's Soccer World Cup. The biggest question should be asking whether we would have been ready for a big cyber attack.”

ITWeb Security Summit

The ITWeb Security Summit is South Africa's premier ICT security event. It includes a conference, expo and workshops to inform business managers, CIOs and chief IT security officers about the current and future information security threat landscape.

The spotlight is on security in an increasingly connected world, featuring cloud security, web services and online security, as well as the growing trend to use malicious code for industrial espionage and sabotage.

Hear first-hand from global powerhouses like SalesForce, Google and Zynga Game Network about security strategies that deliver results, with practical insights from leading financial institutions such as Nedbank, Standardbank, Barclays, Absa, and the Co-operative Bank of Kenya. Two days of expert insights and case studies, and hands-on workshops covering cloud security, web application hacking and security metrics. For further information visit www.securitysummit.co.za

Share