The public will have until the end of this week (20 March) to comment on the Department of Communication's (DOC's) draft cyber security policy, introduced last month.
The DOC aims to tighten up cyber security throughout the country and to use the policy to foster cooperation between government and the private sector. The policy is in line with international trends set out by a United Nations General Assembly resolution passed in 2001.
During a security meeting at Deloitte's offices last week, legal experts claimed there is no specific legislation equipped to deal with cyber crime. The policy plans to change that by facilitating the establishment of a National Cyber Security Advisory Council to coordinate cyber security initiatives at a strategic level.
One of the DOC's primary strategies is to roll out national and sector-based computer security incident response teams (CSIRTs) of dedicated information security specialists. The sector CSIRTs will coordinate incident response activities within the sector, establish standards and develop measures to deal with cyber security issues impacting the industry.
Legal experts welcomed the policy as a step in the right direction, but have called the policy vague in terms of specifying how funding will be allocated to support the CSIRTs. They also found the incentive to start a sector CSIRT is lacking.
The Information Security Group (ISG) of Africa detailed plans to introduce training programmes, for the development of established security teams to deal with cyber crime.
According to Rosewarne, the majority of cyber crime incidents go unreported and while banks do communicate and collaborate with one another, the majority of sectors are still cautious about the information they share.
Rosewarne claims SA is the sixth biggest perpetrator in terms of cyber crime. In addition, it's expected the Fifa World Cup will result in an increase in cyber attacks. ISG Africa has enrolled all of the major South African banks and the SAPS into CSIRT training; which is set to begin next week.
ISG Africa has reached an agreement with the US Navy and Office of the Secretary of Defence to offer the CyberCierge Game Challenge to SA. CyberCiege is a computer simulation game used as a training tool by the US government and universities to drive awareness around network security. ISG was awarded a one-year free licence to distribute the game in the country.
Share
