Subscribe

How the cyber security Bill affects telcos


Johannesburg, 05 Sep 2016

ITWeb's Ansie Vicente spoke to Michael Bafatakis, GM for Architecture and Security at Neotel, about the Cyber Crimes and Cyber Security Bill (cyber security Bill) and its effect on telcos.

Ansie Vicente:How is the cyber security Bill affecting companies such as Neotel?
Michael Bafatakis: First, some background: The cyber security Bill is segmented into industry specific regulations. For instance, the banking and telecommunications industries have been identified as holders of "national key infrastructures". This puts more onus on them to monitor activities, coordinate responses and report irregularities to the regulator.
Everyone's challenge - globally - is that cloud computing comes with certain elements of anonymity, such as Google's incognito browsing. This makes it difficult to identify individual criminals.
Telcos such as Neotel that sell bandwidth, Internet connectivity, and services face the key challenges of monitoring the traffic, defining what is on the machines, and taking on significant responsibility to report criminal activity. Banks and financial institutions face the challenges of phishing and malware and hacktivism. Banks have beefed up their security, but Zero Day exploits abound.


How can banks and telcos approach the problem?
Banks and telcos now need to apply cognitive analytics in a global environment, where browsers are determined to hide the actions of users. Security in its own right is no longer a grudge spend. Security used to be an operational issue, but now it is about human beings. You need cognitive analytics to understand the criminals' phishing behaviour, replay the behaviour and implode the attacks.
Secondly, as telcos, we can analyse the multiplier effect to see if there has been more than one of the same attack. Malware used to have some constants: the machinery that hosts the IP address also hosts or pushes the attack. Nowadays, we're seeing one botnet firing off the first part of the attack, and in some cases creating rogue elements within the organisation, which then host attacks of their own and push the attacks forward.


Will the cyber security Bill make a difference to levels of cyber crime?
The Bill will work, but there are dependencies, mainly RICA legislation and training at law enforcement agencies. RICA is a useful piece of legislation, but there are cracks, such as a RICAed SIM card that isn't actually assigned a specific person. With that SIM card, criminals can launch an attack on a financial institution or a telco, and it would be incredibly difficult to successfully prosecute any individual person or even company.
Similarly, law enforcement agencies have to understand the digital world. A prosecution team that doesn't understand the technology won't be able to make a coherent case against criminals. Similarly, SA needs more magistrates and high court judges who have an understanding of cyber crimes. For instance, it is easy to assign a replacement value to a piece of tin that is stolen. But how do you quantify the value of the data on the tin, and how do you prosecute?
I believe the Bill is important, and sets a major challenge for telcos and hosting companies that host logical elements such as servers, to mitigate against the use by criminals of the global trend towards secure browsing.


What advice would you give to companies that are using the types of services Neotel offers? What should they be asking of their ISPs and hosting providers?
It makes sense for companies to outsource their security requirements if they don't have the capabilities, the appetite or the budget to build their own.
I can only speak for Neotel, but our data centres are built "top tier", so we meet physical and logical criteria. We have embarked on offering full security as a service and our capability is being ramped up as we speak, to meet and supersede the cyber security Bill's criteria. We use the "reasonable man" test, meaning we offer the best technology, the best people, and the best analytics, as required by a reasonable person.
Beyond that, make sure your backups are real, effective and up-to-date.

Share

Editorial contacts