INDEPENDENT COMMUNICATIONS AUTHORITY OF SOUTH AFRICA(ICASA) CYBERSECURITY PRESENTATION AT SAIGF. 28 th November 2018

Similar documents
Cybersecurity in Asia-Pacific State of play, key issues for trade and e-commerce

GLOBAL CYBERSECURITY INDEX 2016

ENISA EU Threat Landscape

Developing a Legal Foundation and Establishing Effective Enforcement: Case Study Kenya

RESOLUTION 130 (REV. BUSAN, 2014)

Commonwealth Cyber Declaration

Cybersecurity for ALL

EU policy on Network and Information Security & Critical Information Infrastructures Protection

Promoting Global Cybersecurity

Plenipotentiary Conference (PP- 14) Busan, 20 October 7 November 2014

COMESA CYBER SECURITY PROGRAM KHARTOUM, SUDAN

13967/16 MK/mj 1 DG D 2B

Cybersecurity Capacity ITU Preetam Maloor Strategy & Policy Advisor 3 March 2015

Resolution adopted by the General Assembly on 21 December [on the report of the Second Committee (A/64/422/Add.3)]

National Cyber Security Strategy - Qatar. Michael Lewis, Deputy Director

Cybersecurity governance in Europe. Sokratis K. Katsikas Systems Security Laboratory Dept. of Digital Systems University of Piraeus

RESOLUTION 45 (Rev. Hyderabad, 2010)

Netherlands Cyber Security Strategy. Michel van Leeuwen Head of Cyber Security Policy Ministry of Security and Justice

Directive on security of network and information systems (NIS): State of Play

UNCLASSIFIED. National and Cyber Security Branch. Presentation for Gridseccon. Quebec City, October 18-21

KENYA YOUR RELIABLE PARTNER AT THE ITU. Candidate for the ITU Council in Region D

Society, the economy and the state depend on information and communications technology (ICT).

Garry Mukelabai Communications Authority Zambia

ENISA s Position on the NIS Directive

Cybersecurity Strategy of the Republic of Cyprus

Rohana Palliyaguru Director -Operations Sri Lanka CERT CC APCERT AGM and Conference, 24 th October 2018 Shanghai, China MINISTRY OF TELECOMMUNICATION

CYBERCRIME LEGISLATION DEVELOPMENT IN NIGERIA AN UPDATE. Octopus Conference, Strasbourg 06 June, 2012

Cyber Security Roadmap

Brussels, 19 May 2011 COUNCIL THE EUROPEAN UNION 10299/11 TELECOM 71 DATAPROTECT 55 JAI 332 PROCIV 66. NOTE From : COREPER

NATIONAL STRATEGY:- MALAYSIAN EXPERIENCE

The UNODC Global Programme on Cybercrime Alexandru Caciuloiu CYBERCRIME COORDINATOR SOUTHEAST ASIA AND THE PACIFIC

National Communications Authority

The role of COP/ITU on international level. Dr Ibrahim Al dabal chair of child on line council working group

NATIONAL CYBER SECURITY STRATEGY. - Version 2.0 -

The cost of cybercrime the benefits of cooperation

UN General Assembly Resolution 68/243 GEORGIA. General appreciation of the issues of information security

Critical Information Infrastructure Protection. Role of CIRTs and Cooperation at National Level

Global cybersecurity and international standards

2. What do you think is the significance, purpose and scope of enhanced cooperation as per the Tunis Agenda? a) Significance b) Purpose c) Scope

Framework for Cybersecurity in Nigeria

ISACA National Cyber Security Conference 8 December 2017, National Bank of Romania

CYBER CRIME LEGISLATION COURSE MALAYSIAN COMMUNCIATIONS AND MULTIMEDIA COMMISSION MALAYSIA

Child Online Protection in Child Pornography Namibia

Cyber Security Strategic Level Landscape in Poland. Krzysztof Silicki NASK Institute, Poland ENISA MB, EB

The challenges of the NIS directive from the viewpoint of the Vienna Hospital Association

OUTCOME DOCUMENT OF THE INTERNATIONAL CONFERENCE ON CYBERLAW, CYBERCRIME & CYBERSECURITY

Commonwealth Telecommunications Organisation Proposal for IGF Open Forum 2017

Cyber Security in Europe

Co-operation with Law Enforcement Agencies in South Africa. 19 September 2008

About Issues in Building the National Strategy for Cybersecurity in Vietnam

NIGERIAN CYBERCRIME LAW: WHAT NEXT? BY CHINWE NDUBEZE AT THE CYBER SECURE NIGERIA 2016 CONFERENCE ON 7 TH APRIL 2014

A comprehensive approach on personal data protection in the European Union

Draft Resolution for Committee Consideration and Recommendation

Liberia ICT Policy

Cybersecurity & Digital Privacy in the Energy sector

Cybersecurity and Vulnerability Assessment

RESOLUTION 130 (Rev. Antalya, 2006)

COUNCIL OF THE EUROPEAN UNION. Brussels, 24 May /13. Interinstitutional File: 2013/0027 (COD)

GLOBAL AGENDA FOR CYBER CAPACITY BUILDING

Regulating Cyber: the UK s plans for the NIS Directive

N a t i o n a l I C T R & D a n d I n n o v a t i o n R o a d m a p

New cybersecurity landscape in the EU Sławek Górniak 9. CA-Day, Berlin, 28th November 2017

10025/16 MP/mj 1 DG D 2B

G7 Bar Associations and Councils

ECOWAS Cyber security Agenda

BHConsulting. Your trusted cybersecurity partner

National Cybersecurity preparation to deal with Cyber Attacks

Romania - Cyber Security Strategy. 6th IT STAR Workshop on Digital Security

Plan a Pragmatic Approach to the new EU Data Privacy Regulation

GLobal Action on CYbercrime (GLACY) Assessing the Threat of Cybercrime in Mauritius

China and International Governance of Cybercrime

Global Alliance Against Child Sexual Abuse Online 2014 Reporting Form

CYBERSECURITY LEGISLATION IT OUT!

EXAM PREPARATION GUIDE

Role of ITU in Building Security & Trust in Cyberspace

14965/17 MK/ec 1 DG D 2B

Itu regional workshop

Concept Note: GIDC. Feasibility Study(F/S) on Government Integrated Data Center (GIDC) for the Republic of Nicaragua

Scope of the Member State mechanism

TIPS FOR FORGING A BETTER WORKING RELATIONSHIP BETWEEN COUNSEL AND IT TO IMPROVE CYBER-RESPONSE

The GDPR and NIS Directive: Risk-based security measures and incident notification requirements

The Republic of Korea. economic and social benefits. However, on account of its open, anonymous and borderless

WORLD TELECOMMUNICATION STANDARDIZATION ASSEMBLY Hammamet, 25 October 3 November 2016

ITU Regional Forum on Consumer Information, Protection and Rights for Africa 2017 Cotonou, BENIN March 2017

Project III Public/private cooperation

European Union Agency for Network and Information Security

European Directives and reglements for Information security

WSIS Action Lines Roadmaps C2, C5, C6

NEW INNOVATIONS NEED FOR NEW LAW ENFORCEMENT CAPABILITIES

CONCLUSIONS OF THE WESTERN BALKANS DIGITAL SUMMIT APRIL, SKOPJE

ENISA & Cybersecurity. Dr. Udo Helmbrecht Executive Director, European Network & Information Security Agency (ENISA) 25 October 2010

Dr. Emadeldin Helmy Cyber Risk & Resilience Bus. Continuity Exec. Director, NTRA. The African Internet Governance Forum - AfIGF Dec 2017, Egypt

National Policy and Guiding Principles

STRENGTHENING THE CYBERSECURITY OF FEDERAL NETWORKS AND CRITICAL INFRASTRUCTURE

Cyber Security Beyond 2020

Workshop on Cyber Security & Cyber Crime Policies. Policies for African Diplomats

Cyber Security Development. Ghana in Perspective

DIGITAL AGENDA FOR EUROPE

Position Paper of the ASD Civil Aviation Cybersecurity Taskforce

METHODOLOGY AND CRITERIA FOR THE CYBERSECURITY REPORTS

Transcription:

INDEPENDENT COMMUNICATIONS AUTHORITY OF SOUTH AFRICA(ICASA) CYBERSECURITY PRESENTATION AT SAIGF 28 th November 2018

AGENDA 1. State of Cybersecurity Globally 2. State of Cybersecurity in South Africa 2.1 Policy landscape 2.2 Legislation landscape and 2.3 Regulations

ITU Global Cybersecurity Index (GCI) The objective of the GCI as an initiative is to help countries identify areas for improvement in the field of cybersecurity, as well as to motivate them to take action to improve their ranking, thus helping raise the overall level of commitment to cybersecurity worldwide. The five pillars of the ITU Global Cybersecurity Index (GCI) 1. Legal: Measured based on the existence of legal institutions and frameworks dealing with cybersecurity and cybercrime. 2. Technical: Measured based on the existence of technical institutions and frameworks dealing with cybersecurity. 3. Organizational: Measured based on the existence of policy coordination institutions and strategies for cybersecurity development at the national level. 4. Capacity Building: Measured based on the existence of research and development, education and training programmes; certified professionals and public sector agencies fostering capacity building. 5. Cooperation: Measured based on the existence of partnerships, cooperative frameworks and information sharing networks.

Current Landscape: ITU Global Cybersecurity Index (GCI)

ITU Global Cybersecurity Index (GCI)

ITU Global Cybersecurity Index (GCI)

ITU Global Cybersecurity Index (GCI) Making South Africa a Global Leader in Harnessing ICTs for Socio-economic Development 8 South Africa s Ratings South Africa s Overall Ratings

8 02 Policy, Legislation & Regulations

11 Creating an Enabling Environment Policy South Africa has implemented a number of strategic and tactical interventions including the National Cybersecurity Policy Framework (NCPF) published on 4 December 2015, with the aim of; Promoting a cybersecurity culture and demand compliance with minimum security standards; Strengthening intelligence collection, investigations, prosecution and judicial processes, in respect of preventing and addressing cybercrime, cyber warfare, cyber terrorism and other cyber ills;

Creating an Enabling Environment Policy ROLE PLAYERS DTPS ROLES The DTPS drafted the National Cybersecurity Policy Framework in 2012, and develop Cybersecurity Awareness Strategy to be implemented by all role players. To develop industry standards (with the assistance of ICASA and SABS), establish National Cyber security Advisory Council, establish Cyber security Hub, and sector specific CSIRTs. National Cyber Security Advisory Council To advise government on Cybersecurity policies. Computer Security Incident Response Team Responsible for receiving, reviewing, and responding to computer security incident reports and activity. (CSIRT). Information regulator A new regulator that has been created by the Protection of Personal Information Act (POPI). The Information Regulator has extensive powers to investigate and fine responsible parties. Data subjects will be able to complain to the Information Regulator and the Information Regulator will be able to take action on behalf of data subjects Cyber hub/ CSIR CSIR State Information Technology Agency (SITA) State Security Agency The hub is a link between the general public and the relevant institutions relating to the establishment of the sector CERTs Cybersecurity Innovation Centre Set standards for the interoperability of information systems and for a comprehensive information systems security environment for departments. Responsible for coordination, development and implementation of cyber security measures in the Republic as integral part of national security mandate. It must ensure that the Justice, Crime Prevention and Security (JCPS) cluster has requisite capacity in relation to National Cybersecurity Policy Framework (NCPF). It also host Cyber security Response Team and Cyber security Centre. 11 Department of Justice and Constitutional To review various legislations governing cyberspace, harmonising and aligning them to the policy.

Creating an Enabling Environment Legislation THE CONSTITUTION OF THE REPUBLIC OF SOUTH AFRICA, 1996 (ACT NO.108 OF 1996) ( THE CONSTITUTION ) the right to privacy in section 14(d), which includes the right not to have the privacy of their communications infringed; THE PROTECTION OF PERSONAL INFORMATION ACT, 2013 (ACT NO. 4 OF 2013) ( POPI ) The Electronic Communications and Transaction Act, 2002 (Act No. 25 of 2002) The Promotion of Access to Information Act, 2000 (Act No. 2 of 2000) The Regulation of Interception of Communications and Provision of Communication-Related Information Act, 2002 (Act No. 70 of 2002) Electronic Communications Act, 2005 (Act No. 36 of 2005) Cybercrimes and Cybersecurity Bill

11 Regulators & Regulations Regulation ICASA The mandate of ICASA ( the Authority ) as stipulated in section 2(g) of the Electronic Communications Act of 2005 is to: ensure information security and network reliability Section 36 (1) of the ECA states that the Authority must prescribe standards for the performance and operation of any equipment or electronic communication facility, including radio apparatus. Section 36 (2) further states that such standards must be aimed at protecting the integrity of the electronic communications network.

11 Regulators & Regulations Regulation ICASA has since published on the ROLE AND RESPONSIBILITIES OF THE INDEPENDENT COMMUNICATIONS AUTHORITY OF SOUTH AFRICA IN CYBERSECURITY This document seeks to solicit the inputs of all Stakeholders and interested parties on how they will like the see ICASA playing its role in this cybersecurity space on The outcome of this process will guide ICASA on the next step

Regulators & Regulations THE INFORMATION REGULATOR The Information Regulator is, among others, empowered to monitor and enforce compliance by public and private bodies with the provisions of the POPIA. Once the relevant provisions of POPI come into effect, a person or business that is responsible for personal information (responsible party) will have to notify the Regulator as well as any parties whose personal information have been accessed or acquired by an unauthorised party. The notification must, at the very least, contain the following information: A description of the possible consequences of the security compromise; A description of the measures taken or proposed to be taken by the responsible party to remedy the security breach; A recommendation of the measures that any party whose personal information was leaked in the security compromise should take in order to mitigate the possible adverse effects of the security compromise; The identity of the unauthorised person, if known, who accessed or acquired the personal information.

THANK YOU

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback