Towards a more secure Cyber Space for South Africa

Similar documents
Towards a cyber governance maturity model for boards of directors

Cybersecurity Fundamentals

WORKSHOP CYBER SECURITY AND CYBERCRIME POLICIES FOR AFRICAN DIPLOMATS. Okechukwu Emmanuel Ibe

Cyber Security Roadmap

ISACA West Florida Chapter - Cybersecurity Event

Electronic payments in the Netherlands

Putting security first for critical online brand assets. cscdigitalbrand.services

ENISA & Cybersecurity. Dr. Udo Helmbrecht Executive Director, European Network & Information Security Agency (ENISA) 25 October 2010

The UK s National Cyber Security Strategy

Concept Note: GIDC. Feasibility Study(F/S) on Government Integrated Data Center (GIDC) for the Republic of Nicaragua

KENYA YOUR RELIABLE PARTNER AT THE ITU. Candidate for the ITU Council in Region D

About Issues in Building the National Strategy for Cybersecurity in Vietnam

Netherlands Cyber Security Strategy. Michel van Leeuwen Head of Cyber Security Policy Ministry of Security and Justice

Security in India: Enabling a New Connected Era

Co-operation with Law Enforcement Agencies in South Africa. 19 September 2008

Cyber Security and Cyber Fraud

Caribbean Cyber Security: Not Only Government s Responsibility

Promoting Global Cybersecurity

NEW INNOVATIONS NEED FOR NEW LAW ENFORCEMENT CAPABILITIES

Rohana Palliyaguru Director -Operations Sri Lanka CERT CC APCERT AGM and Conference, 24 th October 2018 Shanghai, China MINISTRY OF TELECOMMUNICATION

Opening Doors to Cyber and Homeland Security Careers

Commonwealth Cyber Declaration

INDEPENDENT COMMUNICATIONS AUTHORITY OF SOUTH AFRICA(ICASA) CYBERSECURITY PRESENTATION AT SAIGF. 28 th November 2018

Package of initiatives on Cybersecurity

Itu regional workshop

Security in Today s Insecure World for SecureTokyo

Cybersecurity for ALL

Understanding Cyber Insurance & Regulatory Drivers for Business Continuity

GEORGIA CYBERSECURITY WORKFORCE ACADEMY. NASCIO 2018 State IT Recognition Awards

Child Online Protection in Child Pornography Namibia

SOC Summit June 6, Strengthening Capacity in Cyber Talent sans.org/cybertalent

CYBERCRIME AS A NEW FORM OF CONTEMPORARY CRIME

Integrating Cyber Security with Business Continuity Management to Build the Resilient Enterprise

G7 Bar Associations and Councils

N a t i o n a l I C T R & D a n d I n n o v a t i o n R o a d m a p

REPUBLIC OF KENYA MINISTRY OF INFORMATION, COMMUNICATIONS AND TECHNOLOGY

RESOLUTION 130 (REV. BUSAN, 2014)

Angela McKay Director, Government Security Policy and Strategy Microsoft

Media Kit. California Cybersecurity Institute

Mitigating Risk with Ongoing Cybersecurity Risk Assessment. Scott Moser CISO Caesars Entertainment

COUNTER-TERRORISM. Future-oriented policing projects

Resolution adopted by the General Assembly on 21 December [on the report of the Second Committee (A/64/422/Add.3)]

Presented by: Njei Check Head, Audit Security Division, ANTIC

COMESA CYBER SECURITY PROGRAM KHARTOUM, SUDAN

MALAYSIA S APPROACH IN CAPACITY BUILDING. Dr Amirudin Abdul Wahab Chief Executive Officer CyberSecurity Malaysia 24 March 2017

Global Alliance Against Child Sexual Abuse Online 2014 Reporting Form

Cybersecurity and Hospitals: A Board Perspective

RESOLUTION 45 (Rev. Hyderabad, 2010)

Fiscal year 2017: TÜV Rheinland continues growth strategy with investments in future-oriented topics

ASSEMBLY, No STATE OF NEW JERSEY. 217th LEGISLATURE INTRODUCED FEBRUARY 4, 2016

Legal Foundation and Enforcement: Promoting Cybersecurity

Cybersecurity Risk Mitigation: Protect Your Member Data. Introduction

THE POWER OF TECH-SAVVY BOARDS:

INFORMATION. October Radisson Blu Hotel Abidjan PRESS RELEASE.

CyberSecurity Training and Capacity Building: A Starting Point for Collaboration and Partnerships. from the most trusted name in information security

Implementation Strategy for Cybersecurity Workshop ITU 2016

Cyber Security School

INFORMATION SECURITY NO MORE THE CINDERELLA?

Cybersecurity & Digital Privacy in the Energy sector

Cybersecurity in Higher Ed

Cybersecurity Strategy of the Republic of Cyprus

Bradford J. Willke. 19 September 2007

Stealing digital information

Insider Threat Program: Protecting the Crown Jewels. Monday, March 2, 2:15 pm - 3:15 pm

Which Side Are You On?

Safeguarding company from cyber-crimes and other technology scams ASSOCHAM

CESG:10 Steps to Cyber Security WORKING WITH GOVERNMENT, INDUSTRY AND ACADEMIA TO MANAGE INFORMATION RISK

UNCLASSIFIED. National and Cyber Security Branch. Presentation for Gridseccon. Quebec City, October 18-21

Engaging Executives and Boards in Cybersecurity Session 303, Feb 20, 2017 Sanjeev Sah, CISO, Texas Children s Hospital Jimmy Joseph, Senior Manager,

Cyber Security in Europe

Cyber Security. Activities of an national insurance association based on the example of VVO

The Republic of Korea. economic and social benefits. However, on account of its open, anonymous and borderless

Risk Advisory Academy Training Brochure

National Cybersecurity preparation to deal with Cyber Attacks

COUNCIL OF THE EUROPEAN UNION. Brussels, 24 May /13. Interinstitutional File: 2013/0027 (COD)

How the Board Should Take Care of Cyber Security. ICS Conference 2012, October 31 Denmark

CRITICAL INFRASTRUCTURE AND CYBER THREAT CRITICAL INFRASTRUCTURE AND CYBER THREAT

Physical security advisory services Securing your organisation s future

CHAPTER 1 CYBER CRIME A CONCEPTUAL AND THEORETICAL FRAMEWORK

State Governments at Risk: State CIOs and Cybersecurity. CSG Cybersecurity and Privacy Policy Academy November 2, 2017

The Role of the Data Protection Officer

Speakers. Shellie Zavatsky Director of Internal Audit at Hurley Medical Center. Trent Long Director of Managed Privacy Services at FairWarning, Inc

Strategic Security Analyst

Cyber Security Development. Ghana in Perspective

Are you safe? Your business growth strategies are at the heart of the cyber risks your organization faces

FTA 2017 SEATTLE. Cybersecurity and the State Tax Threat Environment. Copyright FireEye, Inc. All rights reserved.

Cybersecurity. Securely enabling transformation and change

The Role of Public Sector Audit and Risk Committees in Cybersecurity & Digital Transformation. ISACA All Rights Reserved.

Training + Information Sharing: Pillars of enhancing cybersecurity posture

Combating Cyber Risk in the Supply Chain

CYBER INSURANCE: MANAGING THE RISK

DIGITAL AGENDA FOR EUROPE

EMPOWER PEOPLE IMPROVE LIVES INSPIRE SUCCESS

Cybersecurity, Trade, and Economic Development

Cybersecurity: Considerations for Internal Audit. Gina Gondron Senior Manager Frazier & Deeter Geek Week August 10, 2016

Critical Infrastructure Analysis and Protection - A Case for Secure Information Exchange. August 16, 2016

National Cyber Security Strategy - Qatar. Michael Lewis, Deputy Director

Cybersecurity Fundamentals Paul Jones CIO Clerk & Comptroller Palm Beach County CISSP, ITIL Expert, Security+, Project+

cybersecurity in Europe Rossella Mattioli Secure Infrastructures and Services

Current skills gap for capable CTI analysts: Training for forensics & analysis

Transcription:

22 October 2013 Towards a more secure Cyber Space for South Africa Prof Basie Von Solms Director : Centre for Cyber Security University of Johannesburg basievs@uj.ac.za

International comments African comments South African comments Agenda

International status of cyber risks 2013 : Lloyds Risk Index Cyber risk has moved to the world s number three risk overall.

A Cyber view of Africa African Union must act to reduce cyber-crime The current situation in Africa cannot be allowed to continue because internet crime, intellectual property and identity theft are thriving IDGConnect, 2012 http://www.idgconnect.com/blog-abstract/613/contador-harrison-africa-african-union-act-reduce-cyber-crime,

A Cyber view of South Africa South African cybercrime set to soar in 2013 An alarming fact is that South Africa hosts the third-highest number of cybercrime victims in the world Norton Cybercrime Report 2012 http://www.itnewsafrica.com/2013/01/south-african-cybercrime-set-to-soar-in-2013/

Government Systems It would not be hard to shut down the (SA) Government considering the minimal Cybersecurity measures in place http://www.news24.com/technology/news/expert-warns-of-govts-slack-cybersecurity-20130306

Why are we in this situation? 1. Massive increase in broadband capacity in Africa

License Some rights reserved by Steve_Song http://www.flickr.com/photos/ssong/8185423437/sizes/c/in/photostream/

Why are we in this situation? 2. Uptake and lack of awareness More and more systems go online (business and Government) Increasing use of social networks Basic lack of awareness of cyber security risks

Cyber risk in Africa as more individuals worldwide gain Internet access through mobile phones, Cyber criminals will have millions of inexperienced users to dupe with unsophisticated or wellworn scamming techniques that more savvy users grew wise to (or fell victim to) ages ago. CISCO Annual Security Report, 2009, www.cisco.com/en/us/prod/collateral/vpndevc/cisco_2009_asr.pdf

Why are we in this situation? 3. Lack of active and continuous Government and Business actions

What can be done to create a more secure cyber space in SA Let s review 5 areas where some projects/initiatives are presently researched 1. Cyber Security Capacity Building 2. Cyber Security Awareness programs 3. New models and support for home users and SMMEs 4. Cyber Counterintelligence 5. Parliamentary Oversight of Cyber Security and Critical Information Infrastructures

What can be done to create a more secure cyber space in SA Let s review 5 areas where some projects/initiatives are presently researched 1. Cyber Security Capacity Building It is well realized that SA has a massive shortage of cyber security capacity How are we going to address this shortage

1. Capacity Building UK Global Centre for Cyber Security Capacity Building (2013) UKP 500 000 per year India Create a workforce of 500 000 professionals skilled in cyber security in the next 5 years South Korea The South Korean government is planning to train up 5,000 information security experts to address the growing threat and a shortage of home-grown talent. South Africa No real coordinated effort sofar, although the SA Government has indicated that the matter is important No real effort from the business side

1. Capacity Building Certificate in Cyber Security at the Centre for Cyber Security of the University of Johannesburg www.cybersecurity.org.za We need a National Cyber Security Academy sponsored by both Government and Business

What can be done to create a more secure cyber space in SA Let s review 5 areas where some projects/initiatives are presently researched 2. Cyber Security Awareness programs

2. Cyber Security Awareness programs India South Africa The promotion of a cybersecurity culture No real national effort from either the Government of Business

2. Cyber Security Awareness Programs SA Cyber Security Academic Alliance (SACSAA www.cyberaware.org.za) Cyber Security Awareness Week Workbooks etc for schools No financial support We need a national Cyber Security Awareness Program sponsored by Government and Business together

What can be done to create a more secure cyber space in SA Let s review 5 areas where some projects/initiatives are presently researched 3. New models and support for home users and SMMEs

3. New models and support for home users and SMMEs Well reported that home users and SMMEs are becoming the main target for cyber attacks Several governments are providing support to SMMEs to improve their cyber Security

3. New models and support for home users and SMMEs Centre for Cyber Security at the University of Johannesburg Thin Security-oriented clients Community-oriented Incident Response Teams No real financial support

What can be done to create a more secure cyber space in SA Let s review 5 areas where some projects/initiatives are presently researched 4. Cyber Counterintelligence (CCI) Business must be pro-active (offensive?) as far their cyber security is concerned Model for CCI being developed

What can be done to create a more secure cyber space in SA Let s review 5 areas where some projects/initiatives are presently researched 5. Parliamentary Oversight of Cyber Security and Critical Information Infrastructures

5. Parliamentary Oversight of Cyber Security and Critical Information Infrastructures Questions Where can the ordinary user go if he/she is compromised? Who ensures that such systems (Government and business) are secure? Who ensures that personal information stored by Government, business, social sites) is definitely secure and private?

5. Parliamentary Cyber Security Oversight Committee The EU s Digital Agenda Commissioner, Neelie Kroes, has pointed out: Cyber security is too important to leave to chance, to the goodwill of individual companies Lloyds Risk Index http://www.lloyds.com/~/media/files/news%20and%20insight/risk%20insight/risk%20in dex%202013/report/lloyds%20risk%20index%202013report100713.pdf

5. A Parliamentary Cyber Security Oversight Committee Parliament is the highest elected body in a country and can query both Government and Business Accountability for the security of rolling out systems in cyber space must be enforced Accountable for the Cyber Health of SA

What can be done to create a more secure cyber space in SA Let s review 5 areas where some projects/initiatives are presently researched 1. Cyber Security Capacity Building 2. Cyber Security Awareness programs 3. New models and support for home users and SMMEs 4. Cyber Counterintelligence 5. Parliamentary Oversight of Cyber Security and Critical Information Infrastructures

Conclusion There are several positive developments in terms of securing SA s Cyber Space, but for the strategic, economic, social and personal benefit of SA, we need to do more and move faster. We better FAST TRACK some or all of the initiatives discussed above

Thanks basievs@uj.ac.za

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback