According to the United Nations’ latest Global Cybersecurity Index‚ the country’s commitment to cyber security is sixth in Africa‚ behind Mauritius‚ Rwanda‚ Kenya‚ Nigeria and Uganda.
The index is a survey that measures the commitment of 165 member states to cyber security in order to raise awareness.
Countries are scored on their legal‚ technical and organisational institutions‚ educational and research capabilities‚ and their cooperation in information-sharing networks.
Singapore was found to be the most committed to cyber security with a “near-perfect” strategy while Equatorial Guinea was the only country to have scored zero.
UN agency International Telecommunications Union classified South Africa’s commitment as at a “maturity stage” because the country has developed complex commitments and engages in cybersecurity programmes and initiatives.
However local experts said South Africa was at the “low end of the maturing stage” as the appropriate mechanisms and bodies to tackle cyber threats were not in place.
“Although legislation which will assist in protecting South Africans from cybercrime is in the pipeline‚ as things stand‚ South Africans are unprotected. This is due to the fact that‚, although steps have been taken to draft new legislation‚ namely the Cybercrimes and Cybersecurity Bill‚ there is still a way to go before this, is law‚” Norton Rose Fulbright technology associate Rakhee Bhikha said.
The upcoming privacy legislation‚ the Protection of Personal Information Act‚ 2002 (POPI)‚ while enacted‚ has not yet commenced.
“This has resulted in a gap in the law as there are no satisfactory statutory obligations for organisations to protect their client’s and even employee’s personal information. Due to the recent spate of cyber-attacks a number of organisations have however taken greater steps to ensure that their clients and business information is secure‚” she said.
DFIRLABS principal forensic scientist Jason Jordaan said government needed to realise that “the threats that we face don’t care about our internal issues in South Africa”.
“The problem is we are far too politically charged. Cybersecurity should be an apolitical thing. It should be: what should we do best to serve the country? We shouldn’t be worrying about which party is behind which initiative.
“South Africa needs the best people and the best strategy to defend itself against the kind of threats that we face. The bad guys don’t care about your political affiliations or cadre deployments‚ they care about what serves them.”