Overcoming the challenge of public sector cybersecurity

T-Mobile is Warning that a data breach has exposed the names, date of birth, Social Security number and driver’s license/ID information of more than 40 million current, former or prospective customers who applied for credit with the company. Get Secured Now with Norton 360


Pinnacle’s Kulani Maphophe

For countries in the developing world, South Africa included, the knock-on effect of a cyberattack on critical infrastructure could be devastating. Based on past instances around the globe, the potential chaos unleashed by cybercriminals disrupting the logistics network for food, energy or medical supply chains is almost limitless.

Asked why a cybercriminal may specifically target a public sector enterprise, Kulani Maphophe, executive for government and SADC sales at Pinnacle ICT, said that it could be any of a combination of reasons.

“These people may break into a government system looking to conduct cyberwarfare or terrorism, they could be undertaking espionage, or simply engaged in plain, old-fashioned crime. They are aware that government has huge databases of personal information, and may simply be seeking to harvest names, identity numbers and addresses, which are then used for phishing attacks, or they can simply sell this data to someone else who might commit the crime,” he said.

“With a clear and growing global concern about cybercrime, governments are now taking it seriously. In fact, South Africa began its journey in 2012, when the national cybersecurity policy framework was enacted. The thinking behind this was to create greater coordination between government entities, the private sector and NGOs.”

According to Maphophe, although South Africa has not moved as quickly on the matter of cybersecurity since then, under the framework the government has established a cybersecurity hub. This is a computer security incident response team for the public sector, which coordinates between various government departments and agencies, including the State IT Agency, the State Security Agency, the department of defence, the South African Police Service and the Hawks.

Delayed

Asked what else can be done to improve the situation, he said the cybercrime bill, which was proposed in 2015 but has not yet been signed into law, needs to be fast-tracked so that such criminals can be properly prosecuted. He added that the bill has been delayed because certain…

Source…