SA tackles cyber crime

Johannesburg - The first steering committee for a public South African Computer Security Incident Response Team (CSIRT) will meet on November 27 to plan the way forward for the establishment of a private sector CSIRT to be established locally.

The CSIRT, which was formed in October, has the main function to tackle cyber crime, putting in place preventative measures where possible and responding quickly to major cyber crime incidents as they occur, according to professor Barry Dwolatzky, the Director at the Joburg Centre for Software Engineering.

He added that there are a billion people and 10 billion web pages on the internet, and some 12% of all global trade now happens online.

Furthermore, while local access to the internet has been restricted, internet penetration is increasing.

According to the World Wide Worx's most recent internet survey, 3.85 million people in South Africa will have access to the internet by the end of 2007. This is expected to increase significantly by 2010.

As internet penetration grows, an increasing proportion of public service delivery is being supplied directly via the Internet, or is enabled by it. Along with that, email is easily the biggest global business communication tool.

Dwolatzky says these realities make a collective approach with proactive coordination between the public and private sectors crucial if South African organisations are to be trusted with sensitive information by one another, or by their foreign counterparts.

Skill shortage in cyber security

According to ISG's Craig Rosewarne, South Africa has a skills shortage in the area of cyber security.

"There is also a generally low focus on computer security because the private sector is concerned with profit margins and shareholder interests, while government is focusing on basic service delivery and more traditional crime," he said.

While it was agreed at last month's meeting that it is correct to focus on these issues, it was acknowledged that computer security already has a huge bearing on corporate shareholder interests, and also a growing influence on government's ability to render services to the population.

The first African CSIRT was recently launched in Tunisia, while most other continents have multiple teams ready to deal with computer emergencies.

"Africa is way behind the curve; a CSIRT must form part of an holistic, responsible approach to both national and corporate governance," Rosewarne added.

- I-Net Bridge (News24)