Increased regulations for companies as cybercrime hits SA


As cybercrime increasingly affects South Africans, a number of new regulations, locally and internationally seek to protect citizens’ information.

Following the breach of financial services group Liberty Holdings [JSE:LBH] last week and a demand for a “ransom” for the sensitive information held by the insurer, Andrew Chester, managing director of Ukuvuma Cyber Security said that this could be the first South African incident subjected to the European new data laws, the General Data Protection Regulation (GDPR) which came into effect on May 25.

Liberty must conform to GDPR regulations because of its European stakeholders and the legislation requires companies to send out breach notifications to their clients, according to Chester. 

The GDPR is a set of wide-ranging regulations regarding sensitive consumer data which aims to change the way information belonging to European citizens is used and stored.

South African companies will need to implement the GDPR, according to Protection of Personal Information Act (PoPIA) expert, Dr Peter Tobin who warned at a conference in SA earlier this week that any organisation that deals with the data of any European resident is impacted by it.

SA legislation not yet fully enacted

While the GDPR legislation is already in place in Europe, local legislation, the PoPI Act which has extensive powers to investigate and fine responsible parties is yet to be fully enacted.

According to law firm Michalsons, the majority of the act will only commence at a later date, to be proclaimed by the president. As there is a one-year grace period, the PoPIA deadline might only be set for the end of 2019 or in 2020.

“It wasn't a matter whether their companies would be hacked, it’s a matter of when,” said Jocelyn Miley, Central Europe spokesperson for Blancco Technology, a data management company.

The Information Regulator requested information from Liberty about the breach on Monday but chairperson Advocate Pansy Tlakula told parliamentarians in April that despite having received 180 complaints since October 2016, it has been unable to enforce and settle them as the body lacks regulatory powers.

Meanwhile, Liberty has remained mum on many of the details of the breach, citing a police investigation.

The company has urged clients to take “precautions” related to the protection of data, Liberty’s spokesperson Sydney Mbhele told Fin24 on Wednesday.

Mbhele said in these situations, people could try take advantage and people should be aware that the company will never send emails to Liberty insurance policy holders asking them to change their passwords.

He added that it is good practice to select a strong password for accounts and to change them regularly.

On Monday, Fin24 reported that Arthur Goldstuck, MD of World Wide Worx advised Liberty clients their online banking details and any other systems which could have the same passwords as their Liberty accounts.

* Sign up to Fin24's top news in your inbox: SUBSCRIBE TO FIN24 NEWSLETTER
We live in a world where facts and fiction get blurred
In times of uncertainty you need journalism you can trust. For 14 free days, you can have access to a world of in-depth analyses, investigative journalism, top opinions and a range of features. Journalism strengthens democracy. Invest in the future today. Thereafter you will be billed R75 per month. You can cancel anytime and if you cancel within 14 days you won't be billed. 
Subscribe to News24
Rand - Dollar
Rand - Pound
Rand - Euro
Rand - Aus dollar
Rand - Yen
Brent Crude
Top 40
All Share
Resource 10
Industrial 25
Financial 15
All JSE data delayed by at least 15 minutes Iress logo
Company Snapshot
Editorial feedback and complaints

Contact the public editor with feedback for our journalists, complaints, queries or suggestions about articles on News24.

Government tenders

Find public sector tender opportunities in South Africa here.

Government tenders
This portal provides access to information on all tenders made by all public sector organisations in all spheres of government.
Browse tenders