MENU

INTERVIEW: Simone Dickson on regulation and risks facing the digital world

August 24, 2019 • Features, Security, Top Stories

INTERVIEW: Simone Dickson on regulation and risks facing the digital world

Simone Dickson, Technology, Media and Telecommunications practice Director at Cliffe Dekker Hofmeyr.(Image source: cliffedekkerhofmeyr.com)

“The legislative process is not typically known to be fast-paced, particularly when compared to the rate at which technology develops and improves,” says Simone Dickson, Technology, Media and Telecommunications practice Director at Cliffe Dekker Hofmeyr. 

On a day-to-day basis, Simone assists and advises her clients on technology, communications and e-commerce law, including intellectual property, data protection, outsourcing and cybersecurity issues. However, of late, she has needed to focus more on issues surrounding cybercrimes and data protection in order to regulate the risks inherent in the digital world. 

“Cybercrime offences are currently specifically dealt with in the Electronic Communications and Transactions Act (ECTA) however; the legislation was passed some time ago and does not provide for a comprehensive, all-encompassing cybercrime regime,” continues Simone.  

IT News Africa’s Jenna Cook had to the opportunity to chat with her about cybercrime in South Africa. Here’s what transpired: 

According to the South African Banking Risk Information Centre’s (SABRIC) annual statistics, cybercrimes across digital banking platforms alone increased by 75 per cent in 2018 – resulting in losses of over R262 million. How does this impact not only the trust that consumers place in digital financial systems but also the South African economy as a whole?

Cybercrime was identified as the most disruptive economic crime likely to affect organisations by respondents to the 2018 PwC Global Economic Crime and Fraud Survey, with the World Economic Forum highlighting technological instability, data fraud and theft and cyber-attacks as global risks in its 2019 global risk report. South Africa is not immune to these risks as is evident from SABRIC’s statistics. 

Digital transactions are however a reality in our world today and to simply try to avoid them is not a feasible option – consumers and entitles across all sectors within South Africa are to acknowledge the risk, educate themselves and take pro-active steps to protect themselves against risk. 

What sort of cyber-attacks are most likely to occur in South Africa? How can we best prepare to combat them?

Businesses and individuals across all sectors are vulnerable to cyber-attacks and nobody is immune. Most vulnerable are perhaps those with significant amounts of data and other digital capital attractive to cybercriminals, as well as businesses that have not yet embarked on any cybersecurity awareness and management programme.  

Businesses and individuals need to remain vigilant by reviewing current data practices and plans and implementing more stringent data security measures and policies (including data breach response plans). 

Victims of cybercrime are currently able to rely on their rights under the common law and also their rights under the Electronic Communications and Transactions Act (ECTA) which establishes certain offences relating to unauthorised access to, interception of or interference with data and can open a criminal case with the South African Police Service. 

The victim can also pursue civil proceedings against the cybercriminal in order to recover the value of the loss suffered although this would only be possible where the identity of the cybercriminal was known to the victim which is not typically the case in the context of cybercrimes, with these criminals often being difficult to trace.

Are there existing legislative measures specific to cyber-crime and the protection of data? What do they entail?

ECTA goes some way towards establishing rights and remedies for the offences established under it, but the legislation was passed some time ago and does not provide for a comprehensive, all-encompassing cybercrime regime. 

Efforts are currently being made in South Africa for the promulgation of additional legislative measures specific to cybercrime and the protection of data. These include the Cybercrimes Bill and the Protection of Personal Information Act (POPI).

What are the ways in which the legislative process can be re-imagined in order to keep up with the fast-paced world of technology?

The legislative process is not typically known to be particularly fast-paced, particularly when compared to the rate at which technology develops and improves. There is and has to be a continued focus on issues surrounding cybercrimes and data protection in order to regulate the risks inherent in the digital world. 

Sectors and industry groups can take self-governance steps to mitigate against risk. The South African Reserve Bank’s directive on cloud computing and data offshoring, effective from October 2018 and which applies to all banks, is a good example of regulatory efforts being made to govern and address issues in this sector.

How does our ever-increasingly connected world create further inherent risks of cybercrime on businesses and individuals?

The more connected we are, the more exposed we are as each connection opens a potential new avenue for attack. Digital developments also offer many benefits – it is a case of not simply putting one’s head in the sand but being conscious, aware and pro-active with regard to risk and engaging in an informed way.

By Jenna Cook

Follow Jenna Cook on Twitter

Follow IT News Africa on Twitter

Comments

comments


Comments are closed.

« »