David Mahlobo: On cyber security as a major challenge

0

“Electronic computing and communication pose some of the most complex challenges the world has ever faced. They ( cyber security threats) range from protecting the confidentiality … to preventing the scenario recently dramatized in the Bruce Willis movie “Live Free or Die Hard,” in which hackers take down the transportation system, then communications, and finally the power grid.”

This is an extract from the 2015 budget vote speech by the minister of state security David Mahlobo

The advent of the electronic web of information-sharing known as cyberspace has revolutionized the world.

It has brought exciting opportunities in developing our economies, improving our health care, education, agricultural production, military, provision of services etc. These opportunities are endless.

In the same vein, electronic computing and communication pose some of the most complex challenges the world has ever faced. Utility systems providing electricity, gas, and water can be crippled by cyberspace disruptions. Attacks on any of these networks would potentially have disastrous consequences for individuals and for society as a whole.

They range from protecting the confidentiality and integrity of transmitted information and deterring identity theft to preventing the scenario recently dramatized in the Bruce Willis movie “Live Free or Die Hard,” in which hackers take down the transportation system, then communications, and finally the power grid.

Cybersecurity experts know well that the perimeter defence approach doesn’t work. All such defences can eventually be penetrated or bypassed. And even without such breaches, systems can be compromised, as when flooding Web sites with bogus requests will cause servers to crash in what is referred to as a “denial of service” attack or when bad guys are already inside the perimeter.

We need to work hard in terms of research to develop innovations for addressing a long list of cybersecurity priorities.

For one, better approaches are needed to authenticate hardware, software, and data in computer systems and to verify user identities. Biometric technologies, such as fingerprint readers, may be one step in that direction that has been introduced in our own country.

To achieve integrity and securing our cyber space must be accompanied by methods of monitoring and quickly detecting any security compromises. The ability to detect malicious activity and disable attempted intrusions automatically.  Part of that process should be new forensics for finding and catching criminals who commit cybercrime or cyberterrorism.

As people we must recognize that cybersecurity system’s success depends on understanding the safety of the whole system, not merely protecting its individual parts. Consequently cybercrime and cyberterrorism must be fought on the personal, social, and political fronts as well as the electronic front.

Laws and regulations concerning cybersecurity need to be evaluated for their influence on how people use or misuse electronic information.

The growing use of smart phones and other mobile devices to access the Internet has seen more consumers increasingly vulnerable to cybercrime as they enter the cyber space with little or no Cybersecurity awareness.

In recent years, we have seen an enormous increase in the usage of social media networks. Social media networks have the power to help people voice their demands and mobilize their forces.  We all know in the case of the so-called Arab Spring how people mobilised themselves or were mobilised to effect a regime change through social media.

Our own experience wherein a 15 year old girl was lured into ISIS is a matter of concern. After my intervention working closely with the law enforcement agencies we were able to intervene decisively.

It brought home the stark message that parents and the broader society must take a stand and exercise caution when their children are engaging in various platforms provided in the cyberspace.

Honourable Members, you are well aware of the various scams and fraudulent activities undertaken by cybercriminals and syndicates to get to your personal information and financial data.

Whilst in other instances security breaches may be attributed to negligence in protection of information, corporate espionage by competitors and hackers, disgruntled employees pose even a bigger threat.

Globally, nation States are faced with a challenge of putting measures in place to protect their territorial integrity, national security and critical infrastructures and citizens against cyber-attacks, cyber terrorism and cyber warfare.

Significant strides are being made in enhancing the security of the nation’s critical physical infrastructure as well as its cyber infrastructure and networks.

In March 2012, Cabinet approved a National Cybersecurity Policy Framework (NCPF).  To ensure greater cooperation and national alignment of the implementation process, the Cybersecurity Response Committee (CRC), a strategic body chaired by SSA, responsible for Cybersecurity priority setting and overseeing the implementation of the NCPF was established.

Working with universities and other research institutes like the CSIR to build the cybersecurity pipeline through competitive scholarship, fellowship, and internship programs must be our preoccupation to attract top talent and develop systems that have command and control in our hands, national sovereignty.

This financial year, 2015/16 we plan to move with speed to:

  1. a)Enhance the institutional cybersecurity capacity
  2. b)Finalize the national cybersecurity policy and legislation
  3. c)Working with the security cluster to present the Cyber Security Bill before Cabinet this year
  4. d)Build on our first symposium work held this year to promote partnership and public cybersecurity awareness campaign designed to increase public understanding of cyber threats and promote simple steps the public can take to increase their safety and security online.
  5. e)Strengthen our cooperation in this space with our SADC, AU and BRICS partners through existing mechanism.
  6. f)Prioritize the establishment of the Cybersecurity Centre and the repositioning of the current Electronic Communications Security Computer Security Incident Response Team (ECS-CSIRT) to become a Government CSIRT

Securing our cyberspace will ensure conditions for peace, security and development are enhanced.

LEAVE A REPLY

Please enter your comment!
Please enter your name here

This site uses Akismet to reduce spam. Learn how your comment data is processed.