Cybercrime: a complex problem requiring a mul4- faceted response. 26 March 2014

Size: px

Start display at page:

Download "Cybercrime: a complex problem requiring a mul4- faceted response. 26 March 2014"

Joanna Howard
8 years ago
Views:

1 Cybercrime: a complex problem requiring a mul4- faceted response 26 March 2014

2 Challenges and Prospects of Frameworks to combat Cybercrime a cri4cal perspec4ve Prof Basie Von Solms Director : Centre for Cyber Security Academy for Computer Science and Software Engineering University of Johannesburg basievs@uj.ac.za

3 Cyber crime is a na4onal crisis June 20, 2013 Na4onal crisis of cybercrime poses major threat to SA business Sep 18, 2013 Cybercrime 'na4onal crisis' cos4ng SA R1b a year Oct 23, 2013

4 What must we do to decrease Cyber Crime?

5 My hypothesis to decrease Cyber Crime we need to move towards a more secure Cyber Space we need a proper Architecture for a Secure Cyber Space

6 SA s Secure Cyber Space Components to secure SA s Cyber space Founda4ononn Architecture for a Secure Cyber Space

7 What is this Founda4on? What are these components? What is the gold standard to protect a country s Cyber Space?

8 Determining the gold standard : Founda4on : (Government s) primary role is to define the na4onal strategy and provide the policy framework. The policy framework describes the architecture by which the na4onal efforts are built and operated. Best Prac6ces for Na6onal CyberSecurity: Building a Na6onal Computer Security Incident Management Capability, Version 2.0, 2011 Each Member State, shall put in place a na4onal cyber security policy DraG African Union Conven6on on the Confidence and Security in Cyberspace

9 SA s Secure Cyber Space Components to secure SA s Cyber space Architecture for a Secure Cyber Space

10 Determining the gold standard : Components Let s inves4gate some other exis4ng Na4onal Strategies to determine some common components are

11 Component 1 A Na4onal program for Cyber Security skills/capacity building India s Na4onal Cyber Security Policy Dra` African Union Conven4on on the Confidence and Security in Cyberspace Each Member State have to undertake measures to develop capacity building measures

12 SA s Secure Cyber Space A Na6onal program for Cyber Security skills/ capacity building ) Architecture for a Secure Cyber Space

13 Shortage of skills in SA UJ effort Cer6ficate in Cyber Security Cer6ficate in Digital Forensics

14 Component 2 A Culture of Cyber Security India s Na4onal Cyber Security Policy AU s Dra` Conven4on Each Member State have to undertake measures to take the lead in the development of a cyber security culture within its borders and to this end enhance awareness- building

15 SA s Secure Cyber Space A Na6onal program for Cyber Security skills/ capacity building A Na6onal Cyber Security Awarenes s Program (Cyber Security Cuilture) Architecture for a Secure Cyber Space

16 Isolated ini4a4ves SACSAA UJ, NMMU, UNISA CSIR Integrated na4onal ini4a4ve needed

17 Component 3 A Na4onal Cri4cal Informa4on Infrastructure Protec4on Centre India s Na4onal Cyber Security Policy AU s Dra` Conven4on Member States have to undertake necessary measures to encourage the establishment of ins6tu6ons such as Computer Emergency Response Team (CERT) or Computer Security Incident Response Team (CSIRTs).

18 SA s Secure Cyber Space A Na6onal program for Cyber Security skills/ capacity building A Na6onal Cyber Security Awarenes s Program (Cyber Security Cuilture) A Na6onal Cri6cal Informa6o n Infrastruct ure Protec6on Centre Architecture for a Secure Cyber Space

19 Component 3 A Na4onal Cri4cal Informa4on Infrastructure Protec4on Centre Na4onal CSIRT Cyber Threat Intelligence Cyber Counterintelligence Centre for Cyber Security at UJ

20 Component 4 Public- Private Partnerships in the Cyber Space India s Na4onal Cyber Security Policy AU s Dra` Conven4on Each Member State have to undertake measures to adopt public- private partnership as a model to engage industry, civil society and the academia..

21 SA s Secure Cyber Space A Na6onal program for Cyber Security skills/ capacity building A Na6onal Cyber Security Awarenes s Program (Cyber Security Cuilture) A Na6onal Cri6cal Informa6o n Infrastruct ure Protec6on Centre Public- Private Partner Ships Architecture for a Secure Cyber Space

22 Most Cri4cal Infrastructures are in private hands Government needs the private sector in this mader

23 Component 5 Gov support for cyber security in SMMEs India s Na4onal Cyber Security Policy

24 SA s Secure Cyber Space A Na6onal program for Cyber Security skills/ capacity building A Na6onal Cyber Security Awarenes s Program (Cyber Security Cuilture) A Na6onal Cri6cal Informa6o n Infrastruct ure Protec6on Centre Public- Private Partner Ships Gov support for cyber sec rity in SMMEs Architecture for a Secure Cyber Space

25 SMMEs as growing targets of Cybercrime SMMEs in SA are dependent on their cyber presence > 1,5 million jobs (in SMMEs) exist because of this cyber presence SMMEs are a growing target for cyber criminals POPI

26 SMMEs as growing targets of Cybercrime USA With small businesses prime targets for cyber attacks, the US Government announced (2011) that it designed a free online resource (tool) to help companies improve their online security

27 The UK government's Technology Strategy Board has extended its Innova6on Vouchers scheme to allow small and medium enterprises (SMEs) to bid for up to 5,000 from a 500,000 pot to improve their cyber security by bringing in outside exper6se. h`p://news.techworld.com/security/ /uk- government- offers- smes to- improve- their- cyber- security/

28 SA s Secure Cyber Space A Na6onal program for Cyber Security skills/ capacity building A Na6onal Cyber Security Awarenes s Program (Cyber Security Cuilture) A Na6onal Cri6cal Informa6o n Infrastruct. ure Protec6on Centre Public- Private Partner Ships Gov support for cyber sec rity in SMMEs. More Architecture for a Secure Cyber Space

29 More components Interna4onal coopera4on Legal infrastructure

30 My hypothesis to decrease Cyber Crime we need to move towards a more secure Cyber Space we need a proper Architecture for a Secure Cyber Space

31 Conclusion as maders stand at the moment Therefore we will not decrease Cyber Crime Therefore we are not moving to a more secure Cyber Space We do not have a proper Architecture for a Secure SA Cyber Space

32 1. Norton Report 2012/3 South Africa have the 3 rd highest number of cybercrime vic6ms in the world 2. FBI : South Africa is a cyber crime hot spot The FBI listed South Africa as the sixth most ac6ve country where cyber crime took place h`p://businesstech.co.za/news/interna6onal/48142/south- africa- is- a- cybercrime- hot- spot- gi/22

33 Conclusion Therefore we will not decrease Cyber Crime Therefore we are not moving to a more secure Cyber Space We do not have a proper Architecture for a Secure Cyber Space A proper integrated Architecture for a Secure Cyber Space for SA is the star4ng point to start decreasing Cyber Crime and is URGENTLY needed!!!

34 Conclusion Therefore we will not decrease Cyber Crime There fore we are not moving to a more secure Cyber Space We do not have a proper Architecture for a Secure Cyber Space SA will NOT reduce Cybercrime before we have a proper Architecture for a Secure Cyber Space This message MUST be conveyed to the highest levels in SA

35 Thanks

36 Subscribe to ISS newsletters

Towards a more secure Cyber Space for South Africa

22 October 2013 Towards a more secure Cyber Space for South Africa Prof Basie Von Solms Director : Centre for Cyber Security University of Johannesburg basievs@uj.ac.za International comments African comments