Governance of Cybersecurity - The Case of South Africa
DOI:
https://doi.org/10.23962/10539/23574Keywords:
cybercrime, cybersecurity, data protection, privacy, governance, South AfricaAbstract
Cybersecurity is a growing concern for governments, with the push for universal access to the Internet, the increasing ubiquity of social networks and the growing reliance on digital government service, and given a growing range of threats from foreign powers, terrorists and criminals. These complex issues span all government ministries, their agencies and contractors, plus provincial and municipal government, and require the state to create legal frameworks and agencies to protect data and offer advice to businesses and citizens, plus ensuring a sufficient supply of skilled technicians and engineers. In the case of South Africa, its government responded in 2015 with a National Cybersecurity Policy Framework (NCPF), with implementation led by the Ministry of State Security. The Protection of Personal Information (POPI) Act of 2013 created the Information Regulator to ensure data privacy. The POPI regime is only being implemented slowly and has overly wide exemptions for national security. South Africa lags behind advanced economies in cybersecurity legislation, in government coordination, in engagement with business and citizens, and in the supply of skilled labour. Delays have meant it lacks the experiences obtained in faster moving countries, and the improvements they have made to their policies and, especially, implementation. Parliament has neither pressed the government for faster action nor explored areas where powers might have been taken that infringe human rights.
References
African Union (AU). (2014). Convention on Cyber Security and Personal Data Protection. Addis Ababa. Retrieved from https://www.au.int/en/treaties/african-union-convention-cyber-security-and-personal-data-protection
Ahmed, S. (1999). Being intelligent about intelligence: SA parliamentary oversight. South African Journal of International Affairs, 6(2), 191-198. https://doi.org/10.1080/10220469909545273
Akamai. (2016). How the Mirai botnet is fuelling today’s largest and most crippling DDOS attacks. Cambridge, MA. Retrieved from https://www.akamai.com/uk/en/multimedia/documents/white-paper/akamai-mirai-botnet-and-attacks-against-dns-servers-white-paper.pdf
Akamai. (2017). State of the Internet/security Q4 2016 report. Cambridge, MA. Retrieved from https://www.akamai.com/us/en/our-thinking/state-of-the-internet-report/global-state-of-the-internet-security-ddos-attack-reports.jsp
Beresford, A. (2015). Power, patronage, and gatekeeper politics in South Africa. African Affairs, 114(455), 226-248. https://doi.org/10.1093/afraf/adu083
Booysen, S. (2015). Dominance and decline: The ANC in the time of Zuma. Johannesburg: Wits University Press. https://doi.org/10.18772/12015108844
Business Process Enabling South Africa (BPESA). (n.d.). Website. Retrieved from http://www.bpesa.org.za/
Breckenridge, K. (2005). The biometric state: the promise and peril of digital government in the new South Africa. Journal of Southern African Studies, 31(2), 267-282. https://doi.org/10.1080/03057070500109458
Brito, J., & Watkins, T. (2011). Loving the cyber bomb? The dangers of threat inflation in cybersecurity policy. Harvard National Security Journal, 3(1), 39-84. Retrieved from http://harvardnsj.org/2011/12/loving-the-cyber-bomb-the-dangers-of-threat-inflation-in-cybersecurity-policy/
Bronk, H., Thorbruegge, M., & Hakkaja, M. (2006). A step-by-step approach on how to setup a CSIRT. Heraklion: European Union Agency for Network and Information Security. Retrieved from https://www.enisa.europa.eu/publications/csirt-setting-up-guide
Burchell, J. (2009). The legal protection of privacy in South Africa: A transplantable hybrid. Electronic Journal of Comparative Law, 13(1), 1-26. Retrieved from http://www.ejcl.org/131/art131-2.pdf
Chertoff, M. (2008). The cybersecurity challenge. Regulation C Governance, 2(4), 480-484. https://doi.org/10.1111/j.1748-5991.2008.00051.x
Cisco. (2017). Annual cybersecurity report. San Jose, CA. Retrieved from http://www.cisco. com/c/en/us/products/security/security-reports.html
Cloete, F. (2012). E-government lessons from South Africa 2001-2011: Institutions, state of progress and measurement. The African Journal of Information and Communication (AJIC), 12, 128-142. https://doi.org/10.23962/10539/19712
Cohen, T. (2001).“But for the nicety of knocking and requesting a right of entry”: Surveillance law and privacy rights in South Africa. South African Journal of Information and Communication (SAJIC), 1, 1-18. https://doi.org/10.23962/10539/19841
Conradis, B. (2017, February 21). German regulator tells parents to destroy “spy” doll Cayla. Deutsche Welle. Retrieved from http://www.dw.com/en/german-regulator-tells-parents-to-destroy-spy-doll-cayla/a-37601577
Council of Europe. (2001). Convention on Cybercrime. ETS No.185. Strasbourg. Retrieved from https://www.coe.int/en/web/conventions/full-list/-/conventions/treaty/185
Centre for Research in Information and Cyber Security (CRICS). (n.d.). Website. Nelson Mandela University. Retrieved from http://crics.mandela.ac.za/
Cyber Security Awareness (CSA). (n.d.). Website. University of South Africa (UNISA). Retrieved from http://eagle.unisa.ac.za/elmarie/
Centre for Cyber Security (CSI). (n.d.).Website. Retrieved from http://adam.uj.ac.za/csi/ Corruption Watch (CW). (2016). Annual report. Johannesburg.
Cwele, S. C. (2015, October 30). Minister Siyabonga Cwele: Launch of Cybersecurity Hub. Text of speech. Retrieved from http://www.gov.za/speeches/minister-siyabonga-cwele-launch-cybersecurity-hub-30-oct-2015-0000
Dean, B. (2016). Natural and quasi-natural experiments to evaluate cybersecurity policies. Journal of International Affairs, 70(1), 139-160. Retrieved from https://jia.sipa.columbia.edu/natural-and-quasi-natural-experiments-evaluate-cybersecurity-policies
Deloitte. (2015). Outsourcing is good for job creation in South Africa. Johannesburg: Deloitte & Touche.
Department of Defence. (2015a). South African defence review. Pretoria. Retrieved from http://www.dod.mil.za/documents/defencereview/Defence%20Review%202015.pdf
Department of Defence. (2015b). Department of Defence strategic plan for 2015 to 2020. Pretoria. Retrieved from http://www.dod.mil.za/documents/annualreports/DoD%20Annual%20Performance%20Strat%20Plan%202403.pdf
Department of Defence. (2016). Annual report 2015/16. Pretoria. Retrieved from http://www.gov.za/sites/www.gov.za/files/DoD_Annual_Report_2015-2016%20RGB.pdf
Department of Defence. (2017). Annual performance plan. Pretoria. Retrieved from http://www.dod.mil.za/documents/app/2017/DoD%20APP%202017%20web%2010%20March.pdf
Department of Public Service and Administration (DPSA). (2001). Electronic government: The digital future: A public service IT policy framework. Pretoria.
DPSA (2012). Public service corporate governance of information and communication technology policy framework. Pretoria. Retrieved from http://www.gov.za/sites/www.gov.za/files/CGICTPolicyFramework.pdf
DPSA. (n.d.). Website. Retrieved from http://www.dpsa.gov.za/
Donovan, K. P. (2015). The biometric imaginary: Bureaucratic technopolitics in post- apartheid welfare. Journal of Southern African Studies, 41(4), 815-833. https://doi.org/10.1080/03057070.2015.1049485
Department of Telecommunications and Postal Services (DTPS). (2016). National Integrated ICT Policy White Paper. Government Gazette, 176(40325). Retrieved from http://www.gov.za/sites/www.gov.za/files/40325_gon1212.pdf
DTPS. (2017a). Cybersecurity: Department & SABRIC briefing, with Deputy Minister present. Retrieved from https://pmg.org.za/committee-meeting/24042/
DTPS. (2017b). National e-government strategy and roadmap: Digitizing government services. Government Gazette, 622(40772).
DTPS. (2017c). Invitation to nominate members of the National Cyber Security Advisory Council. Retrieved from https://www.dtps.gov.za/index.php?option=com_content&view=article&id=703:national-cybersecurity-advisory-council&catid=51:popular-topics&Itemid=298
DTPS. (2017d). National e-Government Strategy and Roadmap. Government Gazette, 629(41241).
EFF v Speaker of the National Assembly, ZACC 11 (Constitutional Court March 31, 2016).
Electronic Communications Security - Computer Security Incident Response Team (ECS- CSIRT). (n.d.). Website. Retrieved from http://www.ssa.gov.za/CSIRT.aspx
ENCA. (2013, August 12). Answers wanted in alleged Pule assassination plot. Retrieved from https://www.enca.com/south-africa/pule-linked-alleged-assassination-plot
EU. (1995). Directive 95/46/EC of the European Parliament and of the Council of 24 October 1995 on the protection of individuals with regard to the processing of personal data and on the free movement of such data. Brussels. Retrieved from http://eur-lex.europa.eu/legal-content/EN/TXT/?uri=CELEX:31995L0046
EU. (2016). Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC. Brussels. Retrieved from http://eur-lex.europa.eu/legal-content/EN/TXT/?uri=CELEX:32016R0679
Fachkha, C., & Debbabi, M. (2016). Darknet as a source of cyber intelligence: Survey, taxonomy, and characterization. IEEE Communications Surveys C Tutorials, 18(2), 1197-1227. https://doi.org/10.1109/COMST.2015.2497690
Feinstein, A. (2010, June 7). Rise of the tenderpreneurs, the fall of South Africa. New Statesman. Retrieved from http://www.newstatesman.com/africa/2010/06/south-world-anc-party-zuma
Forum for Incident Response and Security Teams (FIRST). (n.d.). Website. Retrieved from https://www.first.org/
Freedman, M. (2016, October 10). South Africa: ICT white paper under fire. Extensia. Retrieved from http://extensia-ltd.com/south-africa-ict-white-paper-fire/
Fripp, C. (2014, November 11). Cybercrime costs South Africa about R5.8 billion a year. htxt. africa. Retrieved from http://www.htxt.co.za/2014/11/11/cybercrime-costs-south-africa-about-r5-8-billion-a-year/
Gallens, M. (2016, October 26). Pansy Tlakula appointed as new information regulator. News24. Retrieved from http://www.news24.com/SouthAfrica/News/pansy-tlakula-appointed-as-new-information-regulator-20161026
Gibson, J. L. (2016). Reassessing the institutional legitimacy of the South African Constitutional Court: New evidence, revised theory. Politikon: South African Journal of Political Studies, 43(1), 53-77. https://doi.org/10.1080/02589346.2016.1155135
Gilardi, F. (2010). Who learns from what in policy diffusion processes? American Journal of Political Science, 54(3), 650-666. https://doi.org/10.1111/j.1540-5907.2010.00452.x
Global Network Initiative (GNI). (n.d.). Website. Retrieved from http://www.globalnetworkinitiative.org/
Gonzalez, J. (2005). Computer safety, reliability, and security. In R. Winther, B. A. Gran, & G. Dahll (Eds.), 24th International Conference, SAFECOMP 2005. Cham, Switzerland: Springer. https://doi.org/10.1007/11563228
Goodin, D. (2017, February 27). Record-breaking DDoS reportedly delivered by 145,000+ hacked cameras. Ars Technica. Retrieved from https://arstechnica.co.uk/security/2016/09/botnet-of-145k-cameras-reportedly-deliver-internets-biggest-ddos-ever/
Government Accountability Office (GAO). (2017). Cybersecurity - actions needed to strengthen U.S. capabilities. GAO-17-440T. Washington, DC. Retrieved from http://gao.gov/ products/GAO-17-440T
Grobler, M., & Bryk, H. (2010). Common challenges faced during the establishment of a CSIRT. In H. S. Venter, M. Coetzee, & M. Loock (Eds.), Information security for South Africa (ISSA) (pp. 1-6). New York: IEEE. https://doi.org/10.1109/ISSA.2010.5588307
Grobler, M., Van Vuuren, J. J., & Leenen, L. (2012). Implementation of a cyber security policy in South Africa: Reflection on progress and the way forward. In M. D. Hercheui, D. Whitehouse, W. McIver, & J. Phahlamohlaka (Eds.), IFIP International Conference on Human Choice and Computers (pp. 215-225). Berlin: Springer. https://doi.org/10.1007/978-3-642-33332-3_20
Hawker, G. (2003). Missing cadres? List voting and the ANC’s management of its parliamentarians in the National Assembly, 1999-2003. Journal of African Elections, 2(1), 97-115. https://doi.org/10.20940/JAE/2003/v2i2a7
Hawker, G. (2007). Challenges for parliament in South Africa. Australasian Parliamentary Review, 22(1), 97-113.
International Multilateral Partnership Against Cyber-Terrorism (IMPACT). (n.d.). Website. Retrieved from http://www.impact-alliance.org/home/index.html
International Telecommunication Union (ITU). (2017). Global cybersecurity index. Retrieved from http://www.itu.int/en/ITU-D/Cybersecurity/Pages/GCI.aspx
iSolv Technologies. (n.d.). Website. Retrieved from https://isolvtech.com/
IT News Africa. (2013, October 15). South Africa launches National Cyber Security Advisory Council. Retrieved from http://www.itnewsafrica.com/2013/10/south-africa-launches-national-cyber-security-advisory-council/
Johnson, R. W. (2017). How long will South Africa survive? The crisis continues. Johannesburg: Jonathan Ball.
Joint Standing Committee on Intelligence ( JSCI). (n.d.). Website. Retrieved from http://www.parliament.gov.za/live/content.php?Item_ID=215&CommitteeID=132
JSCI. (2015). Report of the Joint Standing Committee on Intelligence on activities of the Committee after 5 months of establishment. Cape Town. Retrieved from https://pmg.org.za/tabledcommitteereport/
Jonker, M. (2015, November 2). One in ten SA businesses have experienced cyberattacks. Grant Thornton. Retrieved from https://www.grantthornton.co.za/insights/articles/one-in-ten-sa-businesses-have-experienced-cyber-attacks-in-the-past-year/
Justice, Crime Prevention and Security Cluster ( JCPS). (n.d.). About. Retrieved from http://www.gov.za/about-government/justice-crime-prevention-and-security-cluster
King Committee. (2016). King IV: Report on corporate governance. Johannesburg: The Institute of Directors in Southern Africa.
Kirlidog, M., Van der Vyver, C., Zeeman, M., & Coetzee, W. (2016). Unfulfilled need: Reasons for insufficient ICT skills in South Africa. Information Development, 1-15. https://doi.org/10.1177/0266666916671984
Klaaren, J. (2015). The judicial role in defining national security and access to information in South Africa. Democracy and Security, 11(3), 275-297. https://doi.org/10.1080/17419166.2015.1067613
Koelble, T. (2017). One-party dominance and public sector corruption in South Africa: Consequences for democracy. In P. Harfst, I. Kubbe, & T. Poguntke (Eds.), Parties, governments and elites (pp. 281-300). Wiesbaden: Springer Fachmedien. https://doi.org/10.1007/978-3-658-17446-0_14
Kritzinger, E. (2014). Online safety in South Africa – a cause for growing concern. In H. S. Venter, M. Laack, M. Coetzee, & M. M. Elaf (Eds.), Information Security for South Africa (ISSA) 2014. New York: IEEE. https://doi.org/10.1109/ISSA.2014.6950502
Kynoch, G. (2005). Crime, conflict and politics in transition-era South Africa. African Affairs, 104(416), 493-514. https://doi.org/10.1093/afraf/adi009
Lacson, W., & Jones, B. (2016). The 21st century DarkNet market: Lessons from the fall of Silk Road. International Journal of Cyber Criminology, 10(1), 40-61. https://doi.org/10.5281/zenodo.58521
Letsoalo, M. (2017, September 8). “Spooks” cash “used to spy on Cyril Ramaphosa”. Mail C Guardian. Retrieved from https://mg.co.za/article/2017-09-08-00-secret-funds-used-to-spy-on-cyril
Liff, A. P. (2012). Cyberwar: A new “absolute weapon”? The proliferation of cyberwarfare capabilities and interstate war. Journal of Strategic Studies, 35(3), 401-428. https://doi.org/10.1080/01402390.2012.66325 2
Lindsay, J. R. (2015). Tipping the scales: The attribution problem and the feasibility of deterrence against cyberattack. Journal of Cyber Security, 1(1), 53-67. https://doi.org/10.1093/cybsec/tyv003
Lotz, B. (2017, October 23). Your ID number is online – why that’s bad and what you can do. Mail C Guardian. Retrieved from https://mg.co.za/article/2017-10-23-your-id-number-is-online-why-thats-bad-and-what-you-can-do
Mapisa-Nqakula, N. (2016, May 11). Minister Nosiviwe Mapisa-Nqakula: Defence and Military Veterans Dept Budget Vote 2016/17. Text of speech. Retrieved from http://www.gov.za/speeches/minister-nosiviwe-mapisa-nqakula-defence-and-military-veterans-dept-budget-vote-201617-11
Matthews, J., Ginwala, F., & Nathan, L. (2008). Intelligence in a constitutional democracy: A report to the Minister for Intelligence Services. Pretoria: Ministry of Intelligence Services.
Mawela, T. (2017). Exploring the role of social media in the G2C relationship: A South African perspective. Information Development, 33(2), 117-132. https://doi.org/10.1177/0266666916639743
Mbelli, T. M., & Dwolatzky, B. (2016). Cyber security, a threat to cyber banking in South Africa: An approach to network and application security. In M. Qiu, L. Tao, & J. Niu (Eds.), IEEE 3rd International Conference on Cyber Security and Cloud Computing. New York: IEEE Computer Society. https://doi.org/10.1109/CSCloud.2016.18
McKinley, D. T. (2013). State and civil-political rights in South Africa. Strategic Review for Southern Africa, 35(1), 118-134.
McKinley, D. T. (2014). Secrecy and power in South Africa. In G. M. Khadiagala, P. Naidoo, D. Pillay, & R. Southall (Eds.), New South African review 4: A fragile democracy - twenty years on. Johannesburg: Wits University Press.
McKinley, D. T. (2016). New terrains of privacy in South Africa: Biometrics/smart identification systems, CCTV/ALPR, drones, mandatory SIM card registration and FICA. Johannesburg: Right2Know Campaign & Media Policy & Democracy Project. https://doi.org/10.35293/srsa.v35i1.108
McLeod, D. (2017, January 25). ICT white paper “not constitutional”. TechCentral. Retrieved from https://techcentral.co.za/ict-white-paper-unconstitutional/71367/
Meseguer, C. (2005). Policy learning, policy diffusion, and the making of a new order. The Annals of the American Academy of Political and Social Science, 598(1), 67-82. https://doi.org/10.1177/0002716204272372
Microsoft. (2017). Microsoft security intelligence report. Retrieved from https://www.microsoft.com/en-us/security/Intelligence-report
Minister of Justice. (2015). [draft] Cybercrimes and Cybersecurity Bill. Minister of Justice and Correctional Services. Retrieved from http://www.justice.gov.za/legislation/invitations/CyberCrimesBill2015.pdf
Minister of Justice. (2017). Cybercrimes and Cybersecurity Bill. Minister of Justice and Correctional Services. Retrieved from http://pmg-assets.s3-website-eu-west-1.amazonaws.com/CyberCrimes-Bill-2017.pdf
Mokgoro, Y. (2014). Report on interception of private communications. Cape Town: Parliament of the Republic of South Africa. Retrieved from http://pmg-assets.s3-website-eu-west-1.amazonaws.com/160127report.pdf
Moyo, A. (2016a, July 15). Armscor plays down hack. ITWeb. Moyo, A. (2016b, July 25). Armscor beefs up security. ITWeb.
Mutula, S. M., & Mostert, J. (2010). Challenges and opportunities of e‐government in South Africa. The Electronic Library, 28(1), 38-53. https://doi.org/10.1108/02640471011023360
Nathan, L. (2009). Lighting up the intelligence community: An agenda for intelligence reform in South Africa. African Security Review, 18(1), 91-104. https://doi.org/10.1080/10246029.2009.9627518
Nathan, L. (2010). Intelligence bound: The South African Constitution and intelligence services. International Affairs, 86(1), 195-210. https://doi.org/10.1111/j.1468-2346.2010.00875.x
National Cybersecurity Hub (NCH). (n.d.). Website. Retrieved from https://www.cybersecurityhub.gov.za
Nelson Hall. (2015). Analysis of South Africa as a BPO delivery location. Cape Town: Business Process Enabling South Africa (BPESA).
North, D. C. (1990). The economics of public issues (8th ed.). New York: Harper and Row. Norton. (2016). 2016 Norton cyber security insights report. Retrieved from https://uk.norton.com/cyber-security-insights
Nyanda, S. (2010, February 19). Notice of intention to make South African National Cybersecurity Policy. Government Gazette, 536(32963).
O’Keeffe v Argus Printing and Publishing Company Ltd [1954] (3) SA 244 (C).
Organisation for Economic Co-operation and Development (OECD). (2012). Cybersecurity policy making at a turning point: Analysing a new generation of national cybersecurity strategies for the Internet economy. Paris.
OECD. (2015). Digital security risk management for economic and social prosperity. Paris. OECD. (2017). Economic survey of South Africa 2017. Paris. Retrieved from http://www.oecd.org/eco/surveys/economic-survey-south-africa.htm
Oversight Committee. (2016). Law enforcement use of cell-site simulation technologies: privacy concerns and recommendations. Washington, DC: Committee on Oversight and Government Reform, US Congress. Retrieved from https://oversight.house.gov/wp-content/uploads/2016/12/THE-FINAL-bipartisan-cell-site-simulator-report.pdf
Oxford, A. (2013, October 16). Who’s who on South Africa’s new Cyber Security Advisory Council. htxt.africa. Retrieved from http://www.htxt.co.za/2013/10/16/whos-who-on-south-africas-new-cyber-security-advisory-council/
Palmer, D. (2017, February 1). Misconfigured firewall blamed for hospital ransomware infection. ZDnet. Retrieved from http://www.zdnet.com/article/misconfigured-firewall-blamed-for-hospital-ransomware-infection/
Paret, M. (2016). Contested ANC hegemony in the urban townships: Evidence from the 2014 South African election. African Affairs, 115(460), 419-442. https://doi.org/10.1093/afraf/adw025
Peekhaus, W. (2014). South Africa’s Promotion of Access to Information Act: An analysis of relevant jurisprudence. Journal of Information Policy, 4, 570-596. https://doi.org/10.5325/jinfopoli.4.2014.0570
Portfolio Committee on Justice and Correctional Services. (2017). Have your say: The Cybercrimes and Cybersecurity Bill. Retrieved from https://www.parliament.gov.za/committee-notice-details/29
Primedia Broadcasting v Speaker (784/2015) [2016] ZASCA 142 (29 September 2016). Retrieved from http://www.saflii.org/za/cases/ZASCA/2016/142.html
Privacy International (PI). (2014, January 30). South African government still funding VASTech, knows previous financing was for mass surveillance. Retrieved from https://www.privacyinternational.org/node/305
PI. (2016). State of privacy South Africa. London. Retrieved from https://www.privacyinternational.org/node/968
Public Accounts Committee (PAC). (2017). Protecting information across government. HC 769. London: House of Commons. Retrieved from http://www.parliament.uk/business/committees/committees-a-z/commons-select/public-accounts-committee/publications/
Republic of South Africa (RSA). (1994). White Paper on Intelligence. Pretoria. Retrieved from http://www.gov.za/documents/intelligence-white-paper
RSA. (2006). Cryptography Regulations R.216. Government Gazette, 489(28594). Retrieved from http://www.gov.za/sites/www.gov.za/files/28594.pdf
RSA. (2010a). Outputs and measures: Outcome 3: All people in South Africa are and feel safe. Retrieved from https://www.gov.za/sites/default/files/outcome-3.pdf
RSA. (2010b). Delivery agreement for outcome three: “All people in South Africa are and feel safe”. Pretoria.
RSA. (2016). Structure and functions of the South African government. Retrieved from http://www.gov.za/node/537988
Research ICT Africa (RIA). (2016). Submission to the Parliament of South Africa on “The cost to communicate in South Africa”. Cape Town. Retrieved from http://www.researchictafrica.net/publications/Other_publications/2016_South%20Africa_Cost%20to%20Communicate%20Submission_RIA%20.pdf
Reuters. (2017, February 8). NSA contractor indicted over mammoth theft of classified data. Retrieved from http://www.reuters.com/article/us-usa-cybersecurity-nsa-contractor-idUSKBN15N2N4
Roberts, J. J. (2017, March 10). Sex toy maker pays $3.75 million to settle “smart” vibrator lawsuit. Fortune. Retrieved from http://fortune.com/2017/03/10/sex-toy-maker-settlement-smart-vibrator-lawsuit/
Romanosky, S., Telang, R., & Acquisti, A. (2011). Do data breach disclosure laws reduce identity theft? Journal of Policy Analysis and Management, 30(2), 256-286. https://doi.org/10.1002/pam.20567
Roos, A. (2016). Data protection law in South Africa. In A. B. Makulilo (Ed.), African data privacy laws (pp. 189-227). Cham, Switzerland: Springer. https://doi.org/10.1007/978-3-319-47317-8_9
Roux, T. (2016). Constitutional courts as democratic consolidators: Insights from South Africa after 20 Years. Journal of Southern African Studies, 42(1), 5-18. https://doi.org/10.1080/03057070.2016.1084770
Schofield, A. (2016). 2016 JCSE ICT skills survey. Johannesburg: Joburg Centre for Software Engineering ( JCSE).
Schofield, A. (2017). 2017 JCSE ICT Skills Survey. Johannesburg: Joburg Centre for Software Engineering ( JCSE).
Schwab, A. (2016). Recommendation for a second reading. A8-0211/2016. Brussels: European Parliament. Retrieved from http://www.europarl.europa.eu/sides/getDoc.do?pubRef=-//EP//NONSGML+REPORT+A8-2016-0211+0+DOC+PDF+V0//EN
Shaw, M. (2017). Hitmen for hire: Exposing South Africa’s underworld. Johannesburg: Jonathan Ball.
Shaw, M., & Thomas, K. (2016). The commercialization of assassination: “Hits” and contract killing in South Africa, 2000-2015. African Affairs, 1-24. https://doi.org/10.1093/afraf/adw050
Siemens. (2016). African digitalisation maturity report 2017. Munich. Retrieved from https://www.siemens.com/content/dam/internet/siemens-com/global/company/topic-areas/digitalization/pdf/survey/siemens-african-digitalization-report.pdf
Solomon, H. (2012). The demise of South Africa’s intelligence community and the erosion of the liberal democratic state. Africa Review, 4(2), 157-172. https://doi.org/10.1080/09744053.2012.782958
South African Banking Risk Information Centre (SABRIC). (n.d.). Website. Retrieved from https://www.sabric.co.za
South African Cyber Security Academic Alliance (SACSAA). (n.d.). Website. Retrieved from http://www.cyberaware.org.za/
South African Law Reform Commission (SALRC). (2003). Privacy and data protection - issue paper. Pretoria.
SALRC. (2005). Privacy and data protection. Pretoria. Retrieved from http://www.justice.gov.za/salrc/dpapers/dp109.pdf
Southall, R. (1994). The South African elections of 1994: The remaking of a dominant-party state. The Journal of Modern African Studies, 32(4), 629-655. https://doi.org/10.1017/S0022278X00015883
Southall, R. (2015). The coming crisis of Zuma’s ANC: The party state confronts fiscal crisis. Review of African Political Economy, 43(147), 73-88. https://doi.org/10.1080/03056244.2015.1083970
State Security Agency (SSA) (2015). The National Cybersecurity Policy Framework (NCPF). Government Gazette (39475). Retrieved from https://www.gov.za/sites/www.gov.za/files/39475_gon609.pdf
Statistics South Africa (StatsSA). (2017). Poverty trends in South Africa: An examination of absolute poverty between 2006 and 2011, 2015. Pretoria.
Symantec. (2017). Internet security threat report. Retrieved from https://www.symantec.com/security-center/threat-report
Times Live. (2016, January 25). Cyber-crime: SA the most targeted on the continent. Retrieved from http://www.timeslive.co.za/local/2016/01/25/Cyber-crime-SA-the-most-targeted-on-the-continent1
Trusler, J. (2003). South African e-government policy and practices: A framework to close the gap. In R. Traunmüller (Ed.), Electronic Government. EGOV 2003 (pp. 504-507). Berlin & Heidelberg: Springer. https://doi.org/10.1007/10929179_95
Turok, B. (2017). South Africa’s lopsided economy. New Agenda: South African Journal of Social and Economic Policy, 2017(65), 6-9. Retrieved from http://hdl.handle.net/10520/EJC-900a1510b
UN General Assembly. (2010). Creation of a global culture of cybersecurity and taking stock of national efforts to protect critical information infrastructures. A/RES/64/211. New York. Retrieved from http://www.un.org/en/ga/search/view_doc.asp?symbol=A/RES/64/211
UN Human Rights Committee. (2016). Concluding observations on the initial report of South Africa. CCPR/C/ZAF/CO/1. Geneva.
UN Office on Drugs and Crime (UNODC). (2017). Emerging crimes. Retrieved from http://www.unodc.org/unodc/en/organized-crime/emerging-crimes.html#Cybercrime
Van der Westhuizen, C. (2013). South Africa and national security. Index on Censorship, 42(2), 62-64. https://doi.org/10.1177/0306422013494290
Van Heerden, R., Von Soms, S., & Mooi, R. (2016). Classification of cyber attacks in South Africa. In IEEE (Ed.), IST-Africa Week Conference. New York: IEEE. https://doi.org/10.1109/ISTAFRICA.2016.7530663
Van Vuuren, J. J., Phahlamohlaka, J., & Leenen, L. (2012). Governance of cybersecurity in South Africa. Paper presented at11th European Conference on Information Warfare and Security, Laval, France, 5-6 July. Retrieved from http://hdl.handle.net/10204/6207
Van Vuuren, J. J., Phahlamohlaka, J., Leenen, L., & Zaaiman, J. (2014). An approach to governance of cybersecurity in South Africa. In Information Resources Management Association (Ed.), Cyber behavior: concepts, methodologies, tools, and applications (pp. 1583-1597). Hershey: IGI Global. https://doi.org/10.4018/978-1-4666-5942-1.ch082
VASTech. (n.d.). Website. Retrieved from http://www.vastech.co.za/
Vodafone. (2014). Law enforcement disclosure report. Retrieved from http://www.vodafone.com/content/sustainabilityreport/2014/index/operating_responsibly/privacy_and_security/law_enforcement.html
Volz, D., & Shepardson, D. (2017, September 8). Criticism of Equifax data breach response mounts, shares tumble. Reuters. Retrieved from https://www.reuters.com/article/us-equifax-cyber/criticism-of-equifax-data-breach-response-mounts-shares-tumble-idUSKCN1BJ1NF
Wassenaar Arrangement. (2017). The Wassenaar Arrangement on export controls for conventional arms and dual-use goods and technologies. Retrieved from http://www.wassenaar.org
Watney, M. (2015). State-on-nationals’ electronic communication surveillance in South Africa: A murky legal landscape to navigate? In H. S. Venter, M. Loock, M. Coetzee, M. M. Eloff, & S Flowerday (Eds.), Information Security for South Africa (ISSA) (pp. 1-6). Johanesburg: IEEE. https://doi.org/10.1109/ISSA.2015.7335047
Wiik, J., & Kossakowski, K.-P. (2005). Dynamics of incident response. In FIRST (Ed.), FIRST 2005 (pp. 1-24). Retrieved from https://first.org/conference/2005/papers/speaker14-paper-1.pdf
Wiik, J., Gonzalez, J. J., & Kossakowski, K.-P. (2006). Effectiveness of proactive CSIRT Services. Paper presented at Forum for Incident Response and Security Teams (FIRST), Baltimore, MD, 25-30 June 2006. Retrieved from https://www.first.org/conference/2006/papers/kossakowski-klaus-papers.pdf
Wolf, L. (2011). The prosecuting discretion: A power under administrative law or criminal law? Tydskrif vir die Suid-Afrikaanse Reg, 2011(4), 703-729.
Wolf, L. (2015). The National Prosecuting Authority (NPA) in a nimbus between the executive and the judicature. Administratio Publica, 23(4), 30-53.
Wolfpack. (2013). 2012/13 The South African cyber threat barometer. Johannesburg. Retrieved from http://us-cdn.creamermedia.co.za/assets/articles/attachments/41981_sa_2012_cyber_threat_barometer_medium_res.pdf
Zetter, K. (2016, March 3). Inside the cunning, unprecedented hack of Ukraine’s power grid. Wired. Retrieved from https://www.wired.com/2016/03/inside-cunning-unprecedented-hack-ukraines-power-grid/
Zuma v DA (771/2016 & 1170/2016) [2017] ZASCA 146 (13 October 2017). Retrieved from http://www.saflii.org/za/cases/ZASCA/2017/146.html
Downloads
Published
Issue
Section
License
Copyright (c) 2017 https://creativecommons.org/licenses/by/4.0
This work is licensed under a Creative Commons Attribution 4.0 International License.
How to Cite
- Abstract 1631
- pdf 863
.png){kind=spacer}