by TINTSWALO BALOYI
JOHANNESBURG – WITH cyber attacks growing in frequency and severity, South Africa needs an integrated approach to protect critical infrastructure.
This is according to an expert as this rapid adoption of digital technologies, while crucial to operational efficiency and, ultimately, service delivery, has also opened up new entry points for cyber criminals.
Adius Ncube, Partner, Public Sector and Policy at Oliver Wyman, noted over the past few years, organisations have seen accelerated waves of digitisation, digitalisation, and digital transformation.
State-owned and run organisations, many of which are in charge of critical infrastructure, are no exception.
Ncube observed the attack surface had increased, and meanwhile the attacks launched by cyber criminals have grown in frequency, strength and severity.
They are also increasingly targeting critical infrastructure, including healthcare systems, utilities and ports.
“And while South Africa is yet to experience a truly devastating attack, it’s certainly not immune to one,” Ncube said.
“If the country is to protect its critical infrastructure (some of which is already in a vulnerable state), it needs an integrated approach that brings together various arms of the state and makes use of the latest tactics in both attack prevention and response.”
Cyber attacks targeting infrastructure have become increasingly commonplace.
In 2021, an attack on the United States’ Colonial Pipeline caused it to shut down for several days.
President Joe Biden called a state of emergency.
In the United Kingdom, a technology supplier to the country’s National Health Service fell victim to a ransomware attack in 2022, disrupting important functions.
In mid-2022, Estonia was the victim of its most intense cyber attack since 2007. In May last year, a ransomware gang infiltrated Costa Rican government systems.
“Experts agree that in the case of South Africa, as with most countries, it is only a matter of time before the country experiences a highly disruptive attack,” Ncube said.
A recent report by Interpol indicated that 34 percent of business email compromise events recorded in the continent were in South Africa.
Ncube had state and private sector players to ensure infrastructure from cyber criminals.
That starts with policy.
“If the government provides clear direction and makes it clear that cybersecurity is a country-wide responsibility, rather than something to be handled by a single department, everyone is much more likely to move in the same direction,” the expert said.
He believes South Africa has already laid a decent foundation, with the National Cybersecurity Policy Framework in place since 2015.
Led by the Ministry of State Security, it aims to provide a holistic approach to the promotion of cyber security measures by players locally.
It is supported by the National Cyber security Implementation Plan, which lays out roles and responsibilities, timeframes, specific performance indicators, and monitoring and evaluation mechanisms.
However, research by Fortinet earlier this year found that 40 percent of local companies struggle to hire and retain cyber security talent. Additionally, 86 percent indicated that they had experienced more than one cyber attack that could be at least partially attributed to a lack of cyber security skills over the past 12 months.
Ncube said while an integrated approach would not stop every attack, it would prevent many more than allowing organisations in charge of critical infrastructure to each take care of their own cyber security needs.
Moreover, such an approach can also help mitigate the impact of any such attack.
“Right now, South Africa has the right building blocks in place for a fully integrated approach, but it should also be clear about the fact that there’s more to be done,” Ncube concluded.
– CAJ News