Governance of Cybersecurity – The Case of South Africa
Date
2017-12-23
Authors
Sutherland, Ewan
Journal Title
Journal ISSN
Volume Title
Publisher
Abstract
Cybersecurity is a growing concern for governments, with the push for universal
access to the Internet, the increasing ubiquity of social networks and the growing
reliance on digital government service, and given a growing range of threats from
foreign powers, terrorists and criminals. These complex issues span all government
ministries, their agencies and contractors, plus provincial and municipal government,
and require the state to create legal frameworks and agencies to protect data and offer
advice to businesses and citizens, plus ensuring a sufficient supply of skilled technicians
and engineers. In the case of South Africa, its government responded in 2015 with
a National Cybersecurity Policy Framework (NCPF), with implementation led by
the Ministry of State Security. The Protection of Personal Information (POPI) Act
of 2013 created the Information Regulator to ensure data privacy. The POPI regime
is only being implemented slowly and has overly wide exemptions for national
security. South Africa lags behind advanced economies in cybersecurity legislation,
in government coordination, in engagement with business and citizens, and in the
supply of skilled labour. Delays have meant it lacks the experiences obtained in
faster moving countries, and the improvements they have made to their policies and,
especially, implementation. Parliament has neither pressed the government for faster
action nor explored areas where powers might have been taken that infringe human
rights.
Description
Keywords
cybercrime, cybersecurity, data protection, privacy, governance, South Africa
Citation
Sutherland, E. (2017). Governance of cybersecurity – the case of South Africa. The African Journal of Information and Communication (AJIC), 20, 83-112. https://doi.org/10.23962/10539/23574