South African Defence Focuses On Cyber Threats
As connectivity grows on the African continent, so will the threat of cyber-attacks. The South African Department of Defence in particular is planning through the defence intelligence programme (and with an allocation of R72 million over the medium term) to institutionalize a cyber security policy, implement its cyber warfare strategy, and establish a cyber command centre.
The Council for Scientific and Industrial Research (CSIR) has developed cyber security solutions to defend South Africa’s digital borders from cyber-attacks by promoting compliance with South Africa’s Protection of Personal Information Act (POPIA) and institutionalizing its cyber security policy. According to Johnny Botha, Cyber Warfare Project Manager at the CSIR and contributor to a study titled Pro-Active Data Breach Detection: Examining Accuracy and Applicability On Personal Information Detected, the amount of personal information being leaked online remains substantial. An additional paper to which Mr Botha has contributed – High-Level Comparison Between the South African Protection of Personal Information Act and International Data Protection Laws, highlights that POPIA is on par with international privacy legislation.
The CSIR’s Cyber Defence Research Group continues to support the DoD’s Directorate Information Warfare (DIW) with cyber-related research, development, and solutions. The DIW is mandated with securing South Africa’s military cyberspace. When it comes to defending a country’s cyber battlespace, it is important to identify cyber vulnerabilities, adversaries’ cyber weaknesses, and develop offensive and defensive strategies and capabilities as well as cyber security awareness initiatives, which must extend to industry, governmental departments, and security structures. South African defence entities are also focusing their attention on cyber defence. In September 2016, Denel announced the Denel Tactical Cyber Command Centre, which will work closely with local and international cyber domain players.
South Africa’s offensive cyber warfare strategy began during FY 2016/17, when the DoD developed a cyber warfare strategy aligned with the country’s stance and capabilities. The cyber warfare strategy will be submitted for consideration to the Justice, Crime Prevention and Security (JCPS) cluster ministers during FY 2017/18. Cyber security measures must also have a defensive approach to protect and shield sensitive and classified information from unauthorized access, modification, destruction, or disclosure. The DOD’s Cyber Security Incident Response Team (CSIRT) will be established to prevent or recover from a cyber warfare incident through the establishment of the cyber command centre.
Bridging the digital divide is a double-edged sword as connectivity is a conduit for cyber adversaries to access any system. A sound cyber security policy and cyber warfare strategy counteract these threats, which can severely affect and wreak havoc on a country’s security and economy by penetrating infrastructure, financial, and other key institutions essential to a country’s function. Information-based processes and systems as well as communication networks must be protected with capabilities that have the potential to neutralize, destroy, or exploit cyber-attacks.
Written by Sylvia Caravotas (Satovarac Consulting) for OIDA