Good Governance and Virtue in South Africa's Cyber Security Policy Implementation

Burmeister, Oliver; Phahlamohlaka, Jackie; Al‐Saggaf, Yeslam

doi:10.4018/ijcwt.2015010102

Cited by 3 publications

(5 citation statements)

References 13 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…This might require a coordinated cybercrimes skills development collaboration programme with international stakeholders such as Interpol and similar others to help bridge the gaps in the short term. In addition to all the matters considered above relating to the national cybersecurity legislation and policy environment, there is another concern: It would appear that the national cybersecurity strategy is primarily more defensive [8], and thus retroactive, than offensive which requires proactiveness [96]. It is more passive and static than proactive.…”

Section: Discussionmentioning

confidence: 99%

Section: Introductionmentioning

confidence: 99%

“…In South Africa, the government gazetted the National Cybersecurity Policy Framework (NCPF) in 2015, which aimed at addressing cyber terrorism, cybercriminal activities, cyber vandalism, and cyber sabotage [8,9]. As the overarching national cybersecurity strategy of South Africa [9], the NCPF provides a governance process and guidelines to respond to cybersecurity threats and attacks against the country [8,9]. In the cybersecurity domain, policies outline the objectives and limitations of a strategy [10] to provide for measures to be put in place for the protection, safeguarding, and resilience of assets [11].…”

Section: Introductionmentioning

confidence: 99%

See 2 more Smart Citations

Cybersecurity Policy and the Legislative Context of the Water and Wastewater Sector in South Africa

Malatji

Solms

2020

Sustainability

View full text Add to dashboard Cite

The water and wastewater sector is an important lifeline upon which other economic sectors depend. Securing the sector’s critical infrastructure is therefore important for any country’s economy. Like many other nations, South Africa has an overarching national cybersecurity strategy aimed at addressing cyber terrorism, cybercriminal activities, cyber vandalism, and cyber sabotage. The aim of this study is to contextualise the water and wastewater sector’s cybersecurity responsibilities within the national cybersecurity legislative and policy environment. This is achieved by conducting a detailed analysis of the international, national and sector cybersecurity stakeholders; legislation and policies; and challenges pertaining to the protection of the water and wastewater sector. The study found some concerning challenges and improvement gaps regarding the complex manner in which the national government is implementing the cybersecurity strategy. The study also found that, along with the National Cybersecurity Policy Framework (the national cybersecurity strategy of South Africa), the Electronic Communications and Transactions Act, Critical Infrastructure Protection Act, and other supporting legislation and policies make provision for the water and wastewater sector’s computer security incidents response team to be established without the need to propose any new laws or amend existing ones. This is conducive for the immediate development of the sector-specific cybersecurity governance framework and resilience strategy to protect the water and wastewater assets.

show abstract

Section: Discussionmentioning

confidence: 99%

Section: Introductionmentioning

confidence: 99%

Section: Introductionmentioning

confidence: 99%

See 1 more Smart Citation

Cybersecurity Policy and the Legislative Context of the Water and Wastewater Sector in South Africa

Malatji

Solms

2020

Sustainability

View full text Add to dashboard Cite

show abstract

“…Namely, I was acknowledged in the paper as having contributed to some of the data gathering for the research, and the authors of (Al-Saggaf & Ceric, 2017) are colleagues of mine. I have published with both previously (Al-Saggaf & Burmeister, 2012;Al-Saggaf, Burmeister, & Schwartz, 2017;Al-Saggaf, Burmeister, & Weckert, 2015;Burmeister, Phahlamohlaka, & Al-Saggaf, 2015;Vella, Burmeister, Ceric, & Barnden, 2016). …”

mentioning

confidence: 85%

A Post Publication Review of "Bullying in the Australian ICT workplace: the views of Australian ICT professionals"

Burmeister

2018

AJIS

View full text Add to dashboard Cite

ReviewThis is a timely and important contribution to information systems (IS) literature that gives insights into bullying in the information and communication technology (ICT) workplace. It reveals the extent of the problem in the Australian context, through the largest survey of Australian ICT professionals yet conducted. With 27% of respondents identifying bullying as an issue that is not being effectively addressed at present. Interestingly their findings revealed that bullying concerns were the most significant amongst mature respondents, such as those in managerial roles.

show abstract

“…On the one hand, nation state hackers act in the best interests of the country they are representing as part of cyber warfare and helping to keep the nation they represent safe through intelligence gathering. On the other hand, the targeted nation would consider the hack to be unauthorised and illegal (Burmeister, Phahlamohlaka and Al-Saggaf, 2015).…”

Section: Grey Hat Hackersmentioning

confidence: 99%

The Importance of Ethical Conduct by Penetration Testers in the Age of Breach Disclosure Laws.

Thomas

Burmeister

Low³

2019

AJIS

Self Cite

View full text Add to dashboard Cite

Across the globe, there has been a noticeable increase in the adoption of breach disclosure laws that are designed to protect the privacy of individuals. To validate the security controls implemented by an organisation to protect sensitive data, penetration testers are often engaged to test the security of information systems and to report any vulnerabilities. Using an interpretivist, constructivist approach, this article reports on a pilot study that compares USA and Australian approaches to ethical hacking. The need for regulation of ethical hacking to help protect organisations from unethical conduct was a recurring theme. With the changes in privacy regulations across the world, unauthorised disclosure of personal and privileged information could result in significant consequences. This paper explores the importance of ethical conduct by penetration testers based on empirical research and the potential for misuse of information.

show abstract

Good Governance and Virtue in South Africa's Cyber Security Policy Implementation

Cited by 3 publications

References 13 publications

Cybersecurity Policy and the Legislative Context of the Water and Wastewater Sector in South Africa

Cybersecurity Policy and the Legislative Context of the Water and Wastewater Sector in South Africa

A Post Publication Review of "Bullying in the Australian ICT workplace: the views of Australian ICT professionals"

The Importance of Ethical Conduct by Penetration Testers in the Age of Breach Disclosure Laws.

Contact Info

Product

Resources

About