The DA wants to amend the constitution to provide for the establishment of a cyber commissioner as a chapter nine institution alongside others such as the public protector, SA Human Rights Commission (SAHRC), auditor-general and the Electoral Commission.
The DA has introduced Twentieth Amendment Bill, known as the Cyber Commissioner Bill, into parliament. It hopes to get support from across the political spectrum for it, though in the past the ANC has been reluctant to support legislation proposed by opposition parties.
DA justice spokesperson Glynnis Breytenbach said Tuesday a cyber commissioner is necessary to regulate cybersecurity in the country and provide adequate protection of personal information held by state departments.
Some state entities have been hit by cyber attacks, including Postbank, the Western Cape provincial parliament and the department of justice & correctional services. An attempted cyberattack was also made on the Reserve Bank.
Postbank recently revealed substantial losses of over R18m in a three-month period due to cybercrime attacks. An attack in October 2021 resulted in a loss of at least R90m.
Cybercrime is a growing threat in SA and according to researchers at the Council for Scientific and Industrial Research (CSIR), the country ranks sixth in the world for cybercrime density, or cybercrime per capita.
Cybersecurity company Kaspersky reported spyware attacks in SA rose by 18.8% between the last quarter of 2022 and the first quarter of 2023
“The cyber commissioner will play a crucial role in modernising the state’s cybersecurity capabilities and protecting personal information from interception and loss,” Breytenbach said.
“The cyber commissioner’s powers will include establishing and maintaining cybersecurity capabilities across all state organs and entities dealing with public information; operating a cybersecurity hub for reporting, monitoring and investigating incidents and threats; advising the defence force on cyber-defence capabilities; and guiding institutions responsible for critical infrastructure regarding cybersecurity. Moreover, the commissioner will promote, monitor and evaluate compliance with cybersecurity capabilities and standards.”
The commissioner would have to be a fit and proper person with specialised knowledge or suitable qualifications in cybersecurity and cyber forensics.
“The urgent need for a dedicated cyber commissioner arises from the current inadequate protection of personal information by state departments. In today’s digital age, cyber technology has become a vital component of government operations. With the increasing reliance on technology, it is crucial to develop new strategies to safeguard data and protect the rights of citizens utilising these technologies,” Breytenbach said.
She noted that when the constitution was adopted, cybersecurity was not a significant threat. Over the past few decades, cyberattacks on state institutions had emerged as a serious concern, endangering both the functioning of the state and the security of its citizens’ information.
“South African state departments and critical infrastructure are currently insufficiently protected against cyber threats and lack the necessary tools to defend sensitive public information from breaches, Breytenbach said.
Would you like to comment on this article?
Sign up (it's quick and free) or sign in now.
Please read our Comment Policy before commenting.