www.securityfocusafrica.com | Vol 40 No 6
June 2022
The official industry journal for professional risk practitioners: security, safety, health, environment and quality assurance
SECUREX 2022: Seen there Top threats to cloud computing: a ‘marked change’ in traditional security concerns
SASA update In conversation with Reana Steyn, SA’s Banking Services Ombudsman News snippets from around the world
R
O
N FO
S
B
U
PE
S
SINE
securityfocusafrica.com Security Focus Africa has been marketing suppliers to buyers in Africa since 1980, and is the official industry journal of the Security Association of South Africa (SASA). Our readers form the core of Southern Africa’s buyers and decision-makers in the security products and services industry. Our digital platform has a highly-focused readership of people at the very heart of the security industry. Our news is distributed via website, digital magazine, and social media. Our annual Security Focus Africa Buyers Guide is searchable via our online directory, with over 760 businesses and branches throughout Africa. Need to find a service or supplier? We will help you find exactly what you need.
PO Box 414, Kloof 3640, South Africa Tel: +27 (31) 7646977 Fax: 086 762 1867 Email: contact@contactpub.co.za
Security Focus AFRICA w w w. s e c u r i t y f o c u s a f r i c a . c o m
The official industry journal for professional risk practitioners: security, safety, health, environment and quality assurance
KEEPING YOU IN THE KNOW | CONNECTING PEOPLE WITH PEOPLE
DIGITAL BUYERS GUIDE
to security services & products Promote your business
Attract customers
Increase your sales
Claim your listing on www.securityfocusafrica.com/buyersguide
Security Focus Africa is known for having the most comprehensive directory of service providers in Africa. We have been a trusted source of information for more than 41 years, and now offer this valuable resource online. The market is tough out there. What makes your business different from any other? For starters, be more accessible on the internet. Online searches are now the preferred method of finding information and contact details, so the better your online presence, the more business you will get.
BENEFITS OF LISTING YOUR BUSINESS:
• By claiming your listing, you can keep your company’s information up to date at your own convenience • Upgrade your listing online at any time to maximise your brand exposure • Improve your SEO and online presence • We provide a targeted audience for your business • See your stats – know how many people are seeing your listing
Security
For as little as R2,400, you can get the edge over your competitors by providing indispensable information to your customers on our online directory.
Affordable advertising is just a click away.
Focus
AFRICA
BUYERS GUIDE
www.securityfocusafrica.com/buyersguide KEEPING YOU IN THE KNOW | CONNECTING PEOPLE WITH PEOPLE
XXX
Security Focus Africa: Serving the South African security industry for 41 years
CONTENTS www.securityfocusafrica.com The official industry journal for
| Vol 40 No 6
VOL 40 NO 6 JUNE 2022
June 2022
professional risk practitioners:
nt and quality assurance
security, safety, health, environme
SECUREX 2022: Seen there rked Top threats to cloud computing: a “ma ns change” in traditional security concer
14 SASA update
In conversa tion with Reana Steyn, SA’s Banking Services Ombudsman
world News snippets from around the
No need to compromise your security!
Get quality and affordable batteries brought to you by
G S S Group
COVER STORY TOP THREATS TO CLOUD COMPUTING: A ‘MARKED CHANGE’ IN TRADITIONAL SECURITY CONCERNS 14 Traditional security concerns around the cloud – including data loss and denial of service – are being over-shadowed by fears of inadequate security controls as consumers become increasingly cloud-savvy.
22
THE BRAND YOU CAN TRUST 4
+27 (0) 10 140 7137
sales@gssgroup.co.za
SECURITY FOCUS AFRICA JUNE 2022
www.gssgroup.co.za
securityfocusafrica.com
8
Official Journal of the Security Association of South Africa
Published by Contact Publications (Pty) Ltd (Reg No. 1981/011920/07)
Vol 40 No 6
TEL: 031 764 6977 FAX: 086 762 1867 MANAGING DIRECTOR: Malcolm King malcolm@contactpub.co.za
EDITOR: Ingrid Olivier ingrid@securityfocusafrica.com
REGULARS EDITOR’S COMMENT 6 Of bugs and scammers, not quitting and pushing back. ASSOCIATION NEWS 8 Update from SASA. NEWS IN BRIEF 10 News snippets from around the world. OPINION PIECE 13 The real case for colocation. CLOUD SECURITY 14 Top threats to cloud computing: a ‘marked change’ in traditional security concerns. PRESS RELEASE 17 True cost of fraud soars as cybercriminals diversify. 18 Real-time fraud analytics increasingly important for insurers. 19 How businesses can minimise the cost and impact of protest activity.
SENIOR GRAPHIC DESIGNER:
ISS TODAY 24 New SA crime trends are bleak, but at least we have the data. TRENDS 26 A channel focus and strategic advantages position partners for success. EXHIBITION NEWS 28 Positive industry turnout for Securex, A-OSH Expo, Facilities Management Expo and Firexpo 2022 trade shows. THE LAST WORD 30 The final Zondo Report. DIRECTORY 32 Security and related associations and organisations. 33 ADVERTISERS INDEX
securityfocusafrica.com
vincent@contactpub.co.za
DISTRIBUTION MANAGER: Jackie Goosen jackie@contactpub.co.za
POSTAL ADDRESS: PO Box 414, Kloof 3640, South Africa
PUBLICATION DETAILS: Security Focus Africa has 12 issues a year and is published monthly, with the annual Buyers’ Guide in December. Due to the Covid-19 crisis, we will only be publishing digitally, until further notice.
EDITORIAL CONTRIBUTIONS: Editorial contributions are welcome. For details please email editorial@securityfocusafrica.co.za.
ADVERTISING ENQUIRIES: Malcolm King Email: malcolm@contactpub.co.za
Security Focus Africa is a member of
PERSONALITY PROFILE 20 In conversation with: Reana Steyn, Ombudsman for Banking Services, South Africa. MEDIA STATEMENT 22 The OBS secures millions for bank customers wronged by banks.
Vincent Goode
26
www.securityfocusafrica.com 5
EDITOR’S COMMENT
Of bugs and scammers, not quitting and pushing back Last week, I became a double statistic. First, I went down with a human virus, and then my emails were compromised (that’s the politically correct term for hacked, I was told by my IT guy).
J
ust about everyone in my address book received an email purportedly from me with a PDF attachment, entreating them to open it. Please accept my apologies if you were on the receiving end, and well done to those who queried the legitimacy before opening the email. Despite having the latest anti-virus software on my computer, and despite being vaccinated twice against Covid and wearing my mask whenever I go out in public, the
6
SECURITY FOCUS AFRICA JUNE 2022
bad bugs got in, and I have no idea how. One of the ways to beat the baddies is the adoption of a zero-trust principle. Dear old Wikipedia (https://en. wikipedia.org/wiki/Zero_trust_security_ model) says that the main concept behind the zero-trust security model is “never trust, always verify,” and that accordingly, “no devices should be trusted by default, even if they are connected to a permissioned network such as a corporate LAN and even if
they were previously verified.” Good advice for real life, too, I think: by driving with a zero-trust attitude, I’ll be actively looking for potholes, I’ll plan my routes more carefully in the interests of safety, I’ll keep a close watch on vehicles behind me in case I’m being followed, and instead of rolling my window down to give money to
securityfocusafrica.com
EDITOR’S COMMENT
Don’t Quit When things go wrong, as they sometimes will, when the road you’re trudging seems all uphill, when the funds are low and the debts are high, and you want to smile but you have to sigh, when care is pressing you down a bit — rest if you must, but don’t you quit. Life is queer with its twists and turns. As everyone of us sometimes learns. And many a fellow turns about when he might have won had he stuck it out. Don’t give up though the pace seems slow — you may succeed with another blow. Often the goal is nearer than it seems to a faint and faltering man; Often the struggler has given up when he might have captured the victor’s cup; and he learned too late when the night came down, how close he was to the golden crown.
beggars, I’ll channel my compassion through verified charities. Earlier on today, someone on our local WhatsApp group asked a question: “Does anyone know the guy who comes up to you when you’re shopping (at a large, well-known centre) and asks for money for adult nappies?” She added that her sister-in-law offered to take him to buy the nappies, and - big surprise - his answer was no, it’s too far and he wants the cash: R150. “Is his story true?” she ended. Ninety-two people commented! “He’s been doing his rounds around here for years, with the same story.” “I offered a job to someone who was homeless — car guarding. Told him tips from our customers are good. He left after one month, having earned about R4000 and that it wasn’t worth it — he made more money begging.” “Yes, he’s been around a looooong (sic) time… seen him get money from unsuspecting people and then go to the Wimpy.” “We were approached by him and
securityfocusafrica.com
offered to get him nappies. He said something about Dischem not having the right size, so we gave him R250. We watched him do the same to someone else a few days later, and then go straight into the bottle store with a smirk on his face.” “I fell for this guy’s story once… he told me he works for a security company, promised to give the money back, and even gave me a cell number to confirm his employment. Claimed he desperately needed the nappies for his ill father. The first time, I gave him cash. Two days later, he approached me again with the same sob story and then I realised rhat he was a scammer.” What with all that’s happening in our country and the world, it’s tempting to become cynical, hard even, but then we’ll be punishing ourselves, missing out on the beauty, the kind, the good. And there’s a lot of that around us. I find balance and comfort in these particular writings, which never age, and hope you’ll enjoy them too:
Success is failure turned inside out — the silver tint of the clouds of doubt, and when you never can tell how close you are, it may be near when it seems afar; so stick to the fight when you’re hardest hit — it’s when things seem worst, you must not quit. — Edgar Albert Guest And this one, attributed to Albert Camus, who said, “In the midst of hate, I found there was, within me, an invincible love. In the midst of tears, I found there was, within me, an invincible smile. In the midst of chaos, I found there was, within me, an invincible calm. I realized, through it all, that… In the midst of winter, I found there was, within me, an invincible summer. And that makes me happy. For it says that no matter how hard the world pushes against me, within me, there’s something stronger – something better, pushing right back. Be safe.
Ingrid Olivier, Editor ingridolivier@idotwrite.co.za SECURITY FOCUS AFRICA JUNE 2022
7
ASSOCIATION NEWS
Update from SASA We have now passed the halfway mark in 2022 and, to date, this year has been eventful, to say the least! From the desk of Tony Botes, SASA National Administrator.
S
ASA We took a bit of a knock in membership this year, mainly because of the economy and state of the industry, as well as the country as a whole. That said, our Mentorship Programme has brought in a significant number of new members, predominantly start-up businesses — a very satisfying initiative. We are assisting these companies with the correct processes to become registered with all the relevant bodies and we’re helping them become and remain compliant with all relevant industry legislation. A number of these new businesses have already concluded partnerships with our existing members, sharing major contracts, predominantly in the rural areas, such as in the mining sector.
8
SECURITY FOCUS AFRICA JUNE 2022
Wage negotiations for 2023 Organised employers and organised labour exchanged demands at the end of March and, to date, have had 10 full-day meetings. It’s not an easy process, as Labour is demanding astronomical and unaffordable increases between 2023 and 2025, while the country and our industry are struggling under the burden of an ever-worsening economy. The parties will be meeting again in July, with four days already scheduled, and we hope that a reasonable and mutually acceptable agreement can be concluded in time for the Minister of Employment and Labour to promulgate the new Main Collective Agreement, in time for implementation, as of March 2023. PSIRA The Authority has introduced an on-line
system for both security companies and security officers, which will hopefully bring an end to the massive queues at their offices. They have also introduced a self-assessment process for security companies, which we have been assured, will assist companies with becoming totally compliant with PSIRA legislation and regulations, and not as a tool to prosecute them. We sincerely trust that this commitment will be successful and we urge all security businesses to complete these submissions fully and honestly, as false declarations will undoubtedly result in prosecutions. With regard to the uniform restrictions promulgated last year, SASA has had a number of unsuccessful meetings with senior PSIRA representatives with little – if any – success. The National Executive Committee then took the decision to
securityfocusafrica.com
ASSOCIATION NEWS
challenge what we believe to be excessive and impractical restrictions. After extensive consultations with our attorneys, we lodged a High Court action against the Minister of Police and PSIRA, after which PSIRA’s attorneys responded, quite quickly, that they were prepared to withdraw the offending section of the legislation, in consultation with the Minister. However, we have, to date, not seen any response from the Minister’s office and we, via our legal representative, made it quite clear that PSIRA, on their own, could not take such action and that only the Minister could, by Gazette, cancel or amend the legislation. We will have to see what transpires in the weeks or months to come, but – as the papers have already been registered with the Hight Court – we are now just awaiting a trial date. On the upside, PSIRA have identified a challenge with individual security officers being unable to ‘capture their profiles’ on the digital system and have scheduled nationwide sessions to assist them. Bargaining Council The growth of the NBCPSS has been slower than expected, with only about 15 percent of the security service providers (companies) having registered to date. That’s a total of 1,606 out of the more than 11,000 PSIRA registered companies in South Africa. Those companies that are ducking and diving must understand that they will
securityfocusafrica.com
eventually be identified and will face the inevitable prosecution by the Council, with compliance orders to backpay all levies, penalties and interest imposed against them. Furthermore, non-compliance with the statutory industry provident fund and medical insurance schemes will, when identified, result in massive compliance orders, which carry the same weight as a High Court order and – if not settled timeously – will be delivered to the Sheriff, who will serve them with a Warrant of Execution for the full amount owing and the cost of that process. Good news is that the Pension Funds Adjudicator (PFA) is now empowered to investigate companies that have not deducted and/or paid over statutory provident fund contributions. Their determination will, likewise, have the same weight as a High Court order, with the same outcome as for the Bargaining Council claims. The noose is tightening for criminally non-compliant companies who must and will be identified and prosecuted. To this end, please report unregistered and/or non-compliant security companies to the SASA office. We will then pass this information on to the relevant authorities, while protecting whistleblowers. Reports should include as much information (address and other contact details) and documentary evidence (quotations, invoices, payslips, etc.) as possible. Securex After a Covid-related break of two years, it was great to have a stand at Securex earlier this month. We enjoyed interacting with members, non-members and consumers and updating them on the critical role that SASA is playing in the country’s private security industry. I was again privileged to have been given a speaking slot in the Seminar Theatre, where my topic was ‘How to choose a compliant security service provider — you get what you pay for!‘ We received more than 40 membership enquiries, which we’re busy processing. International partnerships We are pleased to confirm that, in addition to our other international partners, we are in the process of finalising an MOU (Memorandum of Understanding) with the Security Association of Zimbabwe, after which we’ll be engaging with the Botswana Security Association.
Although each country has its own specific legislation for security service providers, we also share many similar challenges. The exchange of information and advice between the various associations is therefore of great mutual benefit. Covid-19 and monkey pox While the Covid-19 infection rate has dropped significantly, leading us to hope that it will eventually be a thing of the past, we’ve just heard that the first case of Monkey Pox has been identified in South Africa. We urge all readers to take whatever precautions are necessary and to remain safe out there! Benefits of SASA membership: We are working on expanding membership benefits, which will be communicated to all members once finalised. Currently, these include: • A strictly applied Code of Ethics • Representation at national and local government level • Industry exposure in the media as well as at major shows and exhibitions • Contacts and networking opportunities • Discounted training courses, events and seminars • Access to a security library managed by UNISA (University of South Africa) • Updates on new legislation and other industry-relevant information • Access to security-related and affiliated associations in South Africa and overseas • The SASA national website • A central administration office • Free digital subscription to Security Focus Africa magazine, the official journal of SASA • A mentorship programme which is designed to guide and assist startup security companies with attaining the compliance standards required to qualify for Gold Membership For more information about what SASA does and how it can assist you and your company, or to report any wrongdoings or concerns, please contact: Tony Botes, SASA National Administrator, at: Tel: 0861 100 680 / 083 650 4981 Cell: 083 272 1373 Email: info@sasecurity.co.za / tony@sasecurity.co.za Website: www.sasecurity.co.za
SECURITY FOCUS AFRICA JUNE 2022
9
ASSOCIATION NEWS
News snippets from around the world Committee looking into Mkhwebane’s fitness to hold office to start its work in July
Zondo: Guptas bagged R15.5 billion in unlawful contracts, mostly from Eskom, Transnet The state capture commission of inquiry has found that the Gupta criminal enterprise benefitted by R15.5 billion from irregular and unlawful contracts. It, however, conceded in the final report published last Wednesday that the amount did not represent the full loss suffered by the state as a result of the Gupta-related capture. https://ewn.co.za/
Phone and SIM card change planned for South Africa The Independent Communications Authority of South Africa (ICASA) has proposed tying the biometric data of South Africans to their SIM cards in a move to clamp down on fraudulent activity. In practice, this means that fingerprint mapping, facial recognition, retina scans and biometric data could all be tied to a person’s SIM card, and by extension, their phone number, which has led to concerns about increased surveillance and additional avenues for identity theft. https://businesstech.co.za/
Eskom security guards and taxi driver caught stealing cables Eskom has criticised two security guards that were contracted, and a taxi driver after they were caught in a mini bus full of copper cables at a warehouse in Germiston,
10
SECURITY FOCUS AFRICA JUNE 2022
Gauteng. The incident reportedly happened on 18 June and all three were arrested. www.thesouthafrican.com/
Covid-19: mask rule may be gone, but Phaahla advises people to remain cautious For the first time in more than two years, South Africans are free to ditch their masks in public places, following the government’s repeal of all Covid-19 regulations last Thursday. People should, however, not be embarrassed to continue wearing masks, said Health Minister Joe Phaahla. www.news24.com/
South Africa ready to host events again, after remaining Covid-19 regulations scrapped South Africa’s interlinked tourism, hospitality, and events sectors are expected to boom on the back of government repealing the last remaining Covid-19 regulations. South Africa has no more regulations governing the response to the Covid-19 pandemic, according to a repeal notice gazetted by Health Minister Joe Phaahla last Wednesday. Face masks are no longer required in public-use indoor spaces and on public transport. Travellers entering the country don’t have to be vaccinated against Covid-19 and won’t need to produce a negative test result either. Social gatherings aren’t limited to certain numbers of attendees. www.businessinsider.co.za/
Parliament’s Section 194 enquiry committee into the fitness of nowsuspended Public Protector Busisiwe Mkhwebane to hold office, is expected to commence its work with witness statements on July 11. Mkhwebane was suspended by President Cyril Ramaphosa a few weeks ago, in accordance with guidelines set out in Section 194 of the Constitution. During the inquiry, Mkhwebane will be able to state her case and will also be entitled to legal representation. The chairperson of the committee, Richard Dyantyi, says the committee anticipates working until the end of September. www.sabcnews.com/
Zondo says Magashule, Zwane pushed ‘Gupta agenda’ with Vrede project, recommends criminal probe Chief Justice Raymond Zondo has recommended that former Free State premier Ace Magashule, ‘Gupta Minister’ Mosebenzi Zwane, and Tony Gupta be investigated over the Vrede dairy farm project, which he condemns as a ‘complete disaster’. He also suggested that they be sued to recover money lost as a result of their alleged conduct in relation to the alleged scam. Said Zondo: “Reading the perspective of beneficiaries, as presented in affidavits and oral evidence, one gets the impression that the locals were taken for a ride. They were duped… and persuaded to sell the cattle on the basis that the government would donate dairy cars to them, but that never happened. From this perspective, Estina used the fairytale Indian connection (Paras) to milk more than R250 million… from the government, which deliberately, or with gross negligence, blindly pumped money without asking questions or looking as to how it was spent.” www.news24.com/
securityfocusafrica.com
NEWS IN BRIEF Crime in SA: Healthcare workers carry a heavy burden Murders, rape, and gender-based violence (GBV) are a part of daily reality in South Africa — and trade unions representing most health care providers have had enough. They say that health workers face the brunt of this violence, working within an already-stretched healthcare system. According to the country’s latest crime statistics, for the period between January and March this year, 1,107 more people were killed year-on-year — an increase of 22 percent. Speaking to Health-e News, South African Medical Association (SAMA) spokesperson Dr Mvuyisi Mzukwa said that crime had become a health crisis, negatively impacting the public healthcare system. https://health-e.org.za/
China plans to have every single comment reviewed before it’s published on social media China may soon review every single comment before it goes out on social media, sparking fears of further censorship in a country that already has one of the world’s most restrictive media environments. Last Friday, China’s internet watchdog published a new set of draft rules on its website, instructing content platforms to review all online comments before they are published and to report any ‘illegal and bad information’ found, to the authorities. www.businessinsider.co.za/
Monkeypox hits SA: Concerns over disease being used to stigmatise gay and bisexual men With cases of monekypox mostly involving individuals who self-identify as men having sex with men, there is concern that the disease is being used to stigmatise gay, bisexual, and other men who have sex with men (MSM). This comes as the National Institute for Communicable Diseases (NICD), a division of the National Health Laboratory Service, confirmed that South Africa’s first case of monkeypox had been identified. www.iol.co.za/
Meta promises it will build a new ad-targeting algorithm that doesn’t discriminate against people Meta has reached a settlement with the US Department of Justice, promising to build a new ad-targeting system. The DOJ accused
securityfocusafrica.com
Meta of letting advertisers discriminate against people based on race, sex, and more. Meta has until December 31 to replace its current system with a new, non-discriminatory one. www.businessinsider.co.za/
Government sued for selling SAA for R51 South Africa’s government and national airline are being sued by a little-known investment firm, which wants the sale of a majority stake in the carrier scrapped and re-run due to a lack of transparency. This year’s acquisition of 51 percent of South African Airways (SAA) by the Takatso Consortium – made up of a local jet-leasing company and a private-equity firm – for just $3 (R51 at the time) was ‘unlawful and constitutionally invalid,’ according to documents filed at the High Court in Cape Town by Toto Investment Holdings Pty Ltd. The filing is the first legal action against the sale, which has drawn criticism from the National Treasury, opposition parties and media in part due to the lack of proceeds for the taxpayer. The airline had been a drain on government finances for a decade, receiving numerous state bailouts before entering bankruptcy proceedings in 2019. https://businesstech.co.za/
CPI figure hits five-year high for May Soaring fuel and cooking oil prices have pushed the annual consumer price (CPI) inflation to a five-year high of 6.5% in May. The rate, which was 5.9 percent in April and March, has broken through the upper limit of the South African Reserve Bank’s monetary policy target range. https://ewn.co.za/
Ombud says 38 percent of South Africa’s 26 million credit consumers are in breach There are 26 million credit active consumers, and in the fourth quarter of last year, 38 percent of those consumers were either in arrears or in an adverse status on their accounts. www.dailymaverick.co.za/
Fuel thieves siphon off millions from Mpumalanga Eskom power station A sophisticated crime syndicate – in cahoots with Eskom officials, police and trucking companies – is stealing fuel by exploiting a design flaw at the Kriel Power Station in Mpumalanga. And it all has to do with a weighbridge on the wrong side of a gate. www.dailymaverick.co.za/
Stemming global financial crime requires public and private cooperation The Covid-19 pandemic and other recent crises have increased reliance on digital banking and e-commerce and increased financial uncertainty and insecurity — cultivating a fertile ground for financial crime such as money laundering, fraud, corruption, and tax evasion. In addition to threatening the stability of domestic and international economic systems, the flow of illicit finance often supports malignant activities such as terrorism, sexual exploitation, human trafficking, environmental crime, drug smuggling, cybercrime and more. www.forbes.com/
SECURITY FOCUS AFRICA JUNE 2022
11
NEWS IN BRIEF
Violent crime surging in New York, Los Angeles: report Six major cities in the USA, including New York and Los Angeles, are already on track to surpass last year’s staggering rates of violent crime, data shows. Reports of homicide, rape, assault and robbery are on pace to break 2021 levels halfway through the year — with a 25.8 percent surge in violent crime in the Big Apple atop the list, according to a review of NYPD statistics. A total of 189 murders were recorded in New York City as of last Sunday, the latest date of available data. That’s down more than 13 percent from 218 on the same date a year ago, but rapes, robberies and felony assaults are all up: 15.4 percent, 39.7 percent, and 19.6 percent respectively. https://nypost.com/
Ryanair drops Afrikaans ‘prove you are South African’ quiz after backlash South Africans abroad have welcomed Ryanair’s decision to drop the Afrikaans test, which ‘from a sociolinguistic perspective was absurd’‘’, said Conrad Steenkamp, CEO of the Afrikaans Language Board. “There are 20 million people who understand Afrikaans, which means that the remainder of the
12
SECURITY FOCUS AFRICA JUNE 2022
population wouldn’t be able to take the test,” Steenkamp told Daily Maverick. South Africa has 11 official languages. About 12 percent of the population speak Afrikaans as a first language, while 25 percent speaks isiZulu. Anyone who failed the test was refused travel and refunded the cost of their ticket. Ryanair initially defended the test, saying it received a fine for every passenger found to have travelled on a fake passport. www.dailymaverick.co.za/
Hidden cameras inside NYC subway cars tested to fight crime The MTA (Metropolitan Transportation Authority) in New York City has added some new weapons to its transit crimefighting arsenal: surveillance cameras hidden in dozens of New York City subway cars. NYC Transit President Richard Davey has confirmed that there are two cameras per car, installed on 65 cars, to start. If the pilot programme is successful, the hidden cameras may eventually expand to the agency’s entire fleet. The cameras won’t be monitored around the clock, but are, instead, intended to be used by cops to pull evidence of incidents happening below ground. www.fox5ny.com/
R1 million reward offered for arrest and conviction of security guard’s killers G4S Cash Solutions has launched a national hunt for the killers of a security guard in Randfontein and is offering a R1-million reward for the successful arrest and conviction of the suspects. The incident took place last Monday, at Middelvlei Engen Petrol Station in Randfontein. The security guard, who cannot be publicly named, came under attack, and one of his alleged killers was caught on CCTV surveillance footage, which has been made public. www.iol.co.za/
What it’ll take for the Guptas to face corruption charges in SA Now that Rajesh and Atul Gupta have been arrested in the United Arab Emirates (UAE), there is a great deal of speculation as to when the brothers may ultimately set foot on South African soil to face charges of money laundering and other financial crimes. The brothers are the alleged kingpins behind state capture in South Africa — the massive corruption and repurposing of state organs for private gain during the ruinous reign of their friend, former president Jacob Zuma. They fled South Africa for Dubai in April 2016. www.moneyweb.co.za/
securityfocusafrica.com
OPINION PIECE
The real case for colocation Colocation users are growing. ISPs and cloud providers are getting on board, due to the huge growth in fibre connectivity and the shift to work-from-home after the pandemic lockdown. “But is it right for everyone?” asks Andrew Cruise, MD of VMware Cloud provider Routed.
C
olocation facilities (colo), where businesses can rent space and power for servers and other computing hardware, are mushrooming in South Africa. Facilities like Teraco, Vantage, NTT, and ADC have opened and grown in recent years due to increasing demand from enterprises suffering from continued loadshedding. But what are the benefits? The biggest drawcard of colo facilities worldwide is the specialised services they offer. These providers have expert facilities managers who have skills in security, power, and cooling — which few enterprises will have in their own data centres. This division of labour lowers risk and addresses many of the concerns which enterprises have in running their own data centres. The second reason for the growth in colo is connectivity. The better colo facilities have free peering points as well as private exchanges that serve as onramps into local and hyperscale cloud providers. The prevalence of good value, and fast and reliable connectivity into the data centre now makes colocation an acceptable option. In South Africa, of course, there’s a third – and very important – reason: colo offers reliable power during rolling power cuts. Enterprises using cloud also get these same benefits, reducing and segregating the operational risk by not having to rely on employees to manage the infrastructure. VMware Cloud, for example, offers migration tools as part and parcel of the solution. And the pitfalls Enterprises using owned hardware in colo benefit from this reduced risk, flexible connectivity, and reliability. But of course, you pay for it. This means that it’s not for everyone, but for those
securityfocusafrica.com
who do go the colo route, the pricing is at least very predictable. There are several examples in developed countries of unexpected overspending running wild following the move of traditional IT operationsbased infrastructure into hyperscale cloud. This has led to repatriation onto owned infrastructure or private cloud offered by local cloud operators with predictable price models. But, in South Africa, we have the benefit of learning from such overseas mistakes. Without going the overspending route, we already know that the next step is migration onto the cloud, with a combination of hyperscalers such as AWS or Azure and private cloud solutions such as VMware. And, for those currently running their own data centres, a colo solution to boot. This means more predictable pricing, a cloud solution suited to each particular workload, as well as reduced risk and improved connectivity and reliability. Finding the right balance Of course, the most important condition for colo and cloud to be viable is fast, reliable, cheap internet — typically provided by fibre optic cable. Fibre has finally penetrated all South African metro areas, making colo and cloud sustainable solutions. Realistically, most enterprises will benefit from not just choosing between colo and cloud, but a combination of both — and using multiple cloud providers. Overseas examples, unfortunately, have made people reasonably sceptical of cloud hyperscalers. The internet is littered with case studies of enterprises failing to complete the migration to hyperscale cloud due to operational difficulties after replatforming traditional workloads. Again, we get to learn from their mistakes: moving everything onto a hyperscale cloud
seems like a straightforward solution, but the reality is that every cloud provider is not fit-for-purpose for every app. Picking a single platform to keep things simple can mean suffering performance or commercial problems. Using multiple providers introduces complexity to your final solution, but each set of workloads will be in an ideal place. It’s crucial to choose the right environment for the right app. For this reason, that first step into a colo data centre is easier to swallow than a full migration onto cloud, and a good way to get started, as it frees resources to plan and execute further app migration. Security considerations should be overarching when looking at any kind of hybrid or multi-cloud solution. Combining colo and cloud in a wellconnected data centre should facilitate fast, secure, private extension between owned hardware and private and public cloud. There is no one solution for every enterprise. Many enterprises need to be responsible for their own hardware for security and compliance reasons, making colo and cloud not viable for certain workloads. The key is to do an audit of your enterprise’s workloads and find the ideal solution for each — whether that’s colo, cloud, running your own data centre, or a combination of all of the above, in different measures.
SECURITY FOCUS AFRICA JUNE 2022
13
CLOUD SECURITY
Top threats to cloud computing:
a ‘marked change’ in traditional security concerns Traditional security concerns around the cloud – including data loss and denial of service – are being over-shadowed by fears of inadequate security controls as consumers become increasingly cloud-savvy.
T
hat’s according to the recentlyreleased Top Threats to Cloud Computing: The Pandemic 11 by the global Cloud Security Alliance (CSA). The report, the sixth in its Top Threats to Cloud Computing series, found that many of the more than 700 respondents’ major fears had moved from data loss and denial of service (DoS) to concerns around control plane weaknesses, metastructure and applistructure, and limited cloud visibility. Debuting cloud threats A weak cloud control plane refers to inadequate or insufficient security controls, explains the CSA, such as a lack
14
SECURITY FOCUS AFRICA JUNE 2022
of two-factor authentication and the ability to enforce its usage. Metastructure refers to the mechanisms that provide the interface between the infrastructure and other layers; applistructure describes applications deployed in the cloud and the services used to build them. “Collectively, these security issues are a call-to-action for developing and enhancing cloud security awareness, configuration, and identity management,” says Jon-Michael C. Brook, co-chair Top Threats Working Group, and one of the paper’s lead authors. “As cloud business models and security tactics evolve, there is an even greater need to address security issues that are situated higher up the technology stack and are the result of senior management decisions.”
Andrew Cruise.
securityfocusafrica.com
CLOUD SECURITY
In order of significance, with previous rankings in brackets alongside where applicable, the Pandemic 11’s findings are: • Insufficient identity, credential, access, and key management (#4) • Insecure interfaces and APIs (application programming interface) (#7) • Misconfiguration and inadequate change control (#2) • Lack of cloud security architecture and strategy (#3) • Insecure software development • Unsecure third-party resources • System vulnerabilities • Accidental cloud data disclosure/ disclosure • Misconfiguration and exploitation of serverless and container workloads • Organised crime/hackers/APT • Cloud storage data exfiltration The perfect hiding place “The cloud – with its complexity – is the perfect place for attackers to hide, and an ideal launchpad for attacks,” says John Yeoh, Global Vice President of Research, Cloud Security Alliance. “Add to that the fact that insider threats make it more challenging to protect organisations from data loss and it becomes clear that more industry attention and research is required.” One of the significant differences between traditional IT and cloud service applications is that the former is customercontrolled, while the latter is “never fully shipped off to the customer,” says the CSA, — likely one of the reasons that weak control planes are a growing source of concern. In traditional IT environments, applications and security features are designed with the customer as the main user, and hosted on-premise. Customers have full visibility and control over their IT setups and are also responsible for their own security, with their IT providers providing updates and patches when necessary. The cloud, however, is a public environment, where resources are hosted on the premises of the service provider, explains software company Cleo. New opportunities, new threats Says Dale Norris of Top Threats to Cloud Computing: The Pandemic 11 report sponsor, ExtraHop: “The cloud spurs innovation, but it also expands the attack surface, introducing new opportunities for advanced threats to succeed.” In his blog Gain PCAP and Forensics in Google Cloud, Norris warns of
securityfocusafrica.com
Andre Mundell.
third-party risk and threats to software supply chains, “where PCAP (packet capture) is essential for understanding the scope of what happened. For defenders, access to packets in cloud environments for IR (integrated research) and deep forensic investigation has historically been difficult.” “Traditional approaches to PCAP in the cloud require adding friction-causing agents or packet forwarders,” he says. “And even then, investigators and incident responders usually have to swivel between tools to analyse those packets. Given those problems, security teams often turn to logs as a solution, but they offer limited insights and lead to trialand-error analysis that slows down investigations.” “Whether it’s determining the scope of an incident or remediating it, cloud
security teams need streamlined processes that get them to forensic evidence faster. And that necessary speed goes beyond being able to access information in a single tool. Investigators and incident responders need the right information, and they need to be able to find it quickly. With access to packets, detections, and transaction records that are indexed and searchable in a single cloud-native platform, investigators and analysts can filter by metric, transaction, user, and more. Streamlined workflows allow security teams to quickly get the forensic context they need, enabling them to significantly reduce mean time to resolution/remediation (MTTR) for incidents in cloud environments. That faster response also helps security teams take the fight against ransomware to the cloud.”
SECURITY FOCUS AFRICA JUNE 2022
15
CLOUD SECURITY
Other challenges “While many organisations were already moving to the cloud, the Covid-19 pandemic accelerated this transition,” says Check Point. “As a result, over 98 percent of organisations use some form of cloud-based infrastructure, and over three-quarters (76 percent) have multicloud deployments composed of services from two or more cloud providers. These cloud environments host critical business applications and store sensitive company and customer data.”Aside from cloud security per se, especially in ‘complex, multi-cloud environments’, companies are facing a raft of other major challenges, according to Check Point’s report The biggest cloud security challenges 2022. These include: • Lack of qualified staff • Compliance on the back of an everexpanding regulatory landscape • Lack of security visibility on lower infrastructure levels • Difficulty in identifying misconfigurations • Setting consistent security policies • Cloud security automation • Automated security enforcement The need for speed In its five-step guide to cloud security, Commvault says that companies reported far higher cloud usage in 2021 than they’d initially planned. “Many of those companies are now assessing these changes to determine how they can optimise and better manage their hybrid cloud environment, including the growing need to safeguard data, no matter where it lives. Whenever disruption occurs, the longer your organisation takes to react to it or adapt to it, the more growth and revenue you’ll miss out on. As data management trends tip toward as-aservice delivery, a SaaS (software as a service) -delivered solution can empower your company’s digital transformation.” Creating a migration strategy Moving away from a traditional infrastructure to a cloud-based one is a major undertaking, says Andrew Cruise, MD of VMware Cloud provider Routed, and it gets even more daunting when faced with the various options available on the market today. His advice is to create a solid cloud migration strategy, based on the following: 1. Outline your environment In broad terms, there are two types of cloud environments: development, and
16
SECURITY FOCUS AFRICA JUNE 2022
enterprise or business, he says. “Devops is exciting, amazing, cutting-edge. The business usage, less so, because it involves migrating physical workloads to the cloud. Don’t confuse need-to-have with nice-to-have and spend money on something that seems very attractive, but that you won’t really need or use.” 2. Do an audit of your operations “Cloud doesn’t necessarily replace all previous options but is an add-on in the hybrid world of today. Do an audit of your company’s operations and decide what needs to be moved to the cloud. Some operations might not be suited to cloud for compliance reasons, for example, (and) you need to factor in your company’s unique variables for each operation, like cost, complexity, and compliance.” Then, decide what needs to move to which type of cloud. “Different apps and operations belong in different places,” he explains. “It’s unlikely that every cloud provider is fit-for-purpose for every app, and you need to choose the right environment for the right app. Picking a single platform because you want to keep things simple can mean suffering performance or commercial problems down the line. It introduces complexity to your final solution, yes, but each set of workloads will be in an ideal place.” 3. Start small This is particularly important for SMEs, says Cruise. “If you move too much to cloud too quickly, it can lead to failed migrations and operational paralysis.
Break your operations down into bite-sized pieces and move them one at a time.” What you decide to move first depends on your needs, he continues. “Some migrations, like email or backups, are relatively simple and low risk, which might make sense for some companies. For others, moving to virtual machines is the smarter choice.” 4. Find the right management tools A single management platform that does all the above, and does it well, does not exist, says Cruise. “Rather look for specialist management tools: if cost management is your priority or challenge, look for tools that manage costs across a range of cloud platforms. If you want to visualise your usage across multiple clouds, look for a product that gives you that kind of UI (user interface).”
Sources: Cloud Security Alliance www.cloudsecurityalliance.org ExtraHop www.extrahop.com Cleo www.cleo.com CheckPoint www.checkpoint.com Commvault www.commvault.com Routed www.routed.co.za
securityfocusafrica.com
PRESSXXX RELEASE
True cost of fraud soars as cybercriminals diversify LexisNexis Fraud Multiplier finds the cost of fraud surged up to 41% across EMEA as cybercriminals attack more diverse payment methods.
A
TLANTA – June 9, 2022 As digital transformation continues apace in financial services and retail, the latest LexisNexis® True Cost of Fraud™ Study reveals that cybercriminals are attacking a wider set of payment methods and driving up the cost of fraud to new highs. The cost to businesses in Europe, the Middle East and Africa (EMEA) is now 3.49 times the amount of each transaction lost to fraud. The picture varies across EMEA markets in severity. The LexisNexis® Fraud Multiplier™ – an estimate of the total amount of loss a firm occurs based on the actual dollar value of a fraudulent transaction – showed an increase from 2019 data of 12.3% in Germany, 27.2% in France, 34.6% in the Netherlands and 41.5% in South Africa. Cybercriminals are also varying how they attack transaction chains. Credit transactions accounted for nearly half of fraud losses in 2019, when looking at costs by payment method. The latest study shows that criminals have diversified. While credit transactions still account for the single most fraud losses by payment method, there has been a marked increase in losses from digital wallets and direct deposit payment methods. The study revealed a proportional resurgence in losses from so-called traditional payment methods such as cash, cheque or gift cards, as many economies emerge from the pandemic. Identity verification is a growing challenge across EMEA markets, marked
securityfocusafrica.com
by the increasing use of synthetic identities, which fraudsters create by using a combination of fabricated information and personal information for a real person, to build a new digital identity. It is often difficult for businesses to flag these as fraudulent since synthetic identities include some legitimate data. “Fraud has become more expensive for businesses, in part because the volume of both human and bot-originated fraud continues to target transactions at scale,” said Jason Lane-Sellers, director of fraud and identity EMEA, LexisNexis Risk Solutions. “The other side of the story is that consumer transaction habits are changing and cybercriminals are adapting to these behavioural patterns. “With more consumers using a variety of channels to transact, there is no one-sizefits-all solution for businesses wanting to authenticate digital identities and reduce fraud losses,” continued Lane-Sellers. “Businesses need a multi-layered offensive using technology and data sources to combat fraud and stave off financial losses. The increasing sophistication of some cybercriminals in deploying synthetic identities is one example where more robust, multi-layered solutions can dramatically reduce the risk to a transaction chain.” 2022 LexisNexis True Cost of Fraud EMEA Study Methodology This year’s study surveyed 834 risk and fraud decision makers during January and
February 2022. Respondents represented a wide spectrum of financial services and retail merchants. Findings provide a current snapshot of key pain points including adding new payment mechanisms, transacting through online and mobile channels and expanding internationally, amongst other topics. The study also reflects activity, fraud risks, challenges and costs associated with pandemic impacts. The margin of sampling error for findings reported at an overall level is ±3.41 at the 95% confidence interval. Download a copy of the LexisNexis True Cost of Fraud™ Study - 2022 EMEA Edition. About LexisNexis Risk Solutions LexisNexis® Risk Solutions harnesses the power of data and advanced analytics to provide insights that help businesses and governmental entities reduce risk and improve decisions, to benefit people around the globe. We provide data and technology solutions for a wide range of industries including insurance, financial services, healthcare and government. Headquartered in metro Atlanta, Georgia, we have offices throughout the world and are part of RELX (LSE: REL/NYSE: RELX), a global provider of informationbased analytics and decision tools for professional and business customers. For more information, please visit www.risk.lexisnexis.com and www.relx.com.
SECURITY FOCUS AFRICA JUNE 2022
17
PRESSXXX RELEASE
Real-time fraud analytics increasingly important for insurers Insurers are embracing digital transformation programmes to keep customers at the centre of their business. However, insurance fraud and related crimes have become a growing concern in today’s connected landscape. This is where fraud analytics has emerged as the first line of defence to safeguard data and systems while enabling business leaders to make real-time decisions on claims recovery to reduce leakage. By Amit Kumar, Practice Leader, Fraud, AML and Security Intelligence, for SAS in Middle East and Africa.
G
iven the rapid need to modernise and digitalise legacy insurance environments, insurance companies need to find innovative ways of retaining and growing their customer base. This sees insurers looking to capture the values achieved through the traditional insurance agent but without the operational cost. Investing in websites, operational systems and processes, and people are making this happen at a scale previously unimaginable. Unfortunately, the risk that comes from pushing the resultant self-service functionality for new business and claims processing means the company removes experienced staff from vital interactions. “Not only does this mean that clients loose personal engagement where there once was, but also the potential for fraud increases as criminal elements invest time and resources in learning how to exploit any weak links in the fraud defences,” says Amit Kumar, Practice Leader, Fraud,
18
SECURITY FOCUS AFRICA JUNE 2022
AML and Security Intelligence, for SAS in Middle East and Africa. Premeditative fraudsters can easily make claims or introduce new business by using personal information from non-existent clients or from those who have had their details significantly changed, such as through synthetic identity theft. This can be done quicky, from any location, using any device. Many digital programs do not look at the full spectrum of clients. Many claim managers admit that the claims incidence for a book of business has increased in a statistically significant way after implementing a digital program. “This is where fraud analytics helps steer the customer journey,” says Kumar. “Real-time analytics determines which claimants should go through the STP channel versus those that should not. Analytics reveals which people should be automatically accepted as new business — versus those who need to be connected with an experienced insurance person for a
deeper conversation, for example.” Using this analytics, each new business application can be automatically evaluated to see if it fits into a known, highscoring fraud ring. If so, it is passed on for further action. Insurers see emerging threats and trends based on existing data that helps them get ahead of the next fraud wave. Additionally, this same technology can extend beyond fraud to other areas. For example, analytics makes real-time decisions on claims recovery — significantly reducing leakage. “Analytical solutions that incorporate elements such as entity resolution, an open data model, data importing, and the ability to orchestrate all analytic activities with choice and control, provide a strong foundation to give the insurer an holistic view of risk. Furthermore, it helps to authenticate a customer’s identity and automatically tunes models through an adaptive learning feedback loop,” concludes Kumar.
securityfocusafrica.com
PRESSXXX RELEASE
How businesses can minimise the cost and impact of protest activity The power of protest played a pivotal role in South Africa’s hard-won democracy and is firmly entrenched in the Constitution as a right for people to make their voices heard. However, if handled incorrectly, protracted strikes and protest actions can have deleterious effects for a business’s finances, employees, assets, and reputation.
I
n 2021, Bloomberg reported that the South African steel industry strike, which lasted for 17 days, cost the industry about R500-million, with a concurrent loss of about R100-million in wages. The Mail & Guardian meanwhile reported that the nationwide unrest which broke out in July last year put about 150,000 jobs at risk and cost the economy an estimated R50-billion in output. These examples alone highlight why it is in employers’ and employees’ best interests to manage negotiations and protest action peacefully and in a way that causes minimal disruption to business continuity and job stability. “Businesses need to take a holistic approach to managing a strike; however, most organisations are either insufficiently prepared or take a siloed, reactionary approach, which can extend the duration of a protest and add cost for businesses,” says Stephan Botha, CEO of Thorburn Security Solutions. “Additionally, the longer a strike is drawn out, the more likely it is that emotions will escalate, increasing the possibility of risk to people’s lives, business assets, and a company’s reputation,” explains Botha. Before businesses choose which security solutions services to partner with, it is important that they research their existing experience in managing all aspects of protests and strikes. Do they have the ability to help companies and protestors swiftly and safely reach resolutions? Can they do it while concurrently minimising cost, damage to assets, and reputation? The ideal partner should offer comprehensive training to prepare management teams for what to expect in the event of a strike, as well as access to specialised legal assistance which provides advice and the relevant legal documentation at various stages of a strike action. Some security solutions
securityfocusafrica.com
providers have close relationships with various state departments, trade unions, employer bodies, the SAPS as well as national and international security bodies. The advancement of technology has brought the inclusion of drones to specialised security solutions providers, allowing for a more proactive and rapid response level of patrol. Some are even fitted with 360 degree thermal cameras, with a live feed, to keep track of crowd movement, fire and other threats, even in poorer lighting conditions. This can then be communicated to security officers on the ground and they can mobilise accordingly. And, while the thought of non-lethal or even lethal-weaponed officers with armoured vehicles and helicopters protecting your business may seem dramatic on the surface, it’s worth remembering the potential destruction and looting that is possible when a demonstration gets out of hand, and how many business owners have lost everything to riots. In July 2021, Durban had borne the brunt of a civil unrest, with 45,000 businesses out of commission and an estimated R16-billion in stolen stock, and damage to infrastructure and equipment. While some riots may last hours, others last days or even weeks. It’s important to find a way to ensure that, in addition to protecting your business, you are able to provide for your staff’s basic needs. While companies may have to take it upon themselves to secure their own supplies, some security solutions providers may already have plans in place for this. “Because we are part of the Tsebo Solutions Group, we can offer additional services such as catering for employees who choose to remain on-site during protest action, secure transport for these staff members and the rapid deployment of cleaning teams to clean up after a strike,” concludes Botha.
Mitigating risk is all about preparation and planning. Bringing in an expert to help put together a plan in case of emergency, or partnering with a specialist security service can position your business to withstand the unexpected when it arrives, and dramatically increase your chances of returning to business as quickly, efficiently, and cost-effectively as possible. About Tsebo As a leading African Integrated Workplace Management Solutions Provider with over 50-years of experience, Tsebo Solutions Group offers clients reduced costs, risk and complexities together with increased quality, efficiency and productivity. Our expertise across sectors has informed our agility and ability to evolve, problem solve and innovate to better support our clients’ success. At its core, Workplace Management Solutions is a holistic approach to an industry of people taking care of people. The health, safety and wellbeing of our clients, employees and communities is our number one priority. Developing our people – the heart of Tsebo – is the foundation of our purpose. The result is a knowledgeable workforce that is in touch with every nuance of our clients’ needs. We specialise in Catering, Facilities Management, Cleaning and Hygiene, Pest Control, Protection, Energy, Procurement, Workspace Design, Engineering, Remote Camps, and more. Beneath our strategic efforts lies a robust dedication to sustainable development and equal opportunity employment, which has seen Tsebo emerge as a progressive African corporate entity. For further information, please contact: S’thembile Duma Tel: +27 (0)79 464 8536 Email: sthembile@flume.co.za
SECURITY FOCUS AFRICA JUNE 2022
19
PERSONALITY XXX PROFILE
In conversation with: Reana Steyn, Ombudsman for Banking Services, South Africa “It may sound like a worn-out record, but I dream of and hope for a peaceful, non-racial country where we can eradicate this tragedy of poverty and where everyone is valued for who they are and what they bring to the table.”
B
orn in Boksburg in Johannesburg, which is still her home town, Reana Steyn has been South Africa’s Banking Ombudsman for the last five years. It’s a position that carries with it enormous responsibility, not only with regard to her team but also to the country’s millions of banking customers. From her first job with law firm Norton Rose Fulbright (originally Deneys Reitz Attorneys), following her graduation from university with a BComm LLB, to positions with the NCR (National Credit Regulator) as their first legal advisor, and financial services giant KPMG in the compliance division, she’s thrown her heart into her work with passion, warmth and a sense of humour.
20
SECURITY FOCUS AFRICA JUNE 2022
The early days “I have such happy childhood memories: of playing with kids in the neighbourhood, reading lots of books, and spending our holidays on the KwaZulu-Natal South Coast or the family farm in a small town called Ladybrandt in the Eastern Free State. The farm didn’t have electricity and we did everything, from milking cows and collecting eggs, to driving on the tractor with my uncle.” After matriculating, she enrolled at university. Still undecided about a career, she chose to pursue a BCom Law degree so that she could keep her options open between law and accounting. While working for KPMG twelve years ago, she was approached by the thenCredit Ombudsman, Manie van
Schalkwyk, who was looking for someone with her expertise to assist with credit complaints. She accepted the job offer, going on to become Deputy Credit Ombudsman and then – ‘a great privilege’ – the first woman to hold the position of Banking Ombudsman in 2017, when her predecessor retired. Calling herself ‘unbelievably blessed’, Reana enjoys steering the ship and ‘seeing it all come together’. “If you’re heading up an organisation, you have a bird’s eye view over each aspect of the business, from the finances to HR to complaints resolution and marketing etc. When I took over, the culture of the organisation needed some work, and it took time to build the trust as well as the world-class team that we now have. I am
securityfocusafrica.com
PERSONALITY PROFILE
most proud of how each and every staff member has grown, as individuals, as well as in the way they now represent our office – each one an expert in his/her own right – working with pride and responsibility and to the best of their ability. I enjoy making sure that every aspect of the business is doing well, so that as a whole, we can achieve our goals and more.” What are the challenges? “There are constant challenges, but so far nothing unexpected. Issues such as too few hours in the day for all the meetings and calls or to make sure that everything is on track, are normal. It’s sometimes depressing to see the negative social media posts by consumers, when I know how seriously the staff take their role of assessing each case impartially, and also taking into consideration the fact that we have the responsibility to raise legal and contractual issues that the consumer may not even be aware of, with the banks. In some cases, we simply cannot find in their favour or give them back the money they lost — in scams, for example. Dealing with complaints will always be a challenging environment.” Your mentors and inspiration? “I’ve had a few! My mother, who took her career in the bank very seriously (she started straight after matriculating and retired at the age of sixty-five), set a great example for me. And attorneys Pierre Naude, who specialised in aviation law, Patrick Bracher who was a partner at my first law firm, and Manie van Schalkwyk, former Credit Ombudsman, are three mentors who taught me so
securityfocusafrica.com
much and most of what I know about the law and running an Ombudsman’s office.” Advice to the young generation? “Think big, dream big, be positive and believe in yourself. At the same time, be humble and display excellent manners at all times. Remember that it’s the small things that matter. Be honest, don’t lie and don’t steal. Always act with integrity and you will reap the rewards, even if you can’t see them now. Believe, as I do, in the future of this country. Whether you will pursue a career for which you study at university or college, or you become an entrepreneur, or learn a trade: if you perform your daily work with passion and commitment, it will pay off, no matter what your background. And finally, if you’re not planning on immigrating to greener pastures, don’t complain or be negative about our country. Make the best of it, seize the opportunities — and don’t give up after the first door is slammed in your face!” Your hope for South Africa? “I hope for peace and prosperity, for a non-racial society where we can eradicate the tragedy of poverty, and where everyone is valued for who they are and what they bring to the table. That the current undertones and sometimes open hatred for other races can be erased from our collective psyche. And part of the prosperity is, of course, that our millions of talented people, young and old, will find valuable jobs or contribute to our society so that we can all live in a better tomorrow. I’m staying in this country, and so are my parents
and my children (and hopefully, one day, my grandchildren). I really hope that we can all start working together to stop our beautiful country from being broken down by certain elements.” The books you’re reading? “I love buying new books and having a few on my nightstand. I’ll read a few pages a day from whichever book speaks to me on that particular day — unless I get hooked and then I may forego sleep! At the moment my book stack includes The Almanack of Naval Ravikant, Atomic Habits by James Clear, The End of Money by Buckham, Wikenson & Straeuli, and Outlander by Diana Gabaldon.” What’s on your Bucket list? “Career-wise I’m still working on ensuring that the organisation grows and excels in every way. My wish is for my term at the helm of the OBS to be memorable for good reasons. After that — I have no idea what my next career move will be except to say there will be another one. Maybe I will go back to practice or maybe my experience in banking will take me somewhere as exciting and rewarding as my present position.” “Personally, I dream of walking the Camino — if only I can find five weeks and good walking shoes! Any overseas trips to explore places I haven’t seen, can definitely also be added to my bucket list. And finally, I want to do more charity work. At the moment we’re involved with some projects at the OBS, and I’m contributing in my personal capacity, but I want to do more to support my communities.”
SECURITY FOCUS AFRICA JUNE 2022
21
MEDIA XXX STATEMENT
The OBS secures millions for bank customers wronged by banks Over the past two years, the Covid-19 Pandemic has disrupted the traditional banking model, testing it to its limit. Banks are battling to address this. Reana Steyn, the Ombudsman for Banking Services (OBS) points out that 2021 brought with it some serious financial challenges for most South African banking consumers. Distributed on behalf of the Ombudsman for Banking Services by Lola Lazarus of Bullion PR & Communication.
T
hese consumers had to turn to the OBS for intervention against their banks. “This is evidenced by the record number of complaints received and investigated by the OBS in 2021, where the number of complaints adjudicated by the OBS increased by 7% as compared to 2020,” says Steyn. She added that the number of cases finalised in 2021 increased from 7,230 in 2020 to 8,039 closures. This was a 9% increase from 2020. Steyn advised that despite this increase, the OBS was able to resolve these complaints efficiently. Further, she encouraged all consumers who have been wronged by their banks or who have suffered losses, or some serious distress and inconvenience due to a bank’s maladministration, to contact her office for the free dispute resolution service it offers.
Key Statistics Continuing the trend from previous years, 2021 was no different, with many of the complaints received and resolved by the OBS relating to fraud, maladministration by banks, closure of bank accounts and repossessions. The OBS opened a record
22
SECURITY FOCUS AFRICA JUNE 2022
8,257 complaints during the reported period. This was a 7% increase from 2020 and a 28% increase from the number of cases opened in 2019. “Over 10,330 complaints were referred to the banks in 2021, compared to the 8,389 cases in 2020. Referrals are complaints received by the OBS from consumers who have not provided their banks the opportunity to resolve the complaint with them in an amicable manner. The OBS sends these complaints to the banks, on behalf of the consumers, for the banks to attempt to resolve the matters directly with consumers. The matter is only converted into a formal case if the problem cannot be resolved by the bank,” says Steyn. She added that since it is her office’s vision to be known as a trusted mediator of disputes, the constant increase in referrals (23% increase), complaints (9% increase) and calls received by the OBS call centre (7% increase from 39,239 in 2020 to 41,880 in 2021) is hopefully an indication that the public is becoming aware of the free, fair, professional, and expedient alternative dispute resolution service offered by the OBS.
Types of complaints received in 2021 According to Steyn, many of the complaints opened and investigated by her office in 2021 involved instances where bank customers became victims of various types of fraud. However, internet banking complaints reclaimed their pole position as the category with the most complaints in 2021, accounting for 19% of the total complaints opened. “This is an alarming 6% increase from 2020 and a worrying statistic, as it goes against the progress made in 2020, where the number of internet fraud victims had dropped significantly, to a record low of 13% of the total complaints,” pointed out Steyn. Second, the OBS dealt with many service-related complaints, maladministration by banks, consumers being debt stressed, account closures by banks and consumers disputing the fees or interest rates applicable to their agreements. Current Account complaints accounted for 16% of total cases opened. This was a 3% decrease from 2020. Personal loan and mortgage finance complaints remained constant at 11% and
securityfocusafrica.com
MEDIA STATEMENT XXX
8% (respectively) for the past 3 years while credit card complaints reduced from 11%, in 2020, to 9% in 2021. There was an increase of 2% (from 6% in 2020, to 8% in 2021) in the number of complaints opened for vehicle finance-related issues. ATM-related complaints continue their decline, with the total number of complaints opened accounting for 7%. This is a 2% decrease from 2020 and a further 6% decrease from 2019. Steyn pointed out that in previous years, such as in 2015, ATM related complaints constituted the largest number of complaints that were received and investigated by the OBS. However, due to people choosing technology to do their banking, internet banking has taken over. “This trend has obviously been heavily influenced by the Pandemic,” says Steyn. She advised that in the majority of these complaints, the losses suffered as well as the inconveniences experienced could have been avoided had consumers been more sceptical of fraudsters posing as bank personnel. “It is important that consumers protect their confidential banking information. Further, consumers should never accept assistance from strangers at the ATM. Finally, consumers should become more involved in the management of their accounts by constantly going through their account statements and engaging with the banks for assistance at the first sign of financial distress,” says Steyn, who added that this should be encouraged over avoiding banks at the first sign of trouble. Steyn added that the list of potential problems and ways to lose money is endless. However, she advised consumers to be prudent and read up on latest fraud trends or to make inquiries at their banks about their various offerings for people in financial distress. This is to avoid legal action and properties being repossessed. Amounts recovered for customers Steyn advised that in 73% of the matters resolved by her office in 2021, the findings were in favour of the banks. This means that in 5,846 (72.7%) cases, it was her office’s findings that there was no legal nor fair grounds to uphold the complaint against the bank. She added that her office’s findings will always be guided by the facts, the law, and fairness as well as considerations of best banking practices (national and international). Steyn was, however, pleased to have been able to assist those consumers who had legitimate and substantiable claims. She confirmed that, through her office’s intervention, the concerned banks were
securityfocusafrica.com
held 100% liable for the complainant’s claims in 15.9% (1,276) of 2021 complaints. In 4.5% (363) of these complaints, the banks were found partially liable. This means that in 1,639 (20.4%) matters adjudicated in 2021, the OBS concluded that there was some wrongdoing on the part of the banks. “Of the matters concluded in favour of the complainants, over R19,400,000 was awarded and offered because of the OBS’s direct intervention,” says Steyn. In 6.60% (530) of 2021 complaints, no award was made to complainant. However, the OBS was able to provide them with information on why this was the case. Performances, by bank 2021 yet again saw a notable increase in cases for most Banks compared to the previous year. While in 2020 Absa Bank (ABSA) recorded a reduction in the number of complaints (down 36% year-on-year), 2021 was the opposite. Only First National Bank (FNB) recorded a significant decrease in the number of cases opened in 2021. According to Steyn, this dramatic decrease from FNB can largely be attributed to the initiatives implemented by the bank’s CEO and staff to ensure that the bank aligns itself with the Treating Customers Fairly (TCF) principles and the requirements of the Conduct of Financial Institutions (COFI) Act. They made a concerted effort to look past the black letter of the law in respect of the merits of a complaint and to apply considerations of fairness and reasonableness where the facts of the particular matter allowed for such considerations, she added. Specific attention was also given to the vulnerability of some customers, and often settlements were made based on those considerations. This approach has certainly proven to be fruitful for the bank and has resulted in the reduced numbers that our office has seen, remarked Steyn. Steyn reminded the public to be cognisant of the fact that the number of files opened against a bank should not be regarded as an indication of that Bank’s overall performance or the way that they deal with complaints. “Consideration must be given to the fact that Banks vary in size, client profile and product mix. With fraud, the OBS has seen over the years that the fraudsters move from bank to bank, targeting a certain group of consumers through phishing emails, vishing calls, etc. All of these factors impact on the number of complaints made against any bank,” says Steyn.
Below is the detail of formal cases that were opened against the 5 Big Banks in 2021. Individual increases should be seen in light of the overall increase in the number of complaints received by the OBS: • FNB saw a significant drop, from 2,197 complaints in 2020, to 1,452 complaints in 2021 (a 34% decrease); • Standard bank saw an increase of 31,6% in the number of complaints, with a total number increasing from 1,572 complaints logged in 2020 to 2,070 in 2021; • Capitec bank also saw an increase in complaints, from 1,259 cases in 2020 to 1,651 in 2021, representing a 31,1% increase; • ABSA had an increase from 943 cases in 2020, to 1,068 cases in 2021 (a 13.3% increase); and • Nedbank accounted for 1,273 of the cases opened, an increase of 4.3%. • TymeBank saw a major increase in the number of complaints logged in 2021, with an increase of 870,8%. However, the public must remember that these complaints came off a very low base of only 24 complaints in 2020 to 233 complaints in 2021. Discovery Bank decreased by 26,7% Vulnerable consumers 2021 was the first full year where the OBS collated the statistics in respect of vulnerable consumers. Seventy percent of vulnerable consumers where classified as such, due to age, while 22% where classified as vulnerable due to a life event such as retrenchment or the death of a spouse/partner. A very concerning statistic is the 5% of vulnerable consumers who were over 85 years of age, and the 22% who were between 75 and 85. Progress being made Steyn points out that, while there was an increase in complaints in 2021, we need to take into account that banks are dealing with a highly disruptive and challenging environment. “The OBS will continue to monitor the increases across all complaint categories and engage with the relevant banks to ensure that they are aware of the specific challenges that they need to address in order to improve outcomes for consumers. We are confident that despite the challenging environment, progress is being made by banks to improve the service offering that they provide to consumers,” concludes Steyn.
SECURITY FOCUS AFRICA JUNE 2022
23
OPINION ISS TODAY PIECE
New SA crime trends are bleak, but at least we have the data Information sharing and partnerships are reasons for hope despite the dismal state of crime and policing in South Africa. 13 June 2022. By Andrew Faull, Senior Researcher, Justice and Violence Prevention, ISS Pretoria. Republished from https://issafrica.org/iss-today/new-sa-crime-trends-are-bleak-but-at-least-we-have-the-data?utm_ source=BenchmarkEmail&utm_campaign=ISS_Today&utm_medium=email.
M
urder is up, police morale is down, and reform is imperative. But precisely what is broken in the South African Police Service (SAPS), and how will we know when it’s improving? Without defining the problem, wellintentioned activities risk missing their mark. Progress in crime and policing requires data, partnerships and leaders willing to focus attention on when, where and around whom harm is greatest. Crime and policing in South Africa are in a dire state, but the SAPS’ willingness to share some information with the public gives a faint silver lining
24
SECURITY FOCUS AFRICA JUNE 2022
to an otherwise dark cloud. On 3 June, the SAPS released crime statistics for the first three months of 2022. The data revealed an alarming 22% surge in murder, equating to a rate of 40 per 100 000 residents or seven times the global average. All other categories of serious violent crime also increased. In the same week, the parliamentary Portfolio Committee on Police discussed the findings of a 2021 SAPS ‘climate survey’ on the morale and internal environment in the service. It revealed a state of dire mistrust among members. Roughly half of police believed their
colleagues were dishonest (53%), abused their power (54%), weren’t self-disciplined (51%) and didn’t conduct themselves ethically (47%) or professionally (47%).
After a 22% surge in murder, the rate in South Africa is seven times the global average The survey also painted a picture of crushingly low morale. Thirty-eight percent didn’t look forward to work in the morning; 41% were dissatisfied
securityfocusafrica.com
TECHNOLOGY ISS TODAY UPDATE
performance, they may temporarily improve morale among a few police but risk alienating tens of thousands of others. Perhaps, as hinted in the climate study, broader improvements could be attained by introducing a fair, merit-based promotion system. We can’t know if we won’t ask. Fortunately, things may be improving in some areas. Two weeks before the recent crime statistics and climate survey presentations, a group of senior police officials, researchers, and the Western Cape Police Ombudsman attended the sixth Annual American Society of Evidence-Based Policing conference in Washington, DC.
More than half of police think their colleagues are dishonest, abuse their power and aren’t self-disciplined
Image: © SA Police Service/Twitter
with their jobs; and 51% felt the SAPS didn’t care about their wellbeing. Fifty-four percent were unmotivated; 68% felt dissatisfied with career progression opportunities; and 78% were dissatisfied with the promotions process. As disastrous as this data is, the SAPS must be commended for producing and sharing it. Solving chronic problems like endemic violence and organisational dysfunction is best begun with an analysis of such information. Leaders can use the findings to identify where harm is greatest, hypothesise about the mechanisms behind the causes, and deploy interventions that can be tracked and measured, informing adaptation and learning. Unfortunately, this process isn’t common practice. For example, on 24 May, Police Minister Bheki Cele suggested that the promotion of 8 607 constables and sergeants would ‘contribute significantly to an improvement in employee morale.’ His intuition may be sound, but will it work? Since promotions are not based on
securityfocusafrica.com
The society was established in 2015 and is one of four international police-led groupings for evidencebased policing. These networks are composed of police officers and researchers who promote the identification and implementation of effective research-based strategies to improve public safety and officer wellbeing. Like the battles waged against the coronavirus pandemic and climate change, these societies recognise that the future of policing and public safety can’t be left to the whims of politicians or charismatic officials. Instead, they must be evidenceinformed if meaningful and sustainable results are to be achieved. The same can be said of the SAPS approach to crime. In South Africa, very little is known about the impact of the large numbers of arrests, roadblocks, shop visits and other activities carried out by police each year. South African delegates left the conference recognising that an intentionally evidence-informed approach could clarify what practices work and what do more harm. Reflecting on the conference, SAPS Head of Research Maj-Gen (Dr) Phil Vuma said he was struck by the trust between police leaders and academic partners collaborating to test and evaluate policing. Similarly, Western Cape Police Ombudsman, retired
Maj-Gen Oswald Reddy, appreciated the importance of research and evaluation partnerships for improving policing and oversight. He said that South Africans should use the growing evidence base to hold police accountable and enhance public safety.
As disastrous as the data is, the SAPS must be commended for producing and sharing it These are good signs. Along with the quarterly release of crime data and the recent climate survey, police and government officials are increasingly collaborating with others to build a local evidence base. For example, Western Cape government officials have pioneered a real-time safety dashboard of violence metrics to provide law enforcers with the best possible data to guide their work. But as delegates heard in Washington DC, it isn’t enough for police to report data. They must show how they respond to it using specific measures tailored to each problem. This means explaining why an approach has been selected, its expected impact, and how it will be assessed. Speakers noted that when police regularly share data, they empower government and communities to address crime themselves and so build trust. It was also recognised that policing is facing a critical moment. The legitimacy of police institutions is being challenged in many countries, public trust is floundering, and budgets are being cut. It is more crucial than ever that police use evidence to do more with fewer resources — and the same is true for South Africa. The recent crime and climate survey statistics highlight significant problems in South African policing, but the SAPS should not be lambasted after sharing them. Instead, the public should welcome the data release. They should partner with police to assess the figures and collaborate on evidence-informed plans to reduce violent crime and improve the working conditions of all dedicated police officers.
SECURITY FOCUS AFRICA JUNE 2022
25
TRENDS
A channel focus and strategic advantages position partners for success Over the past 24 months, the conversation around surveillance has changed significantly. Instead of falling purely within the security or facilities side of a business, the ability to take raw video and audio footage, convert it into data and analyse it has become a hot topic across many sectors, including mining.
S
urveillance has become something that affects an organisation’s physical security measures as well as the areas of IT and risk management. “With the addition of intelligence, the humble camera has essentially become the ‘eye’ in IoT, and there is suddenly so much more value to be gained from an asset that is already deployed,” explains Stephanie Rosenmayer, Business Unit Manager at Datacentrix, a hybrid IT systems integrator and managed services provider. “If captured correctly, it is here, at the source of the data, that we can bring actionable intelligence into the business.”
26
SECURITY FOCUS AFRICA JUNE 2022
Technology driving surveillance According to Rosenmayer, there are several trends driving the evolution of surveillance. “We know that artificial intelligence (AI) and surveillance are moving to the cloud and it’s a fact that surveillance is now an integral part of the enterprise architecture. Furthermore, we understand that this has a massive impact on bandwidth requirement, and it’s now a conversation that must include the IT department. We’ve also seen analytics move to the edge, which includes the incorporation of analytics into new smart camera technology. “There has been an AI explosion,” she continues. “Consider the Open
Stephanie Rosenmayer.
securityfocusafrica.com
TRENDS
Security & Safety Alliance (OSSA), a nonprofit corporation created to establish a common standardised platform for security and safety solutions that is accessible for everyone. These standards pertain to operating systems, the actual infrastructure, privacy, and data. The aim is to reach a point where we can apply or select any AI application and deploy it on any camera, regardless of brand, that is specifically required within that business environment.” A good example of this – for the mining environment – would be if there is a need for an application that deals solely with crushers. “OSSA’s latest drive will remove the barrier to entry of great AI development skills to enter the surveillance market, that was traditionally limited to OEM manufacturers. This means that you would be able to find the right crusher app for your needs and deploy it on any camera. “This is not a pipe dream, and we will see it coming to the fore over the next year or two, as the larger camera manufacturers are starting to join the OSSA and are beginning to add processing capabilities to the cameras themselves.” Cameras playing key role in both safety and efficiency gains Says Rosenmayer: “Ultimately, the source of our data is sensors – cameras, environmental sensors or power distribution systems – and all of this information needs to be collected in a place where it can be used for two things. Firstly, it can be used for an emergency alert, where the right person can be dispatched to deal with an issue, and secondly, to take unstructured content and organise it into output that can be useful and actionable for the organisation, adding value in terms of the bottom line.” For instance, typical safety challenges that may be tracked and addressed, using surveillance within this context, could include personnel violations (like employees not wearing the correct personal protective equipment (PPE) or field workers walking across a track), sudden changes in the operational environment, poor risk foresight, and challenges related to the supervision of underground staff. Surveillance could also meet the need for efficiency, or yield, improvements, due to poor performance of production equipment, or a lack of dynamic balance
securityfocusafrica.com
between production, transport, and storage. A good example here would be system belt performance challenges, Rosenmayer explains. “For a coal mine using an underground conveyor belt in the process of coal transmission, a lack of real-time monitoring and poor communication could mean that the organisation is unaware that the conveyor belt, which covers a long distance, is at certain times carrying a zero load, which could even stretch to hours. “The belt conveyer is a significant consumer of a mine’s overall electric energy use, expending up to 40 percent of the operational cost. This means that at times where there is no load, the mine is consuming power – and paying for it – at a time that it is completely unnecessary.” There may also be occasions where foreign objects falling on the conveyor belt, or oversized ore, cause blockages or even belt damage, which often leads to larger transport economic losses. Perhaps there has been an abnormal shutdown of the conveyor, people approaching it when they shouldn’t be, or there may be conveyor deviations. “These are all challenges that a real-time view of the critical parts of your facility and the overall status of the underground environment could help to solve.” In fact, according to Rosenmayer, case studies from international mines using AI technologies have shown a proven reduction of conveyor belt downtime from three days per month to one. Noload power consumption has also been reduced from $650,000 per year, to $280,000 per annum. “In addition, these mines have seen several benefits for enhancing management, such as the ability to anticipate major risks, identify personnel violations and contain major accidents.
They have been able to avoid mine shutdown due to severe accidents. They also now have access to intuitive measures for mining operation supervision; reliable evidence for accidents retrospection; and can provide statistical reporting on abnormal mining operations to support scientific decision making. “From a mining perspective, the key question to ask when it comes to surveillance today is: how valuable is it to your organisation to have this information in real time, instead of finding out how it affected production at the end of the day?” she asks. About Datacentrix: Datacentrix is a leading hybrid IT systems integrator and managed services provider that enables digitalisation success. Our expert teams leverage the power of ICT technologies to connect, transform, optimise, and future-proof business, supporting clients throughout their digital journey. Datacentrix offers deep technical expertise across a mature offering and provides proven execution capability that is endorsed by the world’s foremost technology partners. With a strong African footprint, the company is recognised for its agility, in-depth industry knowledge, ethical practices, and strong overall performance. The company is a Level One (AAA) B-BBEE Contributor, with 135 percent procurement recognition. For more information, please visit www.datacentrix.co.za. Contacts icomm Nicola Read Cell: 083 269 2227 Email: datacentrix@pr.co.za Website: www.icomm-pr.co.za
SECURITY FOCUS AFRICA JUNE 2022
27
EXHIBITION NEWS
Positive industry turnout for Securex, A-OSH Expo, Facilities Management Expo and Firexpo 2022 trade shows JOHANNESBURG –June 29, 2022. The occupational health and safety, security, facilities management, and fire protection sectors proved once again that face-to-face interaction cannot be beaten, with excellent industry support seen at the recent co-located Securex South Africa, A-OSH Expo, Facilities Management Expo and Firexpo trade shows.
T
he exhibitions took place from 31 May to 2 June 2022 at Gallagher Convention Centre in Johannesburg, with the ‘four-industries-one-roof’ offering from Specialised Exhibitions, the largest trade show organiser in Southern Africa, drawing in more than 8,300 visitors over the three-day period, and featuring over 200 exhibitors. Says Mark Anderson, portfolio director at Specialised Exhibitions: “It has been a long two years since we’ve been able to hold larger live events and exhibitions in South Africa, so 2022 was a landmark year for these trade shows, in many ways. “Not only was it the first year since 2019 that we were able to bring Securex, A-OSH Expo and Facilities Management Expo back to the industry
28
SECURITY FOCUS AFRICA JUNE 2022
– after a two-year hiatus – but we were also able to introduce the very first Firexpo, focusing exclusively on firerelated products and services. “As Africa’s biggest security exhibition, we were extremely proud to celebrate 29 years of Securex this year, with its continued focus on all elements of the security sector, from physical and retail security to access control, vehicle and personnel tracking, cybersecurity and more, while A-OSH marked more than a decade of being Africa’s leading occupational health and safety expo. 2022 also commemorated the second year that Facilities Management Expo, the trade show that brings together all aspects of facilities management, has run alongside these two sector stalwarts. “The show floor was buzzing over
the three-day period, and it was clear, for both visitors and exhibitors, that the industry was more than ready to reengage and reconnect on an in-person basis.” While there was a very small drop in visitor numbers, comparatively with the 2019 figures, reflecting the same trend already seen this year both locally and globally, the quality of visitors across the board is still extremely high. “Securex, in particular, attracted a high ratio of purchasing decisionmakers and influencers, at 82,9 percent of those attending,” clarified Anderson. The four trade shows also brought in a number of visitors from outside South Africa’s borders, with an excellent turnout from neighbouring African countries in particular. “Securex drew in many visitors from Botswana, Namibia,
securityfocusafrica.com
EXHIBITION NEWS
Zimbabwe, Mozambique, Ghana and Eswatini, as well as Angola, Malawi, Kenya, Tanzania, and Madagascar. Attendees from further afield hailed from across Europe, the US and more.” Visitors’ reasons for attending highlighted that exhibitions continue to be a powerful sales, marketing, and general business platform. On the Securex side, 71,8 percent of visitors came to the show expressly to source new products and solutions, with 18,8 percent wanting to view technologies showcased by local manufacturers and distributors. Excellent feedback from exhibitors was received across all four shows, continued Anderson. “It’s clear that this type of live event is now more important than ever in terms of building face-to-face connections and relationships, as well as allowing for a first-hand experience of new offerings.” “Securex has been phenomenal, even better than expected,” said Western Digital’s Brad Bennett. “We thought we would be busy, but the response and footfall through our stand has been beyond expectation. We have been engaged in quality conversations and fielded many questions on our solutions offering, receiving many good leads, and quality engagements, with a number of people from beyond South Africa’s borders, including Togo, Tanzania, Madagascar, Zambia and Zimbabwe, which shows the reach of the show. We are very excited to see where it goes in the future.” “This was our first time exhibiting at Securex and it has been most enlightening,” added Phophi Marara
securityfocusafrica.com
from Dwyka Mining Services. “We were very pleased to be able to show that our technology, which was introduced to the local mining market, can be easily adapted for other industries as well, for example for security patrols and bomb detection services, simply by switching out the payload on the top of the mobile robot. The visitors have been very enthusiastic about our offering.” “Firexpo was a fantastic experience — we have already signed up for next year’s show,” explained Fireball’s Le Roye van der Merwe. “I’ve been extremely pleased with the quality of the visitors on our stand — certainly the decision makers from the companies have been coming through.” “The BBF Safety Group is very
committed to A-OSH Expo, and we are very pleased that we have had a busy stand,” disclosed BBF Safety Group’s Ruan Breedt. “We had a brilliant turnout and I’m very happy with the attendance. There has been significant appreciation from the visitors, who have been very interested.” Said Mel Barends of Broll Facilities Management: “Our experience of the Facilities Management Expo – as the main sponsor of the 2022 show – has been excellent. The foot traffic has been plentiful, and the seminar theatre has been great; there have been some fantastic talks that were very well received. I’ve been most impressed with the atmosphere and the level of technology that has been showcased. After the Covid-19 lockdown, I take this as strong evidence of our economy getting back on its feet.” Securex South Africa, A-OSH Expo, Facilities Management Expo and Firexpo will return from 6-8 June 2023 at Gallagher Convention Centre. For more information, please visit www.securex. co.za, www.aosh.co.za, www.fmexpo. co.za, and wwwfirexpo.co.za. Contacts Specialised Exhibitions Keraysha Pillay Tel: +27 (0)11 835-1565, Email: kerayshap@specialised.com icomm Nicola Read Cell: 083 269 2227 Email: datacentrix@pr.co.za Website: www.icomm-pr.co.za
SECURITY FOCUS AFRICA JUNE 2022
29
THE LAST NEWS WORD
THE FINAL ZONDO REPORT The final report of what has commonly become known as ‘the Zondo Commission’ (The Judicial Commission of Inquiry into Allegations of State Capture, Corruption and Fraud in the Public Sector including Organs of State) was handed to State President Cyril Ramaphosa on 22 June 2022.
T
By Peter Bagshawe.
his was the culmination of four years of hearings, previous reports, extensions of the Commission term, sidebar proceedings in various reports, and a painstaking sifting and evaluation of evidence led. Current Chief Justice Raymond Zondo, who must be commended for the undertaking as Commission Chair, presented an evaluation of political, public, private, State and Ministerial actions within the scope of the Commission that is unique. The Report is a rich source of information
30
SECURITY FOCUS AFRICA JUNE 2022
and, despite criticism of the editing as evidenced by stylistic differences indicating multiple writers, cannot be reviewed here. Following on from the final report being delivered, two opinion pieces were published. In the Daily Maverick “Thuli Madonsela: South Africans should question whether State Capture is really over” gave perspective to the Commission and interestingly, posits that the scope of the Commission was too widely cast. Nevertheless, the Commission has concluded its business
and the Report, recommendations and findings are now available. Writing in ANC Today, Pule Mabe, the African National Congress’ National Spokesperson and Head of the Department of Information and Publicity, gives a perspective on the Commission and the party’s support of and interaction with the Commission, as well as comments on the action of members of the African National Congress. Arising from these opposing stances, two areas of the Report are of interest: firstly the question of cadre deployment, which
securityfocusafrica.com
THE LAST NEWS WORD
links into executive appointments and action/inaction and, secondly, the role and actions of the State Security Agency (SSA) arising from cadre deployment. Cadre deployment is not an area of investigation that is obvious within the Commission’s initial scope as of manifest importance. However, on analysis, it is central to the success of several actions undertaken that directly gave rise to the success of State Capture. Of interest is the finding of the Commission, after review, that cadre deployment (and the longstanding Deployment Committee’s actions) was both illegal and unconstitutional. In order to achieve a balanced political-administrative interface, the Constitution requires, in summary, a professional and ethical public administration which is efficient, economic, and effective in its utilisation of resources, and acts in a manner that is impartial, fair, equitable and without bias. Central to this would be fit-forpurpose departments with fit-forpurpose staffing operating within the scope of their mandates. Here the core tenets of equality in the treatment of candidates, transparency, accountability, and fairness would be essential. The existence of the Deployment Committee and the manner of its operation are contrary to each of these. A former Public Enterprises Minister gave evidence before the Commission that the Deployment Committee made decisions which led to the inability to appoint fit-for-purpose candidates at Transnet. Evidence given by African National Congress Chairperson Gwede Mantashe and President Ramaphosa was to the effect that the Deployment Committee did not have the power to decide on appointments, could only make recommendations and could not issue instructions. This was not accepted by the Commission Chairperson who, to the contrary, found that decisions taken within the African National Congress, and failure to comply, carried the risk of censure. Party members are, within Government, the appointing authorities and simultaneously party members who are bound by party decisions which gave impetus to compliance with the output of the Deployment Committee. Again, contrary to evidence given, Zondo found that ‘recommendations’ were made on the appointment of judges and, amongst others, Cabinet and civil service appointments, provincial premiers, legislatures, local government, and
securityfocusafrica.com
parastatals. In a number of instances, these were contrary to the best interests of the State and public. It is telling that then-Deputy President Ramaphosa was the Chair of the Deployment Committee between 2012 and 2017, and the Report notes that responsibility for not having stemmed the excesses of the Committee should have been acknowledged by him; however the response was more to emphasise the importance of cadre deployment, which is seen, within the party, as an additional screening mechanism. The results do, however, speak for themselves and show the weakness inherent in the African National Congress using a model based on internal agreement for decisions taken. Turning to the State Security Agency Chairperson, Zondo stated “The evidence suggests that this commission may not, in fact, have been necessary if the SSA had detected, fully investigated and countered State Capture as a threat to our constitutional order when the symptoms of State Capture first appeared.” This is an indication of the pivotal role that the State Security Agency is entrusted with and constitutionally required to perform. Evidence led of the collapse of the Agency in state capture goes back to 2011 when then Minister of State Security, Siyabonga Cwele and then President Zuma, attempted to influence Director-General Jeff Maqetuka, Mo Shaik and Gibson C, the respective heads of the Domestic and Foreign Services, into closing the investigation into the activities of the Gupta brothers. Shaik and Maqetuka left the State Security Agency after their rejection of the so-called ‘Mdludli Report.’ In 2009, Zuma had issued an unconstitutional proclamation, collapsing State Security into a single entity and, bizarrely, members were required to swear an oath of allegiance to Zuma as opposed to the earlier oath of allegiance to the Constitution and the State Security Agency. This was the beginning of a shift from national security to state security, with the State Security Agency becoming involved in the activities of the African National Congress. It is noteworthy that at this stage the Presidential Security Support Services became one of the largest costs to the State Security Agency budget. After the appointment of Cyril Ramaphosa as State President, he chose to continue with the appointment of
both former State Security Minister David Mahlobo and former National Security Director-General Arthur Fraser after adverse findings made by the High-Level Review Panel appointed by President Ramaphosa, which was chaired by National Security Adviser Sydney Mufamadi in respect of, in particular, Mahlobo. This continuation of their tenure was in line with the precepts of cadre deployment. As was the case with former Minister Cwele, Mahlobo engaged in operational matters and irregular recruitment and appointment of people into the State Security Agency. Evidence was led of Mahlobo’s involvement in Project Commitment, which was amongst other purposes, a channel used for irregular payments, over a period of some two years of between R2.5 million and R4.5 million per month to then President Zuma. Evidence was adduced of Fraser setting up an illegal, clandestine parallel intelligence network known as the Principal Agent Network that spent some R1.5 billion on unauthorised operations, including the purchase of properties, vehicles, appointment of unvetted persons and irregular payments of money to individuals, including family members. Director-General of the Chief Directorate of Special Operations, Thulani Dlomo was found to have acted irregularly in respect of vetting and vetting procedures, hiring of operators as well as drawing weapons from the Agency armoury, and allocation of weapons and ammunition to operations (some of which presently remain unaccounted for) for use by unqualified people. The illegal drawing of weapons from the armoury is an offence in terms of the Firearms Control Act. The Commission has recommended that law enforcement agencies investigate bringing criminal charges against Fraser in respect of the Principal Agent Network programme and other matters and Mahlobo and Dlomo with regard to State Security Agency money irregularly received and disbursed. State capture was a scourge and the implementation and prosecution in line with Commission recommendations is an imperative to normalise governance. PETER BAGSHAWE holds a Bachelor of Law degree from the former University of Rhodesia and a Bachelor of Laws degree from the University of the Witwatersrand.
SECURITY FOCUS AFRICA JUNE 2022
31
DIRECTORY
SECURITY ASSOCIATION OF SOUTH AFRICA (SASA) ADMINISTRATION Suite 4, Blake Bester Building, 18 Mimosa Street (cnr CR Swart Road), Wilro Park, Roodepoort Suite 147, Postnet X 2, Helderkruin 1733 National Administrator: Tony Botes t: 0861 100 680 | e: tony@sasecurity.co.za c: 083 272 1373 | f: 0866 709 209 Membership, accounts & enquiries: Sharrin Naidoo t: 0861 100 680 | e: admin@sasecurity.co.za c: 083 650 4981
SASA OFFICE BEARERS
REGIONAL OFFICE BEARERS
National President: Marchél Coetzee c: 084 440 0087 e: marchelcoetzee@omegasol.com
Gauteng: Gary Tintinger c: 084 429 4245 e: gary.tintinger@cwexcellerate.com
National Chairperson: Franz Verhufen c: 082 377 0651 | e: fverhufen@thorburn.co.za
KwaZulu-Natal: Clint Phipps c: 082 498 4749 e: clint.phipps@cwexcellerate.com
National Deputy Chairperson: Louis Mkhethoni c: 082 553 7370 e: louis.mkhethoni@securitas-rsa.co.za
Western Cape: Koos van Rooyen c: 082 891 2351 | e: koos@wolfgroup.co.za
SECURITY AND RELATED ASSOCIATIONS AND ORGANISATIONS PSIRA (Private Security Industry Regulatory Authority) Eco Park, Centurion t: +27 (0)12 003 0500/1 | Independent hotline: 0800 220 918 | e: info@psira. co.za | Director: Manabela Chauke | Chairperson: T Bopela | Vice chairperson: Z Holtzman | Council members: Advocate A Wiid | Commissioner A Dramat APPISA (Association for Professional Private Investigators SA) Bertie Meyer Crescent, Minnebron, Brakpan | e: info@appelcryn.co.za | www.appelcryn. co.za | c: +27 (0)73 371 7854 / +27 (0)72 367 8207 | Chairperson: Ken Appelcryn ASIS International Johannesburg Chapter No. 155. Box 99742, Garsfontein East 0060 | t: +27 (0)11 652 2569 | www.asis155jhb.webs. com | President/chairperson: Johan Hurter | Secretary: Chris Cray ASIS International (Chapter 203: Cape Town – South African Security Professionals) President/chairperson: Yann A Mouret, CPP Secretary: Eva Nolle t: +27 (0)21 785 7093 | f: +27 (0)21 785 5089 | e: info@aepn.co.za | www.asis203.org.za BAC (Business Against Crime) Box 784061, Sandton 2146 | t: +27 (0)11 883 0717 | f: +27 (0)11 883 1679 | e: info@bac.org.za CAMPROSA (Campus Protection Society of Southern Africa) President: Des Ayob | e: 27149706@nwu.ac.za Executive Secretary: Derek Huebsch | e: huebsch. derek@gmail.com | www.camprosa.co.za CISA (Cape Insurance Surveyors Association) Shahid Sonday t: +27 (0)21 402 8196 | f: +27 (0)21 419 1844 | e: shahid.sonday@saeagle.co.za | Mike Genard t: +27 (0)21 557 8414 | e: mikeg@yebo.co.za DRA (Disaster Recovery Association of Southern Africa) Box 405, Saxonwold 2132 | Chairperson: Grahame Wright | t: +27 (0)11 486 0677 | f: (011) 646 5587 | Secretary/treasurer: Charles Lourens t: +27 (0)11 639 2346 | f: +27 (0)11 834 6881 EFCMA (Electric Fencing and Components Manufacturers Association) Box 411164, Craighall 2024 | t: +27 (0)11 326 4157 | f: +27 (0)11 493 6835 | Chairperson: Cliff Cawood c: +27 (0)83 744 2159 | Deputy chairperson: John Mostert c: +27 (0)82 444 9759 | Secretary: Andre Botha c: +27 (0)83 680 8574 ESDA (Electronic Security Distributors Association) Box 17103, Benoni West 1503 | t: (011) 845 4870 | f: +27 (0)11 845 4850 | Chairperson: Leonie Mangold | Vice chairperson: David Shapiro | www.esda.org.za ESIA (Electronic Security Industry Alliance) Box 62436, Marshalltown 2107 | t: +27 (0)11 498 7468 | f: 086 570 8837 | c: 082 773 9308 | e: info@esia. co.za | www.esia.co.za FDIA (Fire Detection Installers Association) Postnet Suite 86, Private Bag X10020, Edenvale, 1610 | t: +27 (0)72 580 7318 | f: 086 518 4376 | e: fdia@fdia. co.za | www.fdia.co.za | President/chairperson: Clive Foord | Secretary: Jolene van der Westhuizen FFETA The Fire Fighting Equipment Traders Association) Postnet Suite 86, Private Bag X10020,
Edenvale 1610 | Chairperson: Belinda van der Merwe Administration manager: Rosemary Cowan | t: +27 (0)11 455 3157 | e: rosemary@saqccfire.co.za | www.ffeta.co.za FPASA (Fire Protection Association of Southern Africa) Box 15467, Impala Park 1472 | t: +27 (0)11 397 1618 | f: +27 (0)11 397 1160 | e: library@fpasa.co.za | www.fpasa.co.za | General manager: David Poxon GFA (Gate & Fence Association) Box 1338, Johannesburg 2000 | t: +27 (0)11 298 9400 | f: +27 (0)11 838 1522 | Administrator: Theresa Botha HSA (Helderberg Security Association) Box 12857, N1 City Parow 7463 | t: +27 (0)21 511 5109 | f: +27 (0)21 511 5277 | e: info@command.co.za | www.command.co.za | Chairperson: Stephen van Diggele IFE (Institution of Fire Engineers (SA) Treasurer: Andrew Greig | President: Mike Webber | Administrator: Jennifer Maritz | PO Box 1033, Houghton 2041 | t: +27 (0)11 788 4329 | f: +27 (0)11 880 6286 | e: adminstaff@ife.org.za | www.ife.org.za ISA (Insurance Surveyors Association) Box 405, Saxonwold 2132 | Chairperson: Graham Wright | t: +27 (0)11 486 0677 | Vice chairperson: Alan Ventress | Secretary: Alex dos Santos LASA (Locksmiths Association of South Africa) Box 4007, Randburg 2125 | t: +27 (0)11 782 1404 | f: +27 (0)11 782 3699 | e: lasa@global.co.za | www.lasa.co.za | President/chairperson: Alan Jurrius | Secretary: Dora Ryan NaFETI (National Firearms Education and Training Institute) Box 181067, Dalbridge 4014 | Chairperson: MS Mitten | Vice chairperson: Ken Rightford | t: +27 (0)33 345 1669 | c: +27 (0)84 659 1142 NaFTA (National Firearms Training Association of SA) Box 8723, Edenglen 1613 | National chairperson: Peter Bagshawe | t: +27 (0)11 979 1200 | f: +27 (0)11 979 1816 | e: nafta@lantic.net POLSA (Policing Association of Southern Africa) t: +27 (0)12 429 6003 | f: +27 (0)12 429 6609 | Chairperson: Anusha Govender c: +27 (0)82 655 8759 PSSPF (Private Security Sector Provident Fund) Jackson Simon c: +27 (0)72 356 6358 | e: jackson@ psspfund.co.za | www.psspfund.co.za SAESI (Southern African Emergency Services Institute) Box 613, Krugersdorp 1740 | t: +27 (0)11 660 5672 | f: +27 (0)11 660 1887 | President: DN Naidoo | Secretary: SG Moolman | e:info@saesi.com SAFDA (South African Fire Development Association) 45 Oxford Road, Forest Town, Johannesburg | e: info@safda.net | t: 083 402 4002 SAIA (South African Insurance Association) Box 30619, Braamfontein 2017 | Chief executive officer: Viviene Pearson | Chairperson: Lizé Lambrechts t: +27 (0)11 726 5381 | f: +27 (0)11 726 5351 | e: info@saia.co.za SAIDSA (South African Intruder Detection
Services Association) | Association House, PO Box 17103, Benoni West 1503 | t: +27 (0)11 845 4870 f: +27 (0)11 845 4850 | e: saidsa@mweb.co.za www.saidsa.co.za | Chairperson: Johan Booysen Secretary: Cheryl Ogle SAIS (South African Institute of Security) Postnet Suite 86, Private Bag X10020, Edenvale, 1610 Chairperson: Dave Dodge | Administration manager: John Baker | t: +27 (0)63 782 7642 | e: info@instituteofsecurity.co.za | www.instituteofsecurity.co.za SAN (Security Association of Namibia) Box 1926, Windhoek, Namibia | Administrator: André van Zyl | t: +264 81 304 5623 | e: adminsan@iway.na SANSEA (South African National Security Employers’ Association) Box 62436, Marshalltown 2107 | Administrators: SIA t: +27 (0)11 498 7468 | f: 086 570 8837 | e: galen@sansea.co.za SAPFED (Southern African Polygraph Federation) President: Flip Vorster | c: +27 (0)82 455 1459 | e: info@sapfed.org | Secretary: Anrich Gouws | e: admin@sapfed.org | www.sapfed.org SAQCC FIRE (South African Qualification Certification Committee) Postnet Suite 86, Private Bag X10020, Edenvale 1610 | t: +27 (0)11 455 3157 | www.saqccfire. co.za Executive Committee: Chairperson: Duncan Boyes Vice chairperson: Tom Dreyer 1475 Committee: Chairperson: Lizl Davel Vice chairperson: John Caird D&GS Committee: Chairperson: Nichola Allan; Vice chairperson: Clive Foord General Manager: Rosemary Cowan | e: rosemary@saqccfire.co.za – Address, phone and website all remain as is. SARPA (South African Revenue Protection Association) Box 868, Ferndale 2160 | t: +27 (0)11 789 1384 | f: +27 (0)11 789 1385 | President: Naas du Preez | Secretariat: Mr J. Venter, Van der Walt & Co SIA (Security Industry Alliance) Box 62436, Marshalltown 2107 | t: +27 (0)11 498 7468 | Chief executive officer: Steve Conradie | www.securityalliance.co.za SKZNSA (Southern KwaZulu-Natal Security Association) t: +27 (0)39 315 7448 | f: +27 (0)39 315 7324 | Chairperson: Anton Verster c: +27 (0)82 371 0820 VESA (The Motor Vehicle Security Association of South Africa) Box 1468, Halfway House 1685 | t: (011) 315 3588/3655 | f: +27 (0)11 315 3617 | General manager: Adri Smit VIPPASA (VIP Protection Association of SA) Box 41669, Craighall 2024 | t: +27 (0)82 749 0063 | f: 086 625 1192 | e: info@vippasa.co.za | www. vippasa.co.za | Enquiries: Chris Rootman c: +27 (0)82 749 0063 | e: vippasa@protectour.co.za
* Every attempt has been made to keep this information up to date. If you would like to amend your organisation’s details, please email jackie@contactpub.co.za 32
SECURITY FOCUS AFRICA JUNE 2022
securityfocusafrica.com
INDEX
INDEX OF ADVERTISERS AND CONTRIBUTORS ADVERTISER
PAGE
WEBSITE
CheckPoint
14-16
www.checkpoint.com
Cleo
14-16
www.cleo.com
Cloud Security Alliance
14-16
www.cloudsecurityalliance.org
Commvault
14-16
www.commvault.com
Datacentrix
27
www.datacentrix.co.za
14-16
www.extrahop.com
GSS
4
www.gssgroup.co.za
ISS
24
www.isssafrica.org
LexisNexis Risk Solutions
17
www.risk.lexisnexis.com
ExtraHop
Ombudsman for Banking Services Relx Routed SAS Security Association of South Africa (SASA)
securityfocusafrica.com
20-21,22 17 13,14-16 18 8,IBC
www.obssa.co.za www.relx.com routed.co.za www.sas.com www.sasecurity.co.za
SECURITY FOCUS AFRICA JUNE 2022
33
DRIVING COMPLIANCE in South Africa’s Private Security Industry
With a five decade legacy, SASA is the greatest advocate of industry compliance, serving as resource for its members, an educational platform for consumers of security services, and an essential link between the private security industry and government. The Security Association of South Africa (SASA) is nationally recognised by the Government, South African Police Service and all Municipalities as having members with a proven track record within the industry and a Code of Ethics by which members must abide. SASA Gold Membership promotes compliance not only to the industry role-players, but to the end-users of security services as well. Join SASA today and find out more about how we can fight the scourge of non-compliance, promoting SASA Gold Membership as an essential requirement for all security service providers, ensuring industry excellence for the private security industry.
For more information, contact the SASA Administrator on admin@sasecurity.co.za Postal Address: Suite 147, Postnet X2 Helderkruin, 1733. Tel: 0861 100 680 Fax: 086 670 9209
www.sasecurity.co.za
