Page 1


Brought to you by:


Foreword by Minister Stella Ndabeni-Abrahams

A Letter to the Industry from Deputy Minister Pinky Kekana

Why Cyber Security Matters in the Age of Digital Transformation

Together we AMPlify

Transforming Cybersecurity Procurement Spend in the Public Sector, A Framework

Creating Inclusion in Cybersecurity

Sexism and Gender-Based Violence

Machine learning

Securing our Cyberspace

Editorial Notes: Articles for this 2021 Qaphela Women’s Month Issue are made up of a collection of thought leadership from various inspiring women who work in Cyber Security in South Africa. Pictures have been sourced from the authors and the internet. The newsletter was put together by the South African Women in ICT Forum. We wish to thank everyone, who made this issue possible, and to the Cybersecurity Hub for trusting us with this issue. For more information or enquiries: |

FOREWORD by Minister Stella Ndabeni-Abrahams

Why I’m excited about the Cybercrimes Act. In 2020, Accenture reported that South Africa lost R2.2 billion from cybercrimes, making us the third country with the most cybercrimes victims in the world. So for me, one of the best decisions we’ve made as a country is the finalisation of the Cybercrimes Act, assisting to protect South African citizens and organisations from cyber criminals. Amongst other things, the Act seeks to protect against cyber fraud, forgery, extortion, theft of incorporeal property, unlawful interception and interference with data, and cyber bullying amongst other cybercrimes. It also obligates electronic communications service providers and financial institutions to report cyber offences within 72 hours of becoming aware of the cyber offence. This year has been a difficult year for our country, and the world in general, and being able to protect our citizens in cyberspace is a great achievement to celebrate as a country. Together with the Protection of Personal Information Act, the Cybercrimes Act is an important shield to protect us as we build a country that is a Capable 4IR Army. With COVID-19, cyber threats evolved to take advantage of people working and schooling from home. The Act now opens scope for richer investigations and, therefore, prosecutions on cybercrimes. In this regard, the Department of Communications and Digital Technologies will support interventions that are geared towards capacitating the Cybersecurity Hub so that the Hub can be more responsive to the requirements of the Act. In addition, the Department will support businesses to get up to speed with understanding the Act and its implications to their businesses. I anticipate that the Act will also unlock innovations such as cybersecurity platforms that are agile, responsive and plug and play solutions. Naysayers aside, the Act is a good move for our country.

LETTER to the Industry from Deputy Minister Pinky Kekana

In the 1980s, women employed in the ICT industry made up approximately 46%. Today, women only make up 23%. Between 2001 – 2013 only 3% of venture capital funding went to women-owned companies. In 2019, this figure went down to 2%. We are made to believe that technology was/is only a man's world and this stereotype is perpetuated by society and the story and narratives shared either in carefully curated truth or uninformed perceptions.

Contrary, women have always been pioneers of innovation, whether in the ICT industry or in other industries. In 1946, it was women who programmed the first electronic programmable computer, the ENIAC. In 1958, Elsie Shutt started CompInc, the first software business from the US. Our celebrated techpreneurs, Bill Gates and the late Steve Jobs, were mere toddlers at the time. The only person to ever be officially nicknamed the "human computer" was a black female engineer who worked at NASA in the 1960s - Mary Jackson. In South Africa, we should dig deeper as to why we refuse to bridge the gender gap in our industry. It has been proven over and over again that companies that foster gender diversity and inclusion at board and executive level outperform and produce greater value for their shareholders than homogeneous companies. We’ve also seen the side effects of unconscious bias seep through technology inventions that have had unintended consequences. We all know and have the data that supports why diversity, equity and inclusion are beneficial in our society. We must stop accepting mediocre targets and mediocre results. Investing in women makes business sense. Women are not a threat to the industry as it exists but rather a compliment. We cannot keep lamenting the same thing to no gain. The cybersecurity sector, especially, has dismal figures on women representation and I’m glad this newsletter is highlighting the incredibly talented women in South Africa’s cyber security space. The impact of COVID-19 also presents an opportunity for us to change the course of history, to revaluate the face and heart of our industry, and we seek an industry that is diverse, inclusive and equitable in the true sense. I want to know which part of history you will be part of.

Why Cyber Security Matters in the Age of Digital Transformation By Mamela Luthuli According to the World Economic Forum, one of the top 10 risks facing the world today is Cyberattacks as shown in the chart below. This risk has accelerated in the last 10 months as companies accelerate their digital transformation to meet the needs of customers and staff in the post pandemic world. A cyberattack can impact a business in many ways, including: • • • • • • • •

Loss or Damage to Electronic Data, Damage to electronic data, Loss of brand value, Loss of income due to downtime, Privacy Lawsuits. (Compliance Risk), Extortion losses, Notification costs, and Damage to business reputation.

All industries face greater exposure to cyberthreats due to increasing digitisation. For example, in the airline industry, digital innovation across the value chain — combined with the sheer volume of customer data airlines possess — has made them a hot target for cybercriminals. Various cyber incidents have demonstrated the need for airlines to upgrade IT and operational technology systems to reduce risk and build resiliency into their heavily digitized operating models. The timelines below show Cyber Attacks for Ukraine’s Power Grid & Anthem Data Breach. Both graphs highlight impact of Cyber Security in the Age of Digital Transformation.

The response to COVID-19 has increased cyber risks: Physical distancing means many workers are staying home and making greater use of services such as video conferencing, collaboration platforms, and other digital tools to do business. In their free time, they are also going online more frequently to shop, read, chat, play, and stream. All these behaviours put immense stress on cybersecurity controls and operations. Several major vulnerabilities stand out for us: First, a broad shift toward work-from-home arrangements has amplified longstanding cybersecurity challenges and opened multiple vectors for cyberattacks (Exhibit 3). Second, social-engineering ploys to gain information, money, or access to protected systems are on the rise, such as attackers posing as help-desk teams, health workers, or investors in virus-related response activities. Finally, cyber attackers are using websites with weak security to deliver malware, in some instances using domains and websites created to spread information and resources to combat COVID-19. As the COVID-19 outbreak progresses and alters the functioning of our socioeconomic systems, cyber attackers will continue their efforts to exploit our fears and our digital vulnerabilities. To remain vigilant and effective, CISOs will need new

tactics, particularly in two areas: (1) securing work-from-home arrangements at scale; and (2) supporting high levels of consumer-facing network traffic. Assess your vulnerabilities by performing a detailed quantitative risk analysis: Cybersecurity should be central to every strategic decision and an essential component of every IT product in any organisation. Cybersecurity initiatives should be prioritised based on business-risk scenarios. By looking across the business through a cybersecurity lens, companies can transform their decision making and make wiser investments based on risk. Reviewing potential attack vectors from a risk perspective and evaluating the effectiveness of current cybersecurity activities could help identify areas that put the company at risk but are not yet covered by existing cyber activities. We recommend that cybersecurity leaders assess their organization’s current vulnerability through a security assessment including patch management practices; and build metrics and a dashboard to report regularly on the identified vulnerabilities and patch releases to the CISO.

About the Author: Mamela Luthuli is the CEO of TakenoteIT. TakenoteIT provides cyber security services such as Security Assessments and Security Operations Center (SOC) as a Managed Service to protect organisations from a variety of Cyber related Risk arising as a result of digital transformation.

References 1. Illustrations by The Harvard Institute

Together we AMPlify By Ranisha Reddy

Women in Cybersecurity and their Allies Representation of women in the cybersecurity industry has grown over the past years and, while this is positive, there is still room for improvement. Growth and success in this area requires that everyone work together to amplify but this is easier said than done. How can those interested in cybersecurity further develop their careers? What can those who would like to be an ally do? To answer this, we asked a couple of women on the Cisco cybersecurity team across Africa to share their journey and experiences and a few common themes stood out. Interestingly, not everyone in cybersecurity started with a technical background. Some of the women currently in cybersecurity started in non-STEM-related courses. Cybersecurity was also seen as a growing industry with a choice of job opportunities and diverse career paths to pursue, including engineering, consultation, leadership, and entrepreneurial opportunities. There was one bright spot that all the women we spoke to highlighted and this was the importance of having allies at different stages of their journey. Allies, people who support and advocate towards a common purpose of growing representation in cybersecurity, advocating for women's representation in cybersecurity are not just women and not just people in cybersecurity. It is anyone who can contribute towards the common purpose of representation of more women in the industry. Here are some tips and best practices for developing within cybersecurity as well as becoming an ally. Developing Your Career in Cybersecurity: 1. There is a huge skill gap currently within the industry. Investing time in certifications and trainings on cybersecurity skills can open doors to new opportunities. Some sought-after certifications in the industry are CCNA, CyberOps, CCNP, CISM, CISSP, CompTia Security+, CHFI, CISA, CISM, CRISC. Supplementing these with leadership trainings can be beneficial if you are looking at going down a leadership path in this industry. 2. Take the time to find a mentor and a sponsor. The two terms can easily be confused at times. A mentor is someone whose path you would like to follow and guides you based on their learned experiences. A sponsor is someone who has influence, a seat at the table, knows your career vision, and can advocate for you. Among the women we spoke to, this has been a common theme along their journey. Here are some interesting stories of women in the industry sharing their experiences of mentors and sponsors.

3. Align yourself to a group supporting women in cybersecurity. There are many groups globally centred around women in cybersecurity. Being a part of groups and forums can give you opportunities around training, networking, exposure, and career progression. Here is a list of groups and forums that are out there. 4. Networking can give you exposure and access to opportunities. It is also something that you can leverage to make you successful at any part of your journey. Managing to build meaningful relationships can serve you well. Online many accessible videos can give you tips and best practices on networking, here is an interesting TEDx on meaningful networking. Networking is also about exposure, which forums and attending industry events can help with. 5. Thought leadership in cybersecurity can build your exposure and set the tone of being an industry expert. Contributing to knowledge articles and creating posts can foster this. Platforms like LinkedIn provide you with the tools and audience needed.

Being an Ally in Cybersecurity 1. Encourage women to pursue STEM as a further education degree. Research from isc2 has this as a leading indicator for growing representation in the industry. Volunteering to advocate at university career events, raising awareness on social platforms, or volunteering in different forums that promote STEM can help with this. 2. Providing sponsorship and mentorship opportunities develops representation. Signing up as a mentor on various forums, spotting, and grooming future talent, being a connector, and being accessible to people seeking sponsorship or mentorship help in being an ally in the industry.

3. Advocate eliminating the pay and promotion gap. According to isc2, there is still an inequity for compensation within the industry. Contributing towards training opportunities, development through mentorship, grooming candidates through a leadership track contribute to closing that gap. 4. Share your experiences to inspire women to pursue cybersecurity roles because the industry needs more role models. Be it a successful woman within cybersecurity or a man advocating for women in cybersecurity. Cybersecurity needs role models in both women and men to foster curiosity, awareness, and inspiration as we move forward and amplify as allies.

Cybersecurity is an industry filled with opportunities ripe for the taking. Growing women's representation in cybersecurity has advantages for all. There is a direct link for companies who have diverse teams which result in increased revenue. There is a direct link to creativity and innovation in companies that have diversity. Working jointly as allies and focusing on self-development will have representation continue to rise.

About the Author:

Ranisha Reddy is a Cybersecurity Specialist at Cisco. Cisco is multinational company in IT and networking. They help companies of all sizes transform how people connect, communicate, and collaborate.

Transforming Cybersecurity Procurement Spend in the Public Sector A Framework, By Nonku Dlamini Small medium and micro enterprises (SMMEs) have a crucial role to play in building a sustainable and inclusive economy in South Africa. The National Development Plan 2030 (NDP 2030) is one of South Africa's strategic documents that has identified SMMEs as major sources of employment and drivers of growth in the economy to reduce inequality and redress the imbalances of the past. With the current unemployment rate sitting at 32,6% in the first quarter of 2021 as issued by Statistics South Africa, it is very imperative that as the Information and Communications Technology (ICT) sector we contribute to the economy by building an environment that will enable sustainable growth of SMMEs in the sector. One of the challenges listed in the approved ICT SMME Development Strategy is the inability of most SMMEs in the sector to access markets for their goods and services. Access to markets is vital for SMMEs and plays a significant role in growing and sustaining their business. As we embark on the digital transformation journey it is therefore crucial that we prioritise initiatives aligned to the ICT technology roadmap that will accelerate the development and growth of SMMEs, unlock business opportunities and create an inclusive economy in the ICT sector. At the Department of Communications and Digital Technologies (DCDT) Budget Vote 2021/22, Minister Stella Ndabeni-Abrahams informed the country that the Department and its entities always endeavour to support SMMEs through various procurement opportunities. The Minister also informed that the B-BBEE ICT Sector Council will publish its sector code to provide for 50% target procurement from majority Black Owned suppliers, an increase from 40% in the current code. The BBBEE Act also enables organs of state and public entities to set B-BBEE criteria for procurement (Section 9) and develop and implement a preferential procurement policy (section 10). The B-BBEE Act is not an option but is mandatory for organs of state and public entities. Section 217(2) of the Constitution likewise allows the implementation of a preferential procurement system that will drive transformation. It is of great concern that to date, reports such as the B-BBEE ICT Sector Council’s 4th Annual ICT B-BBEE Monitoring Report of 31 March 2020 shows that there is no real progress towards meeting the targets for Preferential Procurement within the measured entities that have submitted reports to the Council over the last 4 years. It is crucial that all government leaders responsible for the procurement budget fulfil the mandate and implement transformation initiatives that seek to increase SMMEs allocation of the government ICT procurement spend. The global cybersecurity market size is projected to grow. As we transverse the COVID-19 pandemic while building a digital government ecosystem, the need for a safe and secure cyberspace has become more important than ever. The CIO survey by Gartner states that Cybersecurity was the top priority for new spending, with 61% of the more than 2,000 CIOs surveyed increasing investment in cyber/information security this year. As this is a global trend, it is critical that we ensure that South Africa’s Cybersecurity Procurement Spend in the Public Sector grows within a transformed framework that includes SMMEs. We can’t afford, in the

near future, to be dealing with barriers to entry challenges due to long term contracts between public sector and Original Equipment Manufacturers (OEMs) that are not inclusive. The President of South Africa signed the Cybercrimes Act into law on the 1st of June 2021. This provides the guidelines on the requirements for structures to deal with Cybersecurity (section 10) and Critical Information Infrastructure Protection (chapter 11). As the Justice, Crime Prevention and Security Cluster implement Cybersecurity systems and technologies to deliver on their mandate, it is of critical importance that working with the State Information Technology Agency (SITA), the DCDT ensures SMMEs are included in the procurement spend as a priority. SITA as empowered by the SITA Act 88 of 1998, as amended by SITA Amendment Act 38 of 2002, must be the delivery vehicle for a transformed procurement spend framework. A framework that enables SMMEs access to the government ICT procurement spend. SITA must not only just deliver an efficient procurement system, it must also ensure it has an effective procurement process structures/mechanism that will enforce legislation and policies that enables a transformed procurement spend regime. In my view, all organs of state and public entities should not be signing any long-term contract with service providers that do not include SMMEs participation. When faced with a complex solution with critical Service Level Agreements (SLA’s) that cannot be unbundled, SMMEs subcontracting should be compulsory to the prime bidder. Service providers including OEMs, through their enterprise and supplier development programs and channel partner programmes, must, at this point, have built sufficient SMMEs capacity to deliver that are aligned to their technology and road maps for continuous business to the market. Collaboration and coordination are key in building sustainable skills and development procurement readiness programmes to enable SMMEs to efficiently participate in the cyber security space. The DCDT is currently running a Digital and Future program driven by the Department’s National Digital and Future Skills Strategy of which Cybersecurity is one of the key Strategy Pillars. The Strategy Objectives include a roadmap for priority digital skills action points and a roadmap for stakeholder collaboration, which can be used as base to confirm status of the cybersecurity skills already in the field and identified gaps for developing the required skills. In collaboration with its stakeholders, the DCDT-led coordinating mechanism can also address the urgent needs of cybersecurity capacity by fostering knowledge, upskilling, and building competencies. It’s been my experience as a management consultant that an organisation’s culture and human resources are often the barriers to access inclusive procurement spend. Hence it is very important that there is Executive Oversight in the procurement spend objectives and deliverables of organisations. This is to ensure all deliverables are driven, monitored, evaluated and reported at top executive level. It is also of great importance that we provide reinforced processes within an organisation’s adoption and change strategy to ensure all the internal barriers are removed.

As we rebuild the economy, it is time that we take action and ensure we build a sustainable and transformed ecosystem that is more inclusive, more dynamic and where the fruits of growth are shared equitably. About the Author:

Nonku Dlamini is the Founder and Managing Director of Mbokodo ICT Consulting. Mbokodo ICT is a management consulting company focused on delivering sustainable and inclusive solutions for the ICT sector.

Creating Inclusion in Cyber Security By Keitumetsi Tsotetsi The beauty of being a disruptor is the ability to apply fast paced innovation. Technology is currently the backbone of business services across all industries. Technology is an industry that is developing faster than it is being discovered. This creates opportunity but also poses a risk because solutions are being implemented and replaced faster than they can be managed and legislated. A lot of technology operates over the internet. We must however remember that the internet was designed to be redundant and is not inherently secure. Cyber security is aimed at protecting systems, networks and programmes against criminals. The cyber space is anticipated to be the one of the most high risk/high accountability careers because of the challenges that digitisation has brought forward. The cyber space brings great prospects for the global learning landscape through problem solving not only to protect companies and their assets but also to protect people and their identities. Working from home has forced companies to digitise faster than they would have originally anticipated. This has produced great strides in productivity but has also increased the playing ground for cyber criminals. There has been a significant increase in cyber threats through phishing, social engineering, ransomware and malicious or insecure applications and services. The whole world is learning about new problems and resolving them as we go along. No society exists without women, as such, industries should be a reflection of the societies they operate in. There is a discrepancy in the number of women who graduate in IT courses and how that translates to the number of women working in the industry. Organisations have openly mentioned that the lack of women in certain roles is not due to lack of trying. Are women simply not picking IT and cyber security as career choices? A lot of women are not in the cyber security space largely because of the limited exposure they have to the opportunities and success stories that are available in the industry. The need for diversity in the workplace goes without saying. Putting women in positions and not offering support in order to tick the “black female” quota is not going to do the industry any justice. We need to build and upskill a capable workforce. Although there are a number of women in cyber security and leadership roles, we still have a long way to go. There are many women have led us all with their courage and perseverance and cleared the path for all of us. It is our responsibility to pass the baton on. Success, to me, means bringing other people along and giving them the capabilities to be self-sufficient. Many of the opportunities that have been presented to me are a result of other women putting my name forward and having the confidence that I would deliver. We

inherently have a “lift as we rise” mentality. I believe many people misconstrue us wanting gender diversity and equality to us saying we bring the same things to the table when what it actually means is that our different strengths are equally important. There is lack of visibility of women in these roles which further feeds the imposter syndrome that women already feel going into a male dominated space. There’s a boost of confidence that comes with the silent nods we give each other as women when we enter the room. For the youth, not being exposed to something as a reality may limit their perception of considering it a possibility. There are many forums and organisations that are dedicated to enabling women in cyber security. Recent movements/trends such as #Infosecbikini and #DevsPelades were empowering non-men to bring their whole selves to work and spoke out against leaving certain parts of yourself outside of work to seem “more professional”. The trends spoke out against sexism experienced by women in the industry (Riggins, 2021). There is a lot of opportunity in cyber security ranging from tech, business innovation, academia, the legislative environment, research and development etc. There are also various roles that one can specialize in. Cyber security jobs are not limited to ethical hacking. In fact, there’s a great need for people in “blue teams” who would be defenders of the systems. Members of the ISC(2) leadership team states “the cybersecurity skills shortage is expected to result in 3.5 million unfilled positions by 2021” (Morgan, 2021). Now THAT is opportunity. We need to find innovative ways to teach and learn cyber skills because the threat landscape is getting broader. There is a huge impact to business and potentially society as a whole if this is not addressed. Although the frameworks of implementation vary, the requirement to embed digital literacy needed in the mainstream curriculum and upskilling programmes is agreed. The ability to protect, access, manage, deploy and generate information requires critical thinking and functional skills which prove to be a challenge in the South African context. The responsibility to address the challenge of digital inclusion cannot fall to one group. Private and public organisations need to work with local governments to create a global framework of cooperation to close the digital divide. The cyber skills gap can be closed through formal higher learning but also with informal learning through events such as hackathons. Another consideration to make is to start teaching security at a basic level as soon as a child is starting to use technology because that’s where the risk exposure starts. Organisations are also doing their part in providing more entry level jobs and cyber security internships to enable learning and employment opportunities. When we talk about resilience, it’s not about how quickly you can bounce back from an attack, but looking at how efficiently you’re able to continue operating during an attack. This applies to both cyber security and real life. Even though it might be a rocky road, what you are born to do comes with the grace to do it.

There are many women whose names we might not always remember but who have fundamentally changed the industry (e.g. Dr. Shirley Ann Jackson, Navy lieutenant Judy Parsons, Renee Guttmann to name a few). You don’t always have to do things to be remembered. They do them because they have a positive impact on people’s lives. About the Author:

Keitumetsi Tsotetsi is a Senior Specialist in Governance, Risk and Control with a focus on Cyber Security at Vodacom. She is the CIO at Geekulcha - a youth tech development programme, and is the Chairperson of the Advisory Committee for the National Youth ICT Council which aims to drive economic inclusion in the IT sector.

References 2. Morgan, S. (2021, 07 20). Retrieved from Cybercrime magazine: 3.

Riggins, J. (2021, 07 20). Retrieved from The news stack:

Sexism and Gender-Based Violence: Women’s battle for space, safety, and a sense of belonging in digital development By Inka Schomer The world is not an equal place, and not one of the over 200 countries and territories globally have achieved gender equality. As societies become increasingly reliant on the digital development sector, women and girls are at risk of losing out on the promise of equitable participation and benefit from digital economies.iWomen are constrained by the lack of access to digital resources, lack of financial resources and assets, face sexism in employment and leadership positions, and have to expend more energy and time ensuring they remain safe online. With a large share of global GDP set to be digitised in the near future, it is critical that women and girls occupy space in, and feel a sense of belonging to, the digital development journey, so that they can shape our shared digital realities. The good news is that data and knowledge is on hand to point clearly to the gender gaps that remain, and this can equip us to provide the right analytics to underpin action in the digital development space. Women and girls are currently being left behind in access to technologies. There are 327 million fewer women than men that have a smartphone and can access the mobile internet, and 1.7 billion women in low- and middle-income countries do not personally own a mobile phone, highlighting significant gaps in access to, for example, information and mobile payments. Other issues include the “leaky pipeline” in Science, Technology, Engineering and Mathematics (STEM), with women representing only 33 percent of senior managers in the telecoms, media and technology sector in Africa. In 2021, only 8.1 percent of the Fortune 500 CEOs are women. Other gender gaps include the lack of female entrepreneurs, with women spearheading only 5 percent of tech start-ups. In online spaces, sexism and gender-based violence (GBV) issues experienced by women and girls mirror the stalled progress on gender equality witnessed in broader societal structures, legal frameworks and economic strategies. With a staggering estimated 30 percent of women worldwide experiencing physical or sexual violence at some point in their lives, online safety considerations are pivotal. Research has found that women receive more online hate then men. In an experiment in which fake male and female usernames were used in online chat rooms, female names were sent on average 100 sexually explicit or threatening messages daily, whilst men got 3.5 such messages on average per day. In addition, online abuse is also often intersectional in nature, with perpetrators often perpetuating harmful sex- and race-based narratives, thereby creating heightened threats for women of colour. Even before the COVID-19 pandemic thrust our lives almost entirely online, research by the Web Foundation found that more than half of girls and young women had experienced online abuse. Risks of gender-based violence also increase during public health emergencies due to less access to necessities, increased financial stress, social seclusion, separation from support structures, and more physical confinement with abusive partners. With the onset of the COVID-19 pandemic, the entire way we interface with digital technologies and the web has changed. Data

indicates that there has been a surge in the prevalence of spyware, stalkerware, deepfakes and overall image-based sexual abuse (often called doxing) over social media, with several gaps in protection becoming apparent as laws struggle to keep up with technology developments. Utilizing digital technologies is no longer a ‘niceto-have’ or optional for millions of people, but an essential part of getting an education, doing ones job, communicating as a leader, and as a way to take care of ones’ mental health by accessing reactional activities or joining social exchanges. This development comes with certain risks, however, especially if you are a women or girl navigating offline and online spaces. The good news is that commitments are being made to address these issues. Nevertheless, more concrete actions by key stakeholders and doorkeepers in the digital development space are needed. A few weeks ago, technology giants such as Facebook, Twitter, TikTok and Google promised to test tools that could help reduce abuse directed at women online and make the reporting process easier. Twitter is, for example, exploring a “safe mode” that automatically mutes accounts, so users won’t have to see abusive content targeted towards them, while balancing this against various internet freedom consideration. Lawmakers will need to focus on the issue of gender equality and gender-based violence in social media regulation legislation. Governments and political leaders should make clear commitments, backed up by legislative enforcement, that prohibits the use of gendered and/or sexualized insults and disinformation for users. One clear path towards creating a more inclusive space for women and girls online and in the tech space is, unsurprisingly, to bring more women and girls into the tech space as users, leaders, and developer. Changes need to be made in recruitment processes, investments need to be made in female talent, toxic workplace cultures need to be tackled and the care burden acknowledged through HR options. SENTECH, a state-owned enterprise (SOE), responsible for providing broadcastingsignal distribution services in South Africa, has created partnerships with key local universities to provide students from disadvantaged backgrounds, including young Black women, with scholarships. The strategy is aligned with SENTECH’s future workforce needs. In order for women entrepreneurs to be part of the digital economy, they also need to be provided with upskilling opportunities. Tech accelerators focus on provide resources, investment and guidance for women entrepreneurs to scale their operations in order to bridge the gender divide. Lastly, it is key that women tech role models’ contributions are showcased and acknowledged, given that a 2017 PwC survey found that 78 percent of students could not name a famous woman working in the tech sector. This will help inspire and shape career aspiration for women and men. It is only through deliberate, targeted, actions that we can hope to chip away at the entrenched gender gaps to ensure women have sufficient space, feel safe, and have a sense of belonging in the ongoing digital development revolution.

About the Author: Inka Schomer is a Senior Gender and Infrastructure Advisor specializing in enabling stakeholders to think practically about their gender equality and social inclusion challenges. Her work helps organizations address these challenges and opportunities to ensure they are responsive to change, and well positioned for business opportunities.


Various sources have been used for this article. Please reach out to should you wish the editorial team shares a specific source with you.

Machine learning: Why it should be used for early detection and prevention of ransomware By Sibahle Nhleko Malicious individuals exploit vulnerabilities, such as weaknesses in software from unpatched systems, to gain access to organisations and navigate through the network undetected in order to perform malicious attacks against organisations. Over the years businesses around the world have succumbed to a variety of ransomware attacks, causing the unavailability of critical business data through encryption. As a result, organisations are unable to provide their services or products which ultimately leads to the deterioration of the business. Last year, it was reported that South Africa had the third highest number of cybercrime victims in the world. Worrisomely, adversaries are using ransomware to target South African national critical infrastructures and services which not only threatens public safety, but also the availability of essential services. The most recent high-profile ransomware attack paralysed the City of Johannesburg Metropolitan Municipality for almost two weeks leading to the disruption of regular operations. In this instance the ransom was not paid but Cyber professionals were hired to assist in the restoration of files and systems in order to resume business-asusual operations, which cost the Municipality up to R50 million.

With the rapid growth of new daily malware variations, traditional methods of detecting ransomware (using reactive tools such as Anti-Virus (AV) solutions) are slowly becoming obsolete and less efficient. Detecting ransomware now requires a prompt response, often faster than the capacity of the human brain, and so machine learning has become the rising star in detecting zero-day threats and combatting ransomware. The power of machine learning is underpinned by security software systems that incorporate behavioural analytics and are trained to detect suspicious behaviour. Machine learning leverages off reference models that are created and tailored to each unique environment and are built by collecting a plethora of benign and malicious files (datasets), which are classified into pre-defined categories based on their features. These files serve as reference points and patterns to train the model, resulting in the creation of an algorithm which accurately classifies the files and performs pre-defined actions such as deletion or sandboxing of malicious files, with minimal human intervention required. Predictive models are generated using this technique and this makes detecting both the behaviour of ransomware and its new variants possible. These models are also fine-tuned frequently to stay abreast with the latest ransomware behavioural trends which will lead to greater chances of new malware being detected. By creating predictive models that will detect ransomware signatures based on heuristics and behaviour, machine learning surpasses the capabilities of its more traditional counterparts that rely on a pre-defined database. The rise of ransomware can have a devasting effect in South Africa’s COVID-19 vaccine delivery system. In June 2020, the Life Healthcare Group hospital chain consisting of

66 hospitals in South Africa were the victims of a ransomware attack. This is just one of the many examples that emphasise the attacks on healthcare providers, who are often targeted because of the Personally Identifiable Information (PII) they store and process in order to service the public. Today, this critical realisation has a huge impact on the role healthcare plays in the current COVID-19 pandemic. In the next few months it is expected that the vaccine programme will be expedited for South Africa to achieve herd immunity, just as the fourth wave descends on the country. It is therefore essential that the government proactively take steps to strengthen the security posture of the Electronic Vaccination Data System (EVDS) self-registration system which uses PII such as passport numbers, ID numbers, home addresses and medical aid information in order to register and book vaccination appointments. Without the consideration on the security of this key system, ransomware can weaken the integrity of the EVDS, cripple the vaccine rollout programme and ultimately endanger the lives of all citizens. With public trust at risk, government and local providers should take the necessary steps to gain ‘cyber immunity’. Artificial Intelligence effectiveness in malware attack defences: While the use of Artificial Intelligence (AI) has empowered security teams with selfdefending mechanisms for the early detection and prevention of malware, it may not be the silver bullet solution. AI detection solutions are relatively new and need to stand the test of time, however malware will continue to evolve and look to include its own AI element. It is inevitable that AI will disrupt the cyber threat landscape by equipping the attackers with weaponised ransomware to plot more efficient attacks whereby the speed of attacks will continue to increase to the advantage of the attacker. Fundamentally, as ransomware continues to evolve, it is crucial for organisations of all sizes to be proactive in adopting protective layers to detecting malware. Definitions Ransomware: A class of malware that encrypts sensitive data which is then held at ransom. Artificial Intelligence (AI): Attempts to mimic human behaviour through data analysis.

About the Author:

Sibahle Nhleko is a Junior Analyst at the Cyber Division at KPMG’s Durban Office in South Africa. KPMG operates as a global network of independent member firms offering audit, tax and advisory services; working closely with clients, helping them to mitigate risks and grasp opportunities.

References 1. 2. 3. 4. 5.

6. Your Money or Your Data – The Rise of Ransomware | Carte Blanche | M-Net - YouTube A Study on the Evolution of Ransomware Detection Using Machine Learning and Deep Learning Techniques by Damien Warren Fernando, Nikos Komninos and Thomas Chen A Study on the Evolution of Ransomware Detection Using Machine Learning and Deep Learning Techniques by Damien Warren Fernando, Nikos Komninos and Thomas Chen

Securing Our Cyberspace By Reboile Mathabe

I am going to go out on a limb and assume that everyone who will come across this article has in one way or another heard of the term cybersecurity. How we all best understand it is of course relative and varies in degree. My assumption is based on the fact that the term cybersecurity has firmly secured its place in news headlines, social media and IT forums around the world are becoming more and more preoccupied with the concept. This is really for the simple reason that cyber-attacks are on the rise globally and the effects are negative to global economies. So much so that it is predicted that cybersecurity, or rather the lack thereof, could be the next pandemic that the world will have to contend it in the very near future.

So, what exactly is cybersecurity, cyber-attacks/crime and why should we care?

The concept of cybersecurity refers to the intricate web of technologies, practice and process designed to secure and protect devices, networks, systems, data and information from attacks, unauthorized access, digital scams, malware, damage, and threats from viruses both from when its stored or transmitted to other machines. Fundamentally cybersecurity also refers to the practice of ensuring the integrity, confidentiality, and availability, (ICA) of information.

How many times in our day-to-day engagement with our computers do we ever stop to consider the possibility of possible attack and unauthorised access to our files by a hacker and do we fully understand what would the implications be? Cyber-attacks and unathorised access aim to disrupt, damage, destroy, disable, steal, manipulate and even delete your data. This is mostly motivated by financial gain. Identity theft crimes could be committed using your name, espionage could occur where the information of the company or state department you work for could be stolen and sold on the dark web or personal information on a client’s database could be seriously compromised. All this will lead to a very unfortunate and detrimental circumstance for all involved.

The attacks can be launched anonymously anywhere and by anyone. It could be an individual or a syndicate depending on the target, which could be anything from a government, individual, organization, a group or major corporation. Osuagwu et al., 2010 argues that the anonymity enjoyed by these criminals strengthens their attacks as locating and apprehending them is challenging for law enforcement agencies.

Impact of COVID-19

The unprecedented COVID-19 pandemic caused a disruptive and major online dependency for almost all sectors of economies globally. This abrupt change in the way that we all conducted business where we swapped the office to home-based email, instant messaging, and Zoom meetings caused various vulnerabilities. A lot of organisations and businesses did not have sufficient time or even resources to secure, upgrade and update their cyber security protocols for offsite connections leaving them to resort to unprotected Wi-Fi connections.

According to Mimecast, email is undoubtedly the most invaluable tool, but on the other hand, the tool that presents the most threat. These vulnerabilities have in turn created a lot of opportunities for cybercriminals to wage successful attacks. According to a report by iDefense, South Africa has the third-highest number of cybercrime victims worldwide, losing approximately R2.2 billion a year to cyberattacks. Some of the leading cyberattacks and threats that have dominated during the COVID-19 pandemic period are identified as ransomware, malware, spam emails, malicious domains, and DDoS. According to Jürgen Stock, Interpol’s Secretary General “Cybercriminals are developing and boosting their attacks at an alarming pace, exploiting the fear and uncertainty caused by the unstable social and economic situation created by COVID19.”

When the world is documenting this period as a crisis, the cybercriminals are recording it as a period of great opportunity.

The “Covid-19 Cybercrime Analysis Report” by Interpol in August 2020 highlighted primary areas of concern. These include an exponential increase in cybercrime in the future. Cybercriminals will take advantage of the vulnerabilities created by working from home and will become more and more sophisticated in their strategies. There will be an increased coronavirus-themed online scams and phishing campaigns to exploit public concern about the crisis often impersonating government and health authorities. Business emails will be severely compromised due to an abrupt shift in the business landscape and economic slump. Interpol also reported that the vaccine programme roll-out saw a rise in phishing related to these medical products coupled with network intrusion and attacks to steal data. In addition, a significant target shift from individuals and small businesses to major corporations, governments, and critical infrastructure.

In the case of South Africa, however, COVID-19 has merely exacerbated an already existing pervasive cybercrime environment.

The South African Post Office (SAPO) was hit by a cyber-attack, resulting in a loss of R42 million between 01 and 03 January 2012. It is reported that the culprits were very familiar with SAPO’s IT system. At the time, SAPO recorded a total of R42 billion in deposits as it administered government's Trust Centers, meaning that government entities conducting work online and through emails, made use of the Post Office system.

The South African Police Services (SAPS) was hit by a security breach in the year 2013 where an international activist group hacked the SAPS website and leaked sensitive information of the identities and contact details of approximately 16,000 whistle blowers. 2014 ushered in another security breach at the Public Investment Corporation (PIC). The website was hacked and violated by a hacker known as J4r who claimed to be an official of the government of Morocco. The department reported no financial loss but it can be argued that it was left vulnerable considering the substantial amounts of public funds it oversees. In 2014, Business Tech reported the amount to be R1.6 trillion.

Many more attacks have invaded South Africa, from the 2015, State Security Agency Operational Target Analysis leak, the cyber-attack on Armscor in 2016 and the City of Johannesburg breach in 2019.

Cybercrime unfortunately remains prevalent in South Africa with the iDefense noting the following as possible reasons: •

Lack of investment in cybersecurity and shortage of cybersecurity trained practitioners.

Developing cybercrime legislation and law enforcement training.

Poor public knowledge of cyber threats.

The use of shadow IT.

It is quite evident that South Africa needs to put in a lot more work and to increase the number of well-trained cyber security practitioners, especially women and young people. South Africa also needs to put in place a well prepared and resilient cybersecurity strategy to have any chance in countering cyberattacks. References 1.


iDefense report, Interpol 2020 impact of COVID-19 on cybercrimes report Sizwe Gwala, PhD report, 2020 “A secure cyberspace as a strategic focus point in governing the Internet Ecosystem: The case of the South African Public Sector

About the Author:

Reboile Mathabe is the COO of the Umlambo Foundation. Umlambo Foundation is a non-profit focused on improving the quality of public schools in South Africa.

“Happy Women’s Month to the Mbokodo tsa Mzansi. You continue to be our inspiration.” Sonwabise Mzinyathi, Chair, South African Women in ICT Forum

QAPHELA is a Monthly Newsletter by the Department of Communications and Digital Technologies in Collaboration with the Cybersecurity Hub.

iParioli Office Park, 1166 Park Street, Hatfield, Pretoria, 0001 Tel: +27.12.427.8000

Issuu converts static files into: digital portfolios, online yearbooks, online catalogs, digital photo albums and more. Sign up and create your flipbook.