www.securityfocusafrica.com | Vol 39 No 4 APRIL 2021 The official industry journal for professional risk practitioners: security, safety, health, environment and quality assurance
South Africa’s CIT industry New trends and solutions
SASA challenges PSIRA fee increases
South Africa cracks down on revenge porn with new legislation Rebooting SA as a tourist destination | In conversation with Lauren October
S
SINE
S
O
N FO R
B
U
PE
securityfocusafrica.com Security Focus Africa has been marketing suppliers to buyers in Africa since 1980, and is the official industry journal of the Security Association of South Africa. Our readers form the core of Southern Africa’s buyers and decision-makers in the security products and services industry. Our print and digital platforms have a highly-focused readership of people at the very heart of the security industry. Our news is distributed via print, website, digital magazine, and social media. Our annual Security Focus Africa Buyers Guide is searchable in print and via our online directory, with over 760 businesses and branches throughout Africa. Need to find a service or supplier? We will help you find exactly what you need.
PO Box 414, Kloof 3640, South Africa Tel: +27 31 764 6977 | Fax: 086 762 1867 Email: contact@contactpub.co.za
Security Focus AFRICA w w w. s e c u r i t y f o c u s a f r i c a . c o m
The official industry journal for professional risk practitioners: security, safety, health, environment and quality assurance
KEEPING YOU IN THE KNOW | CONNECTING PEOPLE WITH PEOPLE
DIGITAL BUYERS GUIDE
to security services & products Promote your business
Attract customers
Increase your sales
Claim your listing on www.securityfocusafrica.com/buyersguide
2 for 1 offer The print listings now mirror our online directory style with basic and premium listings. In fact, upgrading a basic listing in print to premium will include an upgrade to premium on the website and vice versa. The same information online is printed in the print directory.
Security Focus Africa is known for having the most comprehensive directory of service providers in Africa. We have been a trusted source of information for more than 40 years, and now offer this valuable resource online.
The market is tough out there. What makes your business different from any other? For starters, be more accessible on the internet. Online searches are now the preferred method of finding information and contact details, so the better your online presence, the more business you will get.
BENEFITS OF LISTING YOUR BUSINESS: • By claiming your listing, you can keep your company’s information up to date at your own convenience • Upgrade your listing online at any time to maximise your brand exposure • Improve your SEO and online presence • We provide a targeted audience for your business • See your stats – know how many people are seeing your listing
Security
For as little as R2 400 , you can get the edge over your competitors by providing indispensable information to your customers on our online directory.
Affordable advertising is just a click away.
Focus
AFRICA
BUYERS GUIDE
www.securityfocusafrica.com/buyersguide KEEPING YOU IN THE KNOW | CONNECTING PEOPLE WITH PEOPLE
Security Focus Africa: Serving the South African security industry for 39 years
CONTENTS www.securityfocusafrica.com
VOL 39 NO 4 APRIL 2021
| Vol 39 No 4 APRIL 2021 al risk practitioners: security, safety,
profession The official industry journal for
health, environment and quality
assurance
South Africa’s CIT indusstry New trends and solution
SASA challenges PSIRA fee increases
12 COVER STORY SOUTH AFRICA’S CASH-IN-TRANSIT (CIT) INDUSTRY: NEW TRENDS AND SOLUTIONS AS THE COUNTRY’S LEADERS COMBINE AGAINST BRUTAL AND ONGOING CIT ATTACKS 12 Following the strapping of a bomb onto a cash-in-transit
South Africa cracks down on revenge porn with new legislation n Octob ation | In conversation with Laure Rebooting SA as a tourist destin Security Focus quarter page October 2020.pdf 1 2020/10/08 14:24:39
er
guard in Cape Town by armed attackers in January 2021 – a shocking first-of-its-kind for South Africa reportedly – the safety of CIT employees is in the spotlight as never before.
SPECIAL FEATURE 16 Jail sentences and hefty fines for perpetrators of revenge
porn in SA as the crime skyrockets around the world due to Covid-19.
DELIVERING PEACE OF MIND FOR ALL INDUSTRIES
16
Nemtek is a leading global manufacturer and supplier of innovative electric fencing products used by many governments, local authorities and industries to protect their utilities, correctional facilities and defence infrastructures. Mining sites, solar farms, oil refineries and steel industries often need to be protected from intruders, both from a safety and a security point of view. We deliver peace of mind with our range of fencing solutions, modular designed energizers to enable multiple fence zones, and our monitoring technology which allows for advanced warning of any fence breach or tampering. Contact our Head Office for more information on 011 462 8283 or websales@nemtek.co.za 2 SECURITY FOCUS AFRICA APRIL 2021 www.nemtek.com
securityfocusafrica.com
Official Journal of the Security Association of South Africa
Published by Contact Publications (Pty) Ltd (Reg No. 1981/011920/07)
18
Vol 39 No 4
TEL: (031) 764 6977 FAX: 086 762 1867 MANAGING DIRECTOR:
REGULARS EDITOR’S COMMENT 4 Choices and consequences in
South Africa: bullying and the new step-aside ruling.
ASSOCIATION NEWS 6 Update from SASA. NEWS IN BRIEF 8 News snippets from around the world.
NEWS 11 Industry leaders create first
unified cybersecurity guide for boards of directors. 26 Gartner forecasts worldwide IT spending to reach $4 trillion in 2021.
PERSONAL SECURITY 18 Why girls continue to experience violence at South African schools.
SUCCESS STORY 20 iOCO brings Fortinet’s Secure SD-WAN to local financial services institution.
INDUSTRY OPINION 22 Africa could become a testing
ground for tech-enabled social engineering.
Malcolm King malcolm@contactpub.co.za
COVID-19 UPDATES 24 Online vaccine scams:
INTERPOL and Homeland Security Investigations issue public warning. 25 International trade body warns over Africa’s fake Covid vaccines.
PERSONALITY PROFILE 28 In conversation with…
Lauren October, researcher with the Safety and Violence Initiative at UCT.
INDUSTRY OPINION 30 The evolving role of the
network security architect can deliver great value to the modern organisation.
CYBER SECURITY 32 The realities of AI in
cybersecurity: catastrophic forgetting.
REBOOTING SA 34 Rebooting South Africa as a destination.
35 ADVERTISERS INDEX 36 DIRECTORY
22
EDITOR: Ingrid Olivier ingrid@securityfocusafrica.com
SENIOR GRAPHIC DESIGNER: Vincent Goode vincent@contactpub.co.za
DISTRIBUTION MANAGER: Jackie Goosen jackie@contactpub.co.za
POSTAL ADDRESS: PO Box 414, Kloof 3640, South Africa
PUBLICATION DETAILS: Security Focus Africa has 12 issues a year and is published monthly, with the annual Buyers’ Guide in December. Due to the Covid-19 crisis, we will only be publishing digitally, until further notice.
EDITORIAL CONTRIBUTIONS: Editorial contributions are welcome. For details please email editorial@securityfocusafrica.co.za.
ADVERTISING ENQUIRIES: Malcolm King Email: malcolm@contactpub.co.za
Security Focus Africa is a member of
www.securityfocusafrica.com securityfocusafrica.com
3
EDITOR’S COMMENT
Choices and consequences in South Africa: bullying and the new step-aside ruling
Maybe, just maybe, South Africa has reached a turning point when it comes to dealing with bullying and criminality. I say that after the recent announcement of a “step-aside” ruling by the ANC’s National Executive Committee (NEC) and the high-level investigation by the Limpopo Department of Education into the alleged suicide of 15-year-old Lufuno Mavhunga following a bullying incident at her school, which went viral.
I
was actually gobsmacked when I heard that the “30-day step-aside” ruling had been passed, considering the factionalised state of the ANC at the moment. And yet, the clock is ticking steadily towards 30 April, the deadline for members of the ruling party, who have been charged with corruption and other crimes, to step down from their positions. Also important is the investigation into the circumstances around the death of Lufuno, trending widely on social media as #JusticeForLufuno. SowetanLIVE reported that the bully “allegedly attacked Lufuno because she had
4
SECURITY FOCUS AFRICA APRIL 2021
blocked her on WhatsApp and Facebook… after Lufuno had allegedly received insulting messages.” The attack was accompanied by cheering from other learners, who, I believe, should be criminally charged along with the bully. Failure to do something about the escalating violence in our schools is a ticket to ever-more shocking crime statistics in a country already reeling from crime. Tina Thiart, founding member of 1000 Women Trust1, which is running a campaign against bullying in all forms, says that as many as 57% of South African learners have been bullied at some time during their high-school
careers and that child bullies have usually experienced violence in the home between adults. Further, she points out that male school bullies are twice as likely to bully their girlfriends and partners in later years. “When one considers that we have 2.2 million school-going children in this country, those percentages translate into truly staggering numbers,” she says. Unlike the brand-new step-aside ruling, South Africa already has legislation in place to deal with bullying in all its forms – but it’s only effective if we act on it. According to LegalWise2, criminal charges can be laid at police stations, regardless of the age of the bully. Bullies
securityfocusafrica.com
EDITOR’S COMMENT
under the age of ten years may not be arrested – instead, a probation officer/ qualified social worker will likely be appointed to do an assessment of them. Following this, the bully will be referred for counselling or therapy, placed in an accredited programme, or provided with support. If the bully fails to comply with the decisions made by the probation officer, he or she may be referred to the Child Justice Court. Bullies aged ten years and older may be arrested. They will also be assessed by a probation officer, after which they will have to attend a preliminary inquiry at a Magistrate’s Court. Then they will be referred for diversion (such as a rehabilitation programme) or to a Child Justice Court, which will continue with the criminal charges. If the bully fails to attend the inquiry, a warrant of arrest may be issued. Avenues available to victims include obtaining a protection order in terms of the Protection from Harassment Act, and/ or reporting the bully to the school’s governing body, after which the school needs to conduct a disciplinary hearing and discipline the bully in terms of the school’s Code of Conduct, which could lead to the bully being suspended. While I knew that bullying happened in South African schools, as it does everywhere around the world, I did not realise the severity of the problem until now. According to the findings of a recent study by the Youth Research Unit (YRU) of Unisa’s Bureau of Market Research – “YRU@BMR”3 – 58% of the learners interviewed had experienced violence – including physical, psychological, verbal and sexual – at school; 11% of them had considered suicide and 47% of educators considered resigning from their teaching positions. Why are our schools, which are supposed to be safe places of learning, becoming increasingly violent? The YRU@ BMR study says that the causes of school violence are deep-rooted and multifaceted, stemming from “family problems, parental negligence, socioeconomic circumstances and substance abuse.” And, while there are rules and policies in place, “incidents of violence are increasing in secondary schools in Gauteng,” the report says, with learners often too scared to speak up. South Africa’s national police crime statistics for October to December 20204, reported seven murders, 11 attempted murders, 24 rapes and 89 assaults GBH
securityfocusafrica.com
(grievous bodily harm) in educational institutions around South Africa. It is very likely, though, that the figures are a lot higher, in light of victims’ fears of retribution and the consequent lack of reporting. But the reported situation is bad enough – so bad that the South African Council for Educators (SACE) has just released its Teachers’ Safety and Security in South African Schools: A Handbook, to help teachers deal with safety and security at school5. As the world’s fifth most dangerous country, of the 144 countries covered in the Gallup Law and Order Index of November 2020, South Africa desperately needs to take a tougher stance on all forms of criminality, including school violence. And some of the responsibility lies with parents. Instilling good values and common decency in our children, and teaching them that choices come with
consequences, begins at home. Quite honestly, I think that parents of bullies should also be held legally responsible to some degree. Rest in peace Lufuno Mavhunga.
Ingrid Olivier, Editor ingridolivier@idotwrite.co.za 1. https://www.bullying.co.za/about-us/ 2. https://www.legalwise.co.za/help-yourself/ legal-articles/how-treat-bullying-schools 3. – “YRU@BMR” https://bmr.co.za/2020/07/29/ school-violence-in-gauteng-a-convoluted-problemwith-deep-rooted-causes/ 4. https://www.saps.gov.za/services/october_to_ december_2020_21_crimestats.pdf 5. https://www.sace.org.za/assets/documents/uploads/ sace_53049-2021-04-16-SACE_Handbook_awweb.pdf?fbclid=IwAR0QpihSawRAk0zOBgnccEdvQ 4Lf-fEaq7oGnvuoUhWuFYwDLxXmgSNI3BU
SECURITY FOCUS AFRICA APRIL 2021
5
ASSOCIATION NEWS
SASA UPDATE
Update from SASA From the desk of Tony Botes, SASA National Administrator.
M
embership SASA is pleased to confirm that, with very few exceptions, all Gold members have qualified for renewal and paid their annual fees for the 2021/2 membership year. Our Gold members, whose employee numbers collectively make up our representivity at the National Bargaining Council for the Private Security Sector (Bargaining Council), now account for more than 140 000 security officers, despite the loss/reduction of contracts as a result of unprecedented retrenchments during the Covid-19 pandemic period. A number of new members have already joined, and more are being processed.
6
SECURITY FOCUS AFRICA APRIL 2021
International reciprocal partnerships As permitted in the SASA constitution, we are in the process of concluding reciprocal agreements with similar associations internationally. The Security Association of Namibia (SAN) has already signed up and, by the time this goes to press, CAPSI (Central Association for Private Security India) will have come on board, too. Further, we’re in talks with associations in Singapore, Botswana and elsewhere. Although private security legislation may differ vastly in various countries, we believe that we face numerous common challenges, which may be mitigated or even eliminated through ongoing interaction with our international brothers.
PSIRA (Private Security Industry Regulatory Authority) It is of great concern that PSIRA has seen fit to introduce what we believe to be excessively increased annual and administrative fees for their financial year from April 2021 to March 2022. SASA, together with our colleagues at SANSEA (South African National Security Employers’ Association), have taken legal advice and are in ongoing communication with the Authority via our legal representatives. Although PSIRA did hold virtual consultative meetings with the private security industry at large with regard to their proposed new fees – with both SASA and SANSEA submitting detailed
securityfocusafrica.com
ASSOCIATION NEWS
written representations - we believe that the Authority has not given adequate consideration to the negative effect that the Covid-19 pandemic has had on the national economy in general, and the private security sector specifically. Our legal advisors have again written to the Authority to reconsider their stance on the annual fees, which came into effect on 1 April 2021. The Administration fee increases, however, were not subjected to the consultation process required by PAJA (Promotion of Administrative Justice Act), which we have challenged via our attorneys. This has prompted PSIRA to postpone the implementation thereof until 1 May 2021, which will give our associations the opportunity to make detailed representations. Furthermore, PSIRA – in their consultative gazette regarding the annual fees – also included a number of amended regulations, some of which will also probably be challenged if the matter goes the legal route. We hope that we are able to reach an acceptable compromise with PSIRA, regarding these matters, without having to resort to legal action, as was the case in 2013/4 and again last year. NBCPSS Medical Insurance The NBCPSS recently appointed Affinity Health to provide medical insurance for the entire private security industry and this came into effect, as per the NBCPSS Main Agreement, on 1 March 2021. Both the NBCPSS and Affinity Health are in the process of contacting security companies around the country. SASA has met with Affinity Health on behalf of our members, and we are confident that, with our input and recommendations, sufficient guidance will be given to employers to minimise any challenges. Compliance SASA has identified a significant increase in non-compliance in the private security industry. As a responsible organisation, we are obliged to take whatever steps are required to bring such information (and evidence) to the attention of the relevant authorities, which include PSIRA, the NBCPSS, PSSPF (Private Security Sector Provident Fund), Department of Home Affairs and even SARS, where necessary. Non-compliance, especially where it involves the use of undocumented foreigners and the blatant and criminal
securityfocusafrica.com
abuse of security officers, is a critical threat to the private security industry and must be identified and the offending employers prosecuted to the fullest extent of the law. SASA members, as well as nonmembers and consumers, are urged to refer all identified exploitation and other forms of criminality to the relevant authorities and, if they wish to remain anonymous, such matters may be referred to our national office for further action. It must be stressed that evidence should accompany such referrals, to ensure that appropriate action may be taken against such transgressors.
Non-compliance, especially where it involves the use of undocumented foreigners and the blatant and criminal abuse of security officers, is a critical threat to the private security industry and must be identified and the offending employers prosecuted to the fullest extent of the law. NBCPSS exemption SASA, together with SANSEA, recently – on behalf of their members – applied for, and were granted, a partial exemption from certain aspects of the NBCPSS Main Agreement, as follows: • The gazetted increase in the Security Officers Premium Allowance, from R175 to R270 per month, was not implemented for a period of 12 months, for this year. • The relief sought in respect of a reduced contribution by all employers and employees was referred to the PSSPF, who are obliged to apply for a temporary rule change by the FSCA. This is currently in process and will be implemented once the rule change has been approved.
It must be stressed that the relief in the first bullet point, above, will only be granted to members of SASA and SANSEA who are totally compliant with all relevant legislation and in good standing with the Bargaining Council, whereas the PSSPF relief, if and when granted, will apply to all employers and employees. Nothing, in fact, prevents any other qualifying employer from applying for the same, or any other, exemption, as provided for in the Main Agreement, but this is a time-consuming and probably costly exercise. SASA and SANSEA obtained this exemption for their members at a significant cost, borne by the associations, which included submissions drafted by our attorneys and advocates, as well as an extremely detailed report on the state of the country, and the private security industry as a whole, by one of the most highly respected economists in South Africa. Benefits of SASA membership: • A strictly applied Code of Ethics • Representation at national and local government level • Industry exposure in the media as well as at major shows and exhibitions • Contacts and networking opportunities • Discounted training courses, events and seminars • Access to a security library managed by UNISA (University of South Africa) • Updates on new legislation and other industry-relevant information • Access to security-related and affiliated associations in South Africa and overseas • The SASA national website • A central administration office • Free digital subscription to Security Focus Africa magazine, the official journal of SASA • A mentorship programme which is designed to guide and assist start-up security companies with attaining the compliance standards required to qualify for Gold Membership For more information about what SASA does and how it can help you and your company, please contact: Tony Botes, SASA National Administrator, at: Tel: 0861 100 680 / 083 650 4981 Cell: 083 272 1373 Email: info@sasecurity.co.za / tony@sasecurity.co.za Website: www.sasecurity.co.za
SECURITY FOCUS AFRICA APRIL 2021
7
ASSOCIATION NEWS
News snippets from around the world Dlamini-Zuma extends National State of Disaster until May 15 Minister of Cooperative Governance and Traditional Affairs, Nkosazana DlaminiZuma has Gazetted the extension of the National State of Disaster on Covid-19 until 15 May. The decision to extend the state of national disaster follows consultations and cabinet approval. The extension takes into account the need to continue augmenting the existing legislation and contingency arrangements undertaken by organs of state to mitigate against the impact of the disaster on lives and livelihoods. South Africa went into Covid-19-imposed lockdown more than a year ago, as a measure to curb the spread of the virus. The country is now under Alert Level 1 of the Covid-19 lockdown. (Source: www.sabcnews.com/)
SA Health minster, Dr Zweli Mkhize, has launched the Electronic Vaccination Data System for the second phase of the vaccine rollout, expected to begin in May. The system is now open for people over the age of 60 to register, among others. You need your ID and medical aid card – where applicable – as well as a cell phone number and address. You will be notified by SMS when you are able to go to your
selected vaccination centre. South Africa’s vaccination task team is confident that 67% of the population will be vaccinated within the current timeframe, with the best-case scenario achieving the goal by December 2021 (Source: businesstech.co.za)
FBI reports a 69% increase in internet crime in 2020 According to new data from the FBI‘s Internet Crime Complaint Center (IC3) annual report on internet crime, there was a sharp increase of cybercrime last year. The 2020 Internet Crime Report found that there were 791,790 complaints of suspected Internet crime, an increase of more than 300,000 complaints, a 69% jump, from 2019. The good news is that about 82% of the crimes attempted proved to be fruitless – but the grey cloud to that silver lining is that the reported losses from the “successful” crimes exceeded $4.2 billion. Last year’s surge also came as many depended on technology during the pandemic. (Source: news.clearancejobs.com)
Another legal setback for Jacob Zuma as SCA dismisses appeal over state funding in corruption trial The legal woes of former president Jacob Zuma have increased after he lost an
appeal to set aside a North Gauteng High Court ruling that stripped him of state funding for his upcoming corruption trial that emanates from the arms deal of the late 1990s. In a ruling sent out electronically to all parties involved, on Tuesday morning, the Supreme Court of Appeal (SCA) ruled that Zuma should pay back the R15.3 million the state used on him to fight off his corruption trial, which returns to court in May. (Source: www.iol.co.za)
President Ramaphosa announces Military Command Council appointments Commander-in-Chief of the South African National Defence Force (SANDF) President Cyril Ramaphosa has announced appointments to the Military Command Council (MCC). The announcement of new army chiefs follows the retirement of a number of generals. The Military Command Council is the highest decision-making body in the SANDF, comprised of Chiefs of the Army, Navy, Air Force, Military Health Services, Defence Intelligence and Joint Operations. The MCC directs the work of the entire SANDF. (Source: www.sabcnews.com)
Eskom’s two biggest labour unions demand 15% wage increases The two biggest unions representing workers at Eskom are seeking 15% wage increases, adding to the woes confronting the loss-making South African power utility. The National Union of Metalworkers of South Africa and the National Union of Mineworkers tabled their demands at a preparatory meeting on Friday and pay talks will resume on 2 May, Eskom spokesman Sikonathi Mantshantsha said by phone. Solidarity, a smaller union, wants 9.5% increases for its members, it said by text message. South Africa’s consumer inflation rate is currently 2.9%. (Source: www.moneyweb.co.za)
8
SECURITY FOCUS AFRICA APRIL 2021
securityfocusafrica.com
NEWS IN BRIEF
that reforms and tighter controls are still needed to curb alcohol abuse in the country. (Source: businesstech.co.za)
Germany sees drop in crime during 1st year of pandemic Germany saw a drop in reported crime last year, partly due to pandemic restrictions that kept people indoors, although there was a rise in child abuse, domestic violence and cybercrime. (www.usnews.com)
MPs have until May 3 to receive mandate on land expropriation in SA
Indonesian hackers arrested over $60 million US Covid-19 scam Two Indonesian hackers have been arrested over an international scam in which $60 million was stolen from a Covid-19 aid programme helping Americans left jobless by the pandemic, authorities said. Text messages were sent to twenty million Americans, directing them to more than a dozen fake US government websites, police in the Southeast Asian nation said last week. Thousands of victims supplied personal information, including social security numbers, to the fake sites in the hopes of securing $2,000 offered under a real assistance programme for the unemployed, authorities said. But their data was instead used by scammers to steal millions of dollars from the programme. “Some 30,000 US citizens were scammed and the government’s financial loss is up to $60 million,” said East Java police chief Nico Afinta. The two suspects were arrested last month in Indonesia’s second-biggest city, Surabaya, after police were notified by US authorities. (Source: ewn.co.za)
‘concentrates the mind’. Davis has been appointed as a consultant at the South African Revenue Service (Sars) for a year, with the option to renew, to assist the beleaguered tax authority. His mission is to increase its tax collection capabilities and expand the shrinking tax base. (Source: www.moneyweb.co.za)
SA alcohol ban A back-and-forth between policy experts and the alcohol industry has erupted over a report – commissioned by drinks maker Distell – which posited that trauma reductions during lockdown were as a result of curfew, not the ban on alcohol, as government said. However, the South African Alcohol Policy Alliance said that the findings were questionable because it’s known that both alcohol control and things like curfew worked to stop trauma cases, and it wasn’t only one or the other. While it understands that businesses struggle under alcohol bans, SAAPA said
Parliamentarians serving on the ad hoc committee on Section 25 have been given until 3 May to seek a mandate from their parties on the actual drafting of the bill aimed to amend the Constitution. The bill seeks to allow for the explicit expropriation of land without compensation in the Constitution. (Source: www.iol.co.za)
Police Minister Bheki Cele orders officers to protect Cape Town’s women, children ‘at all cost’ Cele was speaking at a parade of the newly deployed officers, who are members of visible policing, crime intelligence, forensics and detective services. They have been placed in crime hotspots across Cape Town such as Khayelitsha, Delft, Kraaifontein, Nyanga and Philippi East. “The Western Cape’s high murder rate is simply unacceptable. In the past week and during the [Easter] long weekend, 100 people were killed, either by stabbing or were shot dead in this province,” he said. (Source: citizen.co.za)
Tax evaders should face jail time to curb rising noncompliance – Judge Dennis Davis Says Sars should hone in on taxpayers who are able to afford a Ferrari, but pay less tax than working class South Africans. Retired Judge Dennis Davis wants tax evaders to end up behind bars. He believes that it will be a real deterrent as the idea of going to jail certainly
securityfocusafrica.com
SECURITY FOCUS AFRICA APRIL 2021
9
NEWS IN BRIEF EU sets out five-year crime cooperation, anti-trafficking plans
Cops charged with stealing cash from CIT heist scene
The European Union will seek to increase police cooperation, target human trafficking and establish new rules to counter money laundering, according to plans detailed by the European Commission on Wednesday. The EU executive has set out a five-year roadmap of legislative proposals and initiatives designed to combat organised criminal gangs, who have increasingly gone digital and even exploited the Coronavirus pandemic with sales of counterfeit medical products. (Source: www.usnews.com)
ANC infighting Factions within the ANC are sowing further divisions, with party deputy secretary general, Jesse Duarte, accusing secretary general Ace Magashule’s supporters of leaking confidential discussions to the public in a bid to destroy the party. Duarte was heard defending Jacob Zuma and advising that he remain firm in his defiance of the State Capture Commission. However, she now says the recordings were manipulated. Divisions in the ANC are well known, but in recent weeks have flared up publicly, with leaders openly attacking each other on social media. (Source: businesstech.co.za)
New clashes in Mozambique’s Northeast New clashes erupted in the town of Palma in Mozambique, three weeks after a jihadist attack there left dozens of people dead and forced thousands to flee their homes, military and security sources say. Islamic State-linked militants raided the coastal town of Palma on 24 March in an assault that marked a major intensification in an insurgency that has wreaked havoc across Cabo Delgado province for over three years as the jihadists seek to establish a caliphate. (Source: ewn.co.za)
Africa to see slowest regional growth in 2021: IMF The IMF (International Monetary Fund) has warned that limits on access to vaccines and policy space were holding back the near-term recovery, calling for wealthy countries to step up access to vital vaccines and make financing available to Africa. Sub-Saharan Africa is set to record the world’s slowest regional
10
SECURITY FOCUS AFRICA APRIL 2021
economic growth at 3.4 per cent, as it struggles to recover from a virustriggered slump, it warned last week. “The economic hardships have caused significant social dislocation, with far too many being thrust back into poverty,” said Abebe Aemro Selassie, the head of the IMF’s Africa department. “The number of extreme poor in sub-Saharan Africa is projected to have increased by more than 32 million,” he said. (Source: https://ewn.co.za)
New study shows that the black market for cigarettes continues to grow Nearly three-quarters of retail outlets in Free State, Gauteng and Western Cape are selling illicit cigarettes, according to global market research firm Ipsos. A study commissioned by British American Tobacco SA (BAT) – said to be free of interference from BAT – suggests that the cigarette market has been given over to black marketeers, with four out of five outlets surveyed in the Free State offering smokes at below the minimum collectable tax (MCT) of R21,61 for a pack of twenty. Any pack of twenty cigarettes selling below the MCT of R21,61 is deemed to be illicit. Some packs were selling for as little as R10 and even R6 – meaning that no tax could have been paid on these cigarettes. The study says that this is a consequence of the government’s imposition of a ban on cigarette sales in the early part of the Covid lockdown last year (now lifted). The ban allowed a black market for cigarettes to flourish, with the fiscus losing R8 billion a year in excise revenue. (Source: www.moneyweb.co.za)
Two police officers have been arrested by the Serious Corruption Investigation team in the Vaal Rand in Gauteng on charges of theft and defeating the ends of justice. According to Colonel Katlego Mogale, 51-year-old Rapulane Levy Tlholoe and 53-year-old Ndavheleseni Edward Musetha, attached to the Hawks’ Serious Organised Crime Investigation unit, attended to a cash-in-transit crime scene in the Langlaagte area, Johannesburg in January this year. During the heist, a group of armed men used explosives to bomb an armoured vehicle to gain access to the safe. One suspect was arrested while four others died from gunshot wounds which they sustained in a shootout with police. On arrival at the crime scene, the two officers allegedly placed the scattered cash inside four forensic seal bags to book them in at the police station… but only submitted two sealed forensic bags when they returned to the station, Mogale said. “Further investigation revealed that the suspects kept one torn sealed forensic bag with an undisclosed amount of money in their vehicle. More cash was discovered inside the cubbyhole and later placed in another sealed bag to be submitted as evidence, with one sealed bag missing.” (Source: citizen.co.za)
Bogus Hawks investigator demands R60K to make murder case disappear National Hawks head Lieutenant General Godfrey Lebeya has expressed concern about increasing incidents of Hawks investigator impersonations. The Hawks have arrested a 29-year-old man for allegedly impersonating one of their officers and approaching an elderly Mpumalanga man on Tuesday with an offer to make a bogus murder investigation go away in exchange for R60 000. The elderly man recognised the man as one of three people who visited him at his home in June 2020 and introduced themselves as investigators in a murder case he had been implicated in, Hawks spokesperson Colonel Katlego Mogale said. “The trio were allegedly driving a police vehicle and stated that they were there to arrest him. The ailing victim was threatened and told his family was going to be destroyed unless he paid R60 000 in cash to ensure that the said case was destroyed,” Mogale added. (Source: citizen.co.za)
securityfocusafrica.com
NEWS
Industry leaders create first unified cybersecurity guide for boards of directors
By Amanda Russo, arus@weforum.org
• Boards of directors need to play a more active role in protecting their organisation from the growing threat of cyber risks, and few fully understand the risks1 • A new study found six principles that can be applied across industries and geographies to help corporate boards advance their oversight of this systemic risk and call for the change needed to prevent future shocks • The World Economic Forum collaborated with the National Association of Corporate Directors and the Internet Security Alliance to produce Principles for Board Governance of Cyber Risk2 to help businesses become more resilient against cyber attacks. • Read the report2
G
eneva, Switzerland, 23 March 2021 — Boards of directors need to play a more active role in protecting their organisation from cyber risks, according to a new study released today by the World Economic Forum. Cybersecurity failure is a “clear and present danger” and critical global threat, yet responses from board directors has been fragmented, risks not fully understood and collaboration between industries limited. The Principles for Board Governance of Cyber Risk Report provides a solution to this fragmentation and it is backed by
securityfocusafrica.com
leaders in digital risk and cybersecurity. Created by the World Economic Forum, the National Association of Corporate Directors, the Internet Security Alliance and PwC, the report is the result of a year-long collaboration to find a cohesive, global and cross-border approach to cyber risk. The expert-led team found there are six principles that apply to a wider audience of boards and management teams. The report shows how directors can increase their understanding of cyber risks and act quickly, incorporating cyber-risk planning into overall company strategy. “Without a principled foundation for understanding and governing cyber risk at the board level, risk responses have been piecemeal and security gaps have risen,” said Daniel Dobrygowski, Head of Governance and Trust at the World Economic Forum Centre for Cybersecurity3. “These principles provide much needed foundations for directors in any industry or geography. Cybersecurity is not just a technology problem; it is an economic and strategy issue crucial for boards to address given the current environment.” The six principles are – • Cybersecurity is a strategic business enabler; • Understand the economic drivers and impact of cyber risk; • Align cyber-risk management with business needs; • Ensure organisational design supports cybersecurity; • Incorporate cybersecurity expertise into board governance;
• Encourage systemic resilience and collaboration. These practices and approaches were further validated by members of the boards of some of the most advanced companies in the world. “Digital transformation is a business imperative,” said Larry Clinton, President, Internet Security Alliance (ISA). “Organisations can’t compete unless they leverage modern cyber tools. But, the downside of digital transformation is increased cyber risk. Balancing the need to use modern technological tools, while managing cyber risk, is one of the most difficult issues a modern board faces. These consensus principles provide the guidance that boards need to properly supervise and direct their management teams.” “Boards have made gains in the last few years by recognising cyber as an enterprise risk, but the challenges posed by rapidly changing cybersecurity threats require every company and every board to ensure cybersecurity programs are resilient,” said Peter R. Gleason, Chief Executive Officer, National Association of Corporate Directors (NACD). “This new resource, drawing on NACD and ISA guidance, offers corporate directors across the globe an effective blueprint to advance their cyber-risk oversight.” 1. https://www.pwc.com/us/en/services/ governance-insights-center/library/annualcorporate-directors-survey.html 2. https://www.weforum.org/reports/principlesfor-board-governance-of-cyber-risk 3. https://www.weforum.org/platforms/ the-centre-for-cybersecurity
SECURITY FOCUS AFRICA APRIL 2021
11
CASH IN TRANSIT
South Africa’s cash-intransit (CIT) industry: new trends and solutions as the country’s leaders combine against brutal and ongoing CIT attacks
Following the strapping of a bomb onto a cash-in-transit guard in Cape Town by armed attackers in January 2021 – a shocking first-of-its-kind for South Africa, reportedly – the safety of CIT employees is in the spotlight as never before.
A
nd so are the challenges in a crime category characterised by methodical planning and often extreme violence, says Grant Clark, head of the Cash-in-Transit Association of South Africa (CITASA). Warning of a likely escalation on the back of a number of factors including radicalism, a deeply troubled economy, high levels of unemployment, undersecured borders and a stretched police force, it’s more critical than ever for major players to work together to save lives and
12
SECURITY FOCUS AFRICA APRIL 2021
protect the economy, he says. To this end, the CITASA JOIC (Joint Operations Intelligence Centre) is partnering closely with key role players such as the National Prosecuting Authority (NPA), the South African Police Service (SAPS), the Directorate for Priority Crime investigation (the Hawks) and leading CIT companies. According to Marlene Welman, Manager of the JOIC, CIT incidents decreased by 3% for the period of January to April in 2021, before ratcheting up by 700% in the days following. In total, 2020 saw a total of
Fleetcam™ surveillance and tracking system in iziCash armoured vehicle.
securityfocusafrica.com
CASH IN TRANSIT
Cash counting in iziCash Cash Centre.
293 CIT incidents in South Africa. At the time of writing this article, seventy-four incidents had already occurred throughout the country during 2021. In April, this year alone, there have been a spate of attacks on CIT vans around South Africa, among these, in Dobsonville, Johannesburg and Gugulethu in the Western Cape on 12 April (the former injuring three guards, the latter claiming the life of one guard and wounding three of his colleagues) and at an unnamed shopping mall in KwaZulu-Natal on 20 April, which critically injured a police officer and a guard. The global CIT security market According to a report by global market research firm Research And Markets, the international armoured vehicle market is poised for growth at a rate of 3,7 per cent a year until 2030, on the back of increasing cross-border conflicts, defense spending and what it calls ‘asymmetric warfare’ (defined by the RAND Research Corporation as ‘conflicts between nations or groups that have disparate military capabilities and strategies - with some of the best-known examples being the 9/11 terrorist attacks and the war in Afghanistan’1. The report “Global Armored Vehicle Market 2020-2030 by Armor (Passive, Active), Drive Type (Wheeled, Tracked), Category (Conventional, Electric), Vehicle Type, Application and Region: Trend Forecast and Growth Opportunity”2 predicts that by 2030, this specialised market will be worth an astronomical $24.85 billion.
securityfocusafrica.com
Modus operandi Marlene Welman of the JOIC divides CIT attack modus operandi into two types: vehicle-on-road, and cross-pavement. In the first scenario, she says that suspects either shoot at the AV (armoured vehicle) and its tyres to make it stop, or they ram it with another vehicle and then proceed to bomb it open. Perpetrator numbers vary between 10-25 in these assaults. When it comes to cross-pavement attacks, she says that most take place between exiting the mall/shop and loading cash into the CIT vehicle, with the number of perpetrators ranging from two to seven people.
Innovation is key Product innovation is key when it comes to protecting staff, customers and assets, say experts. Schott AG, a specialist glass manufacturer, headquartered in Germany, in its article: “In a case full of cash”3 says “criminals looking to earn extra money by robbing banks, retailers, cash machines (ATMs) or cash-in-transit companies, are going to find it increasingly difficult, as a result of innovations such as state-of-the-art cash carrying boxes.“ ”The boxes are not just impossible to crack,” says Hermann Tietze, Regional Sales Director EMEA
Air support is a major deterrent in preventing cash heists.
SECURITY FOCUS AFRICA APRIL 2021
13
CASH IN TRANSIT
The aftermath of a cash-in-transit heist. Image source: Shutterstock.com
for Technical Tubing at SCHOTT AG, “they are also equipped with intelligent security systems that contain time locks, multiple sensors and radio frequency identification (RFID). All non-expected events such as forced entry, abnormal temperature variations, electromagnetic fields or electrostatic discharges, gas or liquid presence – will trigger a loud siren, accompanied by dense red smoke and positioning with the aid of GPS-GPRS locating signals. “At the heart of the system,” he continues, “is Schott’s rectangularshaped ink cartridges which, when detonated, immediately saturate bank notes with indelible purple ink, rendering them completely worthless. It’s exciting and inspiring to enable new applications that meet such high requirements,” says
Tietze. “Normally, our glass needs to be as durable and strong as possible. With these ink cartridges, however, our tubes are expected to break quickly and evenly, without getting damaged during manufacturing or while they are being transported… these glass ink containers making stolen bank notes unusable for criminals acts as a deterrent and could well prevent acts of violence.” One of South Africa’s most effective tools, when it comes to reducing cash-in-transit attacks, is the PUDU, originally developed by the CSIR (Council for Scientific and Industrial Research) in 2002. The name is an acronym of ‘polyurethane dispensing unit’, a sense-and-deploy device that dispenses quick-drying, solidifying polyurethane foam into the vault area of cash-in-transit
vehicles when they are attacked. “The polyurethane covers the cash in the vehicle’s vault and makes it impossible for attackers to retrieve the transported assets from the vehicle,” explains Delon Mudaly, a CSIR manager of intellectual property and technology transfer for materials science and manufacturing4. Originally developed by the CSIR, for SBV Services in South Africa, to supplement the armour-plating and bullet-proofing on CIT vehicles, it protects the assets inside and may be activated in various ways, in line with clients’ requirements. “With cash being the lifeblood of the South African economy, we have to do our utmost to curb these violent attacks on a sector in which some of our most vulnerable fellow citizens earn their living,” maintains Albert
Cash-in-transit attacks do not only aggravate the devastating effect that the Covid-19 pandemic has already had on the economy, but they also inflict terrible hardship on employees in this critically important sector.
14
SECURITY FOCUS AFRICA APRIL 2021
securityfocusafrica.com
CASH IN TRANSIT
Cash-in-transit crew monitored via the iziCash control room.
Erasmus, CEO of iziCash Solutions, which provides specialist cash logistics and cash management services to a wide range of businesses that trade with cash throughout the country. It is this that is behind his company’s recent partnership with Fleetcam™. “With Fleetcam’s integrated surveillance and intelligent vehicle and guard tracking system, we have upgraded our defences in order to mitigate, attacks,” he says, pointing out that cash-in-transit attacks do not only aggravate the devastating effect that the Covid-19 pandemic has already had on the economy, but also inflict terrible hardship on employees in this critically important sector. Collaboration: never more important than now “Never before has collaboration been more essential,” concludes Nischal Mewalall, CEO of SABRIC (South African Banking Risk Information Centre). “These robberies have the potential to severely worsen our economy which is already under pressure due to Covid-19. The CIT industry must be commended for its proactive approach and SABRIC remains fully committed to supporting all initiatives to enable the fight against this scourge.” 1. https://www.rand.org/topics/asymmetricwarfare.html 2. https://www.researchandmarkets.com/ reports/5239748/global-armored-vehiclemarket-2020-2030-by-armor?utm_ source=CI&utm_medium=PressRelease&utm_ code=lc4vvn&utm_campaign=1498075++Outlook+on+the+Armored+Vehicle+Global +Market+to+2030+-+Trend+Forecast+and+ Growth+Opportunity&utm_exec=jamu273prd 3. https://www.schott.com/innovation/en/ in-a-case-full-of-cash/ 4. https://www.csir.co.za/sites/default/files/ Sciencescope_February2013.pdf
securityfocusafrica.com
“With cash being the lifeblood of the South African economy, we have to do our utmost to curb these violent attacks on a sector in which some of our most vulnerable fellow citizens earn their living.”
SECURITY FOCUS AFRICA APRIL 2021
15
SPECIAL FEATURE
Jail sentences and hefty fines for perpetrators of revenge porn in SA as the crime skyrockets around the world due to Covid-19 Reports of image-based abuse or revenge porn have reportedly skyrocketed throughout the world as a result of the Covid-19 pandemic.
A
ustralia registered a 210% increase on the average weekly number of reports received in 2020 compared with 2019, and the United Kingdom’s Revenge Porn Helpline says it has opened double the number of cases in April 2020 compared with a year ago, according to an article in The Conversation1. “Unfortunately, far too many unkind and insensitive individuals in society today spread private and sexually explicit videos or images of their former partners or lovers to the public and other individuals with the aim of punishing or humiliating them,” says Justin Sloane, partner at one of South Africa’s leading legal firms, Schindlers Attorneys. In an article on
Schindlers website titled “South Africa cracks down on Revenge Porn”2, which he co-authored with candidate attorney Megan Brook, Sloane and Brook describe revenge porn as a form of cyberbullying, with such a negative stigma attached to it that victims rarely speak out about it and may even end up leaving their jobs or committing suicide. But, they add, recent changes to South Africa’s laws are intended to give victims their power back and put the leakers of nude images and sex tapes in jail. “In October 2019, President Cyril Ramaphosa signed the Films and Publications Amendment Act 11 of 2019 (the Act) into law which cracks down on the distribution of child pornography, hate
speech and revenge porn,” Sloane and Brook explain, adding that the final draft of the Cybercrimes and Cybersecurity Bill (the Cyber Bill), which is expected to be tabled in Parliament in the near future, also criminalises the releasing of intimate pornographic content in cyberspace. What is revenge pornography? “Revenge porn” is widely understood to mean the non-consensual distribution of sexually explicit or nude photographs or videos and is usually done out of spite, normally by a former partner after their relationship comes to an end, in order to humiliate the victim,” say Sloane and Brook. “The photographs or videos may be distributed via email, pornographic
…recent changes to South Africa’s laws are intended to give victims their power back and put the leakers of nude images and sex tapes in jail. 16
SECURITY FOCUS AFRICA APRIL 2021
securityfocusafrica.com
SPECIAL FEATURE
Sloane and Brook describe revenge porn as a form of cyberbullying, with such a negative stigma attached to it that victims rarely speak out about it and can even end up leaving their jobs or committing suicide. websites, text message or any social media platform, and with the advent of smart phone technology and the digital era, this may be done rapidly and with just a click of a button.” The damage to victims may be horrific, they note further. Some develop mental health problems while others may become suicidal. Aside from the destructive and often permanent effects on people’s lives, this crime form is also a violation of a person’s constitutional right to dignity and privacy, which is why the new legislation, which prohibits and criminalises such actions, is desperately needed. There are many instances where individuals are blackmailed into paying over large amounts of money to prevent the images from being posted online, not only by former partners and the like, but also by criminals who hack into or steal cell phones, tablets and other devices. “Once the image or video is posted online it may very easily and very quickly be saved by an individual (in many ways, including through a ‘screenshot’) and then shared multiple times amongst others. In fact, it is almost impossible to permanently remove such content nowadays with the internet cloud servers available,” they warn. What are the legal penalties? “Interestingly, the penalties differ, based on whether or not the person in the image or video is identifiable and you are able to tell who they are,” say Sloane and Brook. “Section 24E(1) of the Act provides that any person who knowingly distributes private sexual photographs and films, on any medium, without the prior consent of the individual, and with the intention to cause the individual harm, shall be guilty of an offence and liable to a fine not exceeding R150 000 and/or imprisonment for a period not exceeding two years. This means that a perpetrator could face both jail time as well as a fine.”
Further, “Section 24E(2) provides that if the person is identified or identifiable in the said photograph or film, the perpetrator shall be guilty of an offence and liable to a fine not exceeding R300 000 and/or imprisonment for a period not exceeding four years. So, essentially, the possible jail time and financial penalty double when the person in the revenge porn is recognisable,” they point out. Unknown distributor What if the victim doesn’t know who was responsible for publishing the content? The victim still has legal recourse, say Sloane and Brook. Section 18E of the Act provides that the relevant internet service provider “shall be compelled to furnish the Board or a member of the South African Police Services (SAPS) with information of the identity of the person who published the prohibited content. The Act recognises that anonymity is problematic in situations such as these and puts measures in place to address such.” The Cybercrimes and Cybersecurity Bill According to Sloane and Brook, the Cyber Bill, which regulates cybercrimes, cyber forgery and cyber fraud, was passed by the National Council of Provinces (NCOP) on 1 July 2020 and is now waiting for final approval by the President. “The Cyber Bill criminalises ‘malicious communications’ which includes the dissemination of revenge porn. In terms of the Cyber Bill, offenders may face a period of imprisonment not exceeding three years upon conviction.” Clause 18 of the Cyber Bill provides that “any person who unlawfully and intentionally makes available, broadcasts or distributes, by means of a computer system or a data message of an intimate image of an identifiable person, knowing
that the person depicted in the image did not give his or her consent to the making available, broadcasting or distribution of the data message, is guilty of an offence.” It defines an “intimate image” as a “visual depiction of a person” made by any means “that give rise to a reasonable expectation of privacy” and “in which the person is nude, is exposing his or her genital organs or anal region or, in the case of a female, her breasts.” Other remedies Apart from the Act and the impending Cyber Bill, victims have legal recourse in other areas of the law, Sloane and Brook note. These include suing the perpetrator for civil damages as a result of defamation of character or charging the perpetrator with crimen injuria (unlawfully and intentionally impairing the dignity or privacy of another person). “The Protection from Harassment Act 17 of 2011 (the Harassment Act) also permits a victim to apply for a protection or harassment order against a perpetrator which, once granted, is coupled with a warrant of arrest and is suspended subject to the relevant person complying with the terms of the protection order,” they say. Conclusion “The amendments to our law and imminent passing of the Cyber Bill are positive steps in bringing justice to revenge porn victims as perpetrators now stand to face jail time and hefty fines. The current and proposed legislation will hopefully enable the proper and effective investigation and prosecution of such crimes.” 1. https://theconversation.com/reports-ofrevenge-porn-skyrocketed-during-lockdownwe-must-stop-blaming-victims-for-it-139659 2. https://www.schindlers.co.za/2020/southafrica-cracks-down-on-revenge-porn/
…any person who knowingly distributes private sexual photographs and films… shall be guilty of an offence and liable to a fine not exceeding R150 000 and/or imprisonment for a period not exceeding two years.
securityfocusafrica.com
SECURITY FOCUS AFRICA APRIL 2021
17
PERSONAL REPORTBACK SECURITY
Why girls continue to experience violence at South African schools Girls experience gender and sexual violence in schools around the world, and South Africa is no exception. Research has shown how learners, and girls in particular, are vulnerable to violence.
D
https://theconversation.com/why-girls-continue-to-experience-violence-at-south-african-schools-157470
espite the country’s political response to violence against women and girls, schoolgoing girls struggle with male violence in and out of school. Learners who are victimised at school often show poor academic performance, regular school absenteeism, anxiety and depression, drug and alcohol use, psychological trauma, and dropping out of school. We conducted a study to learn more about South African teenage girls’ experiences at school. Violence emerged as a key aspect of their school life.
18
SECURITY FOCUS AFRICA APRIL 2021
We looked at the spaces where violence occurs, and how the violence is linked to drug use, social inequalities and construction of gender identity. We found that certain behaviour is tolerated because it isn’t seen as violence. We also reflected on some of the ways that the issue of gender violence at school – and beyond – could be addressed. Sexual violence in school Our study took place in an urban high school in South Africa. The location has high levels of unemployment and poverty. The school’s challenges include
overcrowding, old and dilapidated buildings, drug use and violent behaviour by some learners. We interviewed learners aged between fifteen and seventeen. Most of them came from economically poor households, but some were better off than others. These differences played a part in violence. Our findings are context specific. This implies that they are applicable to other South African schools that have similar characteristics. The violence that girls experienced took various forms, including sexual harassment. It occurred in various school
securityfocusafrica.com
PERSONAL REPORTBACK SECURITY
Despite the country’s political response to violence against women and girls, school-going girls struggle with male violence in and out of school.
spaces such as the corridors and in an abandoned building on the school premises. The pupils said community violence and theft had resulted in this building becoming dilapidated. We heard that boys sexually gazed at girls in the corridors during lunch breaks and gossiped about girls’ physical appearance, their bodies, and their virginity status. Boys commented openly on their desires and demands to have sex with girls. Sexual harassment in the corridors also involved inappropriate touching. All this occurred in the public space of the school’s corridors and was witnessed by other girls and boys. Girls were publicly humiliated and coerced to engage in sexual activity (kissing and inappropriate touching). Both boys and girls used drugs such as dagga (marijuana) in the dilapidated building. The pupils said that this building was dominated by boys who used drugs and abused girls there during lunch breaks. Girls also expressed the fear of being coerced into sexual relationships by older boys at school. Girls were beaten up if they refused boys’ proposals for sexual relationships. But girls also fought with each other over boys. This competition sometimes involved references to hair – those who could afford to have weaves in their hair or wigs were called ‘sluts’ and accused of ‘stealing’ boyfriends. Girls speak out Girls that were interviewed suggested
securityfocusafrica.com
that it was up to the victim herself to report violence to teachers. Some said that the school was too lenient towards the offending boys. They might be suspended for a few days or given a simple warning: “Don’t do it again.” The school wasn’t doing enough to address the violence. We found that one of the reasons that violence persists is that the school’s responses often fail to understand its sexual and gendered aspects. Teachers and learners at this school generally understood violence as something that individuals do, related to some psychological problem. This understanding made gender and sexuality invisible. It failed to notice the experiences of girls and the power relations between girls and boys. Often intervention strategies in South African schools rely on psychological interventions, as if something is inherently wrong with the child. They do not see violence as rooted in both the individual and the broader social and economic conditions in which children are located. How to end violence We have five recommendations for addressing school violence. • People need to understand that gender power imbalances are a form of violence. They need to know where and when it’s being experienced. Boys should understand that violence includes gossiping, coercion and sexualised utterances.
• Schools must take responsibility for the physical environment, and this involves identifying and managing spaces that increase the risk of violence. • The school curriculum, on issues of sexuality and relationships, must relate more directly to the girls’ everyday experiences of violence at school. A comprehensive sexuality education programme should challenge violence by boys and by girls, as it relates to youth sexuality and the dynamics of relationships. • The use of drugs by learners must be addressed in such educational programmes. In South Africa, the personal and private use of dagga among adults is no longer a criminal offence. The availability of the drug in South African communities has implications for children’s access to it. • Fifthly, schools need to support and act on girls’ reporting of violence. Some research has found that bystander programmes can reduce the normalisation of violence in schools. These programmes encourage passive bystanders to become active by learning to recognise potentially violent or dangerous situations. They empower young people to act more effectively against violence. However, schools cannot do it on their own. Government, parents, learners, non-governmental organisations and the broader community should be part of discussions about the root causes of the violence and effective interventions.
SECURITY FOCUS AFRICA APRIL 2021
19
SUCCESS STORY
iOCO brings Fortinet’s Secure SD-WAN to local financial services institution iOCO, the ICT services business of the JSE-listed EOH Group, has been chosen to assist a large financial services company in the implementation of its software-defined wide area networking (SDWAN) rollout. This has allowed the firm to take a bold move forward in its stated aim of building a network incorporating the ‘modernised branch of the future’.
B
rett van Rensburg, Sales Director for iOCO’s Compute division, says: “Having recently undertaken a rigorous year-long request for proposal (RFP) process to choose our SD-WAN providers, we were duly impressed with the Fortinet Secure SD-WAN offering. “This new project with the financial services company has now allowed us to test the scope and breadth of the Fortinet solution, with truly impressive results. The top benefits that Fortinet’s Secure SD-WAN is able to provide for clients include the ability to intelligently
20
SECURITY FOCUS AFRICA APRIL 2021
manage bandwidth at their sites; stronger service level agreements through the multiple infrastructures; granular reporting; and the advantages of the zero-touch deployment.” SD-WANs are extremely effective at enabling enterprises to communicate across multiple branches that are geographically widely dispersed. An SD-WAN is a virtual WAN architecture that allows enterprises to use any combination of transport services – including MPLS, LTE, DIA and broadband internet services – to connect users to their applications, both locally and in
Brett van Rensburg, Sales Director, iOCO’s Compute division.
securityfocusafrica.com
SUCCESS STORY
the Cloud. The advantages of Secure SD-WAN allow a business to lower costs and reduce complexity while also ensuring network security and compliance. Fortinet’s Secure SD-WAN is based on the FortiGate next generation firewall (NGFW) with integrated SD-WAN functionality. Enabling the client’s ‘branch of the future’ “The project with our client began about a year ago, with the company’s desire to enable a network that would launch and thereafter drive – its modernised branch of the future,” Van Rensburg explains. “The realities of digitally transforming the organisation were an important part of building the business, as well as defining its future strategy. “As an organisation within the financial services space, security was, of course, a priority. Other must-have factors included reliability, cost-efficiencies, and scalability. Visibility and reporting were also extremely important: the client wanted to be able to see the network at the touch of a button.” The right solution with the right team Van Rensburg clarifies that the company needed to understand the options available in the market. “We did not want to present the client with only one SD-WAN offering, as we prefer, instead, to provide multiple offerings and consult with the client on what fits their business and forward strategy best. There were three vendors being considered, and some, like ourselves, had multiple options on the table. The client was therefore looking at four or five different SD-WAN solutions, which were whittled down to three, including iOCO’s recommendation. “The remaining SD-WAN solutions under consideration were put forward and scrutinised under the same proof of concept (POC) parameters; however, these companies had a long history within the client’s network. We were, therefore, coming in as somewhat of an outsider on this particular project, although we did have our own preexisting relationship of more than a decade with the client in other arenas. “We made a solid commitment to this project and used a team of over twentyfive people in total, from those who were involved in various discussions,
securityfocusafrica.com
to the account management team, project managers and a number of other individuals playing various roles inbetween, including those who designed the solutions as well as the technical heads of various areas. Between the technical input, the reporting advantages, and the discussions around the commercial aspect, it became apparent, much like a puzzle being put together, that Fortinet was indeed the contender of choice.” Driving the testing phase Van Rensburg reports that once the initial workshops had been held, a live test of the Fortinet solution was undertaken involving some of the users, namely the branch manager and staff members of a particular branch. He explains, “Multiple POC demonstrations were held at the branches with improved results across all, but the Fortinet POC sites showed significantly more improvement than the other sites. The Fortinet live test showed a further increase in functionality that could be managed and recorded on live dashboards. It was clear that SD-WAN and the functionality provided by the platform were not only showing tangible positive SLA results but, most importantly, the users onsite were experiencing a better working environment. “Two physical links were used and, during this live demo, we purposefully dropped one of the links to show that there would be no impact to the network. The traffic switch-over was seamless, and branch employees did not lose any of their capability. Additionally, Fortinet’s visibility allowed the client to really see what was happening on the network, in real time. “We followed this up with similar tests at other branches, with the same excellent results. The test phase was a resoundingly positive part of the tender process, showing a tremendous improvement in productivity for the users where the Fortinet Secure SDWAN solution had been implemented. The client’s ex-com team was receiving this positive feedback and could see the difference that the Secure SDWAN solution was already making to productivity.” Making commercial sense According to Van Rensburg, the Fortinet
commercial model was another factor in its favour. “Eventually, the tender process had become a two-horse race between iOCO and one of the other companies mentioned previously. Not only did our model tick all of the other relevant boxes – as well as going significantly above and beyond the ‘call of duty’ – but our costs were also significantly lower. “This was towards the end of the process, about a month or so before the final sign-off, and I believe that the costeffectiveness was what helped to finalise the deal. The client was able to factor in all of its needs, both present and future, without having to incorporate any additional components. This is certainly an advantage for companies looking to spread their capital investment over time.” Conclusion “Over four hundred sites will be serviced by the Fortinet Secure SD-WAN solution,” says Van Rensburg, “and the client is very happy with the rollout so far, having already indicated that there are other areas in which the solution could add value. We are pleased with this, because it enables us to help this financial organisation to expand on the investment that it has already made. “Additionally, the localised support and training, including through our valueadded distribution partner, Networks Unlimited, assists enormously. In-country resources are certainly a strong enabler of the Fortinet Secure SD-WAN solution set’s successful deployments and support – it makes a big difference that the teams who give us support are right here, locally. We find that we have much quicker pricing and engineering support, for example, and this agility is so key to these engagements.” He concludes by noting, “iOCO’s strong relationship focus and its willingness to engage were an integral part of this project. iOCO took the time to understand the client’s requirements, and then presented them with solutions in a way that made sense to their business model and strategic direction, including holding discussions as a consultative exercise and not as a presentation of products. This engagement is a backbone to continue enabling the client’s specific vision of its branch of the future. This, in itself, is a further testimony to Fortinet, and another differentiation from other possible competing solutions.”
SECURITY FOCUS AFRICA APRIL 2021
21
INDUSTRY OPINION
Africa could become a testing ground for tech-enabled social engineering The absence of robust safeguards leaves many countries on the continent vulnerable to data manipulation. By Karen Allen, Institute of Security Studies. https://issafrica.org/iss-today/africa-could-become-a-testing-ground-fortech-enabled-social-engineering
W
ithin a year, much of the world has adopted the norm of wearing masks to protect against the Covid-19 pandemic. Notwithstanding the political jostling that such face coverings have come to represent, it has become a social norm driven by circumstance. Scholars have undertaken extensive work1 on the life cycle of norms to demonstrate how they cascade into society and eventually become internalised. But to what extent does technology have a normative function – the power to shape human behaviour and deliver real-world consequences? In the absence of robust safeguards and in states with fragile democracies, could Africa become
22
SECURITY FOCUS AFRICA APRIL 2021
a testing ground for tech-enabled social engineering? Shaping norms or beliefs, governing how we vote, who we love and stirring up existing ethnic or religious cleavages? Information disorders expert Eleonore Pauwels argues that the convergence of artificial intelligence and data-capture capability threatens to undermine2 institutions that form the bedrock of democracies. The rapid emergence of artificial intelligence tech tools across Africa, coupled with powerful social media
platforms such as Facebook, Reddit and Twitter, has made data a commodity. Some commentators describe it as the new oil. These tech tools include biometric databases for tracking population movements at borders, registering voters before elections or documenting key life events (births, marriages and deaths). Besides capturing human behaviour, likes and preferences, technology potentially has the power to shape it, Pauwels argued at a webinar on surveillance3 and information disorder in
Machine learning technologies have the potential to override or shape human judgement and political agency securityfocusafrica.com
INDUSTRY OPINION
Africa last month. Artificial intelligence and data capture technologies, together, form a powerful alliance that enables micro targeting and precision messaging, she says. Institute for Security Studies (ISS) research4 shows that the ‘digital exhaust’ we leave behind on the internet – and the personal biometric information captured on CCTV cameras in shops or from centralised databases when we register to vote or apply for a driving licence – provides the raw material for data manipulation in Africa. According to Pauwels, human beings are rapidly becoming ‘data points’ or ‘digital bodies and minds’ whose exact location and biometric features could be be matched in real-time. This may have profound implications for personal privacy and security. She says that unless checked, machine learning technologies have the potential to override or shape human judgement and political agency. This is especially true in settings where democratic checks and balances are still fragile. For this reason, numerous African countries, including Zimbabwe and Kenya, have been the focus of her work. The purpose of analysing our ‘digital bodies and minds’ is, among others, to manipulate group conversations and behaviours either for political or commercial gain. This could create chaos or assert control, particularly during election times or periods of national emergency such as a war or pandemic. The ISS has demonstrated how potent algorithms may help amplify xenophobic narratives. The South African case study5 shows how messages could find reach far beyond what might be expected in the ‘real’ (rather than virtual) world. Pauwels’s research builds on this idea, highlighting the use of botnets by those wishing to control a message for viral propagation and to optimise search engine and algorithmic content regulation. Such potent social manipulation tools are being monetised, enabling data capture companies such as the nowdisbanded Cambridge Analytica to identify individuals’ ‘deepest fears, hatreds and prejudices to influence elections,’ Pauwels asserts. Using Kenya’s 2013 and 2017 elections as a case study, she documents how existing ethnic tensions in Kenya were exploited by similar commercial entities, explaining that ‘in 2017, WhatsApp
securityfocusafrica.com
Policymakers need to consider the blind spots of mass capture technologies groups, including non-political ones, were inundated with incendiary ethnonationalist rhetoric, mis- and disinformation.’ This raw material – i.e. personal data – was illegally acquired by political parties and deployed as part of their communications strategy. This practice is outlined in more detail in a Strathmore University Centre for Intellectual Property and Information Technology Law report. Another form of social manipulation comes from technology’s ability to automatically ‘generate new content such as photographs, video and text’, creating so-called deep fakes. These have significant implications for the future of propaganda, deception and social engineering. In the rush to develop centralised biometric databases, algorithms need to be open to inspection. They are also able to generate fake6 intelligence scenarios, paving the way to what some scholars have described as digital dictatorships and providing a pretext for social control and securitising legislation aimed at curbing its use. Such fake scenarios may enable illiberal states to silence dissent. The shutdown of social media platforms has already been observed in Uganda and Ethiopia in
recent months with the justification that national security is under threat. Social engineering may also take the form of determining what information citizens have access to via the internet. Freedom House argues that the system’s current weakness has played into the hands of less democratic governments looking to increase their control7 of the internet. And the very existence of such data monitoring, using equipment provided by foreign entities such as China, may impose new surveillance norms on populations that host the latest technology. This ‘cyber nationalism’ potentially normalises pervasive digital surveillance, and there’s scope for much research to be done on the role of foreign actors in this sphere. For all these reasons, policymakers need to consider the blind spots of such mass capture technologies. Although new data laws are coming on stream, setting out strict rules regarding how data is captured, stored and limiting its reuse, the enforcement of new regulations will be severely tested. In the rush to develop centralised biometric databases, algorithms need to be open to inspection and a new culture of ethical technology (possibly with incentives and sanctions) must be developed. 1. https://adambrown.info/p/notes/finnemore_ and_sikkink_international_norm_dynamics_ and_political_change 2. https://www.kas.de/en/web/newyork/ single-title/-/content/the-anatomy-ofinformation-disorders-in-africa 3. https://www.youtube.com/ watch?v=3ILkj03oDLA 4. https://enactafrica.org/research/researchpapers/whos-watching-who-biometricsurveillance-in-kenya-and-south-africa 5. https://enactafrica.org/events/digitalvigilantism-and-social-media-organised-crimesuntested-terrain 6. https://cpr.unu.edu/research/projects/ the-new-geopolitics-of-converging-risks-theun-and-prevention-in-the-era-of-ai. html#outline 7. https://freedomhouse.org/article/rise-digitalauthoritarianism-fake-news-data-collectionand-challenge-democracy
SECURITY FOCUS AFRICA APRIL 2021
23
COVID-19 UPDATES
Online vaccine scams: INTERPOL and Homeland Security Investigations issue public warning https://www.interpol.int/en/ News-and-Events/News/2021/ Online-vaccine-scams-INTERPOLand-Homeland-SecurityInvestigations-issue-public-warning
Public is warned against online vaccine scams after recent operation in China and South Africa.
L
YON, France – INTERPOL and the United States’s Homeland Security Investigations (HSI) have joined forces to warn the public against purchasing alleged Covid-19 vaccines and treatments online. With criminal groups producing, distributing and selling fake vaccines, the risks to the public are clear: these can include buying a product which not only does not protect against Covid-19, but poses a serious health hazard if ingested or injected. Such products are not tested, regulated or safety-checked. Legitimate vaccines are not for sale. They are strictly administered and distributed by national healthcare regulators. Anyone buying these products online also runs the risk of potentially giving their money to organised criminals. Crime wave “From the very beginning of the pandemic, criminals have preyed on people’s fears in order to make fast cash. Fake vaccines are the latest in these scams, which is why INTERPOL and HSI are warning the public to be extra vigilant,” said INTERPOL Secretary General Jürgen Stock. “Anyone ordering a vaccine online rather than obtaining it from their national provider, will be buying a fake product.” “The networks behind these crimes have global ambitions. No country or region can fight this type of crime alone. INTERPOL is assisting law enforcement around the world to both identify criminal networks and to dismantle them,” added Secretary General Stock. Following a global alert issued by INTERPOL in late 2020, the world police
24
SECURITY FOCUS AFRICA APRIL 2021
“Anyone ordering a vaccine online rather than obtaining it from their national provider, will be buying a fake product.” body recently announced the first internationally linked arrests and seizures in connection with fake vaccines, after criminal networks were disrupted in China and South Africa. INTERPOL has also been receiving additional information on fake vaccine distribution and scam attempts targeting health bodies, including nursing homes. “Counterfeit vaccines threaten the health of consumers who are duped by nefarious actors seeking to exploit the pandemic situation for financial gain. HSI and its law enforcement partners will vigorously investigate and seek prosecution for criminals taking advantage of the public’s quest for Covid-19 vaccinations and those who endanger the lives of the very people the vaccines are intended to protect,” said HSI Assistant Director, and Director of the National Intellectual Property Rights Coordination Center, Steve Francis. “HSI will continue to work with INTERPOL to coordinate investigations targeting every level of the transnational criminal organisations trafficking in counterfeit Covid-19 vaccines,” added Mr Francis. Online scams An emerging trend has seen cybercriminals set up illicit websites claiming to be legitimate national and/or world organisations offering pre-orders for vaccines against the Covid-19 virus. These
websites offer payments in Bitcoins and other payment processing methods. Using trademark logos of major pharmaceutical companies producing approved Covid-19 vaccines, the fake websites are suspected of being used to conduct phishing attacks and/or dupe victims into giving charitable donations. In addition to opening up their computer to cyberattacks when attempting to purchase alleged Covid-19 vaccines online, people also run the risk of having their identity stolen. In December 2020, HSI seized two websites purporting to be those of biotechnology companies developing treatments for the Covid-19 virus. Instead they appeared to have been used to collect the personal information of individuals visiting the sites, in order to use the information for criminal purposes, including fraud, phishing attacks, and/or deployment of malware. Ransomware attacks have also been conducted against hospitals, laboratories, local governments and other targets, remotely blocking computer systems and demanding a payment to release them. Given the need for a global response against these types of cyber-enabled fraud and financial crimes, INTERPOL created the Global Financial Crime Task Force (IGFCTF) in 2020, with member countries in order to enhance international cooperation and innovation with public and private sector partners.
securityfocusafrica.com
COVID-19 UPDATES
International trade body warns over Africa’s fake Covid vaccines Africa’s law enforcement agencies are urged to step up their investment in anti-counterfeiting measures before the trade in fake Covid-19 vaccines spirals out of control.
T
he advice from the International Hologram Manufacturers Association (IHMA) comes in the wake of reports1 of seizures of illicit Covid-19 vaccines − the latest lucrative market is for the trade in counterfeit medicines controlled by organised criminals. The IHMA’s warning comes as South Africa faces a possible ‘epidemic’ in the trafficking of counterfeit vaccines that will inevitably reach other African countries as the incidences of Covid cases rises. The World Health Organisation (WHO) has said that a growing volume of fake medicines are available in Africa, where the high demand for medicines and lack of local production in many countries is opening up opportunities for counterfeit products. Counterfeiting is a multi-billion-dollar problem but the situation in Africa is of concern, the IHMA said, as criminals take advantage of a continent-wide vaccine roll out plan that lags far behind demand. It is urging supply chains and authorities to review how they tackle the threat, before the situation exacerbates further in African countries currently scrambling to
securityfocusafrica.com
secure vaccines. Authorities in South Africa, and right across the continent, may even be forced to bring forward their plans for investment in authentication and verification technologies to effectively protect people and distribution channels. Covid has created high demand for vaccines and an IHMA poll revealed that almost 50% of manufacturers and suppliers of holograms had seen an increase in demand from customers, specifiers and end-users for devices and technologies in the face of the pandemic. Dr Paul Dunn, chair of the IHMA, said: “Covid presents opportunities for crafty criminals, who are infiltrating global supply channels, deploying scams and counterfeiting measures to trick consumers and damage manufacturers. Furthermore, items such as falsified medicines and test kits can pose a terrible threat and may endanger lives. “Supply chains across Africa must be bolstered with countries enhancing their anti-counterfeiting plans, perhaps including the introduction of harder hitting anticounterfeiting legislation and strategies. “The use of track-and-trace programmes, featuring security devices
Dr Paul Dunn, chair of the IHMA.
for instance, could prove especially helpful, facilitating greater cross-border cooperation to tackle mutual threats and come down hard on criminals, before Africa has a counterfeiting epidemic on its hands. “Holograms could be effective in the frontline fight against counterfeiters and fraudsters, protecting brands and profits. Those involved in the supply chain are reassured by their presence on products, recognising the security and financial benefits provided.” The use of well-designed and properly deployed authentication solutions, as advocated by the ISO12931 standard, enables examiners to verify the authenticity of a legitimate product, differentiating it from fake products coming from counterfeiting hot spots in Asia and eastern Europe. Even those that carry a ‘fake’ authentication feature may be distinguished from the genuine item if that item carries a carefully thought-out authentication solution. 1. https://issafrica.org/iss-today/fake-Covid-19vaccines-seized-in-sa-just-the-start-for-africa
SECURITY FOCUS AFRICA APRIL 2021
25
NEWS
Gartner forecasts worldwide IT spending to reach $4 trillion in 2021 Funding for new digital business initiatives to come from outside of IT Worldwide IT spending is projected to total $4.1 trillion in 2021, an increase of 8.4% from 2020, according to the latest forecast by Gartner, Inc. The source of funds for new digital business1 initiatives will more frequently come from business departments outside IT and charged as a cost of revenue or cost of goods sold (COGS). Clayton Hayward, CEO of Ukheshe.
“I
T no longer just supports corporate operations as it traditionally has, but is fully participating in business value delivery,” said John-David Lovelock, distinguished research vice president at Gartner. “Not only does this shift IT from a back-office role to the front of business, but it also changes the source of funding from an overhead expense that is maintained, monitored and sometimes cut, to the thing that drives revenue.” All IT spending segments are forecast to have positive growth through 2022 (see Table 1). The highest growth will come from devices2 (14%) and enterprise
26
SECURITY FOCUS AFRICA APRIL 2021
software (10.8%) as organisations shift their focus to providing a more comfortable, innovative and productive environment for their workforce. As one example, the increased focus on the employee experience and well-being are propelling technology investments forward in areas such as social software and collaboration platforms3 and human capital management (HCM) software. Although optimisation and cost savings efforts won’t disappear simply because there’s more economic certainty in 2021, the focus for CIOs through the remainder
of the year will be completing the digital business plans that are aimed at enhancing, extending and transforming the company’s value proposition. “Last year, IT spending took the form of a ‘knee jerk’ reaction to enable a remote workforce in a matter of weeks. As hybrid work takes hold, CIOs will focus on spending that enables innovation, not just task completion,” said Mr. Lovelock. Return to pre-pandemic spending levels varies Recovery across countries, vertical industries and IT segments still varies
securityfocusafrica.com
NEWS
2020 2020 2021 2021 2022 2022 Spending Growth Spending Growth Spending Growth (%) (%) (%)
Data Centre Systems
219,940
2.3
236,806
7.7
247,513
4.5
Enterprise Software
466,647
-2.1
516,872
10.8
571,725
10.6
Devices
663,223 -6.9 755,798 14.0 778,949 3.1
IT Services
1,021,187
-1.8
1,112,626
9.0
1,193,461
7.3
Communications Services
1,386,471
-0.7
1,450,444
4.6
1,504,743
3.7
Overall IT
3,757,468
-2.2
4,072,547
8.4
4,296,391
5.5
Table 1. Worldwide IT Spending Forecast (Millions of U.S. Dollars)
significantly, prompting a K-shape economic recovery. From an industry perspective, banking and securities and insurance spending will closely resemble pre-pandemic levels as early as 2021, while retail and transportation won’t see the same recovery until closer to 2023. Regionally, Latin America is expected to recover in 2024, while Greater China has already surpassed 2019 IT spending levels. North America and Western Europe are both expected to recover in late 2021. More detailed analysis on the outlook for global IT spending is available in the Gartner webinar “IT Spending Forecast, 1Q21 Update: How the Winners are Winning.”4 Learn more about emerging trends, expected challenges and next steps for CIOs and IT leaders in the free Gartner E-Book “Top Priorities for IT: Leadership Vision for 2021.”5 Gartner’s IT spending forecast methodology relies heavily on rigorous analysis of sales by thousands of vendors across the entire range of IT products and services. Gartner uses primary research techniques, complemented by secondary research sources, to build a comprehensive database of market size data on which to base its forecast. The Gartner quarterly IT spending forecast delivers a unique perspective on IT
securityfocusafrica.com
spending across the hardware, software, IT services and telecommunications segments. These reports help Gartner clients understand market opportunities and challenges. The most recent IT spending forecast research is available to Gartner clients in “Gartner Market Databook, 1Q21 Update.”6 This quarterly IT spending forecast page includes links to the latest IT spending reports, webinars, blog posts and press releases. Gartner Tech Growth & Innovation Conference Gartner analysts will provide additional analysis on how technology service providers can accelerate growth, drive product innovation and leverage emerging technologies at the Gartner Tech Growth and Innovation Conference 2021, taking place virtually July 20-21 in the Americas7. Follow news and updates from the conference on Twitter using #GartnerTGI. About the Gartner Information Technology Practice The Gartner IT practice provides CIOs and IT leaders with the insights and tools to drive the organisation through digital transformation to lead business growth. Additional information is available at https://www.gartner.com/en/information-
Source: Gartner (April 2021)
technology. Follow news and updates from the Gartner IT practice on Twitter and LinkedIn using #GartnerIT. 1. https://www.gartner.com/en/newsroom/ press-releases/2021-03-31-gartner-surveyreveals-over-half-of-cios-plan-to-increase-fulltime-employees-in-it-to-accelerate-digitalbusiness-initiatives-in-2021 2. https://www.gartner.com/en/newsroom/ press-releases/2021-04-01-gartner-forecastsglobal-devices-installed-base-to-reach-6-2billion-units-in-2021 3. https://www.gartner.com/en/newsroom/ press-releases/2021-03-23-gartner-forecastsworldwide-social-software-and-collaborationmarket-to-grow-17-percent-in-2021 4. https://www.gartner.com/en/ webinars/3998713/it-spending-forecast1q21-update-how-the-winners-are-winning 5. https://www.gartner.com/en/ publications/2021-top-priorities-it-leadershipvision?utm_source=press-release&utm_ medium=promotion&utm_campaign=RM_ GB_2021_ITCIO_NPP_PR1_TOP-PRIORITIES2021&utm_term=ebook 6. https://www.gartner.com/account/signin?meth od=initialize&TARGET=http%253A%252F%2 52Fwww.gartner.com%252Fdocument%252F 3999992%253Fref%253DAnalystProfile 7. https://www.gartner.com/en/conferences/na/ tech-growth-us
SECURITY FOCUS AFRICA APRIL 2021
27
PERSONALITY XXX PROFILE
In conversation with… Lauren October, researcher with the Safety and Violence Initiative (SaVI) at the University of Cape Town “I have found a way of realistically following my dreams of being a writer and doing something worthwhile.”
B
orn and raised in Eerste Rivier in the Western Cape (although her ancestral home is the small town of Bredasdorp, where her entire family lives and where she spent a lot of her childhood), Lauren Sue October has forged a career that combines her love of writing with making a difference to people’s lives – her dream, since as far as back as she could remember. Her road to SaVI, where she has been employed for the last five years, wasn’t straightforward or easy, she says, but with her characteristic determination, she never lost sight of her goal.
28
SECURITY FOCUS AFRICA APRIL 2021
After matriculating from De Kuilen High School in Kuils River, Lauren enrolled at the University of Stellenbosch. By the time she graduated, she had been awarded a BA degree in International Studies, Honours in the same field and her Masters in Political Science. Before she made an attempt at her PhD, however, she set out to gain some real-world experience outside of the academic ivory tower.Yet, despite her impressive qualifications, she struggled to find a job.“I applied to several NGOs (non-government organisations) over the course of nine months, while keeping myself busy doing volunteer work. I
especially enjoyed being a reading helper for primary school children with the Help2Read organisation.” Finally, her perseverance paid off and she found a position as an administrator in a travel logistics company. “This wasn’t actually my first job,” she smiles. “While I was at varsity, I was employed to manage the sports teams for the Aurora private student organisation, which paid R1 500 per term. This entailed ensuring that students who didn’t stay in residence could, nevertheless, be part of a sports team. I myself played tennis, netball and soccer for the organisation, so it was a very good fit!”
securityfocusafrica.com
PERSONALITY PROFILE
“I remained at the logistics company for a month – just long enough to land an internship at the Centre for Conflict Resolution (CCR). After a year, which I thoroughly enjoyed and which allowed me to meet lots of interesting people and attend loads of fascinating seminars, I began looking for a position that offered me more scope to do research. No one could have been more excited than I was when my application for the position of field researcher for a xenophobia and social cohesion project at SaVI was successful.” “I have been with SaVI for five years now, gaining experience, taking on more responsibility and working on various very interesting projects. As time went by, I noticed that a lot of my research interests were psychological, so I enrolled at UNISA where I completed an undergraduate degree in Psychological Counselling, last year.” What does your job entail? As an all-rounder, I do everything from designing research instruments, conducting surveys, focus groups and interviews, sourcing and writing content on violence prevention for a web platform, and managing the social media content for three of our websites. Then there’s research, presenting my papers and findings, and even translating from Afrikaans to English where required. I also consult for other organisations – last year I handled a project on policing oversight mechanisms, and this year I’m involved with a project on violence against children in schools. What do you love about it? No two projects are the same, so I’m always learning and finding new ways of doing things. I travel and meet fascinating people – such as community leaders with no education and who are ten times smarter than me. I hear interesting ideas and I have my own thinking challenged, which broadens my horizons and helps me realise that there is always a different angle to look at when solving a problem. All of this makes me believe that I’m working towards something greater than myself, which could benefit Africa in the long run. And the challenges? The challenges are mostly those typical of working in an NGO – including the dependence on funding, which often gets cut short. Sometimes funders have
securityfocusafrica.com
preconceived ideas which are at odds with our findings, which may make you feel like you’re running in circles without actually helping anyone. But then you get a project where you get to make a real impact in people’s lives and those times outweigh the challenges. Your mentors and influencers? Dr Derica Lambrechts from Stellenbosch University, who was so young when she was my lecturer, yet she was unafraid to tackle the dangerous issue of gang violence. She made me realise that even though I was a student, I was already a social scientist with thoughts to contribute. Also my director, Dr Guy Lamb, who helped me to narrow my focus when I got overwhelmed by everything I wanted to study. He helped me hone my ‘voice’ and method, when it comes to academic writing, and he made me a better scientist. And Ms Laura Freeman, my first supervisor at SaVI, whose work ethic and attention to detail was something I strove to emulate, and whose praise and criticism broadened my mind and influenced the way I work today.
Figure out what you want from life and then decide on the most realistic way to achieve your goals without starving. If you could change three things in South Africa today, what would they be? It’s a difficult question to answer because anything we fix would only be getting rid of a symptom and not the cause, where the real problems are structural and historical. Equality, dignity and restitution are needed before any solutions would be lasting. But, if I could choose three symptoms to change, they would be: Firstly, teaching boys positive masculinity from a young age so that they are able to express their emotions and learn positive conflict resolution without resorting to violence; Secondly, adapting the education system to align with interests and skills rather than pushing out cookie-cutter graduates. By that I mean that there is too much emphasis on everyone matriculating and getting a degree: some people are better at music than maths and this should be encouraged, not ridiculed.
And thirdly, getting the basics right. How could people get jobs or become entrepreneurs if they don’t have access to water, electricity or reliable public transport? Investing in community infrastructure is critical to opening the doors that will solve many problems in society today. Interests and hobbies? I have too many and often get distracted by them! I love reading, writing, tennis, swimming, woodwork, knitting, drawing, painting, cooking, and travelling. I’m also passionate about enhancing gender equity and getting rid of gender stereotypes in my immediate environment – interestingly, the most important men in my life are all feminists!” What’s on your bucket list? I want to speak a language from each continent, and I want to visit at least half of the countries in Africa as well as Peru, India, Ghana, New Orleans, Kenya, Russia, and Japan. Your 3 favourite books/movies? I’m a huge sci-fi/fantasy lover, so it’s Eragon, Harry Potter, and His Dark Materials for books, and for movies it’s the Lord of the Rings, the Matrix trilogy, and Star Wars. Throw in Buffy the Vampire Slayer or any Disney movie or musical, and I’ll be happy! Your advice for the youngsters of today? Figure out what you want from life and then decide on the most realistic way to achieve your goals without starving. Don’t let society dictate your life path and don’t chase things like money or marriage. Stay true to your path and everything else will fall into place. Any comment on Covid-19 and its effect on South Africa/the world? I’m hoping that we’ll see a major change in the way education and professions are managed. Many people work from home and on flexible hours during the lockdowns. I hope that employers are able to see that they could still get all their deliverables without sacrificing the mental health of their employees. I also hope that people in remote locations finally get access to online education. With the divide between the rich and the poor more obvious than ever, I’m hoping that eyes have been opened.
SECURITY FOCUS AFRICA APRIL 2021
29
INDUSTRY OPINION
The evolving role of the Network Security Architect can deliver great value to the modern organisation The role of the network security architect is constantly changing due to evolution in the IT landscape and its digital transformation, and the position has become particularly important over the past fifteen years. This is a period during which technology, and the way it is consumed, has evolved significantly
I
By Sarthak Rohal, Vice President - IT Services at AlphaCodes
n addition, considering the current Covid situation, where work-fromhome is the new normal and those home-workers are vigorously targeted by cybercriminals due to the lack of necessary security solutions and user compliance on their devices. For instance: – as per the Kaspersky team – “As of January 2021, the number of global users encountering various threats, e.g. using popular online learning platforms as a lure, reached 270 171 – a 60 per cent increase when compared to the first half of 2020.” From the network security architect’s perspective, this has brought large changes to the application portfolio, based on the need to secure an
30
SECURITY FOCUS AFRICA APRIL 2021
organisation’s online presence. However, the biggest change in the role of the network security architect probably occured in recent years due to the advent of new technologies and a change in technologies such as IoT, distributed cloud, blockchain and serverless micro services. In addition, organisations are looking for automatic scaling and lower runtime costs, along with options of demand-based flexibility to run and access applications through modern security architecture. To enable a secure way to consume IT services, security has become much more important to organisations in recent years. Cloud and network security, application security, cyber defence,
security compliance, identity and access management, mobile security, including security related to Internet of Things (IoT), etc. now must be taken care of by the network security architect. The importance of compliance Compliance has also become extremely important in the past few years and this has impacted the role of a network security architect. Compliance and governance form a large part of this role, as the architect needs to consider regulations such as the General Data Protection Regulation (GDPR), the Protection of Personal Information Act (PoPI), and other industry relevant compliances, etc.
securityfocusafrica.com
INDUSTRY OPINION
In terms of skills that a network security architect needs to possess, it is somewhat of a combination. There is a requirement in three particular areas, including technical skills, understanding compliance as well as an ability to keep up with the impact of changing infrastructure, and strong analytical skills. New technologies A network security architect must be aware of the changing landscape and technological enhancement occuring through AI – ML and their business values. Most importantly, a need to know how these may fit into the network along with existing and the influx of new technologies. For example, they need to know how blockchain impacts the nature of the business and how this changes the way that the organisation does things. While it is important to keep up to date with those constant changes, it does not mean that the network security architect needs to know in-depth details, but should rather have a high-level overview. Compliance and Regulations From a training perspective, first is local and regional compliance and regulations. Network security architects need to be cognisant of the requirements for regulations such as GDPR, PoPI etc., as well as the nature of such Acts and their implications. Therefore, they need to
securityfocusafrica.com
understand what is required to comply and should complete training in these regulations. Market trends and updates Thirdly, is to keep abreast with latest technology trends and predictions. However, the network security architect should not be focused on a specific company to offer training but should rather look towards industry-specific trends and innovations. The network security architect brings immense value to an organisation today, as companies’ growing online presence has seen data become the new oil. Most organisations are exposed to cybersecurity threats, but a cybersecurity architecture plan helps us to implement and monitor an organisation’s network security system. A cybersecurity architecture framework positions all your security controls against any form of malicious actors and how they relate to your overall systems architecture. Couple this with the increase in cybercrime, and the requirement to secure infrastructure becomes extremely important. The network security architect is involved in various phases to keep maintaining an organisation’s security postures: • Architecture risk assessment: focused to evaluate the influence of vital business assets, the risks, and the effects of vulnerabilities and security
threats to the organisation. • Security architecture and design: Defining the design and architecture of security services to aid the protection of the organisation’s assets in order to facilitate business risk exposure objectives and goals. • Implementation: the actual execution of designed architecture, aimed to ensure that the security policy and standards, security architecture decisions, and risk management are fully implemented and effective for a long period. • Operations and monitoring: focused on measures like threat and vulnerability management are taken to monitor, supervise and handle the operational state in addition to examining the impact of the system’s security. • Compliance: bring the correct level of visibility to industry specific compliance reporting and ensuring the access of relevant data to the correct people. Security is often an afterthought, as traditional security may be perceived as hampering business agility. In addition to the above, the network security architect is also responsible to ensure that they have a new paradigm of flexible, cloud-based, resilient architectures that deliver scalable security services at the speed of DevOps. Considering these factors, it makes the role of the network security architect extremely valuable nowadays.
SECURITY FOCUS AFRICA APRIL 2021
31
CYBER SECURITY
The realities of AI in cybersecurity: catastrophic forgetting There is a lot of hype about the use of artificial intelligence (AI) in cybersecurity. The truth is that the role and potential of AI in security is still evolving and often requires experimentation and evaluation. SophosAI1 is committed to openly sharing its data science research with the security community in order to make the use of AI more transparent and influence how AI is positioned and discussed in cybersecurity. Details of other initiatives shared, as part of this objective, are available in the SophosAI blog2.
C
atastrophic forgetting: What is it? Malware detection is the cornerstone of IT security and AI is the only approach capable of learning patterns from millions of new malware samples within a matter of days. But there’s a catch: should the model keep all malware samples forever for optimum detection but slower learning and updates; or go for selective finetuning that enables the model to better keep up with the rate of change of malware, but runs the risk of forgetting older patterns (known as catastrophic forgetting)? Retraining the whole model takes about one week. A good fine-tuning model should take about one hour to update. SophosAI wanted to see if it was possible to have a fine-tuning model that could keep up with the evolving threat
32
SECURITY FOCUS AFRICA APRIL 2021
landscape, learn new patterns but still remember older ones, while minimising the impact on performance. Researcher Hillary Sanders evaluated a number of update options and has detailed her findings in the Sophos AI blog3. The detection dilemma Keeping detection capabilities up-to-date is a constant battle. With every step we take towards defending against a malicious attack, adversaries are already developing new ways to get round it, releasing updates with different code or techniques. The result is that hundreds of thousands of new malware samples appear every day. Detection is made even harder by the fact that the latest-and-greatest malware is rarely completely “new”. Instead, it is more likely to be a combination of new, old, shared, borrowed or stolen code and
adopted and adapted behaviors. Further, old malware can re-emerge after years in the wilderness, co-opted into an adversary’s latest arsenal to take defenses by surprise. Detection models need to ensure that they are able to continue to detect older malware samples, and not just the most recent ones. Updating AI detection models When it comes to updating AI detection models with new malware samples, vendors have a choice between two options. • The first is to keep a copy of every sample that they might ever want to detect and retrain the model repeatedly on an ever-increasing volume of data. This results in better overall performance but also slower updates and fewer releases.
securityfocusafrica.com
CYBER SECURITY
• The second is to only update the detection model on new samples. This is known as fine-tuning. During each step of the fine-tuning process, the model updates its understanding according to the new knowledge added and the impact of this on the patterns seen overall. As a result, the model can “forget” the old patterns it learned previously (“catastrophic forgetting”). However, training a model on less data means that the model updates faster and may be released more frequently, keeping better pace with the rapid rate of change of malware. Regardless of the option chosen, the need to keep training AI detection models on new samples is critical. The patterns that AI learns from malware samples enable it to generalise and detect not only what it was trained on, but also never before seen samples that bear at least some resemblance to the training data. Over time, however, new samples will begin to deviate enough that an old model’s effectiveness will decay, and it will need to be updated. The following figure (below) visualises how detection performance declines over time if models are not updated when new samples appear. On the left are the older samples the model has been trained on. The detection rate is consistently strong. To the right are the new samples the model has not yet learned, so detection is weaker. The three detection update options evaluated by Hillary Sanders were: 1.Learning based on a selection of old and new samples This is called “data-rehearsal” and involves taking a small selection of old samples and mixing them in with the
new, never-before-seen training data. Using this, the model is “reminded” of the old information it needed to detect older samples, while at the same time learning to detect the newer ones. 2.Learning Rate This approach involves modifying how quickly the model “learns” by adjusting how much it can change after seeing any given sample. If the learning rate is too fast (in which case the model can change a lot with each sample added), it will only “remember” the most recent samples that it has seen. If the learning rate is too slow (the model can change only slightly with each sample added) it takes too long to learn anything. Finding the right trade-off between learning rate, retaining old information and adding new information can be tricky. 3.Elastic Weight Consolidation (EWC) This approach was inspired by work by Google’s DeepMind in 2017, and it involves using the old model like an elastic spring to “pull back” the new model if it starts to “forget”. For a more in-depth explanation of how to implement this approach, read Hillary Sanders’ blog post3.
Findings (See graph, above.) All three approaches performed better on older malware samples (left of the dotted line) than on newer samples (right of the dotted line). Both the EWC and learning-rate approaches remove the need and cost of maintaining older data. However, the graph shows that while their future performance (using new data) is stronger than that achieved using the datarehearsal technique, they don’t perform as well as data-rehearsal when comes to remembering past data. Because the data-rehearsal technique enables faster training and update releases – in other words, the performance moves more quickly from the ‘unseen’ to the ‘trained’ side of the chart, dips in future performance are more short term and therefore less worrying. Overall, the research showed that the data-rehearsal approach offers the best compromise between simplicity, update speed and performance in malware detection modelling. Conclusion In the malware detection game, being able to remember the past is almost as important as being able to predict the future. This must be balanced against the cost and speed of updating your model with new information. Data-rehearsal is a simple and effective way to protect the model’s ability to detect old malware while significantly increasing the pace at which you can update and release new models. 1. https://ai.sophos.com/ 2. https://ai.sophos.com/blog/. 3. https://ai.sophos.com/2021/02/02/ catastrophic-forgetting-part-1/
securityfocusafrica.com
SECURITY FOCUS AFRICA APRIL 2021
33
REBOOT NEWS SA
Rebooting South Africa as a destination
Given the current travel restrictions in place for international travel, inwards and outwards, imposed on South Africa and the impact that this is having on the tourism and related sectors, a recent newspaper headline “6 SA cities make top 20 list of the most dangerous cities in the world” (Independent on Saturday, 6 February 2021) garnered attention. By Peter Bagshawe
T
he data set was released by numbero.com which is a Serbian-based online database being, apparently, the world’s largest source of user contributed information that provides reports on consumer pricing, crime rates and health care quality, amongst others. The database and its model have been criticised in that it relies on individual input and there is no third party audit on information received. Despite this, the main point of interest is that the information represents an overview of the risk as perceived by residents of a particular location at the time of completion of a standardised survey. As a balancing factor, data is retained for statistical purposes for up to 36 months in
34
SECURITY FOCUS AFRICA APRIL 2021
respect of any location. In the numbero.com rating on 431 cities listed in the review there was a tight South African cluster that had Pretoria in third place, followed by Durban in fourth place and Johannesburg in fifth place. Further down the listing, Pietermaritzburg came in seventh place, Port Elizabeth at fourteenth and Cape Town placed nineteenth. The survey questions are not available for review but it is again emphasised that the results reflect the response of individuals living in the cities surveyed and, although probably subjective, reflect a living-in-it situation. The norm is to base crime rates attributable to cities by available, accurate reported statistics, including cities with
more than 300,000 residents and for the statistics to be linked to an annual period. The easiest crime to use – murder – in that the definition of the crime, remains similar internationally. Working from here, Wikipedia provides a listing of fifty cities by murder rate that shows that 46 cities are in the Americas and four are in South Africa. The data in the Wikipedia list is for the calendar year 2019 but, given that 2020 was the year of lockdown, to lesser and greater extents internationally, the use of the data for current purposes is justified. In the Wikipedia listing, Cape Town is ranked at fourth, Nelson Mandela Bay at 24th, Durban at 35th and Johannesburg at 42nd. It is noted in a side bar to the tabulation that Cape Town had the highest number of
securityfocusafrica.com
REBOOT NEWS SA
murders for any city listed. The opening of the economy and return to normal of the hospitality industry, in its broadest sense, has been a focus point for the industry and Government. Restaurants, hotels, bed and breakfasts, brewers, vintners and the distilling sector were hard hit in the initial lockdown and again with the second set of restrictions imposed at the end of 2020. The impact of restrictions imposed on travel from South Africa related to the discovery of the 501Y.V2 Covid variant has been extreme and this is demonstrable by a review of flights into South Africa. The two major hubs for incoming international flights are OR Tambo International, servicing Gauteng, and Cape Town International Airport. Following the initial imposition of restrictions at the end of January 2021 only nine of the usual 24 regional and international operated out of Cape Town International Airport. OR Tambo International Airport was similarly affected with KLM, Lufthansa, British Airways and Virgin Atlantic all announcing suspension or curtailment of routes. Turkish Airlines, Emirates, and Qatar Airlines have also continued on a curtailed schedule. In the period October 2020 to early January 2021 international flights into South Africa were approaching 50% passenger occupancy and incoming passenger numbers at 20% of pre-Covid levels. This position has now been negated. The hotel, hospitality and restaurant sector in most of the tourist destinations has been impacted by lockdown, prohibitions on the serving of alcohol, seating capacity reductions, curfews, altered working patterns, supply chain constrictions and low economic activity for
almost a full year. In 2019 South Africa received slightly more than 10 million visitors with an estimated R27 billion income flowing into the economy from these visitors. The majority of visitors would have occupied hotel rooms, eaten at restaurants and have contributed to the income, not only of the hospitality industry, but also supported some 722,000 employees in the tourism sector. Taken in a wider context forecasts are that about 1,6 million jobs may be lost in South Africa as a direct result of the Covid pandemic. In 2020 the available local employment figure for the workforce was 16,37 million employed – simply stated, 10% of the jobs in the formal sector are currently projected to be at risk. Internationally, the focus to combat Covid and bring economies back to a form of equilibrium is on mass vaccination programs. These depend, largely, on a supply of available – and sufficient – vaccine units and the logistical mechanism to administer the vaccinations. Minister of Heath Zweli Mkhize announced a vaccination rollout that targeted the administration of vaccines initially to essential service workers, totalling some 1,5 million doses being given by the end of March 2021. By year-end 2021 the target was for 40 million south Africans to have been vaccinated in order to achieve herd immunity. This program was geared around using the AstraZeneca vaccine and, after the decision to suspend the use of AstraZeneca’s product, the Johnson and Johnson single dose vaccine has been used in the Sisonke study and is being administered to health service workers. Delivery of the Johnson and Johnson product is at a slower pace than initially projected with the provision of
INDEX OF ADVERTISERS AND CONTRIBUTORS
AstraZeneca vaccines out of India. Currently, Government estimates are that by the end of April 500,00 health care workers will have been vaccinated with the Johnson and Johnson product. At the time of writing 207,808 vaccines have been administered with an average daily rate of vaccination being in the order of 5,700 units. At this rate it will take almost 16 years to administer sufficient vaccines to reach herd immunity. Given the rate of vaccination in other countries, the inability of our Government to mount an effective program will likely not lead to the lifting of travel restrictions or incentivise the mass return of tourists. The experience of the rate of infection increasing with the advent of cooler weather indicates the prospect of a third wave prior to winter as a real possibility over the coming months which will require further remedial action and probably impact on international perceptions. The return of our economy to anything resembling pre-Covid levels depends on a number of factors, some of which are outside any form of realistic local control. It seems that attitudes to working (remote work v office) and travel are undergoing fundamental reviews, and changes in patterns will take place. Making South Africa more attractive as a destination needs urgent intervention on the health and policing/security fronts, infrastructure and amenities need to be boosted along with transport infrastructure amongst other areas. PETER BAGSHAWE holds a Bachelor of Law degree from the former University of Rhodesia and a Bachelor of Laws degree from the University of the Witwatersrand.
April 2021
ADVERTISER
PAGE
WEBSITE
Nemtek
3
websales@nemtek.co.za
www.nemtek.com
Security Association of South Africa
IBC
admin@sasecurity.co.za
www.sasecurity.co.za
securityfocusafrica.com
SECURITY FOCUS AFRICA APRIL 2021
35
DIRECTORY
SECURITY ASSOCIATION OF SOUTH AFRICA (SASA) ADMINISTRATION Suite 4, Blake Bester Building, 18 Mimosa Street (cnr CR Swart Road), Wilro Park, Roodepoort Suite 147, Postnet X 2, Helderkruin 1733 National Administrator: Tony Botes t: 0861 100 680 | e: tony@sasecurity.co.za c: 083 272 1373 | f: 0866 709 209 Membership, accounts & enquiries: Sharrin Naidoo t: 0861 100 680 | e: admin@sasecurity.co.za c: 083 650 4981
SASA OFFICE BEARERS
REGIONAL OFFICE BEARERS
National President: Marchél Coetzee c: 084 440 0087 e: marchelcoetzee@omegasol.com
Gauteng: Gary Tintinger c: 084 429 4245 e: gary.tintinger@cwexcellerate.com
National Chairperson: Franz Verhufen c: 082 377 0651 | e: fverhufen@thorburn.co.za
KwaZulu-Natal: Clint Phipps c: 082 498 4749 e: clint.phipps@cwexcellerate.com
National Deputy Chairperson: Louis Mkhethoni c: 082 553 7370 e: louis.mkhethoni@securitas-rsa.co.za
Western Cape: Koos van Rooyen c: 082 891 2351 | e: koos@wolfgroup.co.za
SECURITY AND RELATED ASSOCIATIONS AND ORGANISATIONS PSIRA (Private Security Industry Regulatory Authority) Eco Park, Centurion t: +27 (0)12 003 0500/1 | Independent hotline: 0800 220 918 | e: info@psira. co.za | Director: Manabela Chauke | Chairperson: T Bopela | Vice chairperson: Z Holtzman | Council members: Advocate A Wiid | Commissioner A Dramat APPISA (Association for Professional Private Investigators SA) Bertie Meyer Crescent, Minnebron, Brakpan | e: info@appelcryn.co.za | www.appelcryn. co.za | c: +27 (0)73 371 7854 / +27 (0)72 367 8207 | Chairperson: Ken Appelcryn ASIS International Johannesburg Chapter No. 155. Box 99742, Garsfontein East 0060 | t: +27 (0)11 652 2569 | www.asis155jhb.webs. com | President/chairperson: Johan Hurter | Secretary: Chris Cray ASIS International (Chapter 203: Cape Town – South African Security Professionals) President/chairperson: Yann A Mouret, CPP Secretary: Eva Nolle t: +27 (0)21 785 7093 f: +27 (0)21 785 5089 | e: info@aepn.co.za | www.asis203.org.za BAC (Business Against Crime) Box 784061, Sandton 2146 | t: +27 (0)11 883 0717 | f: +27 (0)11 883 1679 | e: info@bac.org.za CAMPROSA (Campus Protection Society of Southern Africa) President: Des Ayob | e: 27149706@nwu.ac.za Executive Secretary: Derek Huebsch | e: huebsch. derek@gmail.com | www.camprosa.co.za CISA (Cape Insurance Surveyors Association) Shahid Sonday t: +27 (0)21 402 8196 | f: +27 (0)21 419 1844 | e: shahid.sonday@saeagle.co.za | Mike Genard t: +27 (0)21 557 8414 | e: mikeg@yebo.co.za DRA (Disaster Recovery Association of Southern Africa) Box 405, Saxonwold 2132 | Chairperson: Grahame Wright | t: +27 (0)11 486 0677 | f: (011) 646 5587 | Secretary/treasurer: Charles Lourens t: +27 (0)11 639 2346 | f: +27 (0)11 834 6881 EFCMA (Electric Fencing and Components Manufacturers Association) Box 411164, Craighall 2024 | t: +27 (0)11 326 4157 | f: +27 (0)11 493 6835 | Chairperson: Cliff Cawood c: +27 (0)83 744 2159 | Deputy chairperson: John Mostert c: +27 (0)82 444 9759 | Secretary: Andre Botha c: +27 (0)83 680 8574 ESDA (Electronic Security Distributors Association) Box 17103, Benoni West 1503 | t: (011) 845 4870 | f: +27 (0)11 845 4850 | Chairperson: Leonie Mangold | Vice chairperson: David Shapiro | www.esda.org.za ESIA (Electronic Security Industry Alliance) Box 62436, Marshalltown 2107 | t: +27 (0)11 498 7468 | f: 086 570 8837 | c: 082 773 9308 | e: info@esia. co.za | www.esia.co.za FDIA (Fire Detection Installers Association) Postnet Suite 86, Private Bag X10020, Edenvale, 1610 | t: +27 (0)72 580 7318 | f: 086 518 4376 | e: fdia@fdia. co.za | www.fdia.co.za | President/chairperson: Clive Foord | Secretary: Jolene van der Westhuizen
FFETA The Fire Fighting Equipment Traders Association) Postnet Suite 86, Private Bag X10020, Edenvale 1610 | Chairperson: Belinda van der Merwe Administration manager: Rosemary Cowan | t: +27 (0)11 455 3157 | e: rosemary@saqccfire.co.za | www.ffeta.co.za FPASA (Fire Protection Association of Southern Africa) Box 15467, Impala Park 1472 | t: +27 (0)11 397 1618 | f: +27 (0)11 397 1160 | e: library@fpasa.co.za | www.fpasa.co.za | General manager: David Poxon GFA (Gate & Fence Association) Box 1338, Johannesburg 2000 | t: +27 (0)11 298 9400 | f: +27 (0)11 838 1522 | Administrator: Theresa Botha HSA (Helderberg Security Association) Box 12857, N1 City Parow 7463 | t: +27 (0)21 511 5109 | f: +27 (0)21 511 5277 | e: info@command.co.za | www.command.co.za | Chairperson: Stephen van Diggele IFE (Institution of Fire Engineers (SA) Treasurer: Andrew Greig | President: Mike Webber | Administrator: Jennifer Maritz | PO Box 1033, Houghton 2041 | t: +27 (0)11 788 4329 | f: +27 (0)11 880 6286 | e: adminstaff@ife.org.za | www.ife.org.za ISA (Insurance Surveyors Association) Box 405, Saxonwold 2132 | Chairperson: Graham Wright | t: +27 (0)11 486 0677 | Vice chairperson: Alan Ventress | Secretary: Alex dos Santos LASA (Locksmiths Association of South Africa) Box 4007, Randburg 2125 | t: +27 (0)11 782 1404 | f: +27 (0)11 782 3699 | e: lasa@global.co.za | www.lasa.co.za | President/chairperson: Alan Jurrius | Secretary: Dora Ryan NaFETI (National Firearms Education and Training Institute) Box 181067, Dalbridge 4014 | Chairperson: MS Mitten | Vice chairperson: Ken Rightford | t: +27 (0)33 345 1669 | c: +27 (0)84 659 1142 NaFTA (National Firearms Training Association of SA) Box 8723, Edenglen 1613 | National chairperson: Peter Bagshawe | t: +27 (0)11 979 1200 | f: +27 (0)11 979 1816 | e: nafta@lantic.net POLSA (Policing Association of Southern Africa) t: +27 (0)12 429 6003 | f: +27 (0)12 429 6609 | Chairperson: Anusha Govender c: +27 (0)82 655 8759 PSSPF (Private Security Sector Provident Fund) Jackson Simon c: +27 (0)72 356 6358 | e: jackson@ psspfund.co.za | www.psspfund.co.za SAESI (Southern African Emergency Services Institute) Box 613, Krugersdorp 1740 | t: +27 (0)11 660 5672 | f: +27 (0)11 660 1887 | President: DN Naidoo | Secretary: SG Moolman | e:info@saesi.com SAIA (South African Insurance Association) Box 30619, Braamfontein 2017 | Chief executive officer: Viviene Pearson | Chairperson:
Lizé Lambrechts t: +27 (0)11 726 5381 | f: +27 (0)11 726 5351 | e: info@saia.co.za SAIDSA (South African Intruder Detection Services Association) | Association House, PO Box 17103, Benoni West 1503 | t: +27 (0)11 845 4870 f: +27 (0)11 845 4850 | e: saidsa@mweb.co.za www.saidsa.co.za | Chairperson: Johan Booysen Secretary: Cheryl Ogle SAIS (South African Institute of Security) Postnet Suite 86, Private Bag X10020, Edenvale, 1610 Chairperson: Dave Dodge | Administration manager: John Baker | t: +27 (0)63 782 7642 | e: info@instituteofsecurity.co.za | www.instituteofsecurity.co.za SAN (Security Association of Namibia) Box 1926, Windhoek, Namibia | Administrator: André van Zyl | t: +264 81 304 5623 | e: adminsan@iway.na SANSEA (South African National Security Employers’ Association) Box 62436, Marshalltown 2107 | Administrators: SIA t: +27 (0)11 498 7468 | f: 086 570 8837 | e: galen@sansea.co.za SAPFED (Southern African Polygraph Federation) President: Flip Vorster | c: +27 (0)82 455 1459 | e: info@sapfed.org | Secretary: Anrich Gouws | e: admin@sapfed.org | www.sapfed.org SAQCC FIRE (South African Qualification Certification Committee) Postnet Suite 86, Private Bag X10020, Edenvale 1610 | t: +27 (0)11 455 3157 | www.saqccfire. co.za Executive Committee: Chairperson: Duncan Boyes Vice chairperson: Tom Dreyer 1475 Committee: Chairperson: Lizl Davel Vice chairperson: John Caird D&GS Committee: Chairperson: Nichola Allan; Vice chairperson: Clive Foord General Manager: Rosemary Cowan | e: rosemary@saqccfire.co.za – Address, phone and website all remain as is. SARPA (South African Revenue Protection Association) Box 868, Ferndale 2160 | t: +27 (0)11 789 1384 | f: +27 (0)11 789 1385 | President: Naas du Preez | Secretariat: Mr J. Venter, Van der Walt & Co SIA (Security Industry Alliance) Box 62436, Marshalltown 2107 | t: +27 (0)11 498 7468 | Chief executive officer: Steve Conradie | www.securityalliance.co.za SKZNSA (Southern KwaZulu-Natal Security Association) t: +27 (0)39 315 7448 | f: +27 (0)39 315 7324 | Chairperson: Anton Verster c: +27 (0)82 371 0820 VESA (The Motor Vehicle Security Association of South Africa) Box 1468, Halfway House 1685 | t: (011) 315 3588/3655 | f: +27 (0)11 315 3617 | General manager: Adri Smit VIPPASA (VIP Protection Association of SA) Box 41669, Craighall 2024 | t: +27 (0)82 749 0063 | f: 086 625 1192 | e: info@vippasa.co.za | www.vippasa.co.za | Enquiries: Chris Rootman c: +27 (0)82 749 0063 | e: vippasa@protectour.co.za
* Every attempt has been made to keep this information up to date. If you would like to amend your organisation’s details, please email jackie @contactpub.co.za 36
SECURITY FOCUS AFRICA APRIL 2021
securityfocusafrica.com
DRIVING COMPLIANCE in South Africa’s Private Security Industry
With a five decade legacy, SASA is the greatest advocate of industry compliance, serving as resource for its members, an educational platform for consumers of security services, and an essential link between the private security industry and government. The Security Association of South Africa (SASA) is nationally recognised by the Government, South African Police Service and all Municipalities as having members with a proven track record within the industry and a Code of Ethics by which members must abide. SASA Gold Membership promotes compliance not only to the industry role-players, but to the end-users of security services as well. Join SASA today and find out more about how we can fight the scourge of non-compliance, promoting SASA Gold Membership as an essential requirement for all security service providers, ensuring industry excellence for the private security industry.
For more information, contact the SASA Administrator on admin@sasecurity.co.za Postal Address: Suite 147, Postnet X2 Helderkruin, 1733. Tel: 0861 100 680 Fax: 086 670 9209
www.sasecurity.co.za
DIGITAL BUYERS GUIDE
to security services & products Promote your business
Attract customers
Increase your sales
Claim your listing on www.securityfocusafrica.com/buyersguide
2 for 1 offer
The print listings now mirror our online directory style with basic and premium listings. In fact, upgrading a basic listing in print to premium will include an upgrade to premium on the website and vice versa. The same information online is printed in the print directory.
Security Focus Africa is known for having the most comprehensive directory of service providers in Africa. We have been a trusted source of information for more than 40 years, and now offer this valuable resource online.
The market is tough out there. What makes your business different from any other? For starters, be more accessible on the internet. Online searches are now the preferred method of finding information and contact details, so the better your online presence, the more business you will get.
BENEFITS OF LISTING YOUR BUSINESS:
• By claiming your listing, you can keep your company’s information up to date at your own convenience • Upgrade your listing online at any time to maximise your brand exposure • Improve your SEO and online presence • We provide a targeted audience for your business • See your stats – know how many people are seeing your listing
Security
For as little as R2 400, you can get the edge over your competitors by providing indispensable information to your customers on our online directory.
Affordable advertising is just a click away.
Focus
AFRICA
BUYERS GUIDE
www.securityfocusafrica.com/buyersguide KEEPING YOU IN THE KNOW | CONNECTING PEOPLE WITH PEOPLE
