www.securityfocusafrica.com | Vol 40 No 5
May 2022
The official industry journal for professional risk practitioners: security, safety, health, environment and quality assurance
In conversation with former SA President Kgalema Motlanthe and CDE head Ann Bernstein
Welcome back, SECUREX!
SASA update
Managing risk in a “pandemic-altered” South Africa News snippets from around the world
R
O
N FO
S
B
U
PE
S
SINE
securityfocusafrica.com Security Focus Africa has been marketing suppliers to buyers in Africa since 1980, and is the official industry journal of the Security Association of South Africa (SASA). Our readers form the core of Southern Africa’s buyers and decision-makers in the security products and services industry. Our digital platform has a highly-focused readership of people at the very heart of the security industry. Our news is distributed via website, digital magazine, and social media. Our annual Security Focus Africa Buyers Guide is searchable via our online directory, with over 760 businesses and branches throughout Africa. Need to find a service or supplier? We will help you find exactly what you need.
PO Box 414, Kloof 3640, South Africa Tel: +27 (31) 7646977 Fax: 086 762 1867 Email: contact@contactpub.co.za
Security Focus AFRICA w w w. s e c u r i t y f o c u s a f r i c a . c o m
The official industry journal for professional risk practitioners: security, safety, health, environment and quality assurance
KEEPING YOU IN THE KNOW | CONNECTING PEOPLE WITH PEOPLE
DIGITAL BUYERS GUIDE
to security services & products Promote your business
Attract customers
Increase your sales
Claim your listing on www.securityfocusafrica.com/buyersguide
Security Focus Africa is known for having the most comprehensive directory of service providers in Africa. We have been a trusted source of information for more than 41 years, and now offer this valuable resource online. The market is tough out there. What makes your business different from any other? For starters, be more accessible on the internet. Online searches are now the preferred method of finding information and contact details, so the better your online presence, the more business you will get.
BENEFITS OF LISTING YOUR BUSINESS:
• By claiming your listing, you can keep your company’s information up to date at your own convenience • Upgrade your listing online at any time to maximise your brand exposure • Improve your SEO and online presence • We provide a targeted audience for your business • See your stats – know how many people are seeing your listing
Security
For as little as R2,400, you can get the edge over your competitors by providing indispensable information to your customers on our online directory.
Affordable advertising is just a click away.
Focus
AFRICA
BUYERS GUIDE
www.securityfocusafrica.com/buyersguide KEEPING YOU IN THE KNOW | CONNECTING PEOPLE WITH PEOPLE
XXX
Security Focus Africa: Serving the South African security industry for 41 years
CONTENTS www.securityfocusafrica.com The official industry journal for
| Vol 40 No 5
VOL 40 NO 5 MAY 2022
May 2022
professional risk practitioners:
nt and quality assurance
security, safety, health, environme
In conversation with former SA President Kgalema Motlanthe and CDE head Ann Bernstein
Welcome back, SECUREX!
SASA update
Managing risk in a “pandemic- altered” South Africa world News snippets from around the
No need to compromise your security!
14 COVER STORY MANAGING RISK IN AN ‘UNPREDICTABLE, PANDEMIC-ALTERED’ SOUTH AFRICA 14 In today’s ‘unpredictable, pandemic-altered’ world, business owners are dealing with an ever-expanding risk landscape that’s likely keeping many of them awake at night.
18
Get quality and affordable batteries brought to you by
G S S Group THE BRAND YOU CAN TRUST 4
+27 (0) 10 140 7137
sales@gssgroup.co.za
SECURITY FOCUS AFRICA MAY 2022
www.gssgroup.co.za
securityfocusafrica.com
Official Journal of the Security Association of South Africa
ISS TODAY 24 Is climate change to blame for KwaZulu-Natal’s flood damage?
17 REGULARS EDITOR’S COMMENT 6 Lead the world in love. ASSOCIATION NEWS 8 Update from SASA. NEWS IN BRIEF 10 News snippets from around the world. INTERPOL 13 52 arrests in operation across 28 countries targeting trafficking in cultural goods. OPINION PIECE 17 The importance of training in managing a cybersecurity skills shortage. PERSONALITY PROFILE 18 Kgalema Motlanthe, former South African President, in conversation with Ann Bernstein. OPINION PIECES 21 Digital banking is key to reaching previously unbanked markets. 22 Don’t wait until it’s too late — you need to back up your Microsoft 365 data 23 Big data applications during the Covid-19 pandemic. securityfocusafrica.com
PRESS RELEASES 26 Partnerships that bring complementary services and technology can enable the growth of super-apps in the region, says Economist Impact study. 29 A common purpose unites private and public sectors to strangle organised crime targeting South Africa’s wildlife. 24 A channel focus and strategic advantages position partners for success. 25 Tips to secure your business against cybercrime in the cloud era. CYBER SECURITY 31 Red flag for ransomware: attackers are using the Log4Shell vulnerability to deliver backdoors to virtual servers. 32 Inside Complex RansomOps and the Ransomware Economy. 33 Surviving breach season: 3 rules for visitor data privacy and protection. SECURITY IN ACTION 34 Smartphone technology calls in holograms. NEWS 36 Securex 2022 exhibitors serve up the best in security for upcoming show THE LAST WORD 38 Attempt to capture National Treasury.
Published by Contact Publications (Pty) Ltd (Reg No. 1981/011920/07)
Vol 40 No 4
TEL: 031 764 6977 FAX: 086 762 1867 MANAGING DIRECTOR: Malcolm King malcolm@contactpub.co.za
EDITOR: Ingrid Olivier ingrid@securityfocusafrica.com
SENIOR GRAPHIC DESIGNER: Vincent Goode vincent@contactpub.co.za
DISTRIBUTION MANAGER: Jackie Goosen jackie@contactpub.co.za
POSTAL ADDRESS: PO Box 414, Kloof 3640, South Africa
PUBLICATION DETAILS: Security Focus Africa has 12 issues a year and is published monthly, with the annual Buyers’ Guide in December. Due to the Covid-19 crisis, we will only be publishing digitally, until further notice.
EDITORIAL CONTRIBUTIONS: Editorial contributions are welcome. For details please email editorial@securityfocusafrica.co.za.
ADVERTISING ENQUIRIES: Malcolm King Email: malcolm@contactpub.co.za
Security Focus Africa is a member of
DIRECTORY 40 Security and related associations and organisations. 41 ADVERTISERS INDEX
www.securityfocusafrica.com 5
EDITOR’S COMMENT
Lead the world in love “If your actions create a legacy that inspires others to dream more, learn more, do more and become more, then you are an excellent leader.” — Dolly Parton, singer and actress.
I
am constantly astounded by people. If I had my student years back, I’d probably study psychology in an attempt to understand why people behave as they do. Why some default to anger, hate and violence, and why others focus on being kind, positive and compassionate. After reading the news last weekend,
6
SECURITY FOCUS AFRICA MAY 2022
which included crime incident after crime incident in South Africa, as well as the mass shooting of an estimated 13 people – mostly African American – in a New York supermarket on 14 May, by a White teen, I Googled ‘anti-hate organisations’. StopHateUK, HateCrime. Osce.Org, the EU High Level Group, The Community Security Trust, TellMAMA,
The Monitoring Group, EACH, Ditch The Label, Doras, ILGA Europe, Racist Violence and Recording Network 9RVRN) Polisen.se and the International Network for Hate Studies …the vast list of anti-hate
securityfocusafrica.com
EDITOR’S COMMENT
tolerance, and cause psychological, emotional, and physical harm based on xenophobia, racism, antisemitism, anti-Muslim hatred and other forms of intolerance and discrimination.”
entities around the world stunned me. Type in ‘hate organisations South Africa’ and, on the first couple of pages alone, you’ll see SaferSpaces, Hate Crime Working Group, HCWG, Triangle Project, the South African Human Rights Commission (SAHRC) and Amnesty International. I honestly didn’t realise, until now, the scale of hatred in the world. The Warsaw-headquartered OSCE Office for Democratic Institutions and Human Rights, describes hate crimes as “criminal acts motivated by bias or prejudice towards particular groups of people, and consisting of two elements: a criminal offence and a bias motivation”. Hate crime, which is reportedly increasing all over the world, according to UNESCO, has the “potential to incite violence, undermine social cohesion and
securityfocusafrica.com
Atrocity crimes begin with words “History,” it continues, “has shown us that genocide and other atrocity crimes begin with words — there is a collective responsibility to address hate speech in the present day to prevent further violence in the future.” Some years ago, following the promulgation of South Africa’s equalitycentric Constitution, the government introduced two more protective pieces of legislation: the Promotion of Equality and Prevention Of Unfair Discrimination Act (PERPUDA), and the Prevention and Combating of Hate Crimes and Hate Speech Bill (which, not surprisingly, came under fire from some camps claiming it took away the right to freedom of speech.) Non-profit South African legal organisation Probono.Org, in an article titled The Prevention and Combating of Hate Crimes and Hate Speech Bill, notes that, prior to 1994, the focus of violence in the country was mainly political. Then, with democracy and the promotion of equality, the focus moved to understanding and preventing violence between individuals and righting social, economic and other wrongs. Calling the rise in xenophobic, homophobic, racist and sexist crimes ‘alarming‘, author Ntandoyenkosi Mkize says that these differ from other criminal acts under existing South African law “because they are motivated, partially or wholly, by hatred towards the victim’s identity”. While writing this, an article by News24 titled “Stellenbosch University student’s belongings urinated on in allegedly racist incident” pinged on my phone. In disbelief, I read that the ‘varsity is investigating an incident in which a White student allegedly urinated on a Black student’s belongings on the weekend. In my opinion, if the alleged perpetrator is found guilty of this disgusting act, he or she should face the full might of the law. As should the New York supermarket shooter. Lone shooters aren’t alone In her article in The Atlantic, Juliette Kayyem makes the point that even when “a shooter acts alone, their ideology is
often shared”. While the accused, Peyton Gendron, ostensibly acted on his own, “that lone wolf language fails us in an era when hate and radicalisation now serve as a proxy for the collaborative herd, for the coconspirators and colluders,” she says. “Gendron wasn’t alone. His mission was effective because he was supported by an apparatus that provided the ideology and means for the hunt. Based on evidence from a manifesto that he reportedly posted Thursday night, Gendron did not perceive himself as being alone: He had his people; they were there for him.” As far as I’m concerned, freedom of speech is not a right at the expense of people’s lives and wellbeing. And to this end, the good people need to find ways of restricting the access of the evillyintentioned to social media and other public platforms. Someone once said (and it wasn’t Edmund Burke, despite the quote often being attributed to him) that “The only thing necessary for the triumph of evil is for good men to do nothing.” The 10 leadership styles – which one is yours? Building on Dolly Parton’s definition of great leadership, I think that this article is worth a read. Titled Ten common leadership styles (plus how to find your own), it was written by the Indeed editorial team in December 2021. “At some point in your career, you may take on a leadership role. Whether you’re leading a meeting, a project, a team, or an entire department, you might consider identifying with or adopting a defined leadership style. Most professionals develop their own style of leadership, based on factors like experience and personality, as well as the unique needs of their company and its organisational culture,” it says, adding: “While every leader is different, there are 10 leadership styles commonly used in the workplace.” Aside from explaining the various styles, it also helps you determine the type of leadership with which you identify. Don’t forget to charge your lanterns and power banks — loadshedding is back, and who knows for how long. Stay safe.
Ingrid Olivier, Editor ingridolivier@idotwrite.co.za SECURITY FOCUS AFRICA MAY 2022
7
ASSOCIATION NEWS
Update from SASA Well, we’re almost halfway through 2022 and the more things change the more they stay the same! From the desk of Tony Botes, SASA National Administrator.
S
ECUREX After a Covid-19 ‘break’ of two years, it is great that SASA can participate in the fantastic SECUREX Expo again, which takes place this year from 31 May to 2 June and from 09:00 to 16:00 on those days. Pop in and visit us at stand E46 in Hall 2, right in the corner opposite the coffee shop. The NBCPSS will occupy the stand right next to us (number E45). Sharrin and I will be in attendance on all three days and members of the SASA Executive Committee will be assisting us on a roster basis. I will also be giving a talk in the Seminar Theatre on Wednesday, 1 June 2022, on ‘You get what you pay for’ — hopefully sufficient consumers will ‘catch a wake up’ and change their attitudes when selecting quality and good service over price. This presentation will also, after the exhibition, be posted on social media.
8
SECURITY FOCUS AFRICA MAY 2022
PSIRA Our court papers challenging PSIRA’s uniform restrictions have been signed, registered at the High Court, and served on both the Minister of Police and PSIRA. Both now have the opportunity to submit answering papers, after which the matter will be set down on the court roll. This is not expected to be heard until much later this year, but we will keep our members informed of developments as they unfold. PSIRA did, after some intense exchange of correspondence, amend their initial fee structure slightly — not enough, but every penny counts. We must thank them for considering our submissions. STOP PRESS INSERT – It looks as though this ‘uniform’ matter could be settled out of court, but we cannot divulge specific details at this stage. We will go public as soon as we are able to do so.
It is interesting to note, as revealed at the PSIRA Industry Compliance Forum earlier this month, that the number of ‘registered and active’ security service providers (companies) grew to a staggering 11,543 in the fourth quarter (January to March 2022) and the number of ‘registered and active’ security officers to 586,111. National Bargaining Council for the Private Security Sector (NBCPSS) The National Bargaining Council for the Private Security Sector (NBCPSS) is growing from strength to strength, but unfortunately it’s still unable to handle the many thousands of complaints received on a monthly basis because of their capacity limitation. SASA believes that we (this office) is the single biggest contributor of non-compliance reports and that the
securityfocusafrica.com
ASSOCIATION NEWS
majority of these will result in adverse awards against the plethora of noncompliant security companies, as well as successful PSIRA Code of Conduct prosecutions. Membership Our membership declined slightly during 2021/2, but is now growing again by the day, with dozens of enquiries in all categories being received every week. Our Gold Membership criteria is onerous as we demand total compliance, but, thanks to our newly introduced Mentorship Programme, we are attracting many newly-established security companies into our fold. We welcome them warmly into the SASA family with our commitment, as always, being to assist members with the challenges they’re facing in the current economy. Compliance This is still the biggest challenge facing the industry, with – we believe – probably close to 80 percent of companies being grossly non-compliant in terms of minimum remuneration levels, allowances and premiums, and Provident Fund and health insurance
securityfocusafrica.com
contributions. Another challenge is the growth of ‘disguised employment relationships’ such as cooperatives, independent contractors and, more recently, unregistered learners being employed and deployed at clients’ premises. This problem has greatly increased during the past two+ years of the pandemic, with a great number of consumers (our clients) not accepting statutory increases and even demanding more for less! The private security industry simply cannot survive these practices and a way must somehow be found to make such consumers jointly liable for the exploitation of security officers. Benefits of SASA membership: We are working on expanding membership benefits, which will be communicated to all members once finalised. Currently, these include: • A strictly applied Code of Ethics • Representation at national and local government level • Industry exposure in the media as well as at major shows and exhibitions • Contacts and networking opportunities • Discounted training courses, events and seminars
• Access to a security library managed by UNISA (University of South Africa) • Updates on new legislation and other industry-relevant information • Access to security-related and affiliated associations in South Africa and overseas • The SASA national website • A central administration office • Free digital subscription to Security Focus Africa magazine, the official journal of SASA • A mentorship programme which is designed to guide and assist startup security companies with attaining the compliance standards required to qualify for Gold Membership For more information about what SASA does and how it can assist you and your company, or to report any wrongdoings or concerns, please contact: Tony Botes, SASA National Administrator, at: Tel: 0861 100 680 / 083 650 4981 Cell: 083 272 1373 Email: info@sasecurity.co.za / tony@sasecurity.co.za Website: www.sasecurity.co.za
SECURITY FOCUS AFRICA MAY 2022
9
ASSOCIATION NEWS
News snippets from around the world After Covid, crime swells in New Zealand’s empty city centres
Good news for jobseekers in South Africa — the sectors that are hiring
Organised crime and extortion could dampen Cape Town’s economy
Research conducted by recruitment firm PNet shows that most job sectors in South Africa are returning to pre-pandemic levels of hiring activity, with job vacancies almost across the board. The research is based on a database of over five million registered users on PNet’s platform and assesses the first quarter of 2022 versus the first quarter of 2020, before the Covid-19 pandemic hit. The medical and health sector is up 30 percent, security and emergency services up 28 percent, manufacturing and assembly up 25 percent, and legal by 20 percent. https://businesstech.co.za/
Experts have warned that an increase in extortion and organised crime could stave off business investment and ultimately affect Cape Town’s economic growth. Peter Gastrow, senior adviser of the Global Initiative Against Transnational Organised Crime, said that although Cape Town has not been as hard hit by the ‘construction mafia’ (people who stop construction in violent ways if their own people are not employed) as in other parts of the country, gang violence and extortion has had a negative impact on the growth of the economy. www.iol.co.za/
Intel reveals a whole load of hardware security issues, so patch now
State capacity undermined by crime, corruption
Intel has announced a host of firmware bugs, which could allow endpoints such as datacentre servers, workstations, mobile devices, and storage products to become compromised. The bugs, first reported by The Register, can allow bad actors to leak information and escalate their privileges, and were labelled by Intel as ‘high severity‘. A full list of products the vulnerabilities may impact can be found here, which includes 10th Generation Intel Core Processors and Intel Core X-series Processors. www.techradar.com/
10
SECURITY FOCUS AFRICA MAY 2022
The World Economic Forum has warned South Africa that there are five critical threats to the country’s progress, with state collapse at the top of the list. State capacity has been undermined by rampant corruption, many policy positions and conversations that lead to little progress, and a leadership that lacks boldness in being decisive when it matters most. Whether it is price-fixing, competition issues, tender corruption, floating transformational laws, criminal activity, organised crime, these are part of the harvest of dark leadership behaviour. www.iol.co.za/
Already emptied out by Covid-19, some of New Zealand’s cities are now facing a spike in crime. Police data released to RNZ indicated violent crime rates in Auckland, the largest city, were up 30 percent from pre-pandemic levels, and remained steady compared to the year before – despite months of lockdown keeping people indoors. The rise in crime itself, and the maelstrom of media coverage that accompanied it, are becoming a political issue for the government, which this month announced more than half a billion dollars in extra police funding, one of the biggest spending packages announced in the lead-up to the annual budget announcement. The $562m, to be spent on police over the next four years, will create a ratio assigning one police officer to every 480 people. www.theguardian.com/
Nearly 450 mass shootings in Western Cape in just 30 months Almost 600 people have been shot dead and more than 1,000 wounded in 442 mass shootings in just 30 months in the Western Cape. These figures (from 1 June 2019 to 31 December 2021) were recently released, following a provincial legislature question, and do not include the recent killings in Khayelitsha where at least 18 people have been shot dead in one month. Gang-related shootings topped the list of the motives behind the incidents, followed by retaliation/revenge, robbery, taxi-related and attack on law enforcement officers (on duty). www.iol.co.za/
New roadmap outlines 16 strategies to reduce violent crime in DC A data-driven report published by D.C.’s independent Criminal Justice Coordinating Council outlines 16 short- and long-term strategies for reducing violent crime. It
securityfocusafrica.com
NEWS IN BRIEF
includes setting up a ‘Peace Room’ with dedicated full-time data and crime analysts, and violence reduction managers and assigned liaisons from various government agencies to review and respond to shootings in real time. In addition to the police response, the team would dispatch outreach and violence interrupters to the scene. https://wtop.com/
Botswana and South Africa must work together to fight cross-border crime: Masisi Botswana’s President Mokgweetsi Masisi has called on South African law enforcement agencies to work with their Botswana counterparts to deal with crimes committed in the two countries. “One area of concern is a surge in incidents of crime between our countries, particularly in relation to cash-in-transit heists, armed robberies and transnational organised crime, including human trafficking, poaching, cybercrime and contraband,” he said at the fifth session of the SA-Botswana bi-national commission in Pretoria last Friday. www.dispatchlive.co.za/
South African Human Resources Council (SAHRC) asks treasury for funds to protect whistleblowers In the battle against corruption and abuse of power, information is a valuable asset, hence the South African Human Rights Commission (SAHRC)’s continued fight to protect whistleblowers. The SAHRC says it has moral and constitutional obligations to ensure that whistleblowers are protected because of the important role they play in a democratic society. SAHRC chief executive Tseliso Thipanyane says that about R4 million has been spent in taking up cases related to the safety and security of whistleblowers in South Africa. www.thesouthafrican.com/
Cryptocurrency is not actually perfectly designed for crime When the US Justice Department announced in February that it had seized bitcoin worth $3.6 billion, it was more than just the largest recovery of alleged crime proceeds in the country’s history. It was the biggest signal yet that cryptocurrency, once seen as attractive to criminals for its supposed shield of anonymity, may not be so crime-friendly after all. Just a few years ago, the federal government barely knew
securityfocusafrica.com
what to do with cryptocurrency. Now, most federal law enforcement agencies employ experts adept at tracing it. Investigators are using a new generation of sophisticated software that harnesses big data to link transactions to people, taking advantage of the fact that most cryptocurrency transactions are recorded in public ledgers that can never be erased. www.nbcnews.com/
How innovative financing can help protect the black rhino population Illegal wildlife trade is the world’s fourth largest crime, estimated at between $7 and $23 billion per year, according to Oliver Withers, Biodiversity Lead within Global Sustainability, Credit Suisse. In an article that forms part of the World Economic Forum Annual Meeting, he writes that creating long-term financing solutions for conserving species and engaging people through developing livelihoods is crucial to increasing conservation efforts. Known as the ‘Rhino Bond’, the Wildlife Conservation Bond (WCB) is a five-year, $150m sustainable development bond, which will contribute to protecting and increasing black rhino populations in two protected areas in South Africa. www.weforum.org/
More South Africans are semigrating — here’s where they are moving to Home services company Kandua.com has reported an increase in semigration enquiries across South Africa as more employees aim to work from home permanently or adopt a hybrid model that will allow them to work from different
locations ie home, remotely, and in the office. And the trend towards moving from metropolitan areas to other areas, can mostly be attributed to a move away from crime-and-grime and towards a slower, safer, quality lifestyle in the small to large towns, says analytics company Lightstone. https://businesstech.co.za/
Syndicates in South Africa are taking out insurance policies on their victims — then killing them Life insurers’ fraud investigations have turned up more evidence of deathly get-rich schemes in which syndicates take out funeral insurance on victims they subsequently kill in order to submit a claim, writes Laura du Preez of consumer financial education website, SmartAboutMoney. Syndicates, particularly in the Eastern Cape, look for every opportunity to exploit, and there has been an upward trend in unnatural deaths in the last few years, Megan Govender, convenor of the Forensics Standing Committee at the Association of Savings and Investment South Africa (ASISA), says. https://businesstech.co.za/
The number of police officers in South Africa The number of staff in the South African Police Service (SAPS) has declined steadily over the past decade and is expected to plateau going forward. In its annual performance plan presented in parliament this week, the SAPS noted that in 2011/12, the department had a peak total staff complement of 199,345. By comparison, its most up-to-date headcount stood at 182,126 at the end of the 2020/2021
SECURITY FOCUS AFRICA MAY 2022
11
NEWS IN BRIEF
financial year — an effective decrease of 8.8 percent. “The Police Act workforce has also aged significantly during this period with a reduction of more than 30,000 within the age group 39 years and younger. https://businesstech.co.za/
Big shift for private security in South Africa Data published by the Private Security Industry Regulatory Authority (PSIRA) shows that the country’s private security sector now dwarfs the official South African Police Service (SAPS) and in some cases is performing official police duties, even when not authorised to do so. “The increased demand for private security, and the resource constraints within SAPS, results in private security service providers entering functional areas of policing, which are normally exclusively the domain of the SAPS,” the regulator said in its recent annual performance plan. It noted that there had been a number of cases in which the private security industry had overstepped its mandate and exercised powers that they did not officially have, including infringing on the rights of clients and the general public. https://businesstech.co.za/
New airport-style security in prisons sees record level of drug busts Tougher airport-style security rolled out across the prison estate in England and Wales has intercepted almost 20,000 attempts to smuggle illegal contraband behind bars, and new X-ray scanners have intercepted almost 20,000 smuggling plots. Over 40 of the most challenging prisons have also been kitted out with an array of additional new technology including drug-trace machines and metal detection archways. The government’s ambitious plan to transform the prison estate and cut crime, builds on this, as outlined in December’s Prisons Strategy White Paper. Commitments in the White Paper include equipping all new build prisons with the latest technological innovations to thwart drugs, phones and weapons; X-ray body scanners and biometric visitor identification. www.gov.uk/
Eskom told to expedite the fixing of Medupi and Kusile design defects The Political Task Team on Eskom has told the management at the power utility to
12
SECURITY FOCUS AFRICA MAY 2022
expedite the fixing of the design defects at Medupi and Kusile power plants, says Deputy President David Mabuza. www.citizen.co.za/
Tax crime chiefs summit commits to international action A ground-breaking alliance dedicated to tackling global financial crime must continue its efforts to defeat tax cheats and frauds Financial Secretary to the Treasury, Lucy Frazer QC told an enforcement summit last week. The heads of tax enforcement from the UK, Australia, Canada, Netherlands and the US came together in London for the latest Joint Chiefs of Global Tax Enforcement (J5) summit to share intelligence and coordinate efforts on a global level against international tax crime and money laundering. The week-long summit began with the J5 Challenge, which brings together investigators, subject experts, data scientists and others to analyse a range of data and intelligence, including that from decentralised exchanges, to identify tax evasion. The event also included the inaugural Global Financial Institution Summit (GFIS) — the start of ambitious talks between the J5 and some of the world’s biggest banks on what more can be done to tackle tax crime together. This was followed by a public-private partnership event where leaders from both sectors came together to examine key threats to the international tax system. www.gov.uk/
Infoblox’s State of Security Report spotlights remote work hazards around the world DNS (Domain Name System) management and security services provider Infoblox, in its recently-released global security report, says that, as the pandemic and uneven shutdowns stretch into a third year, organisations are accelerating digital transformation projects to support remote work. Meanwhile, attackers have seized on vulnerabilities in these environments, creating more work and larger budgets for security teams. Participants in the survey included 1,100 respondents in IT and cybersecurity roles from 11 countries: United States, Mexico, Brazil, United Kingdom, Germany, France, Netherlands, Spain, United Arab Emirates, Australia, and Singapore. Key findings include: • The surge in remote work has changed the corporate landscape significantly – and permanently • The hybrid workforce reality is causing greater concerns with data leakage, ransomware and attacks through remote access tools and cloud services • Organisations have good reason to worry: 53 percent of respondents experienced up to five security incidents that led to at least one breach • Organisations are buying cloud-first security tools to protect their hybrid environments • Interest in Secure Access Service Edge (SASE) frameworks is accelerating. www.prnewswire.com/
securityfocusafrica.com
PERSONALITY INTERPOL PROFILE
52 arrests in operation across 28 countries targeting trafficking in cultural goods A global operation targeting illicit trafficking in cultural goods has led to 52 arrests and the seizure of 9,408 cultural artefacts across the world. These priceless items include archaeological objects, furniture, coins, paintings, musical instruments and statuettes. INTERPOL. 2022. 52 arrests in operation across 28 countries targeting trafficking in cultural goods. — Media statement dated 9 March 2022. Taken from Servamus, May 2022.
O
peration Pandora VI, the operational phase of which ran from 1 June to 30 September 2021, resulted in law enforcement authorities in 28 countries carrying out checks and controls in airports and at border crossing points, as well as in auction houses, museums and private homes. Special focus was placed on the monitoring of online markets. To that end, a cyber patrol week was organised by the National Police Force of the Netherlands to identify suspicious online sales. Over 170 investigations are still ongoing, as a result of which more seizures and arrests are anticipated as investigators around the globe continue their pursuit of those spoiling and destroying cultural heritage. Led by Spain (Guardia Civil), Pandora VI was coordinated at an international level by Europol, INTERPOL and the World Customs Organisation (WCO). Operational Coordination Units working 24/7 were established by Europol on one side, and the WCO and INTERPOL on the other, to support the exchange of information as well as to disseminate alerts, warnings and perform cross-checks in different international and national databases. Operational highlights French Customs (Douane) seized 4,231 archaeological objects which included approximately 3,000 coins, as well as bells, buckles, rings and pieces of pottery which were looted from archaeological sites by a single individual using a metal detector. In a separate case, French Customs also seized three ancient statuettes dating back to the La TolitaTumaco pre-Columbian culture.
securityfocusafrica.com
The Spanish National Police (Policía Nacional) recovered a treasure consisting of 91 gold coins from the Roman Empire worth an estimated half a million euros on the black market. The investigation began after these coins were detected in a well-known auction house in Madrid. The investigators later identified the Spanish archaeological site from which these coins were looted. Officers from US Customs and Border Protection (CBP) seized a shipment containing 13 pieces of ancient Mexican artefacts from the Post-Classic to the Aztec era, including one skull and 12 adzes (chopping tools). A processional cross dating from the 13th century was recovered by Romanian Police and returned to the Evangelical Church Museum of Cisnadie, from where it had been stolen in 2016. The object had been recorded in INTERPOL’s Stolen Works of Art Database and was identified via INTERPOL’s ID-Art mobile app. Italy’s Carabinieri Corps seized 79 archaeological goods of different types and ages in the Mediterranean region. These goods were lacking documentation certifying their lawful origin or import into the national territory. The Art and Antiques Crime Unit (National Police Force of the Netherlands) recovered two Kees Verweij paintings which had been reported as stolen, following checks of an online sales catalogue involving an Amsterdam auction house. Officers from the Hellenic Police recovered a marble column dating back from the Roman period, alongside 13 ancient coins and three pottery vessels dating back from the Hellenistic period. Metal detectors remain a hot
commodity among looters, with seven European law enforcement authorities reporting the seizure of 90 metal detectors destined for illicit use at archaeological sites. International coordination Europol, as co-leader of this action, played a key role in implementing the entire operation by facilitating information exchange and providing analytical and operational support. The WCO provided its CENcomm secure communication channel and facilitated intelligence exchange among different agencies. INTERPOL, through its I-24/7 secure communication system, connected countries in the Balkans and European Union participating in the exchange of information, supporting the entire operation with a dedicated expert to double check searches against INTERPOL’s Stolen Works of Art Database in order to locate and identify items that had been stolen and items that were still missing. Operation Pandora, which was first launched in 2016, is an annual law enforcement operation. To date, it has resulted in 407 arrests and the recovery of 147,050 cultural goods. Pandora VI participants INTERPOL Member countries: Albania, Austria, Bosnia & Herzegovina, Bulgaria, Cyprus, France, Germany, Greece, Ireland, Italy, The Netherlands, Norway, Poland, Romania, Serbia, Slovakia, Spain, Sweden, Hungary, Latvia, Lithuania, Montenegro, North Macedonia, Portugal, Switzerland, United Kingdom and United States. Third party: Kosovo
SECURITY FOCUS AFRICA MAY 2022
13
RISK MANAGEMENT
Managing risk in an ‘unpredictable, pandemic-altered’ South Africa In today’s ‘unpredictable, pandemic-altered’ world, business owners are dealing with an everexpanding risk landscape that’s likely keeping many of them awake at night.
T
hat’s according to Professor Clifford Rossi, in his article Risk management predictions for 2022: seeking alternatives in times of uncertainty, published by GARP (Global Association of Risk Professionals). His list of risks includes regulatory changes, supply-chain disruptions, credit and interest rate risk, and human capital — all of which are relevant to South Africa, along with its rampant crime, floods, riots, fires, and other disasters. The starting point for managing risk effectively is recognising that there’s a vast difference between a risk assessor and a risk manager, says independent South African security risk assessor, Andre Mundell of Alwinco. Most of the time, RFQs (requests for quotations) or tender documents state that they require a risk manager to assess their security portfolios, when they actually want an independent risk assessor whose salary isn’t paid by the company they work for, and who is guided by the criminal’s point of view, and not the company’s viewpoint, he says.
14
SECURITY FOCUS AFRICA MAY 2022
The problem with probability Risk managers, he continues, are taught to use ‘probability’ as their guide to determining certain risks, but while probability may work in health and safety assessments, and maybe even in water and food assessments, it does not apply to security. “If you’re making use of a risk matrix with measuring levels or ratios from 1 to 5 to identify security risks, you are essentially agreeing that a percentage of crime is acceptable. If something is labelled as a risk level 1, you are agreeing that 20 percent of the crime is acceptable. Precisely which 20 percent do you accept? Does this 20 percent include theft? Rape? Perhaps murder? I have met risk managers who’ve never seen a crime scene before, who don’t understand security hardware, and who have never interviewed victims or suspects,” he points out, adding: “The correct approach is to first assess the security risk, and then implement and manage suitable solutions to eliminate the risks. Essentially, once the risk assessor has identified the security risks and has
securityfocusafrica.com
RISK MANAGEMENT
Top five security concerns • Loss of data and the inability to recover it • Lack of internal skills and resources to manage the risks associated with using third-party providers • Managing user access to information • Compliance issues related to using providers in other jurisdictions • Visibility of and control over data Source: Liquid Tech The evolving Cyber Security threat in Africa
recommended the most risk-specific solutions, the responsibility is then handed over to the risk manager, who now has something tangible to work with. The risk manager is supported by the security manager, building manager, health and safety manager, environmental manager, and so on. Security structures tend to fail when one person is responsible for security as well as health and safety. Remember, health and safety is governed by the law, which means that it will always be the top priority, whereas security is usually neglected.” The cancer of insider crime Mundell goes on to warn of the “cancer” of insider crime. “Inner crime is a cancer that has brought many companies to their knees and will continue to do so if it is not identified and eliminated - yet another reason why employees should never conduct company risk assessments. When you have been working with someone for many years and have come to trust this person, the chances are almost zero that you will ever see him/her as anything other than a colleague and friend, even if they might be a criminal operating from inside the company. An independent security risk assessor is not part of the business and has no connections or relationships with any employee, manager, or director. Their main focus is to identify the security risks, irrespective of what or who they might be, and to find suitable solutions to eliminate these risks. They will look at everything, from the cleaners right through to the directors, from access control to the perimeter fence, from day to night security, from processes and procedures, leaving no stone unturned. In short, a security risk assessor and a risk manager, while equally important, have vastly different functions and timeframes in which they operate.”
securityfocusafrica.com
The top concerns for businesses relating to cyber breaches • Financial loss 26% • Loss of important company information 18% • Reputational damage 17% • Disclosure of strategic information to someone outside the business 17% • Business disruption 14%
Risk from an insurer’s perspective Brett Schultz is the Managing Director of Econorisk Broker Consultants, a Gold Affiliate member of SASA (Security Association of South Africa) and a member of SAIDSA (South African Intruder Detection Services Association), which provides insurance cover designed to meet the unique needs of South Africa’s high-risk private security industry. In a world which is now more globalised and connected than ever, he says, the coronavirus pandemic, rising inflation, and the consequences of the Russian invasion of Ukraine will be compounded, leaving businesses and individuals increasingly vulnerable. Adding to this are protests, sociopolitical unrest, and discontent, which are contributing to the country’s significant increase in crime, and cyber-attackers who are exploiting the growing, pandemic-driven move to working from home. Top five security concerns The top concerns for businesses relating to cyber breaches • Loss of data and the inability to recover it • Lack of internal skills and resources to manage the risks associated with using third-party providers • Managing user access to information • Compliance issues related to using providers in other jurisdictions • Visibility of and control over data • Financial loss 26% • Loss of important company information 18% • Reputational damage 17% • Disclosure of strategic information to someone outside the business 17% • Business disruption 14% Source: Liquid Tech The evolving Cyber Security threat in Africa
Andre Mundell.
Brett Schulz.
“Businesses must therefore ready themselves for more frequent and extreme developments and put in place effective – and tested – risk management processes, methods and tools to guard against unrest, cyberattacks, climate change-driven natural disasters, and even another pandemic,” Schultz says. “Insurance should be seen as part of a company’s broader approach to risk management and adaptation. Although it’s easy to perceive insurance as a cost, in reality it is probably one of
SECURITY FOCUS AFRICA MAY 2022
15
RISK MANAGEMENT
16
the biggest value-adds to any business. It effectively minimises the damage caused by these and other unforeseen events, by protecting against financial loss and liability, even preventing some companies from closing their doors altogether.”
presented every day, as enterprising hackers and cyber criminals look for new ways to exploit systems, and unwanted events unfold, businesses must put adequate measures in place now to assess and manage risk and protect themselves,” adds Schultz.
Cyber incidents With the acceleration of digital transformation on the back of the Covid-19 pandemic, businesses across the world are looking at implementing new and evolving ways of using information technology, Schultz says. Digital and remote solutions have never been more essential, with millions of people suddenly needing to perform daily operations and deliver services to clients and customers seamlessly from anywhere and at any time. And, while this has brought many benefits, the increasing reliance on digital solutions has also amplified the risk of cyberattacks. “South Africa has seen a significant increase in the number of malware and other cyber attempts since the onset of the pandemic, with a notable increase in the frequency and sophistication of cybercrime. Protecting personal information, as required by the Protection of Personal Information Act (POPIA), has become more of a challenge than ever. Cyber threat is a huge reality and the thinking that ‘this won’t happen to me’ is not an option,” he continues. “Every business must take steps to understand their network’s real strengths and weaknesses — the relevant threats, any internal and external vulnerabilities, the impact if those vulnerabilities are exploited, and the likelihood of exploitation. This can be done through an independent risk assessment which will identify, estimate, and prioritise cyber risk. From here, a comprehensive cyber liability programme can be put in place, based on your actual risk. “And remember, cyber liability insurance is not the same as general liability insurance, so don’t make the mistake of assuming you’re covered for cyber risks through your current insurance plan. This mistake cost Sony $171 million dollars! Also, many businesses are under-insuring for cyber insurance cover and are confusing cybercrime with normal business interruption. They are not the same! With the threat landscape constantly evolving, and new threats being
Travel risk A company or organisation usually has four key assets that require protection, says Benedict Weaver, Managing Partner of corporate intelligence firm Zero Foundation Africa: property, people, information, and reputation — and the one risk that has the potential to create a perfect storm and adversely affect all four of these assets simultaneously is travel. “Companies need to manage travel risk in the same way they do other workplace risk,” says Weaver, an advocate of the ‘4-Step Travel Risk Assessment (TRA)’. The starting point is identifying individuals or staff categories most at risk when travelling. “Female travellers are more of a target than males; executives are at greater risk of being kidnapped for ransom than line managers; and corporate travellers carrying sensitive company information are more at risk than support staff,” he explains. Step two concerns locating existing company travel protocols and identifying the department or individuals responsible for travel security. “There should be a published corporate travel security policy with supporting standards and guidelines around, whether travellers are being met at their destinations or whether they’re relying on e-hailing and other risky local transport options; whether their accommodation has suitable security and fire prevention procedures, and so on.” The third step is reducing risk. “What recommendations can you make to lower identified travel risks? Have you considered how to track and communicate with your corporate travellers when a disaster occurs? Do you have documented and properly resourced evacuation procedures? How will you repatriate a corpse? Do you provide actionable destination intelligence before your travellers leave on a business trip? Does your travel insurance cover KR&E (kidnap, ransom and extortion), theft of data and/or
SECURITY FOCUS AFRICA MAY 2022
disaster recovery incidents?” Number four on his list is when the travel risk management (TRM) programme will be implemented. “After reviewing existing travel security protocols and identifying practical recommendations to lower the risks to corporate travellers, you need to identify individuals to take responsibility for the programme,” says Weaver. “Set deadlines for what tasks need to be completed by when. Seek assistance from professional travel risk management and advisory professionals. Document how you will reduce the risks of the loss of liberty, life, and limb for corporate travellers.” By adopting the 4-Step Travel Risk Assessment (TRA), you and your company will be able to realise the actual – rather than perceived – threats to corporate travellers. Directors will know about the risks and identify any failure to comply with their Duty of Care (DoC) obligations; and it will reduce business liability by providing a robust defence against a class action. Given the uncertain times in which people are now travelling, such a defence is a vital component of a company’s risk management strategy. Conclusion As Andre Mundell constantly reminds himself and his clients: “Crime cannot be undone.”
Contributors: GARP Web: www.garp.org Andre Mundell / Alwinco Email: andre@alwinco.co.za Web: www.alwinco.co.za Econorisk Broker Consultants Web: https:// econoriskbrokerconsultants.co.za/ Email: bretts@econorisk.co.za Zero Foundation Africa Web: www.zerofoundationafrica. com/ Liquid Tech Web: www.liquid.tech/ Web: https://liquid.tech/wps/ wcm/connect/corp/00d614b5e6cf-4552-9085-c12e47b6246c/ Liquid+Intelligent+Technologie s+Cyber+security+Report+2021. pdf?MOD=AJPERES&CVID=nKxjVS0
securityfocusafrica.com
OPINION PIECE
ranging from diplomas for school leavers at NQF Level 5, to graduate and postgraduate degrees4. This included the development of roles and responsibilities for the cybersecurity sector, and planning for the engagement of private service providers to develop cybersecurity training programmes. She noted that there was also a need for a concerted and coordinated approach between the private sector, the government and academia to close the cybersecurity skills gap.
The importance of training in managing a cybersecurity skills shortage By Stefan van de Giessen, Country Manager: SA & SADC, Exclusive Networks Africa
A
ccording to a report released by Ireland-based multinational professional services company Accenture, a low investment in cyber security, and immature cybercrime legislation, makes South Africa a target for cybercrime, with the country registering the third-highest number of cybercrime victims worldwide1. In addition, as with other countries, the cybersecurity skills shortage is hindering the ability of businesses to effectively manage and stay ahead of constantlyevolving cyberthreats. The lack of skills means that businesses find themselves on the back foot, looking for individuals who are able to manage and run solutions, manage incident and security teams, and having to ensure the implementation of a strong security posture. This is not isolated to a single partner or end-user organisation, but is a global issue. Last year, CNBC reported that the shortage of technology talent is particularly severe in the cybersecurity field, and that demand for skills is increasing ‘exponentially’ and shows no signs of lessening. This information was reported during a session on the talent shortage at CNBC’s 2021 Technology Executive Council Summit in New York City2. Best-of-breed technology alone is not the solution Many organisations try to alleviate the
securityfocusafrica.com
skills shortage by buying high-end technologies. However, the problem cannot be solved simply by ‘throwing money’ at the problem, because, without the skills to understand the interoperability between the solution, and how it needs to be implemented and managed, the purchase of best-of-breed technology is merely not enough. In other words, without the right skills sets, companies remain at a disadvantage and remain vulnerable. The importance of education in a local context With regards to Africa, our education systems are often regarded as being less mature than in other, more developed continents and countries. As outlined in commentary from global professional services network Ernst and Young (EY), when compared to their peers in other countries, students in African schools frequently underperform on global benchmark tests3. As a result, the market is not always able to keep up with the pace of the technology being created and deployed elsewhere. On a positive note, the South African government has outlined previously that it has a vision to address the local cybersecurity skills shortage. In 2019, the then-Deputy Minister of Communications and Digital Technologies, Pinky Kekana, explained that the government planned to create formal education qualifications
Investment required from both customers and system integrators Over and above this planning, customers need to invest in skilled human capital to ensure they can manage, maintain and secure their own environments effectively and protect themselves. It is more beneficial for clients to complement the investment they are making on technologies, with professionals to advise and assist them in that process. In turn, system integrators need to invest in training so that they can provide their customers with the skilled technical support they need, in order to provide true value to their customers. Regardless of how good or capable the technology is, there is always a human element backing this and if this is ineffective, weaknesses become apparent. Companies therefore need to further invest in skilling up their teams to ensure that they are in the best possible position to deal with the ever-evolving threat landscape. Walking the talk At Exclusive Networks Africa, we have therefore built our extensive training services, allowing our employees and partners to skill up in a number of different ways. Our training services include certified training on Fortinet and F5 solutions, both in person as well as through virtual instructors. Additionally, we offer noncertified training on over 15 cyber security products within our portfolio. This not only improves our employees’ knowledge and expertise, but also invests back into individuals and, ultimately, our country and our local economy. It is only through concerted training efforts from a number of different parties, following a multi-faceted and partnership-aligned approach, that we will ultimately be able to deal with the current cybersecurity skills shortage that we are now facing.
SECURITY FOCUS AFRICA MAY 2022
17
PERSONALITY XXX PROFILE
Kgalema Motlanthe, former South African President, in conversation with Ann Bernstein, Executive Director of the Centre for Development and Enterprise (CDE) This article is part of a virtual series called CDE Discussions, which was launched in 2022 to mark the Centre’s 25th anniversary. We are grateful for their permission to share this summary with our readers. Read the full article here.
A
nn Bernstein: In a 2017 BBC interview, you said “The ANC is so bad it should lose the next election in order to have a chance at renewal and rebuilding itself.” What did you mean? Do you still believe this should happen? Kgalema Motlanthe: My sense at the time was that the ANC was not getting the message that the electorate and the general population was increasingly losing confidence in it. I thought losing the election would ensure that they get the message loud and clear. Then those who saw the ANC as nothing but a channel to looting would leave, and the rest of us could then embark on a process of rebuilding the party, and of restoring its morals and values. Now, of course, the leadership of the ANC accepts that unless they do something about the current trajectory, there is no doubt that
18
SECURITY FOCUS AFRICA MAY 2022
they will lose the elections, and eventually become irrelevant in South African politics.” Ann Bernstein: In 2007, when you were secretary general of the ANC, you knew that it was being overwhelmed by corruption. When you think back on that time, was there more you could have done to prevent the ANC from going down this path? Kgalema Motlanthe: At that time, we still had the older, Mandela-era ANC generation alive and active. Many expressed concern that the ANC was not actually prepared for the challenges of operating as a governing party. As far back as 1992, we had already discussed the difficulties linked to taking power, and that gifts would be the harbinger of corruption. More broadly and more concerning was the growing tendency amongst members to manipulate
processes of internal democracy, to ensure that certain people received nominations for leadership positions. These were acts of corruption, and warning signs of things to come. Ann Bernstein: What did you do to try and remedy it? Kgalema Motlanthe: My responsibility as Secretary General entailed presenting a report to the national elective conference on behalf of the National Executive Committee (NEC). In the report, I clearly stated that NEC members were not immune from corruption, and that the NEC should take responsibility for combatting this scourge. I asked the incoming NEC to investigate, and to ensure there were consequences for wrongdoing. Ann Bernstein: By 2011, Trevor Manuel had told us and others have confirmed,
securityfocusafrica.com
PERSONALITY PROFILE
it was known that members of the cabinet were being appointed by the Guptas. Was this ever discussed in the NEC or in any official ANC body? Kgalema Motlanthe: Discussions at NEC meetings raised the issue that the Guptas seemed to have undue influence on the workings of government, but there were many factors preventing those discussions from bearing fruit. The heads of the intelligence at the time, Gibson Njenje and Mo Shaik, were relieved of their responsibilities after they tried to investigate the Guptas. And the NEC itself had, in a sense, already been captured. The number of ministers and deputy ministers was increased to 72, and all the appointees came from the NEC. These members related to the president as their employer, and they were very reluctant to stand up to him. Ann Bernstein: How do you think the ANC should deal with the findings of the Zondo Commission? What would be appropriate, in your view, for dealing with very senior people in the cabinet, who have been accused of corruption in the commission’s reports? Kgalema Motlanthe: The ANC has a few instruments that would enable it to deal with this issue, because the Zondo Commission will no doubt result in prosecutions of those who have been accused. For those who are implicated, the ANC has a step-aside rule that states that they should step aside from their responsibilities until their names are cleared in a court of law. If they are convicted for corruption or any such serious offense, the ANC constitution prescribes that they are no longer eligible to be an ANC member, therefore, they should be expelled from the party. Ann Bernstein: Are you confident that action will be taken? Kgalema Motlanthe: I am confident that there will be action because it is a matter of law. It is not dependent on the ANC’s likes and dislikes. Ann Bernstein: It remains a big challenge for a political party with so many members who are clearly corrupt and face many allegations of corruption, that it does not seem to see the Constitution and the rule of law as vitally important. How can the party find its way out of this situation? Kgalema Motlanthe: If the leadership
securityfocusafrica.com
is not compromised, it can act decisively, because the constitution of the ANC is straightforward on such matters. However, if the leadership itself has skeletons in its closet, then you end up with paralysis and the failure to act against obvious acts of malfeasance. Ann Bernstein: Were you surprised by any of the findings that emerged from the Zondo Commission? Kgalema Motlanthe: Mostly it confirmed what I already knew. The only thing I was taken aback by was the finding that Bosasa was essentially running the Department of Correctional Services. Ann Bernstein: You were Deputy President to President Zuma for five years. When you reflect back on that period, what were your most difficult choices, and do you feel it might have helped if you and other leaders had spoken out more in public? Kgalema Motlanthe: Remember that President Zuma was my successor. So, when I became his deputy, I could say frankly to him, “Look Mr President, no president does things the way you do them.” I could speak honestly to him about these things, including at most cabinet committee meetings that he asked me to chair. But he would not listen. Part of his skill is that he would never argue with you, he would not respond directly to what you were saying, but he would go ahead anyway and act the way he wanted to. Ann Bernstein: If there had been more talk about all of this outside the party structures, which I know would have been difficult, do you think that might have helped? Kgalema Motlanthe: Short of removing President Zuma and electing a different leader, there is very little that could have been done, because he had the authority, as head of state, to appoint and remove ministers. Ann Bernstein: How do you feel about the country today? Kgalema Motlanthe: We suffer from a number of handicaps. Key among them is our education system. We must fix it. We must also import the German TVET system and make it work in South Africa, because our TVET colleges are not producing the skills needed in our economy. One of the recommendations
of the parliamentary high-level panel (HLP) review that I chaired was that, given our levels of unemployment, we should try and get parliament to amend the Labour Relations Act (LRA) to create space for small entrepreneurs and exempt them from being compelled to live up to the standards of the collective bargaining councils, which have well-organised unions on the one side and the big employers on the other. It should also be easy to obtain a license and small businesses should not have to comply with complicated regulations when they are still struggling to become established. Ann Bernstein: As a former trade unionist, your support in the parliamentary HLP report for much greater flexibility and breathing space for small firms was really striking. Why is it so hard to persuade everyone of this view and do you believe we are getting anywhere on that issue? Kgalema Motlanthe: I do not see an alternative way to address our high levels of unemployment. We must create opportunities for people to start companies that can grow, which will result in people creating jobs. That way you also create local economies. Ann Bernstein: One of the other recommendations the HLP made to parliament was about tribal land. In your view, should unelected chiefs continue to exercise the powers that they have in South Africa’s democracy? Kgalema Motlanthe: Traditional leadership in the rural areas is recognised in the Constitution. When the panel was reviewing legislation we came across the Ingonyama Trust Act, which we found to be unconstitutional. The board was collecting rent from poor rural households. The Rural Women’s Movement took the matter to court, and, on 11 June last year, the High Court in Pietermaritzburg found in their favour and ordered the board to reimburse people the rental money they had collected. The Minister of Rural Development and Land Reform had sided with the Ingonyama Trust Board and so the court also found that she had breached her duty to respect and protect these citizens’ land rights and imposed certain responsibilities on her office. We also discovered that traditional land use management systems have collapsed completely, even
SECURITY FOCUS AFRICA MAY 2022
19
PERSONALITY XXX PROFILE
in jurisdictions outside of the Ingonyama Trust Act. We also looked at the security of tenure for rural residents, and recommended that it should be secured in law, and not be subjected to the whims and idiosyncrasies of chiefs. Ann Bernstein: Can the ANC become a leader in society again, morally, and politically? Kgalema Motlanthe: I think the ANC is within its right to embark on efforts to renew itself. However, South Africans should not be bound by that timetable. South Africa should move on, and it will be up to the ANC to try to catch up. I am saying that because I think the results of the elections in 2016, as well as last year, indicate that our politics are now in a state of flux, which must necessarily result in a realignment of political forces. I do not think that the current political parties, including the ANC, represent the future. I think the kind of formations that are going to take this country forward are still to come and they will be fashioned by a realignment of political forces. Ann Bernstein: What is your view on Russia’s invasion of Ukraine? Kgalema Motlanthe: There is no doubt there were opportunities that could have prevented the actual outbreak of the war between Russia and the Ukraine. Once war broke out it became a no-win situation – for the Ukrainians, and for the Russians. The Russians themselves sit with a war that
20
SECURITY FOCUS AFRICA MAY 2022
they did not approve of, and that Putin has initiated, and that is something that should be condemned. War, in general, should not be supported because it never solves problems. Therefore, my take on the Russian invasion of the Ukraine is that it should be condemned. Biographies in brief: Ann Bernstein is the head of the Centre for Development and Enterprise (CDE) in South Africa, regarded by many – including the London Financial Times – as the country’s leading policy centre for social and economic development. Keenly interested in the role of business and its contribution to development, she was a member of the Transition Team and then the Board of the Development Bank of Southern Africa from 19942001. In 2005 she became a Fellow at the National Endowment for Democracy, Washington DC, and then two years later, she joined the Board of the Brenthurst Foundation. In 2008 and 2009 she was an invited faculty member at the World Economic Forum in Davos, and she participates in their Global Agenda Council’s Initiative. The author of The Case for Business in Developing Economies and Migration and Refugee Policies (with M. Weiner, London, 1999), Business and Democracy: Cohabitation or Contradiction? (with P.L. Berger, London, 1998), and Policy Making in A New Democracy: South Africa’s Challenges for the 21st century
(CDE,1999), she is a regular public speaker at events and on radio and television. https://www.penguinrandomhouse. co.za/penguin-authors/ann-bernstein / https://www.cde.org.za/about-us/ governance Kgalema Petrus Motlanthe was recruited into Umkhonto weSizwe (MK), the then-armed wing of the ANC, while working for the Johannesburg City Council in the 1970s. Following his arrest under the Terrorism Act, he served 10 years’ imprisonment on Robben Island. On his release, he became involved with the National Union of Mineworkers (NUM). Elected general secretary of NUM in 1992, he helped establish the Mineworkers’ Development Agency and the Mineworkers’ Investment Company. He then served two terms as ANC Secretary General, before being elected President of South Africa in 2008. Jacob Zuma, who was elected as his presidential successor in May 2009, appointed him to the position of Deputy President, which he held until 2014. After leaving the political arena, he founded the Kgalema Motlanthe Foundation “with a mission statement encompassing socioeconomic development, access to knowledge and education, and human rights and social inclusion in South Africa and in Africa more broadly.” per Wikipedia https://en.wikipedia.org/ wiki/Kgalema_Motlanthe.
securityfocusafrica.com
OPINION PIECE
Digital banking is key to reaching previously unbanked markets Traditional bricks-and-mortar banks have been heavily disrupted by the emergence of digital banking in South Africa. These new entrants into the market have the advantage of being ‘born digital’, without the years of legacy that the big four banks have. By Sumit Kumar Sharma, Enterprise Architect and Head of Advisory Services at In2IT Technologies.
T
he agility and easy access of digital solutions is changing the game, making banking accessible to markets that have previously been underserved. Traditional banks need to embrace digital transformation (DX) if they are to remain both relevant and competitive today and in the future. Reaching new markets One of the biggest limitations of the traditional banking system is the reliance on branch offices, face-to-face communication and paper-based processes. This has meant that typically, people who live in remote and rural areas have not made use of the banking system — branches were too far away, and it was too inconvenient. Digital banking has changed this, because all you need is a smartphone and internet connectivity to access savings and credit facilities as well as the innovative new banking products that are now on offer. Adoption of digital banking is high in South Africa and in many other developing countries because of this ease of access, and it will form the basis of economic growth across the African continent. Traditional banks now need to solve this challenge so that they too are able to access these markets and participate more fully in economic growth and development.
securityfocusafrica.com
Work in progress Traditional banking organisations are well aware of the need to adopt DX in an effort to bridge this technology gap. However, it is often easier said than done. One area that has received a lot of focus is communication, as banks take steps to introduce an omnichannel experience that enables customers to receive support 24/7. However, the real gap lies not in the technology, but in the difficulty with change. The intent is there and the demand is there, but the processes that are in place carry the hallmarks of the years of legacy. The wrap trap The biggest issue with the current approach to DX is that most of the traditional banks take the approach of wrapping technology around the old ways of working. For example, online account applications still end up requiring paperwork and a visit to a branch for verification, which makes the process difficult for those in remote areas. If core business processes are not addressed, traditional banks will always remain traditional at heart. Digital banking is more than a chatbot, an app and not having physical branches. It is about how data is handled, the way banks interact with customers, and the agility of internal processes which will affect time to market
for new products and services. These core processes need to be modernised, data platforms need to be transformed and existing mindsets need to shift toward innovation and integration, if legacy banking organisations are to remain relevant and competitive in the future. Partnering with customers The disruptors are setting the agenda and consumer behaviours have already changed. Customers are more technologically savvy than ever, and their demands are driving banking to adapt to meet new expectations. Banking is moving from simply an account to store money and transact toward a partnership for financial wellbeing, and innovators are introducing new products and services to meet these needs. Traditional banks need to identify what they need to change to meet new customer expectations and become more agile in deploying products and services. Digital banks are becoming increasingly mainstream and mature and will play a far bigger role in the sector as time goes on. Change must come from the inside out, because the new world of banking is not just about fancy products, it is about integrating those who were previously excluded from economic participation by the old systems, to drive growth and sustainability.
SECURITY FOCUS AFRICA MAY 2022
21
OPINION PIECE
Don’t wait until it’s too late — you need to back up your Microsoft 365 data Software-as-a-Service (SaaS), such as Microsoft 365, has changed the game for many businesses, especially those in the Small to Medium and Micro Enterprise (SMME) market. It ensures always-on access and offers cloudbased storage that means that data is available anytime and on any device. By Iniel Dreyer, MD at Data Management Professionals South Africa.
H
owever, this does not mean that data backup has become redundant, which is a misconception many businesses may be under — until it is too late. Ransomware and accidental deletion can still affect data stored in the cloud, and data loss events can be catastrophic for business, no matter where the data is stored. It is essential to apply best practices around data management, including backing up Microsoft 365 data. Shared responsibility The big cloud providers like Microsoft operate on a shared responsibility model, which means that, while they are responsible for the availability of their applications, the data that these applications contain and the people that have access to this data, remains the responsibility of the customer. As long as the provider can deliver the functionality of their product, they are fulfilling their responsibility, and while they will give their best effort to assist in the event of ransomware, data loss or corruption, it is not their ultimate responsibility. The easiest way to understand is to think of cloud storage as a data centre, or even as an external hard drive for smaller businesses. These are simply storage devices, no matter where they are located, and businesses need to take steps to protect the data that is contained in them. Whether data loss occurs through accidental deletion, malicious action or encryption via malware such as ransomware, once it is gone, it is gone, unless there is a third-party solution in
22
SECURITY FOCUS AFRICA MAY 2022
place to protect data and provide a recovery mechanism. Hidden dangers When files are accidentally (or purposely) deleted from cloud storage, there is only a limited time period in which they will be available to recover. For example, with Microsoft 365, users have 93 days to restore deleted files from the recycle bin before they are permanently removed. After this period, unless there is some sort of backup and recovery system in place, the files are gone. There is also the growing problem of ransomware, which does not necessarily immediately activate once it has infected data. This means that ransomware could easily be synced to cloud storage and lie in wait, sometimes even for months, before activating and encrypting data — including all of the data stored in the cloud, such as in OneDrive, as well as email, SharePoint, Teams data and more. If your native cloud storage keeps data for 90 days, and the ransomware infection occurred six months before it was activated, the only way to remove the infection would be to roll back to a copy of data prior to infection. Holistic solutions are needed The risk of data loss is well known — businesses cannot operate when their data is encrypted or unavailable; it is expensive and time consuming to recover, and there is significant reputational risk attached to a data breach. The trouble is that most businesses only realise how significant the impact is once something
happens and it is too late. It is imperative to have some sort of mitigation plans in place, whether this is as simple as an external storage device, or whether it is a full backup and recovery solution from a third-party provider. The key is to maintain a backup copy in a separate location to production data, to enable recovery in the event of data loss. Learn from the experience of others The reality is that the principles and best practices around data management remain the same, no matter where data is stored. The basic steps are to make sure you are protected and can recover, and then to continually test that recovery ability. However, the reality is often more complicated, because not all data is of equal value, and most businesses are not data management experts. There is no such thing as a ‘one size fits all’ approach to data management, protection and recovery, but the truth is that prevention is always better than cure, so some sort of system needs to be in place. Waiting for things to go wrong before trying to fix them will inevitably result in unforeseen repercussions and challenges. An experienced service provider partner can help businesses to implement the best solution for their needs based on industry, legal requirements, budgetary constraints, the value of data and more.
securityfocusafrica.com
OPINION PIECE
ig data applications during B the Covid-19 pandemic Big data is the currency that now runs the world. But the applications of this incredible tool go far beyond business. When the Covid-19 pandemic made its way across the globe, big data was there to help scientists track the spread and derive helpful recommendations. By Gary Allemann, Managing Director at Master Data Management.
A
ll the uses and benefits of large-scale datasets have had a big impact on epidemiology, care, and public health solutions during the pandemic. This is because big data – even in the absence of more specific data – can lead to actionable insights in the face of large-scale problems. Applications for big data in combating Covid-19 Big data has redefined how we interact with the global economy. It has redirected business efforts, shifted the ways we formulate business intelligence, and most importantly, it has created unprecedented access and awareness of important healthcare information. This goes to show the importance of data in the modern information economy as we act to save human lives. Understanding how data applies to medical situations can be tricky as pandemic viruses aren’t like other customer behaviours. Data science may come in handy when determining how to generate new sales leads, but how can it help in fighting the spread of viruses? Fortunately, big data and the many tools available for utilising it have transformed epidemiology and the means of treating endemic diseases. Uncovering new treatments There is little that big data supports more than clinical research. Since this type of research is based on empirical, quantifiable results structured within carefully controlled phases, any big data created or applied within these studies has the potential to derive real, repeatable solutions. This is because legitimate data reveals insights into the ways the human body functions and reacts to treatment. Researchers were quick to utilise big data
securityfocusafrica.com
to look for new ways to combat Covid-19 when the virus emerged. In one instance, scientists from Columbia University began a start-up, called EVQLV, dedicated to the creation of Covid-treatments through computationally generating hundreds of millions of potential antibodies. Such a system is necessary for comparing and testing all the variables associated with treating a virus like Covid-19 and reducing the likelihood of drug-discovery failure. It was precisely the work of data scientists like these that gave us functional vaccines and medicines in such a short space of time. The human body is incredibly complex, and only big data offers the scope researchers need to analyse and innovate ideal treatments. Improving outreach Optimising these new treatments isn’t the only aspect of epidemiology that big data stands to improve. Reaching out to the public with messages about risk factors, vaccine eligibility, and safe practices have all been supported by data-driven practices. Using data from the North Carolina Health System, researchers identified patients who were already receiving cancer treatment but did not have an active email or patient portal or lived in a country with higher than a 20% poverty rate. As a result of this identification, vaccine information was sent out to 536 potentially marginalised patients who might otherwise not have known about their resources.
Improving patient outreach is just one of the many ways that big data has helped medical professionals manage the pandemic. However, just as the internet can help spread information through data, it can also help spread misinformation that threatens the good work being done in fighting Covid-19. Fighting misinformation Misinformation campaigns are a big problem in the fight against the pandemic. In fact, fake news about vaccines, treatments, and preventative solutions may even be a factor driving the ever-increasing Covid-19 death numbers. While the underlying problems in the media and human psychology make fighting these misinformation campaigns difficult, big data has actually made a difference. Scientists at the University of Southern California have taken to studying the spread of Covid-19 information through social media big data. They’ve set up an ‘infodemic observatory’ that makes use of automated software to watch 4.7 million tweets per day. This way, they hope to better understand how fears and misinformation spread and in turn create messaging and algorithms that better flag these issues. Big data offers us unprecedented information on how both viruses and people work. By applying this insight to the spread of misinformation, we can devise more useful tools for promoting an informed populace. As a result, we can better prevent pandemics in the future. The potential of data-driven health solutions Big data is immeasurably powerful. The solutions possible through big data insights include personalised care and even better methods of communication for important medical notices. But these applications of big data, as we’ve seen them throughout the Covid-19 pandemic, are only the beginning. Big data has innumerable applications in the healthcare industry. From epidemiology to patient outreach, the potential of this tool might just revolutionise healthcare on the whole. Care professionals and data scientists can run a well-planned brainstorming session, with big data at its core, to determine all the ways big data can still be applied in fighting Covid-19 now and preventing pandemics in the future.
SECURITY FOCUS AFRICA MAY 2022
23
OPINION ISS TODAY PIECE
Is climate change to blame for KwaZulu-Natal’s flood damage? With every second city and town projected to suffer increased flooding, South Africa must be better prepared. 12 May 2022. By Prof Francois Engelbrecht, Director, Global Change Institute, University of the Witwatersrand; Alize le Roux, Senior Researcher, ISS; Prof Coleen Vogel, Distinguished Professor of Sustainability, Global Change Institute, University of the Witwatersrand and Aimeé-Noël Mbiyozo, Senior Researcher, ISS. Republished from https://issafrica. org/iss-today/is-climate-change-to-blame-for-kwazulu-natals-flood-damage?utm_source=BenchmarkEmail&utm_ campaign=ISS_Today&utm_medium=email.
A
month ago, floods in the country’s eastern KwaZuluNatal province killed 489 people, destroyed 4,000 houses and displaced about 40,000 residents. Flooding started when a cut-off low-pressure system delivered extremely high rainfall levels of 450 mm in some areas in just 48 hours. Many have called it South Africa’s deadliest storm on record, and the country’s leaders have blamed climate change for the widespread devastation. But is that accurate? Flooding is a frequent, annual and well-known hazard in South Africa. Cut-off low-pressure systems have caused comparable events before, including in
24
SECURITY FOCUS AFRICA MAY 2022
KwaZulu-Natal. A remarkably similar system was responsible for the infamous September 1987 floods in the province that killed 506 people after 900 mm of rain were recorded over four days. In April 2019, another cut-off low-pressure system
brought 170 mm of rain to the Durban area (Chart 1). About 80 people died in the resulting mud slides and flash floods. A similar system caused the 1981 Laingsburg flood in the Western Cape. It killed 104 people when the Buffalo River
Chart 1: Similar weather systems caused severe flooding in the Durban area in (a) September 1987, (b) April 2019 and (c) April 2022.
securityfocusafrica.com
TECHNOLOGY ISS TODAY UPDATE
burst its banks after a downpour of 425 mm in two days. In 1968, 400 mm of rain fell in just four hours in the south eastern coastal city of Gqeberha, in perhaps the most intense rainfall event in the country’s recorded climate history. Durban’s ‘great flood’ in April 1856 saw rainfall totals of about 700 mm over three days. South Africa’s southern provinces were clearly exposed to flood risk induced by heavy rainfalls long before climate change became an issue. This said, evidence shows that climate change is increasing the intensity and frequency of storm systems worldwide. And the Intergovernmental Panel on Climate Change recently assessed that an upward trend in extreme rainfall events can already be detected in Southern Africa’s eastern parts.
Flooding is a frequent, annual and well-known hazard in South Africa Further rises in intense rainfall events are projected in the region for as long as the world continues to warm. Formal climate change attribution studies will probably confirm that the phenomenon indeed intensified this year’s floods,
securityfocusafrica.com
although such disasters occur in the province due to natural climate variability. KwaZulu-Natal’s April 2019 floods and mud slides should have been a reminder of how vulnerable the province is to heavy rains. Many communities live below flood lines along river banks and on steep slopes. Rivers such as the Mgeni and Mvoti, that transverse the larger Durban area, have long been known to cause severe flooding during periods of heavy rainfall. This situation isn’t unique to the province. A recent risk assessment in Tshwane revealed that more than 35,000 dwellings – half of these informal – are located below the indicative flood line. Population growth, unregulated informal growth, a lack of land use zoning enforcement and inadequate stormwater systems all contribute to growing flood risks. South Africa has experienced over 40 flooding disasters in the past 40 years, killing, on average, 46 people annually. During this period, floods cost the country upwards of R35 billion in direct losses, such as infrastructure damage. Wide-ranging indirect losses of informal homes, assets and other livelihood assets are undercounted and often uncompensated.
SA lacks collective memory about floods because it doesn’t have a reliable disaster database Despite these historical vulnerabilities, South Africa lacks collective memory about disasters since it doesn’t have a reliable disaster loss and damage database. Local, provincial and national governments haven’t been proactive enough in planning and building resilience, and the current early-warning systems and flood mitigation measures are inadequate and outdated. Risk warnings in informal settings are further complicated by residents who, despite being aware of the dangers, are often overwhelmed by the new nature and magnitude of these threats. Many communities are uninformed about climate risks, and the lack of alternative dwellings means they may resist warnings and refuse to move when offered substitute locations. Alongside climate change, South Africa
faces the growing exposure of vulnerable communities. Cities are proliferating and 24 million more people will be living in urban areas by 2050. Much of this growth will be informal, unregulated and likely on unsafe, high-risk vacant land. Uncontrolled urbanisation and a lack of land-use zoning enforcement are compounding climate risks. Every second city and town is projected to experience increased flooding by mid-century. The country needs a two-pronged response to these challenges. The first – improving early-warning systems – is short term, given the high levels of current vulnerabilities. Climate science is well-advanced, and such systems can provide reliable warnings one to three days ahead of major floods.
With its high level of vulnerabilities, South Africa must improve its early warning systems Local authorities must urgently develop contingency plans that include the relocation and evacuation of thousands of people in days. Municipal facilities should be ready to serve as emergency shelters during flooding and for cooling centres in extreme heatwaves. The second part of the response is to reduce systemic vulnerabilities through climate change adaptation. High-risk land exposed to natural hazards must be identified and indicated on land-use schemes. Zones designated unsuitable for development must be adhered to and enforced. Local governments should guide development, even if informal, onto safe and well-located land. Highrisk communities must be consulted and educated about the risks and alternative housing sites provided for relocation. At-risk infrastructure must be identified and protected through flood control mechanisms. New infrastructure investments should consider extreme rainfall events and climate adaptation needs in the planning, design and construction phases. All of society must be involved in these responses. Adaptation financing will be needed to spearhead them, and it must be directed towards measures that reduce flood risks and increase communities’ resilience. Without the necessary action, flooding will continue to cause widespread devastation.
SECURITY FOCUS AFRICA MAY 2022
25
PRESSXXX RELEASE
Partnerships that bring complementary services and technology can enable the growth of superapps in the region, says Economist Impact study • Telcos, ride-hailing companies and online marketplaces are all diversifying to become part of superapp industry, specifically in the Middle East and Africa • The second in a two-part report series commissioned by Mastercard Eastern Europe, Middle East and Africa, the paper was developed by Economist Impact, the research and analysis arm of The Economist Group • Study further reveals important lessons, not just for technology firms poised to become super-apps but for existing players too, particularly those in the financial services industry
T
he digital transformation of business and society has found fertile ground with early promise for the super-app model, specifically in the Middle East and Africa, even as mobile digital platforms continue to offer proprietary and thirdparty functions under a single brand. The second in a two-part report series commissioned by Mastercard Eastern Europe, Middle East and Africa, and carried out by Economist Impact, titled The super-app model in the Middle East
26
SECURITY FOCUS AFRICA MAY 2022
and Africa: Partnering with incumbents, harnessing new technologies, examines the super-app business model closely and the factors shaping their growth. The report reveals that with digital technology and easy availability of affordable mobile devices, the marketplace for goods and services has shifted away from the physical world and onto the mobile devices in consumers’ pockets. Companies today are delivering a host of services – from ride-hailing to e-commerce, money transfers to
education — directly through mobile phones, accessing consumers who were previously hard to reach. Now super-apps – apps that combine many functions in a single application – are taking the proposition even further. “While the region gets to grips with the technologies and business models that have transformed global business over recent decades, it must also prepare for the next waves of innovation and digitalisation, especially in the area of mobile financial services,” said Ngozi
securityfocusafrica.com
PRESSXXX RELEASE
Megwa, Senior Vice President, Digital Partnerships, Eastern Europe, Middle East and Africa, Mastercard. “With our digital-first approach, Mastercard is well-positioned to interconnect players across multiple sectors, such as banks, fintechs, digital giants, and more. Enabling them to capitalise on the opportunities that super-apps provide, by providing them with the most innovative technology solutions, platforms and propositions. New technologies such as quantum computing, blockchain or open banking will present new challenges and opportunities and will bring profound change to the growth trajectory of super-apps in the region,” said Megwa. Super-apps are challenging existing players that have to face competition from players outside their sector and are complicating the picture for regulators as these firms no longer fall into neat sector categories. In this new digital world, a company that offers ride-hailing services can also offer loans and one that offers groceries can also enable money transfers. The report goes on to reveal that the growth for aspiring super-app players is in having a large and trusting user base
securityfocusafrica.com
which is critical to succeeding in the transition from a single service to a super-app. Consumers who have already been won over by the initial service are more likely to embrace a new offering provided within the same app rather than use a different app that could be time-consuming, which is where partnerships play a critical role in advancing the growth of super-apps. In the region, mobile payments systems usually involve a partnership between super-apps and a licensed traditional financial institution. This model brings both advantages and challenges to the region’s traditional financial services companies and super-apps. For both, it extends their market reach into market segments which they could not otherwise service profitably. The study highlighted that for nonfinancial services companies, it can equip them with the capabilities and essential infrastructure needed to make money transfers, which would not have been otherwise possible. For banks, on the other hand, these partnerships help them access remote consumers or consumer segments they had chosen not to serve. These partnerships can also allow banks to experiment with innovative digital offerings without the up-front investment and associated risk. Banks can also use these technology firms as a pool of specialised skills that they would find challenging and expensive to assemble on their own account. The report explores the partnerships that have been forged that are propelling the development of super-apps and the technological advances that could shape the next stage of growth. Key findings include: • Trust, a large consumer base and local expertise are key competitive advantages for super-apps. A number of super-apps choose to enter partnerships with other firms, whereas others go their own way. What brings together their strategies, however, is an emphasis on developing a large user base and trust as a key enabler for ensuring customer loyalty and the uptake of new offerings. • Super-apps and traditional financial institutions need each other and are choosing to partner up. There has been a healthy amount of partnership between existing businesses and super-apps in the Middle East and Africa region. Superapps need access to the payment
infrastructure that only licensed financial institutions can provide. Similarly, by partnering up with super-apps, financial institutions can get access to new customer segments. • Some banks and financial services providers are taking the fintechs and digital startups, including super-apps, on at their own game. Since the arrival of mobile banking a decade and a half ago, institutions are in a position to develop a hybrid strategy which includes mixing the advantages of a physical branch network with the agility and reach of a mobile-first offering. Where a bank can offer mobile digital services under its own brand, it can compete with the digital startups on its own terms and retain the primary relationship with its customers. • Partnerships that bring complementary services and technology are key to the emergence of super-apps in the Middle East and Africa region. Collaboration is at the heart of the development of wide-reaching service platforms that can evolve into superapps. Partnerships press down on operational costs, bringing together expertise from areas such as payments, financial services and technological innovation that are needed to bring super-apps to life. “Given the importance of getting the payments component right, companies vying for super-app status in the region must have a deep understanding of the existing financial services landscape and the perspectives of existing players in this space. This study throws light on this issue and will enable players within the super-app ecosystem to gain significant insights which will help the growth of super-apps in the region,” said Walter Pasquarelli, Research Manager, Tech & Society, Economist Impact. In the Middle East and Africa, locally or regionally grown super-apps have the advantage to scale internationally, but a few have chosen to make a geographical or local specialisation their unique selling point as they have a full understanding of local cultural norms and preferences. At the same time, the report highlights that companies in the region have many regulatory and operational hurdles to overcome, despite the many advantages apps with a large user base may possess as they transition to a super-app. Download the report here.
SECURITY FOCUS AFRICA MAY 2022
27
PRESSXXX RELEASE
Data for good as a digital disruptor The devastating floods of April 2022 in KwaZulu-Natal, which claimed the lives of at least 435 people, demonstrated an opportunity to leverage the power of data in both prevention and relief efforts in the future. SAS experts share further insights.
D
ata is generated everywhere — from the movements of mobile devices or wearables tracked by GPS to social media and retail activity. While there may seem to be no direct connection between data and coordinated flood response, the fourth industrial revolution (4IR) has created the opportunity for crowdsourcing and citizen data scientists to help solve humanitarian problems. I-Sah Hsieh, Principal Program Manager, Corporate Social Innovation and Brand, SAS Institute, explains: “Data by itself is meaningless. This is where innovative technology like artificial intelligence (AI) can awaken data’s true potential. Using sophisticated algorithms, it is possible to transform the raw data into intelligence much more efficiently than in the past. AI can help address some of Africa’s and the world’s most pressing issues — from healthcare to education, sustainability, energy and social development.” Using data for good means harnessing digital disruption to meet the United Nations’ Sustainable Development Goals, which serve as a useful proxy for solving the world’s social problems. Data is proliferating at a rate faster than it can be applied for social good, but there is enormous potential in harnessing it for decision makers to draw upon. Murray de Villiers, EMEA Emerging, Education Head, SAS Institute sheds light on a real-life example that puts this into context. “SAS in South Africa has partnered with the Department of Higher Education to determine the optimal placement for new schools in rural KwaZulu-Natal. Through using crowdsourced data we were
28
SECURITY FOCUS AFRICA MAY 2022
able to measure the daily commutes of high school learners from their communities. Some learners were travelling up to 30 km per day, mostly by foot. Though from an analytics point of view using satellite data to pinpoint new school locations was a relatively simple exercise, it has the potential to deliver tangible life benefits for students who may potentially miss school days regularly due to excessive distances.” Data can be used to create insight, and insight underpins policy. Relief efforts, repair and reconstruction by civil society and the public and private sectors can be guided by these insights if enough data is collected and aggregated in a useful format. “The data for good movement is generating a lot of energy and goodwill among our employees. With some analytics and creative data science we can use the power of data to improve and save lives,” states Hsieh. “We need to teach the world to embrace data, through literacy programmes, so that we create a cohort of citizen data scientists. This is a virtuous circle since the use of data can support the delivery of education. Promoting data literacy, regardless of role or job description, will lead to data and analytics being employed as critical tools in decision-making,” says de Villiers. These topics may seem complex and unfamiliar, but it is when real-world examples of successful applications demonstrate benefits for society that people begin to engage with data science and analytics. The conduit is passion about
social impact. Data for good is an easy way to start engaging the next generation of citizen data scientists about the importance of data literacy. Residents of KwaZuluNatal reporting impact data around them do not need to be mathematicians or statisticians to appreciate the power of data in preventing and responding to future natural disasters. In a similar way, projects around the world are achieving social good. One example is protecting the Amazon from deforestation by asking citizen data scientists to click on satellite imagery where they see signs of human impact. This activity is training artificially intelligent models to recognise signs of human impact that will ultimately accelerate research and make it more accurate. Citizen data scientists are both protecting the Amazon and learning about AI simultaneously. In another example, organisations that dig wells to provide access to fresh water in some of the world’s poorest countries are being assisted in determining well location by citizen data scientists. The same skills that are being employed commercially can be extended to deliver social good in line with Sustainable Development Goals. “What is required for the impact of data to be maximised is an increase in participation. There are a few hurdles to overcome: most notably cooperation among competitors, who may resist sharing data related to their business model, as well as privacy concerns,” indicates Hsieh. The solutions to the first problem lie in demonstrating the collective benefits of data sharing in both overcoming industry challenges and addressing global social issues, as well as legislators incentivising data sharing by organisations. In general, insights and trends beyond one’s own organisation leads to better responses to challenges that affect all market participants. As far as the second problem is concerned, there is a trade-off to be made in effectiveness of harnessing data when privacy is paramount. Anonymising data as much as possible and preventing traceability to individual level can reduce resistance to donating data toward a good cause. Data for good needn’t compromise privacy. “The world is on the cusp of bringing together machine learning, AI, predictive analytics and optimisation to create new solutions to social problems. All that is required is some creativity and imagination to unlock the power of data for good,” concludes de Villiers.
securityfocusafrica.com
PRESSXXX RELEASE
A common purpose unites private and public sectors to strangle organised crime targeting South Africa’s wildlife The South African Anti-Money Laundering Integrated Task Force (SAMLIT) today revealed that its public private partnership has seen several successes due to their collaborative efforts to disrupt financial crimes connected to the illegal wildlife trade (IWT).
A
panel of SAMLIT members represented by the Directorate for Crime Prevention (Hawks), South Africa’s financial intelligence unit, the Financial Intelligence Centre (FIC), and Investec, discussed how the SAMLIT platform facilitated information sharing which led to 12 arrests and 78 rhino horns, ivory and other wildlife products being seized. This achievement was attributed to the increased collaboration between the private and public sector. Cooperation with international agencies also led to the arrest of three people in foreign jurisdictions. SAMLIT shared their successes with members of the South African chapter of United for Wildlife (UfW), the counterIWT task force established and driven by His Royal Highness, Prince William, the Duke of Cambridge, through the Royal Foundation. UfW hosted a meeting attended by representatives of the finance and transport industries, government, law enforcement and conservation organisations. The collaborative partnership between UfW, SAMLIT members and the FIC was tested when, at the end of 2021, 24 rhinos were killed in less than 48 hours. In response, SAMLIT, the FIC and UfW were able to support activities by the Hawks, which included increased scrutiny at airports and marine ports. This led to the seizure of the horns before they left the country, and multiple arrests since. “It takes a network to catch a network, and we have learnt that by joining
securityfocusafrica.com
forces and communicating through legal frameworks, we can be much more effective than by operating in silos,” says Gerald Byleveld, Investec’s Head of Financial Crimes Compliance, and head of SAMLIT’s IWT expert working group. Colonel Johan Jooste, National Section Commander of Wildlife Trafficking at the Hawks says: “Thanks to the backing of the private sector, we have seen how, by adding financial crimes to wildlife charges, criminals can be more effectively prosecuted and get longer sentences.” The recent sentencing of Ping Wu, who was sentenced by the Thembisa Regional Court to five years imprisonment for money laundering linked to illegal rhino horn trafficking, is a significant example of the success of this approach. SAMLIT aims to combat illegal wildlife trade by focusing on the financial flows that prop it up. Working in a multidisciplinary law enforcement task team including the FIC, law enforcement agencies were able to respond quickly to the situation in December, sharing comprehensive financial information on the arrested parties and suspects related to the investigations. Since the arrests, the SAMLIT multi-disciplinary law enforcement task team has taken up four separate related financial investigations with the relevant banks and the Hawks, and it is intended that, by the time the cases get to court, a number of financial crimes charges will have been added to the IWT cases. “SAMLIT and the Southern African chapter of UfW are setting a brilliant
example for other countries and regions of how collaboration, focus and commitment can make a positive difference for our communities and our planet,” says David Fein, United for Wildlife Financial Taskforce chair. “Two years of hard work have led to tangible results, and none too soon, as South Africa experienced a spike in rhino poaching late last year. The members of SAMLIT and the Southern Africa chapter of UfW responded with urgency, leading to seizures and arrests, and putting the traffickers of endangered species on notice. We were so pleased to return to Southern Africa last week and to share the experience of South Africa with other countries in the region.” United for Wildlife recently co-hosted a conference about combating IWT in Southern Africa with the British High Commission in Botswana, drawing representatives from Angola, Botswana, Mauritius, Mozambique, Namibia, Zambia, Zimbabwe, and South Africa, with the aim to expand the Southern African Regional Chapter. This chapter will work to enhance communications between South Africa and its neighbouring countries, to improve the effectiveness of investigations across borders. It will continue to work with UfW’s international financial and transport taskforces to share information and resources, strengthen existing partnerships and better respond to support local priorities. The regional chapters will then form a collaborative network across the globe, from the Middle East to the Americas.
SECURITY FOCUS AFRICA MAY 2022
29
PRESSXXX RELEASE
A channel focus and strategic advantages position partners for success While many vendors have always taken a hybrid route to market approach, challenges brought about by the pandemic and economic upheaval has created a more competitive environment resulting in many vendors taking a more direct sales route. By cutting out channel partners now or adopting a hybrid sales strategy, vendors may place themselves in a difficult position later on.
S
ays Hayden Sadler, Country Manager for South Africa at Infinidat, “Rather than losing sight of the channel during challenging times, vendors should be investing in them with a long-term strategic view toward current and future growth, creating a vendor/ partner ecosystem. Collaborating with channel partners and providing them with the necessary support and value adds is necessary to achieve this.” Lost trust can last a lifetime When it comes to sales and revenue, some vendors are feeling the pinch. There has been a lot of pressure in terms of reduced spend, as well as prolonged project approvals, which results in shrinkage to the business. Data storage platforms, in particular, are under increased scrutiny, and businesses are sweating their existing assets in many cases. A knee-jerk response is for vendors to adopt a direct or hybrid sales approach whereby they sell directly to the end user as well as via the channel. This can seriously damage relationships and trust with partners that is essential for growth and success in the future. This trust could prove difficult, even impossible, to get back. Hence it is important for vendors to adopt a channel-centric strategy that is supportive of their partners growth whilst delivering a number of value adds to boost business on both sides. Invest in the future Sadler adds, “The reality is that channel partners are an integral and essential part of the route to market in South Africa and other developing countries. They are an effective extension of vendor business, helping to create a presence and geographic reach in more areas, as well as
30
SECURITY FOCUS AFRICA MAY 2022
offering service, support, maintenance and other value-added services that enhance a vendor’s brand. Without channel partners, vendors may find it difficult to serve these markets effectively.” A long-term view of the current economic climate is to build out the channel ecosystem and invest in it further, helping to support channel partners to flourish while increasing confidence and trust. Commitment and focus Investing in channel partners with initiatives like training, certification and resources to support sales can help partners to deliver better value propositions to their customers and close more sales. In addition, demand generation events and other partner events are also instrumental in driving more partner sales and demonstrates the effectiveness of an ecosystem. “This type of investment is crucial for vendors as many regard the channel as their extended sales force and implementation partner. We created a certification programme which our official partners have participated in, not only to generate more revenue for themselves but to also deliver a better technical and support experience to their end-user customers,” Sadler explains. Adds Shawn Marx, Business Unit Manager: Converged Solutions at Datacentrix, “Datacentrix became a Tier 1 reseller at the beginning of 2019 as well as an authorised Infinidat services partner for South Africa. Our relationship, certification and the partnership commitment from both sides provides us with a real strategic advantage with our end-user customers. This support instils confidence in end-
Hayden Sadler.
users and has helped in strengthening our relationships with South African businesses. Infinidat’s marketing support through networking and lead generation activities further make our prospect and sales process easier.” In a distribution environment that features multiple vendors, it is important for these vendors to provide a dedicated channel resource for sales, support and marketing. All of this will contribute to increased revenue, both for the channel and for the vendor. This is a win-win situation for all parties — channel partners grow, customers get better support and service, and vendors maintain and increase their business. Sadler says, “For us, having a cofunded personnel resource at our distributor ensures that they are supported in a seamless manner. The dedicated resource is part of the distribution team and is integrated with the organisation, whilst having a sharp focus on our offering. This provides a ‘go to’ person that has the vendor and distributor’s best interests at heart. “Taking a long-term view is essential to creating sustainable business models and cutting channel partners out is the antithesis of this approach. Our focus now, more than ever, should be on supporting partners with training and development, building trust and loyalty, and maintaining relationships that will inevitably prove critical to future success.”
securityfocusafrica.com
CYBER SECURITY
Red flag for ransomware:
attackers are using the Log4Shell vulnerability to deliver backdoors to virtual servers, Sophos research shows Sophos finds three backdoors, possibly delivered by Initial Access Brokers, and four cryptominers targeting unpatched VMware Horizon servers.
A
global leader in next-generation cybersecurity, Sophos released findings on how attackers are using the Log4Shell vulnerability to deliver backdoors and profiling scripts to unpatched VMware Horizon servers, paving the way for persistent access and future ransomware attacks. A new technical paper, Horde of Miner Bots and Backdoors Leveraged Log4J to Attack VMware Horizon Servers, details the tools and techniques used to compromise the servers and deliver three different backdoors and four cryptominers. The backdoors are possibly delivered by Initial Access Brokers. Log4Shell is a remote code execution vulnerability in the Java logging component, Apache Log4J, which is embedded in hundreds of software products. It was reported and patched in December 2021. “Widely used applications such as VMware Horizon that are exposed to the internet and need to be manually updated, are particularly vulnerable to exploitation at scale,” said Sean Gallagher, senior security researcher at Sophos. “Sophos detections reveal waves of attacks targeting Horizon servers, starting in January, and delivering a range of backdoors and cryptominers to unpatched servers, as well as scripts to collect some device information. Sophos believes that some of the backdoors may be delivered by Initial Access Brokers looking to secure persistent remote access to a high value target that they can sell on to other attackers, such as ransomware operators.” The multiple attack payloads Sophos detected using Log4Shell to target vulnerable Horizon servers include: • Two legitimate remote monitoring and management tools, Atera agent and
securityfocusafrica.com
Splashtop Streamer, likely intended for malicious use as backdoors • The malicious Sliver backdoor • The cryptominers z0Miner, JavaX miner, Jin and Mimu • Several PowerShell-based reverse shells that collect device and backup information Sophos’ analysis revealed that Sliver is sometimes delivered together with Atera and PowerShell profiling scripts and is used to deliver the Jin and Mimu variants of the XMrig Monero miner botnet. According to Sophos, the attackers are using several different approaches to infect targets. While some of the earlier attacks used Cobalt Strike to stage and execute the cryptominer payloads, the largest wave of attacks that began in midJanuary 2022, executed the cryptominer installer script directly from the Apache Tomcat component of the VMware Horizon server. This wave of attacks is ongoing. “Sophos’ findings suggest that multiple adversaries are implementing these attacks, so the most important protective step is to upgrade all devices and applications that include Log4J with the patched version of the software. This includes patched versions of VMware Horizon if organisations use the application in their network,” said Gallagher. “Log4J is installed in hundreds of software products and many organisations may be unaware of the vulnerability lurking within their infrastructure, particularly in commercial, open-source or custom software that doesn’t have regular security support. And while patching is vital, it won’t be enough if attackers have already been able to install a web shell or backdoor in the network. Defense in depth and acting upon any detection of miners and other
anomalous activity is critical to avoid falling victim to such attacks.” For further information read the article Horde of Miner Bots and Backdoors Leveraged Log4J to Attack VMware Horizon Servers on Sophos News. Sophos has closely monitored attack activity related to the Log4Shell vulnerability and has published a number of in depth technical and advisory reports, including Log4Shell Hell – Anatomy of an Exploit Outbreak, Log4Shell Response and Mitigation Recommendations, Inside the Code: How the Log4Shell Exploit Works, and Log4Shell: No Mass Abuse, But No Respite, What Happened? Additional Resources • Sophos endpoint products, such as Intercept X, protect users by detecting the actions and behaviors of attackers • Further details on the evolving cyberthreat landscape can be found in the Sophos 2022 Threat Report • Tactics, techniques, and procedures (TTPs) and more for different types of threats are available on SophosLabs Uncut, which provides Sophos’ latest threat intelligence • Information on attacker behaviors, incident reports and advice for security operations professionals is available on Sophos News SecOps • Learn more about Sophos’ Rapid Response Service that contains, neutralizes and investigates attacks 24/7 • The four top tips for responding to a security incident from Sophos Rapid Response and the Managed Threat Response Team • Read the latest security news and views on Sophos’ award-winning news website Naked Security and on Sophos News.
SECURITY FOCUS AFRICA MAY 2022
31
CYBER SECURITY
Inside Complex RansomOps and the Ransomware Economy Ransomware operations have transformed dramatically over the last few years from a small cottage industry conducting largely nuisance attacks to a highly complex business model that is extremely efficient and specialised with an increasing level of innovation and technical sophistication. By Brandon Rochat, Cybereason Sales Director, Africa.
A
ccording to recent reports, the global volume of ransomware operations reached 304.7 million attacks in the first half of 2021 — a year-over-year increase of 151%, and 100k+ more attack attempts than in all of 2020. Research by Cybersecurity Ventures estimated a ransomware attack occurs about every 11 seconds. That translates to about 3 million ransomware attacks over a year. In 2021, the average ransom payment was $570,000, a 518% increase from 2020. For perspective, this average is relatively low compared to recent ransom demands that have hit as high as $50 million or more. Several factors have contributed to the maturation of ransomware operations, resulting in a significant surge in ransomware attacks with record-breaking
32
SECURITY FOCUS AFRICA MAY 2022
ransom payouts. Ransomware purveyors are moving away from high-volume attacks with low ransom demands in favour of more focused, custom attacks aimed at individual organisations selected for the ability to pay multi-million dollar ransom demands. These more complex ransomware operations, or RansomOps involve highly targeted, complex attack sequences by sophisticated threat actors. The burgeoning Ransomware-as-aService (RaaS) industry has also lowered the technical bar for many would-be attackers by making complex attack infrastructure available to low-skilled threat actors. Ransomware is an extremely lucrative business model with little-to-no risk involved for the threat actors. Couple this with the willingness of most victim organisations to pay the ransom demand
swiftly under the assumption it will return business operations to normal, and we have a big problem with no easy remedies. This has created a gold rush in the cybercrime world, spawning an ecosystem of technologies and services that support these illicit operations, creating a larger Ransomware Economy that flourishes much like any legitimate emerging market sector. This white paper examines the growing threat from complex RansomOps, as well as the larger Ransomware Economy, and provides prescriptive guidance for organisations determined to remain undefeated by ransomware attacks. Download the full RansomOps white paper here.
securityfocusafrica.com
CYBER SECURITY
encrypted and remotely wiped in the event of theft.
ATG Digital offers advice to ensure your premises’ access control isn’t the chink in your data protection armour.
Surviving breach season: 3 rules for visitor data privacy and protection Since Covid hit our shores in early 2020, it brought a sea of data breaches, one crashing wave after another. From Experian to Lightstone and now TransUnion—personal data is under siege from all sides. What can your business do to protect visitors’ information? ATG Digital gives insight into the triad of visitor data protection.
W
hen people do business with your company, they trust you with their information,” says ATG’s Ariel Flax. He continues, “Your responsibility for their privacy should extend to anyone who submits their personal information when they check in at the gate or reception.” According to Flax, visitor data can be targeted by criminals or competitors. Good privacy practices aren’t just a courtesy but a legal requirement since POPIA came into effect in July last year. Rule #1: Only Collect What You Need to Know Collecting critical data only at check-in saves visitors time and mitigates risks. “Your guests love the swift experience and feel safer on your premises,” says
securityfocusafrica.com
Flax. He explains that visitors immediately get their backs up when they have to answer too many questions. As per POPI act regulations, Flax advises businesses only to collect what is necessary for the purpose of access control security on-site. Rule #2: Encrypt Personal Information at Reception “If you’re still using handwritten registration books, ditch it,” cautions Flax, “our most recent survey revealed that over 60% of visitors peep at who’s checked in ahead of them—that’s 60% too many.” Names, cell phone numbers, and ID numbers should not be exposed at any time. Electronic devices can be locked,
Rule #3: Write Data Protection into Your Company DNA Security and governance go hand-inhand, yet many companies fall short by assigning the responsibility of visitor data either to physical security or IT. Firewalls, IPS and IDS go a long way, but Flax says, “It’s everyone’s responsibility to know and enact the security policy. Employee training against social engineering (phishing), network and physical perimeter protection must be enforced daily.” These days, a cell phone number and a name are enough for unscrupulous hackers. In line with POPIA, have a policy that defines the process of collecting data, securely storing it and deleting it as soon as it is no longer necessary. You’ll need a shredder if you have paper records. Digital visitor management software like At The Gate and At Reception immediately encrypts data and uploads it to the cloud. Records are not stored on the device and cannot be accessed by security guards, receptionists, or anyone else who may handle the device. Bonus Tip: Consider Ears Too While most companies are primarily concerned with praying eyes (and long fingers), Flax raises an interesting point about keeping sensitive information out of earshot. “Discussions in meeting rooms and offices also need protection,” he says. Flax adds, “Assess the acoustics of your offices and meeting rooms. Consider investing in some soundproofing if need be. You can make a policy not to discuss the personal data of visitors/patients/ partners in common areas of the office.” In short: Guard Your Entrances and Exits “The point of [data] entry can be the very point where sensitive information leaves. If you’re asking visitors for information on arrival, guard it the same way you would any other data on your network,” concludes Flax. ATG Digital offers visitor management security assessments drawing on numerous years of access control experience. As the brand behind Century City’s identity and number plate verification, there is no site too big or small for ATG.
SECURITY FOCUS AFRICA MAY 2022
33
SECURITY IN ACTION
The IHMA’s Dr Paul Dunn says the use of smartphone technology takes holograms to levels of brand protection and anti-counterfeiting.
Smartphone technology calls in holograms Dr Paul Dunn, chair of the International Hologram Manufacturers Association, considers new possibilities for brand protection and anti-counterfeiting created by hologram validation using smartphone technology.
H
olography has helped to bring smartphone digital interaction in the brand protection and authentication space closer as the security technology discovers new outlets and innovative applications. In turn, this is driving continued expansion as increasing numbers of organisations accept the advantages that holograms offer and invest in digital-based interactive solutions for their products to protect against global brand piracy and counterfeiters. In particular, we are seeing myriad opportunities appearing for brand
34
SECURITY FOCUS AFRICA MAY 2022
protection and anti-counterfeiting through hologram validation using computer vision on smartphones; the use of smartphones with integrated cameras has been transformative and image and video content captured on these devices dominates so much of contemporary life through social media, entertainment, recognition and validation. So called ‘computer vision’ has become both ubiquitous and familiar; a powerful tool for the validation and recognition of holograms. For example, the consumer can validate the integrity of a
holographic tax stamp on a wine bottle while a unique identifier links it to an information system (track and trace) which will confirm the authenticity – or not – of the product. The use of a mobile app in the consumer’s smartphone ‘interrogates’ the hologram and searches for all the embedded security elements by examining the interaction via reflected light.
securityfocusafrica.com
SECURITY IN ACTION
Validation As a security element, holograms are already powerful devices in their own right, and ‘fake’ holograms – which are cost prohibitive to produce – can be detected because they are usually duller than, or lack the complexity and fine details of, bonafide ones, allowing inspectors and consumers to distinguish the real from counterfeit very quickly. But this presupposes that people – in particular consumers – know what they are looking for in the first place. Too often, they don’t. Added to this, whilst the visual properties of holograms are intended as a first line defence for the public, they frequently incorporate hidden features for inspectors (e.g., customs officials) which require special readers. Although not necessarily costly, such readers need to be
securityfocusafrica.com
put in the hands of those inspectors, which can be logistically problematic. This is where holograms using computer vision come into their own, providing all the advantages of physical digital protection through ubiquitous smartphone readers for authentication, supply chain track and trace, and grey market monitoring. They can also be used as an integral part of an enhanced, upgraded warranty management scheme and product return programme to inspire stronger consumer confidence. Offering a high level of counterfeit deterrence, a new generation of digital enhanced optical features, which incorporate holographic effects and offer overt, covert and forensic features, herald a step-change in areas in the secure document industry and other areas in the coming few years. For instance, the Portuguese mint and official printing office INCMLAB’s UNIQODE project has led to a new encoding technology generated by and embedded into holograms that can be verified by online and offline mobile devices, preventing product adulteration and facilitating traceability. Highly flexible, this is an effective machine-readable information system used to check and quickly validate security documents, which also has wider brand protection applications in the consumer market place. UNIQODE incorporates a security hologram that encodes unique and irreproducible layers of optical features. By being accessible to its users, it also allows the consumer to help brands and authorities in the fight
against counterfeiting, further promoting confidence in the market. It’s possible to use authentication technology to support the way to certify people who have immunity against the virus. In an interesting development, OpSec has a track and trace product to link a Covid-19 test result or vaccination, which carries a unique identifier, with a code on a government grade holographic smart label. This can be attached to a person’s passport or other identity document and then be verified by, for example, passport control officials using a simple smartphone app. It remains appropriate that as holography continues to find ever new and different ways to embrace digital interaction, the technology itself remains undimmed — a highly secure element suitable for visual identities for brand protection, protecting against counterfeiting and securing tax revenues as part of tax stamp track and trace programmes. But the use of smartphones takes it to a new level, combining those virtues with the ability to supplement visual protection with a raft of new opportunities for digital protection and product management. This article is based on a paper presented by Nuno Gonçalves from the Imprensa Nacional Casa da Moeda (INCM), the Portuguese state printer and mint, at the Holography Conference 2021. Issued on behalf of the IHMA by Mitchell Halton Watson Ltd. For further details contact: Andy Bruce on +44 (0) 191 233 1300 or email andy@mhwpr.co.uk
SECURITY FOCUS AFRICA MAY 2022
35
NEWS
Securex 2022 exhibitors serve up the best in security for upcoming show Exhibitors at the upcoming Securex South Africa 2022 trade show will be demonstrating the best in security-related products and services to the market – from fleet and key management, to integrated workspace management, non-lethal protection solutions and more.
S
ecurex South Africa 2022, Africa’s leading security exhibition, will take place from 31 May to 2 June 2022 at Gallagher Convention Centre in Johannesburg, and will be co-located with three additional Specialised Exhibitions trade shows, namely A-OSH Expo, Facilities Management Expo and – for the first time – the new Firexpo 2022. Access to the four trade shows is free-of-charge for visitors. Exhibitor highlights for visitors to see and experience will include: Kenai’s cloud-based workplace management systems South African start-up Kenai is showcasing how its cutting-edge technology can be used to replace outdated and frustrating processes with new streamlined solutions that enable real-time control, visibility and reporting into the flow of people and assets throughout a physical workspace. Kenai’s cloud-based solutions are tailored to meet the specific needs of clients, whether for a single office or an entire
corporate campus, using facial recognition to remove the stress from booking visitors’ parking, induction and Covid-19 screening with pre-registration. Furthermore, Kenai’s solutions can facilitate all internal and external compliance requirements and help provide a safe, secure workplace by providing real-time oversight of people and assets through logs, inductions, and critical alerts. Visit Kenai on stand F46 to book a free demo, and also to scan the unique Access Pass QR code in order to enter a competition to win some incredible prizes, including a brand-new iPad!
A quite literally stunning experience with EPS STUNTECH Eagle Projects and Solutions (stand C01) is relaunching the ranges of STUNTECH security equipment in South Africa, incorporating newer technology and more effective security, including a non-lethal high
36
SECURITY FOCUS AFRICA MAY 2022
voltage shock as deterrent. Products to be showcased at Securex will include Shock Shields, Shock Briefcases, the Shock Caddy and Stroller cases, Shock trolley and Prisoner Anti-Scape Stunbelts. The organisation will also be introducing its new audit feature addition at the show – a world first – which now enables officials to monitor and control the use of the STUNTECH Shields and Prisoner Stunbelts in sensitive environments. Says EPS director, Tienie Labuschagne: “Securex South Africa, with its reputable long-term local and international footprint, continues to draw thousands of visitors from all sectors, and we believe, will be a great platform for the relaunch of the newly branded EPS STUNTECH security innovations.” Impenetrable security fog from Bandit Bandit (stand A13) will be holding live demonstrations of Fog Bandit, its answer to burglary protection. Fog Bandit is a safety device that essentially thwarts the plans of burglars by generating and releasing a large fog curtain. A fast, powerful and effective solution, Fog Bandit is able to protect assets without causing damage to the property or people. The reliable, safe system is activated by one press of the ‘panic button’ or through the alarm system, after which the would-be thief is enveloped in a thick cloud of fog within seconds, reducing visibility to less than 30 centimetres. Its built-in battery means that Fog Bandit is effective even during loadshedding, and the fog emitted is not harmful to health and dissolves after half an hour, leaving no traces. LJI International looks at the benefits of smart key management LJI International is ready to talk to Securex visitors about the benefits of key management systems, and what implementing proper key management brings to the table for a business. “Do you find security personnel are held up at shift change waiting for key handovers? Can your staff not access areas
securityfocusafrica.com
NEWS
due to clumsy key handling practices? These challenges will be a thing of the past with an automated key management system. Not to mention, they allow you to also take control of your fleet, too. Everything from truck assignments to ensuring mileage/ maintenance logs to stay up-to-date can be handled through a key system,” explains Lial Snell, of LJI International. “Think of a key management system as a cost-effective way to keep your access control on point. You track, secure, and intentionally distribute keys. Key management systems also securely store keys when not distributed and can help you build an accurate picture of who uses what in your organisation, allowing you to streamline processes.” Keen to embrace the many benefits of key management today? Visit LJI International on stand F40, for more information on the company’s range of smart electronic key cabinets, key locker systems and smartkey offerings. Gurtam to launch new video functionality for fleet management At Securex this year, Gurtam (stand D28) will be presenting its offering aimed to help businesses ensure high security for vehicles, people, and assets. Known as Wialon, this platform for GPS tracking and IoT is Gurtam’s flagship product, and the company will be providing Securex visitors with a live demonstration of the system’s features, focusing heavily on security, fleet management, and stolen vehicle recovery. The expert team at the show will also share real-life use cases displaying how you can prevent vehicle theft, improve driver behaviour, and keep cargo safe. Additionally, at Securex, Gurtam will introduce the Wialon video functionality that enables users to stream and playback videos from cameras installed in vehicles or other assets. Users can also link videos to specific events, such as fuel thefts or speeding, to enjoy even better control over their vehicles. Premium card security products and solutions from Easi-card Providing quality card technology and packaging solutions, Easi-card has become South Africa’s leading card security store, stocking and producing custom plastic cards, accessories, card printers and cameras for mining, security, stationery and marketing-related businesses. Visit Easi-card (stand F03) to find out more about the company’s patent for recycling cards, which has helped many
securityfocusafrica.com
industries; its solution to help prevent the cloning of cards, a real challenge in South Africa; and its use of QR codes, which the organisation believes has a massive potential in the security space where they can be both encrypted as well as UVprotected. RTS: the best in radio communication infrastructure RTS, a company with a wealth of experience in the design, supply, installation, commissioning and maintenance of radio communication infrastructure, will not only showcase its Internet Protocol Radio (Iwalkie) at Securex 2022, but the business will also be displaying its licence-free radios (4475, Bosvark, Padvark and Vratvark), as well as a new offering, namely the TVT CCTV system from a company called Forbatt. Visit stand E12 for more information. Innovative industrial automation products from RJ Connect RJ Connect (stand B13), a leader in the supply and support of industrial communication equipment, industrial redundant Ethernet, fibre-optic converters, data networking products, and serial to Ethernet device servers in Sub Saharan Africa, will focus on the Crevis industrial remote I/O offering for factory automation and the ruggedised Robustel industrialquality cellular routers, as well as Moxa’s latest next-generation industrial switches: EDS G4000, gen 4, aimed at building futureproof industrial networks to strengthen operational resilience in industrial spaces such as power, transportation, maritime, and factory automation. BAS-IP brings the best in IP intercom products BAS-IP (stand E08), a business with a strong focus on the development and manufacture of IP intercom products, access control and communications, will be demonstrating several innovative, feature-packed solutions at this year’s Securex. This will include its AI intercom system with smart home integration, which comes in a variety of colours and features suited to any interior and technical needs, as well as its exclusive multi-apartment entrance panel, pleasing for both architects with its appearance, and engineers with its set of unique functions. The panel has dual camera for perfect face recognition and UKEY mobile access. The organisation will also have available its BAS-IP Obelisk, an AI pedestal with an integrated IP outdoor intercom system,
developed to provide convenient, stylish, secure, and quick access to a building or territory. iCAM Video Telematics combines video with telematics for in-vehicle safety iCAM Video Telematics (stand D20), a leading supplier of in-vehicle camera solutions, combining video with telematics, will demonstrate several solutions at Securex 2022, including the following: • ADAS and DMS - enhancing good driving behaviour and driver safety through the monitoring of driver fatigue, distractions and mobile phone use, as well as headway, collision and pedestrian warnings. • Multi-camera systems - iCAM multicamera systems provide up to 360 degree views in and around a vehicle. Fitment of up to 12 wired cameras allows for views of road, in-cab, external sides, in cargo, reverse and other viewing angles customised to customers’ needs. These video devices allow up to 500 hours of recording, historical playback, live streaming, and event based video footage uploaded to cloud storage. • Video meets telematics, meets AI, meets IoT – iCAM’s latest camera solutions now integrate with multiple device types and technologies both on its own systems and linking into third-party systems and hardware, including OEM on-board systems. This, combined with API functionality, allows iCAM solutions to cover the entire fleet management spectrum and provides the user and management with the most accurate data possible to manage and utilise fleets and track assets. New iCAM products for 2022 include: windscreen-mounted devices with built-in AI; entry-level connected devices for the smaller vehicle fleets, such as security and emergency services vehicles; and accessories such as proximity sensors, in-cab screens and more. Visitor registration for Securex 2022 is open! Click here to secure your ticket. CONTACTS: Specialised Exhibitions Keraysha Pillay tel: +27 (0)11 835-1565 kerayshap@specialised.com icomm Nicola Read Tel: +27 (0)83 269 2227 Email: nicola@pr.co.za Web: www.icomm-pr.co.za
SECURITY FOCUS AFRICA MAY 2022
37
THE LAST NEWS WORD
ATTEMPT TO CAPTURE NATIONAL TREASURY Part 4 of the Zondo Reports has been delivered to the State President and was released into the public purview. The first part of the Report, comprising 174 pages, is titled ‘Attempted the Capture of the National Treasury’.
F
By Peter Bagshawe.
urther content includes sections devoted to EOH Holdings, Alexkor, The Free State Asbestos Debacle, The Free State R1 billion Housing Project Debacle and The Capture of Eskom. The Eskom section is ninety-two pages long. What is apparent, off the titling of the sections, is an increase in reaction, by Commission Chair Raymond Zondo, to the nature and impact of evidence presented. In this regard the duplication of the word ‘Debacle’ in the title of both Free State sections is significant, as is the level of evidence which justifies the use of ‘Debacle’. By far the most important part of the report deals with attempts to orchestrate
38
SECURITY FOCUS AFRICA MAY 2022
the takeover of the National Treasury. Looked at in context, Treasury is one of the two departments for which the Minister of Finance is the executive authority – the second being the South African Revenue Services (SARS) – as well as three regulatory bodies, being the Financial Services Board (FSB), the Financial Intelligence Centre and the Cooperative Banks Development Agency, plus the Development Bank of Southern Africa, the Land Bank and Stats SA. Collectivelym these institutions are, amongst other functions, responsible for developing macroeconomic policies for consideration by Cabinet, collection of revenue, enforcement of tax legislation,
advising Cabinet on allocation of resources between competing policy priorities and allocating resources from the National Reserve Fund to Government. Simply put, the Minister of Finance, being the executive for Treasury, shapes and – to a large extent – steers the economic direction adopted by Government, and is responsible for financial prudence being implemented. Evidence adduced at Commission hearings gave credence to allegations made and the orchestrated removal of two Ministers of Finance, and a Deputy Minister, over a period, with these being Finance Ministers Pravin Gordhan, Nhlanhla Nene and Deputy Finance
securityfocusafrica.com
THE LAST NEWS WORD
Minister Mcebisi Jonas, for their refusal to be complicit in abrogating their duty and handing control of the fiscus to the Gupta family. The Commission found evidence that former President Jacob Zuma played an unequivocally central role in the attempted capture of both the National Treasury and Eskom. It was also accepted that Mcebisi Jonas was offered a bribe of R600 million, by Rajesh Gupta, for accepting the offered position as a compliant Minster of Finance. Gupta also advised Jonas that Minister Nene would be removed from office. Nene was terminated shortly after this incident, ostensibly to take up a role in Johannesburg, in the newly formed Brics Bank. Zuma’s justification for this was rejected in the Report, as was his assertion that the removal of Nene was discussed with the African National Congress (ANC) Top 6. That the Guptas were aware of and had input into the dismissal and appointment of Ministers shows the depth of State Capture and the role of Jacob Zuma in this. Zuma then appointed Des van Rooyen as replacement Finance Minister in December 2015. Van Rooyen is the shortest serving minister in the history of South Africa. The Commission found that van Rooyen’s appointment must have been agreed with the Gupta family. The adverse reaction of local and international markets to Van Rooyen’s appointment forced a spectacular about-face on two fronts, with van Rooyen being terminated and Pravin Gordhan recalled to the position of Minister of Finance. The relationship between the Office of the President and Gordhan continued to be fractious, and ultimately in 2017, both Gordhan and Deputy Minister Mcebisi Jonas were terminated based on an alleged intelligence report that the two were lobbying foreign governments against the Zuma administration. The Zondo Commission found that the alleged report had no credibility and that the removal of Gordhan and Jonas was a result of their refusal to allow the capture of Treasury. The proposed replacement for the role of Minster of Finance put forward by Zuma was Brian Molefe. Molefe had previously been implicated in wrongdoing at state-owned entities, and five of the African National Congress Top 6 acted in concert to stop Molefe’s appointment. Zondo commented that this is a rare situation where the African National Congress executive deserve credit, as this
securityfocusafrica.com
circumvented a potentially dire situation. Malusi Gigaba was appointed as Minister of Finance by Zuma in March 2017 and served until February 2018, when he was replaced by Tito Mboweni (appointed by current State President Cyril Ramaphosa), who served as Minister of Finance from 2018 until his retirement in 2021. Mboweni was Governor of the South African Reserve Bank between 1999 and 2009. The current Minister of Finance is Enoch Godongwana, with David Masondo serving as Deputy Minister. Part 2 of the Zondo Report recommended the investigation of Gigaba in relation to State Capture at Transnet during his term as Minister of State Enterprises, which included the appointment of Brain Molefe as Transnet Chief Executive Officer. During hearings and preparation of reports, Raymond Zondo has correctly identified the weakness in the way boards, chief executive officers and chief financial officers of state-owned enterprises are appointed. The Commissioner also raised the issue of cadre appointment. Further recommendations regarding these are expected in the final report due for release in July 2022. On 11 April 2022, National Director of Public Prosecutions Shamila Batohi announced that the (NPA) National Prosecuting Authority’s Investigating Directorate will prosecute nine seminal corruption cases related to state capture within six months. There has been criticism on the National Prosecuting Authority’s lack of action and failure to bring the recommendations of the Zondo Commission before the courts and the timeline given brings hope that this will be rectified. However, Batohi referred to capacitation strictures and has indicated that additional funding in the order of
R1.75 billion may be needed for conclusion of the work currently tabled. Given the cost of the Zondo Commission, which is estimated to be in the order of R1 billion, costs are mounting. Against the cost of the Commission, the repayment of some R860 million by McKinsey and Company for the work it performed on Transnet and SAA contracts tainted by state capture could be seen as an offset. The repayment was a direct result of the working and recommendations of the Zondo Commission. It can only be hoped that prosecutions follow the timeline given by Batohi and successful recovery actions flow for corruptly paid money. Commission Chair Zondo was critical of the African National Congress and the African National Congress Government in respect of the state capture of Eskom and stated that they should be ashamed of allowing the institution to be controlled by the Guptas and those the Guptas wanted in place. Former President Zuma’s role received the greatest condemnation. The rhetorical question posed by Raymond Zondo encapsulates his disbelief: an extract from Part 4 of the Commission Report is inserted for context: “There are no words to describe this conduct on President Zuma’s part… Was this the same man that stood twice in front of the people of South Africa and took an oath and said: ‘I, Jacob Gedleyihlekisa Zuma, swear/solemnly affirm that I will be faithful to the Republic of South Africa… I solemnly and sincerely promise that I will always promote all that will advance the Republic and oppose all that may harm it.’? Yes, this was the same man.” PETER BAGSHAWE holds a Bachelor of Law degree from the former University of Rhodesia and a Bachelor of Laws degree from the University of the Witwatersrand.
SECURITY FOCUS AFRICA MAY 2022
39
DIRECTORY
SECURITY ASSOCIATION OF SOUTH AFRICA (SASA) ADMINISTRATION Suite 4, Blake Bester Building, 18 Mimosa Street (cnr CR Swart Road), Wilro Park, Roodepoort Suite 147, Postnet X 2, Helderkruin 1733 National Administrator: Tony Botes t: 0861 100 680 | e: tony@sasecurity.co.za c: 083 272 1373 | f: 0866 709 209 Membership, accounts & enquiries: Sharrin Naidoo t: 0861 100 680 | e: admin@sasecurity.co.za c: 083 650 4981
SASA OFFICE BEARERS
REGIONAL OFFICE BEARERS
National President: Marchél Coetzee c: 084 440 0087 e: marchelcoetzee@omegasol.com
Gauteng: Gary Tintinger c: 084 429 4245 e: gary.tintinger@cwexcellerate.com
National Chairperson: Franz Verhufen c: 082 377 0651 | e: fverhufen@thorburn.co.za
KwaZulu-Natal: Clint Phipps c: 082 498 4749 e: clint.phipps@cwexcellerate.com
National Deputy Chairperson: Louis Mkhethoni c: 082 553 7370 e: louis.mkhethoni@securitas-rsa.co.za
Western Cape: Koos van Rooyen c: 082 891 2351 | e: koos@wolfgroup.co.za
SECURITY AND RELATED ASSOCIATIONS AND ORGANISATIONS PSIRA (Private Security Industry Regulatory Authority) Eco Park, Centurion t: +27 (0)12 003 0500/1 | Independent hotline: 0800 220 918 | e: info@psira. co.za | Director: Manabela Chauke | Chairperson: T Bopela | Vice chairperson: Z Holtzman | Council members: Advocate A Wiid | Commissioner A Dramat APPISA (Association for Professional Private Investigators SA) Bertie Meyer Crescent, Minnebron, Brakpan | e: info@appelcryn.co.za | www.appelcryn. co.za | c: +27 (0)73 371 7854 / +27 (0)72 367 8207 | Chairperson: Ken Appelcryn ASIS International Johannesburg Chapter No. 155. Box 99742, Garsfontein East 0060 | t: +27 (0)11 652 2569 | www.asis155jhb.webs. com | President/chairperson: Johan Hurter | Secretary: Chris Cray ASIS International (Chapter 203: Cape Town – South African Security Professionals) President/chairperson: Yann A Mouret, CPP Secretary: Eva Nolle t: +27 (0)21 785 7093 | f: +27 (0)21 785 5089 | e: info@aepn.co.za | www.asis203.org.za BAC (Business Against Crime) Box 784061, Sandton 2146 | t: +27 (0)11 883 0717 | f: +27 (0)11 883 1679 | e: info@bac.org.za CAMPROSA (Campus Protection Society of Southern Africa) President: Des Ayob | e: 27149706@nwu.ac.za Executive Secretary: Derek Huebsch | e: huebsch. derek@gmail.com | www.camprosa.co.za CISA (Cape Insurance Surveyors Association) Shahid Sonday t: +27 (0)21 402 8196 | f: +27 (0)21 419 1844 | e: shahid.sonday@saeagle.co.za | Mike Genard t: +27 (0)21 557 8414 | e: mikeg@yebo.co.za DRA (Disaster Recovery Association of Southern Africa) Box 405, Saxonwold 2132 | Chairperson: Grahame Wright | t: +27 (0)11 486 0677 | f: (011) 646 5587 | Secretary/treasurer: Charles Lourens t: +27 (0)11 639 2346 | f: +27 (0)11 834 6881 EFCMA (Electric Fencing and Components Manufacturers Association) Box 411164, Craighall 2024 | t: +27 (0)11 326 4157 | f: +27 (0)11 493 6835 | Chairperson: Cliff Cawood c: +27 (0)83 744 2159 | Deputy chairperson: John Mostert c: +27 (0)82 444 9759 | Secretary: Andre Botha c: +27 (0)83 680 8574 ESDA (Electronic Security Distributors Association) Box 17103, Benoni West 1503 | t: (011) 845 4870 | f: +27 (0)11 845 4850 | Chairperson: Leonie Mangold | Vice chairperson: David Shapiro | www.esda.org.za ESIA (Electronic Security Industry Alliance) Box 62436, Marshalltown 2107 | t: +27 (0)11 498 7468 | f: 086 570 8837 | c: 082 773 9308 | e: info@esia. co.za | www.esia.co.za FDIA (Fire Detection Installers Association) Postnet Suite 86, Private Bag X10020, Edenvale, 1610 | t: +27 (0)72 580 7318 | f: 086 518 4376 | e: fdia@fdia. co.za | www.fdia.co.za | President/chairperson: Clive Foord | Secretary: Jolene van der Westhuizen FFETA The Fire Fighting Equipment Traders Association) Postnet Suite 86, Private Bag X10020,
Edenvale 1610 | Chairperson: Belinda van der Merwe Administration manager: Rosemary Cowan | t: +27 (0)11 455 3157 | e: rosemary@saqccfire.co.za | www.ffeta.co.za FPASA (Fire Protection Association of Southern Africa) Box 15467, Impala Park 1472 | t: +27 (0)11 397 1618 | f: +27 (0)11 397 1160 | e: library@fpasa.co.za | www.fpasa.co.za | General manager: David Poxon GFA (Gate & Fence Association) Box 1338, Johannesburg 2000 | t: +27 (0)11 298 9400 | f: +27 (0)11 838 1522 | Administrator: Theresa Botha HSA (Helderberg Security Association) Box 12857, N1 City Parow 7463 | t: +27 (0)21 511 5109 | f: +27 (0)21 511 5277 | e: info@command.co.za | www.command.co.za | Chairperson: Stephen van Diggele IFE (Institution of Fire Engineers (SA) Treasurer: Andrew Greig | President: Mike Webber | Administrator: Jennifer Maritz | PO Box 1033, Houghton 2041 | t: +27 (0)11 788 4329 | f: +27 (0)11 880 6286 | e: adminstaff@ife.org.za | www.ife.org.za ISA (Insurance Surveyors Association) Box 405, Saxonwold 2132 | Chairperson: Graham Wright | t: +27 (0)11 486 0677 | Vice chairperson: Alan Ventress | Secretary: Alex dos Santos LASA (Locksmiths Association of South Africa) Box 4007, Randburg 2125 | t: +27 (0)11 782 1404 | f: +27 (0)11 782 3699 | e: lasa@global.co.za | www.lasa.co.za | President/chairperson: Alan Jurrius | Secretary: Dora Ryan NaFETI (National Firearms Education and Training Institute) Box 181067, Dalbridge 4014 | Chairperson: MS Mitten | Vice chairperson: Ken Rightford | t: +27 (0)33 345 1669 | c: +27 (0)84 659 1142 NaFTA (National Firearms Training Association of SA) Box 8723, Edenglen 1613 | National chairperson: Peter Bagshawe | t: +27 (0)11 979 1200 | f: +27 (0)11 979 1816 | e: nafta@lantic.net POLSA (Policing Association of Southern Africa) t: +27 (0)12 429 6003 | f: +27 (0)12 429 6609 | Chairperson: Anusha Govender c: +27 (0)82 655 8759 PSSPF (Private Security Sector Provident Fund) Jackson Simon c: +27 (0)72 356 6358 | e: jackson@ psspfund.co.za | www.psspfund.co.za SAESI (Southern African Emergency Services Institute) Box 613, Krugersdorp 1740 | t: +27 (0)11 660 5672 | f: +27 (0)11 660 1887 | President: DN Naidoo | Secretary: SG Moolman | e:info@saesi.com SAFDA (South African Fire Development Association) 45 Oxford Road, Forest Town, Johannesburg | e: info@safda.net | t: 083 402 4002 SAIA (South African Insurance Association) Box 30619, Braamfontein 2017 | Chief executive officer: Viviene Pearson | Chairperson: Lizé Lambrechts t: +27 (0)11 726 5381 | f: +27 (0)11 726 5351 | e: info@saia.co.za SAIDSA (South African Intruder Detection
Services Association) | Association House, PO Box 17103, Benoni West 1503 | t: +27 (0)11 845 4870 f: +27 (0)11 845 4850 | e: saidsa@mweb.co.za www.saidsa.co.za | Chairperson: Johan Booysen Secretary: Cheryl Ogle SAIS (South African Institute of Security) Postnet Suite 86, Private Bag X10020, Edenvale, 1610 Chairperson: Dave Dodge | Administration manager: John Baker | t: +27 (0)63 782 7642 | e: info@instituteofsecurity.co.za | www.instituteofsecurity.co.za SAN (Security Association of Namibia) Box 1926, Windhoek, Namibia | Administrator: André van Zyl | t: +264 81 304 5623 | e: adminsan@iway.na SANSEA (South African National Security Employers’ Association) Box 62436, Marshalltown 2107 | Administrators: SIA t: +27 (0)11 498 7468 | f: 086 570 8837 | e: galen@sansea.co.za SAPFED (Southern African Polygraph Federation) President: Flip Vorster | c: +27 (0)82 455 1459 | e: info@sapfed.org | Secretary: Anrich Gouws | e: admin@sapfed.org | www.sapfed.org SAQCC FIRE (South African Qualification Certification Committee) Postnet Suite 86, Private Bag X10020, Edenvale 1610 | t: +27 (0)11 455 3157 | www.saqccfire. co.za Executive Committee: Chairperson: Duncan Boyes Vice chairperson: Tom Dreyer 1475 Committee: Chairperson: Lizl Davel Vice chairperson: John Caird D&GS Committee: Chairperson: Nichola Allan; Vice chairperson: Clive Foord General Manager: Rosemary Cowan | e: rosemary@saqccfire.co.za – Address, phone and website all remain as is. SARPA (South African Revenue Protection Association) Box 868, Ferndale 2160 | t: +27 (0)11 789 1384 | f: +27 (0)11 789 1385 | President: Naas du Preez | Secretariat: Mr J. Venter, Van der Walt & Co SIA (Security Industry Alliance) Box 62436, Marshalltown 2107 | t: +27 (0)11 498 7468 | Chief executive officer: Steve Conradie | www.securityalliance.co.za SKZNSA (Southern KwaZulu-Natal Security Association) t: +27 (0)39 315 7448 | f: +27 (0)39 315 7324 | Chairperson: Anton Verster c: +27 (0)82 371 0820 VESA (The Motor Vehicle Security Association of South Africa) Box 1468, Halfway House 1685 | t: (011) 315 3588/3655 | f: +27 (0)11 315 3617 | General manager: Adri Smit VIPPASA (VIP Protection Association of SA) Box 41669, Craighall 2024 | t: +27 (0)82 749 0063 | f: 086 625 1192 | e: info@vippasa.co.za | www. vippasa.co.za | Enquiries: Chris Rootman c: +27 (0)82 749 0063 | e: vippasa@protectour.co.za
* Every attempt has been made to keep this information up to date. If you would like to amend your organisation’s details, please email jackie@contactpub.co.za 40
SECURITY FOCUS AFRICA MAY 2022
securityfocusafrica.com
INDEX
INDEX OF ADVERTISERS AND CONTRIBUTORS ADVERTISER
PAGE
WEBSITE
Alwinco
14-16
www.alwinco.co.za
ATG Digital
33
www.atgdigital.biz/
Cybereason
32
https://www.cybereason.com/
Data Management Professionals SA
22
www.dm-p.co.za/
Econorisk Broker Consultants
14-16
https://econoriskbrokerconsultants.co.za/
GARP
14-16
www.garp.org
GSS
4
www.gssgroup.co.za
In2IT Technologies
21
https://www.in2ittech.com/
ISS
24
www.isssafrica.org
Kaspersky
21
www.kaspersky.com
Liquid Tech
14-16
www.liquid.tech/
Security Association of South Africa (SASA)
8, IBC
www.sasecurity.co.za
Sophos Zero Foundation Africa
securityfocusafrica.com
31 14-16
http://www.sophos.com/ www.zerofoundationafrica.com/
SECURITY FOCUS AFRICA MAY 2022
41
DRIVING COMPLIANCE in South Africa’s Private Security Industry
With a five decade legacy, SASA is the greatest advocate of industry compliance, serving as resource for its members, an educational platform for consumers of security services, and an essential link between the private security industry and government. The Security Association of South Africa (SASA) is nationally recognised by the Government, South African Police Service and all Municipalities as having members with a proven track record within the industry and a Code of Ethics by which members must abide. SASA Gold Membership promotes compliance not only to the industry role-players, but to the end-users of security services as well. Join SASA today and find out more about how we can fight the scourge of non-compliance, promoting SASA Gold Membership as an essential requirement for all security service providers, ensuring industry excellence for the private security industry.
For more information, contact the SASA Administrator on admin@sasecurity.co.za Postal Address: Suite 147, Postnet X2 Helderkruin, 1733. Tel: 0861 100 680 Fax: 086 670 9209
www.sasecurity.co.za