Entities will be required to report cybercrime within 72 hours – law firm
COORDINATED APPROACH It is essential to move beyond disparate regulations and adopt a comprehensive framework that addresses the complexities of modern cyberthreats
WIDAAD EBRAHIM-FAKIER The new reporting obligations, once in force, are likely to foster greater collaboration and information sharing
In a move to bolster cybersecurity and enhance the reporting of cybercrime incidents, it is expected that Section 54 of the Cybercrimes Act will be enacted soon.
The enactment of this provision will impact electronic communication service providers (ECSPs) such as Internet service providers, telecommunications companies and digital services businesses.
Financial institutions, including banks, insurers, fintechs and investment firms are also impacted.
According to law firm A&O Shearman counsel and director Widaad Ebrahim-Fakier, these entities will be required to report cybercrime incidents to the South African Police Service (SAPS) within 72 hours of becoming aware of such incidents.
Additionally, they must preserve any information that may assist the SAPS in investigating these offences.
However, she comments that the provisions outlined in Section 54 of the Cybercrimes Act, though welcomed, are reactive rather than proactive, as the obligation to report is triggered only when an ECSP or financial institution becomes aware of a cybercrime incident.
Consequently, Ebrahim-Fakier says these entities will be required to establish robust notification systems to identify and report incidents promptly, while simultaneously having data retention policies and systems that can securely store large volumes of data and protect it from tampering or deletion.
These entities also need to ensure that their staff are adequately trained to recognise cyberthreats and understand the reporting process.
However, the preparedness of ECSPs and financial institutions to meet these new obligations varies, Ebrahim-Fakier says, noting that larger companies with substantial financial resources have historically been, and are generally, better positioned to invest in comprehensive cybersecurity measures, including advanced technologies for robust detection and notification systems.
Smaller and medium-sized companies, however, often struggle with the necessary resources to implement similar strategies effectively.
Since the implementation of the Protection of Personal Information Act (Popia) in 2020, businesses have had to adopt new strategies to manage personal information.
“Companies that have already taken steps to comply with Popia may find themselves better prepared to meet the preservation requirements for SAPS,” Ebrahim-Fakier tells Engineering News.
However, she warns that the enactment of Section 54 is likely to lead to an increase in reported cybercrimes owing to the financial and potential reputational consequences of failing to report.
This increase will have several impacts on SAPS and other relevant authorities, including resource strain, as more reports will require additional resources for investigation and response, putting further pressure on already strained authorities.
Additionally, authorities will need to manage and analyse a larger volume of incident data, and increased reporting may raise public awareness of cybercrime and its prevalence.
Currently, however, Ebrahim-Fakier notes there is an ineffective relationship between private entities and law enforcement agencies in South Africa.
“The new reporting obligations are likely to foster greater collaboration and information sharing, leading to more effective responses to cyber incidents. However, concerns about confidentiality and handling sensitive information remain,” she comments.
AI in Cybersecurity
AI, meanwhile, is transforming both the cybersecurity and cyberthreat landscape globally, and South Africa is no exception, Ebrahim-Fakier says.
Cybercriminals are increasingly leveraging AI to develop malware that can learn from and adapt to countermeasures, creating dynamic threats that are harder to detect and mitigate.
She explains that AI can, among other things, also be used to execute phishing attacks through chatbots and manipulate data sets, leading to flawed decision-making.
“The rapid evolution of AI means many organisations may not fully understand or keep pace with emerging threats, leaving them vulnerable to novel forms of cyber exploitation that can bypass traditional security measures,” she says.
Moreover, Ebrahim-Fakier notes that the current Cybercrimes Act does not specifically address the unique challenges posed by AI, indicating a need for updates in the legislation to keep pace with technological advance- ments.
To address the emerging threats posed by AI, she suggests updates to the Cybercrimes Act’s existing definitions and to incorporate specific definitions related to AI, or otherwise, regulating adaptive frameworks that can adjust to new AI developments, and encouraging collaboration between lawmakers, technologists and cybersecurity experts.
Recent regulatory initiatives, such as the Financial Sector Conduct Authority and Prudential Authority’s Joint Standard 2 of 2024, set minimum cybersecurity and resilience requirements for financial institutions.
This standard, expected to be implemented in June 2025, serves as a model for broader legislative updates, Ebrahim-Fakier notes.
“Stricter IT security legislation is likely to improve South Africa’s overall cybersecurity landscape by raising standards, reducing incidents, and enhancing collaboration between the private sector and law enforcement,” she tells Engineering News.
However, she warns that the implementation of these regulations may pose significant challenges, particularly for smaller businesses. The effectiveness of these laws will depend on the government’s ability to enforce them and the willingness of organisations to comply, she avers.
“To ensure a coordinated approach to cybersecurity and resilience measures, it is essential to move beyond disparate regulations and adopt a comprehensive framework that addresses the complexities of modern cyberthreats,” she encourages.
As such, Ebrahim-Fakier notes that pro- active measures, including regular audits, staff training, and robust incident response plans, will be crucial in preparing for future legislative changes and enhancing the country’s cybersecurity infrastructure.
Comments
Press Office
Announcements
What's On
Subscribe to improve your user experience...
Option 1 (equivalent of R125 a month):
Receive a weekly copy of Creamer Media's Engineering News & Mining Weekly magazine
(print copy for those in South Africa and e-magazine for those outside of South Africa)
Receive daily email newsletters
Access to full search results
Access archive of magazine back copies
Access to Projects in Progress
Access to ONE Research Report of your choice in PDF format
Option 2 (equivalent of R375 a month):
All benefits from Option 1
PLUS
Access to Creamer Media's Research Channel Africa for ALL Research Reports, in PDF format, on various industrial and mining sectors
including Electricity; Water; Energy Transition; Hydrogen; Roads, Rail and Ports; Coal; Gold; Platinum; Battery Metals; etc.
Already a subscriber?
Forgotten your password?
Receive weekly copy of Creamer Media's Engineering News & Mining Weekly magazine (print copy for those in South Africa and e-magazine for those outside of South Africa)
➕
Recieve daily email newsletters
➕
Access to full search results
➕
Access archive of magazine back copies
➕
Access to Projects in Progress
➕
Access to ONE Research Report of your choice in PDF format
RESEARCH CHANNEL AFRICA
R4500 (equivalent of R375 a month)
SUBSCRIBEAll benefits from Option 1
➕
Access to Creamer Media's Research Channel Africa for ALL Research Reports on various industrial and mining sectors, in PDF format, including on:
Electricity
➕
Water
➕
Energy Transition
➕
Hydrogen
➕
Roads, Rail and Ports
➕
Coal
➕
Gold
➕
Platinum
➕
Battery Metals
➕
etc.
Receive all benefits from Option 1 or Option 2 delivered to numerous people at your company
➕
Multiple User names and Passwords for simultaneous log-ins
➕
Intranet integration access to all in your organisation