The findings can be summarised as follows:
- There were conflicting views on the role of the Authority in cybersecurity. It has chosen to adopt a limited role with a focus on consumer protection.
- ICASA’s view is that its mandate under the ECA is limited to network reliability and information security (noting that the latter is not defined or otherwise dealt with in the ECA).
- ICASA will work in collaboration with other organisations who deal with cybersecurity to not duplicate their efforts and ensure that there is a clear demarcation of roles. ICASA will participate in research and development within the ICT sector and partner with relevant institutions and government departments such as the Departments of Communications and Justice, academic and research institutions. It will also advise the Minister on policy matters and amendments to ECA and its underlying statutes.
- With regards to setting standards, ICASA will facilitate collaboration with the Departments of Communications and Justice as well as industry to identify the most suitable standards for South Africa. These standards will be guided and informed by international standards as identified by the ITU and may include consumer protection issues such as giving consumer choice on whether location services should automatically be switched on, upon purchase of cell phone, etc.).
This effectively ends the ICASA process.
___[2 January 2019] The below written submissions were sent to ICASA in response to its inquiry about whether it should get involved with cybersecurity issues:
___[21 December 2018] ICASA will be holding oral hearings on the “The roles and responsibilities of ICASA in Cybersecurity” in response to submissions made in respect of the discussion document. The hearings will be held on 17 and 18 January 2019 at ICASA’s head office in Centurion, the schedule for which can be found at the link below:
___[4 October 2018] ICASA has published a discussion document soliciting the views of stakeholders as to whether it should play a role in cybersecurity, with specific reference to:
- Private sector cooperation and industry regulation
- Capacity building
- Research and development, and
- Regulation of cybersecurity standards
The deadline for comments is 16h00 on 30 November 2018. These should be submitted to Ms Violet Letsiri, Senior Manager: Social Policy for ICT Services, per email vletsiri@icasa,org.za.
___[31 May 2018] The Cybersecurity Hub of the Department of Telecommunications and Postal Services has released a Cyber Readiness report as the starting point of fulfilling a broader mandate set by the National Cybersecurity Policy Framework. The report provides a baseline assessment of South Africa’s cybersecurity readiness and works towards enabling the Hub to coordinate information and provide support in the event of cybersecurity-related incidents.