Basie von SolmsBasie von Solms

Information security experts set to present at the upcoming ITWeb Security Summit in Sandton say the risks of cyber war, data theft, hacking and fraud in the cybersphere cannot be understated. In fact, the risks are greater than ever before, they say, and the information security industry is losing the battle against cyber crime.

Cyber crime is a lucrative global industry, and even everyday criminals can now buy ‘idiot-proof’ hacking toolkits for a few hundred rand online. Nobody is safe and the majority of end-users are still oblivious, say the experts. Withstanding the onslaught means getting back to basics and doing them right, involving the entire enterprise in cyber , and even looking to the Cold War for new tactics, the experts say.

Prof , director of the Centre for Cyber Security at the University of Johannesburg, says the time has come for legitimate co-operative action by state and private sector role players in breaking the traditional mould, which “is proving so ineffective against sophisticated adversaries”.

“Taking a traditional ‘fortress’ approach to cyber is an exercise in futility,” he says. “The traditional approach to cyber has been mainly a defensive one. Now, we need to be more proactive – and possibly even slightly aggressive – in our approach. We need to go to the next level and gather counter-intelligence that allows us to know our enemy and plan our defences accordingly.”

, CEO of the Performanta Group, says South African enterprises often lack an understanding of practical steps to mitigate risk. “Recent high-profile international events and actual breaches with associated financial losses have renewed the focus on information . For years, the information industry has been warning of the risk of industrial espionage and hacking, but only now that we see actual incidents resulting in substantial financial losses, are companies taking the risk seriously.”

However, he believes there is a shortage of practical information available to guide local enterprises on the tools and strategies needed to mitigate risk.

“Business management in particular tends to be faced with a great deal of highly technical information. What they need is an overview that speaks to business language. CISOs and CIOs, on the other hand, need to be empowered to communicate effectively with business management on information issues,” he says.

Von Solms, Golan and a host of international and local experts will participate in the ITWeb Security Summit at the Sandton Convention Centre from 27 May, to discuss the threat landscape and new defence strategies for information . Because business management has become accountable for data , this premier event will include tracks designed to update non-technical business management.

Among the experts to speak at the ITWeb Security Summit are:
· , independent international hacker and researcher, who will elaborate on global surveillance and privacy issues.
· , engineer at Twitter and four-time winner of the CanSecWest Pwn2Own , who will assess the failure of the infosec industry and demonstrate how cars can potentially be hacked.
· , principal technologist and senior policy analyst with the Speech, Privacy and Technology Project at the American Civil Liberties Union, who will give insights into government surveillance and trust issues.
· Nader Henein, regional director: advanced solutions – advisory division, BlackBerry, who will shed light on how legitimate mobile apps ‘leak’ vast amounts of information.
· , MD of Cygeist, will provide an overview of cyber crime and the growing need for cyber insurance.
· Prof , admitted attorney and former associate professor of ICT law and legal consultant, who will discuss legal obligations in reporting IT compromises.
· Dianne Stigling, independent IT and information consultant, who will talk on POPI readiness. This year’s summit agenda will also feature three half-day workshops, as well as an exhibition area showcasing the latest information solutions.