The Cybercrimes Bill was finally adopted into the national law this month, and it is in the process of being enacted with far-reaching implications for individuals, organisations, and government departments.

The Cybercrimes Bill, also known as the Cybercrimes Act, is an important step for South Africa to consolidate all cybercrime laws – legal matters meant to keep us safe from cybercriminals – into one place and to stop the increasing cybercrime nationwide and internationally.

The Cybercrimes Bill is affecting virtually any person and organisation who uses a computer device with an Internet connection and processes online data. It impacts all online users, but for this article, we are looking at the impact on businesses from a security, compliance and regulatory perspective.

Data Protection Regulatory Compliance

Organisations involved in data management, storage and processing – including bodies and representatives of government – are at significantly high risk, which calls for more secure data governance and compliance monitoring to ensure data is protected at all times.

Our Integrated Management System (MSX) merges all organizational systems and processes in to one common cohesive framework that drives business excellence and ensures continual improvement. MSX enables business leadership to view management performance across the business activities and assists leaders to make informed actionable decisions.

IT Security and Vendors

Information security experts, as well as software and hardware vendors and electronic communications service providers, need to assess their critical business management systems and underlying IT infrastructure to spot potential vulnerabilities to cyber attacks.

Financial Institutions

Organisations in the financial industry, including banking, insurance and related services, remain, in particular, at extremely high-risk of cybercrime, as more users use mobile applications and devices to send and receive sensitive financial data.

The Cybercrimes Bill addresses many cybercrime offences, some new and relating to the unlawful interception of data, hacking, malware, ransomware, phishing, cyber forgery and cyber extortion. The penalties consist of a fine, imprisonment, or both.

The Cybercrimes Bill was first published in August 2015, updated in January 2017 and introduced in Parliament in February 2017. It was followed by an extensive public comment, with new feedback incorporated in the latest version of the Bill published in October 2018.

Is your organisation protected against data security risks and cyber attacks?

MSX Cyber, part of the XGRC product range, assists organisations to drive performance and compliance with its integrated information security management system built on the ISO 9001 Quality and ISO 27001 Information Security framework.