South Africa - Critical Information Infrastructure Protection Report
In 2016, Wolfpack Information Risk conducted a major research project with key stakeholders across vital sectors in South Africa in an attempt to gain an understanding of the current status of its CIIP and to identify common vulnerabilities facing the sectors within the country.
The project report, published in June 2016 for public review and debate, is intended to become a blueprint for ongoing dialogue between the private and public sectors.
In the project Wolfpack discovered that organisations are making progress on building the foundations of cybersecurity. However, most respondents report having only a “moderate” level of maturity in their current capability and that there is still a lot of work to be done. The protection of critical information infrastructures (CII) is the shared responsibility of both public and private organisations who develop, own, provide, manage and/or use this critical infrastructure.
The potential for cyber attacks to cause damage at a societal level calls for a coordinated response, in which dependencies and vulnerabilities in these infrastructures can be identified and addressed. Given the scale and scope of the challenge, responsibility must be shared by both public and private sectors alike. South Africa needs to adopt a framework to minimise the likelihood and impact of successful cyber attacks.