Cyber crime is one of the top 10 risks for any business in the world today but despite this, IT security is often viewed as just a cost to business.
The value of IT security has to be realised by businesses as information is targeted more and more by governments, agencies and criminals.
The recent ITWeb Security Summit, held in Sandton, brought together IT security experts ranging from hackers, policy makers, researchers and innovators focused on information security and privacy especially in the light of the Snowden revelations and other high-profile breaches on information security and privacy.
Among the international speakers were Christopher Soghoian, the principal technologist and senior policy analyst with the Speech, Privacy and Technology Project at the American Civil Liberties Union and Jacob Appelbaum, hacker and independent computer security researcher. Also among the speakers was local expert, the founder of Thinkst, Haroon Meer. You are at risk - but gov does nothing
Big Brother is watching you. (Image: Wikimedia Commons)
Soghoian told a media briefing that South African businesses have to realise the fibre-optic cables carrying their information in and out of the country are placing them at a risk as their information can be accessed. "What is your government doing with this information? Apart from that, because your information is leaving your borders it can be accessed by other parties, for example the United States (US) government."
Appelbaum is convinced that the fibre lines coming into South Africa are a target. "The South African government is not opening working against this, which is the same as not taking any action."
He says that intelligence agencies have gained a lot of power since 2011 and they exist outside of the rule of law. We must be careful not to engage in a world where we get rid of our democracies, he warned. "The world has made a transition from the era of Mars or war to the era of Athena, or knowledge, but just because we have moved from a violent society to a knowledge society does not mean that violence is gone; it is just applied more effectively."The main challenge
He added that we have to think about pervasive monitoring in a different light. There are things we can do and we must critically examine this. A discussion where we have a real political consciousness of our actions needs to take place and it must be a conversation about the risks and threats. Policy and technology must work together and the underlying principle has to be the recognition of human rights."
The main challenge for information security people is we have sold out, he states. "I want to change that, and to accomplish this we must declare independence and state the goals we want to accomplish and be up-front about that." 'We need funding and foresight' - and develop our own security technology
Meer says that a side effect of the Snowden leaks was that people became more aware of what can be achieved through hacking. "Stuff is going to get real quickly as cyber criminals become more pervasive."
He says in South Africa this is exacerbated by the fact that we are terribly dependent on software from the US. "Traditionally South Africa and most small countries follow the old saying: you do not get fired for buying IBM. Clearly this is not in our interest. We have to become less dependent on outside technology and develop our own. To do this we will need funding and foresight."