As acknowledged by the Minister of Communications, Ms Dina Pule, in a recent media briefing, “cybercrime” i.e. crimes which target critical ICT Infrastructure – such as the recent R42m hacking of S.A. Postbank, are one of the unfortunate “curses of the ICT revolution”, and that ICT infrastructure “has to be ultra-secure to build confidence amongst the users of e-commerce platforms”.
“Cybersecurity” may be defined as the collection of policies, institutions, processes and tools used to protect the cyber environment, organizations, and assets, against cyber threats. The protection, and specifically the safety and security of a country's economic assets, are today global and essential concerns that governmental and non-governmental owners of critical ICT infrastructures have to address.
Recognizing the urgency of the need for a national response to cyber threats, Minister Pule has just announced that a National Cyber Security Policy Framework for South Africa will be presented to Cabinet in March 2012, thereby confirming Government's commitment to providing the enabling environment within which stakeholders can develop coherent and powerful responses to these sophisticated new threats to the country's economy.
In fact, South Africa is one of only a few African countries that have started to develop appropriate national policies and institutional responses to dealing with cyber threats. By ignoring the negative realities of the information age, countries are increasing their vulnerability to cyber crimes of increasing sophistication. Indeed, the Postbank incident clearly illustrates the reality of the threat that exists within our everyday lives, and a general lack of appreciation by society in general of the risks to their economic well-being, the increasingly sophisticated skills of the attackers, and the vulnerabilities of the ICT systems that we all take for granted. The question we must all ask ourselves is: can we afford to wait for an attack before we to react? Do we want to wait for the loss of assets before we put in place measures to prevent future re-occurrence? Our can we be pro-active: “Si vis pacem, para bellum”!
To help owners of critical ICT infrastructure to prepare for and defend against the rapidly growing cyber threat Thales, a recognized world leader in mission-critical information systems, has developed a unique and potent response to the fight against cybercrime, known as CYBELS (Cyber Expertise for Leading Security).
CYBELS: A new approach to cyber-security: from passive to active cyber-defence
The dependence of modern societies on information systems calls for a transition from passive cyber-defence to active cyber-security. In fact, both governmental and non-governmental organisations need to adopt offensive postures with regard to their critical ICT networks. The challenge facing ICT network owners is to equip themselves with strong threat detection capabilities, coupled with real-time analysis and reaction capabilities. Information system security must become pro-active to anticipate and detect potential attacks at an early stage, and allow timely and effective counter-responses.
CYBELS is a modular and pro-active cyber-security solution that anticipates, prevents and rapidly responds to cyber attacks. CYBELS also provides sophisticated simulation capabilities to help ICT infrastructure owners to develop, refine and validate specific counter measures tailored to their network, as well as to help train their operators and to enhance their cyber security knowledge.
Amongst Thales's numerous cyber-security references, is the cyber-security operations centre that Thales has designed and built for the French Defence Ministry and which, today, Thales is also operating on the Customer's behalf - i.e. Thales is able to provide comprehensive, tailored, end-to-end solution to the cyber threat facing any organization.
In this particular context, Thales supervises security of critical infrastructures information systems, in various domains: energy (oil& gas), transportation (ports, harbours, airports), and banks. Doing so, and beyond the sole technical aspects, Thales perfectly manages organisation-related processes within an operation centre, which can be installed throughout the world, and thanks to its modularity adapted to any security needs.
CYBELS provides a consolidated cyber threat risk assessment picture via a Hypervisor, which can fuse different kinds of information, coming from different sources.
The Hypervisor offers dynamic risk-processing capabilities, and at the same time delivers an overview of a security situation, by assessing the business activity and the potential impact on organisational structures of a cyber attack, and suggesting appropriate and on time responses. It assists with decision-making process, helping operators to cope with complex situations and large amounts of data.
Included in the CYBELS solution, are services such as a Rapid Reaction Team, with strong capacities and adapted tools to help customer detect abnormal and suspicious behaviours, and control information flow in and flow out.
The cyber-space has become the new theatre of conflict because of the strategic importance of information to modern society. It is the key to competitive advantage, and to the development and sustainability of economies. The prediction that the cyber-age will become the next “new frontier” in human evolution is today a reality. Government's must therefore prepare their countries to counter the new generation threats that are making their appearance in the lives of the country's citizens: this is not a conflict that is confined to traditional military battlefields, but is being played out in civil society: we must all be prepared for the information warfare taking place around us.
The South African government has clearly recognized the serious of the cyber threat and its potential to undermine the country's economic growth agenda. The National Cybersecurity Policy Framework will be an important first step to launching a comprehensive national response to the cyber threat.
Thales stands ready to bring its worldwide expertise, experience, and technologies, to help public and private institutions to counter the threat to their economic assets and ultimately to the economic well-being of their people.
Thales's worldwide references in cyber-security
22 NATO member countries are equipped with Thales's solutions. Thales protects:
* 19 of the 20 largest banks and over 3,000 financial institutions around the world
* 70% of the world's banking transactions
* 3 of the largest pharmaceutical companies
* 4 of the 5 largest petrochemical companies
* 9 of the 10 largest high technology industries
Thales's presence in South Africa
More than 35-year experience in the country
A certified Level 4 BBBEE Company
Thales South Africa (Pty) Ltd