Current Infosec Trends

Author:
Date: April 20, 2009 - 8 pm
Category: Advice, Information Security
Print This Post
Lance Michalson

Highlight: There are three current trends in information security:

  1. Information security is no longer just a technical issue for the IT Department – it is now a legal obligation.
  2. The emergence of a legal standard against which compliance will be measured.
  3. A new emphasis on a duty to disclose breaches of information security.

Introduction

The draft report for Corporate Governance for South Africa and the draft Code of Governance Principles (King 3) was released on 25 February 2009 (see our post King 3 published for comment).  It is one of three high water marks in the evolution of a body of “information security law” in South Africa.

The other two events were the passing of the ECT Act in 2002 (see our Guide to the ECT Act) and the release of the Protection of Personal Information Bill in October 2005 (“POPI”) – to still be enacted (read our post Privacy: will the wait soon be over?).

The ECT Act:

  • provided a framework for public key infrastructures (PKI),
  • laid down the requirements for reliable electronic signatures (“advanced electronic signatures”),
  • provided the requirements for transactional security, and
  • introduced a range of cybercrimes into our law for the first time.

POPI has introduced the concepts of providing “reasonable” and “appropriate” security to protect organisational data.

The release of King III marks the emergence of the first trend: Information security is no longer just a technical issue for the IT Department. It is now a legal obligation. .

Trend 1 – Information security is now a corporate obligation

In the Wild West, when Jesse James and Butch Cassidy robbed banks, we felt sorry for the banks and hunted down the outlaws.  Today, when someone breaks into a company’s computer system, our response is totally different:  we blame the company for failing to provide adequate security. Information security is therefore no longer just a technical issue for the IT Department.

The rest of this article is only available to a registered user or a client of Michalsons. To continue reading this article, please login at the top right if you have already registered OR:
  • Register - It's quick, easy and FREE to get greater access instantly. [ Register ]
  • If you are a client of Michalsons, you get registered user access and complimentary access to client content. Register at [ Register ] and then send us an email requesting access as a client of Michalsons. We will give you access and notify you by email.

Share

Tags: , , ,

No Comments Yet

Sorry, the comment form is closed at this time.