cyber training 23 5 2012

Strengthening the fight against cyber crime: Training initiatives

SARPCCO Training sub-committee

23 May 2012

Adv Jacqueline Fick

www.pwc.com

PwC 2

Agenda

Meet Mr. CybermanCyber crime definedTraining initiativesClosing remarks

May 2012Strengthening the fight against cyber crime: Training initiatives

Strengthening the fight against cyber crime: Training initiatives PwC 3

Meet Mr. Cyberman

May 2012


Meet Mr. Cyberman

Resume

• I am a fourty year old South African male, but do have a passport from another country.

• My skills include:- Computer skills, including programming, network

administration, thorough knowledge of operating systems (Microsoft and open source).

- Ability to network (knowing the right person in the right place).

- Well-developed interpersonal skills.- Entrepreneurial skills.- Sound financial management skills. May 2012


Meet Mr. Cyberman

EducationGraduated from Malini High School with honours. • Completed a degree in Computer Science.

- Completed several IT courses to stay up to date.

May 2012


Meet Mr Cyberman

Career historyOwned and taught at a computer college in Pietermaritzburg: • Average student count was 100 per year. • Also presented several training workshops for government

departments. Owned and operated a travel agency:• Offices in Durban, Johannesburg and Botswana.Free-lance computer expert:• Programming, computer repairs, network administration.

May 2012


Cyber crime defined

May 2012


Cyber crime defined

• Move in South African law to the use of the term cyber crime which is wide enough to encompass all illegal activities in respect of computers, information networks and cyberspace.

• Most important legislation is the Electronic Communications and Transactions Act, No. 25 of 2002.

• 'access' includes the actions of a person who, after taking note of any data, becomes aware of the fact that he or she is not authorised to access that data and still continues to access that data.

• 'data message' means data generated, sent, received or stored by electronic means and includes-

(a) voice, where the voice is used in an automated transaction; and

(b) a stored record;May 2012


Cyber crime defined

Common types of cyber crime in South Africa• Unauthorised access (s86(1))• Unauthorised modification of data and various forms of

malicious code (s86(2))• Denial of Service Attacks (S86(5))• Devices used to gain unauthorised access to data (s86(4))• Child pornography, cyber obscenity and cyber stalking• Computer-related fraud• Copyright infringement• Industrial espionage• Piracy• Online gambling

May 2012


Cyber crime defined

Common types of cyber crime in South Africa (cont.)• For 15 consecutive months South Africa had been amongst

the top three target countries in the world for mass phishing attacks, but attacks have now gone down significantly.

• Identity theft remains the most common type of cyber crime in South Africa.

• “ Identity theft is a serious crime. It occurs when your personal information (name, social security number, date of birth, credit card number, or bank account number) is stolen and used without your knowledge to commit fraud or other crimes. Identity theft can cost you time and money. It can destroy your credit and ruin your good name.” USA Federal Trade Commission

May 2012


Training initiatives

May 2012



Who to train?• Widespread use of computers, mobile devices, etc.• Training for all members – members investigating crimes

and support personnel.• Include training in basic training programmes.• Keep your experts up to date.

May 2012


Training initiativesCurriculum• Basic training for all members.• First responder – know what to look for and how to secure

the evidence.• Chain of custody.• Importance of policies, procedures and Standard Operating

Procedures (SOPs).• Keeping up to date: making your network work for you.• Curriculum:

- Know the law to enforce it.- Crime scene management.- Securing evidence and chain of custody.- Experts: keeping up to date.

May 2012



Train to maintain

• Investigating and prosecuting cyber crime – you rarely get a second chance.

• Knowing what to look for and why.• Secure the evidence – leave the analysis to the experts.• Chain of custody.• Keeping up to date.• Importance of public private partnerships.

May 2012

PwC 15

Closing remarks

Strengthening the fight against cyber crime: Training initiatives May 2012

PwC 16

Closing remarks

• Pro-actively addressing cyber crime requires a shift in paradigm.

• Not everybody needs to be an IT expert.• Realising the value of information.• Education and awareness: strongest tools in fight against

cyber crime.• Benefit of public private partnerships.

May 2012Strengthening the fight against cyber crime: Training initiatives

“Success is not the result of spontaneous combustion. You must set yourself on fire.”

Reggie Leach

This publication has been prepared for general guidance on matters of interest only, and does not constitute professional advice. You should not act upon the information contained in this publication without obtaining specific professional advice. No representation or warranty (express or implied) is given as to the accuracy or completeness of the information contained in this publication, and, to the extent permitted by law, PwC, its members, employees and agents do not accept or assume any liability, responsibility or duty of care for any consequences of you or anyone else acting, or refraining to act, in reliance on the information contained in this publication or for any decision based on it.

© 2012 PricewaterhouseCoopers (“PwC”), the South African firm. All rights reserved. In this document, “PwC” refers to PricewaterhouseCoopers in South Africa, which is a member firm of PricewaterhouseCoopers International Limited (PwCIL), each member firm of which is a separate legal entity and does not act as an agent of PwCIL.

http://www.quotationspage.com/quotes/Reggie_Leach/

cyber training 23 5 2012

Law