SlideShare a Scribd company logo

Integrating the prevention of cyber crime into the overall anti-crime strategies of your organisation

Download as PPTX, PDF
Jacqueline Fick
Jacqueline Fick

The document discusses strategies for integrating cybercrime prevention into an organization's overall anti-crime approach. It outlines common cybercrimes in South Africa, highlights key aspects of the Electronic Communications and Transactions Act, and emphasizes the importance of good information governance. The presentation recommends implementing proactive measures like understanding internal and external threats, defining security roles, establishing policies and procedures, collaborating with law enforcement, and educating users. The overarching message is that organizations must take cybersecurity as seriously as physical security to effectively combat cybercrime.

Law
1 of 24
Integrating the prevention of cybercrime into the overall anti-crime strategies of your organisation Africa Cybercrime Security Conference 31 March 2011 Adv Jacqueline Fick www.pwc.com
PwC Agenda • Common cybercrimes in South Africa • Getting to grips with the Electronic Communications and Transactions Act • The value of information governance • Implementing a pro-active strategy in your organisation: a hands- on approach to dealing with cybercrime 2 March 2011Integrating the prevention of cyber crime into the overall anti-crime strategies of your organisation
PwC Common cybercrimes in South Africa • Unauthorised access (s86(1)) • Unauthorised modification of data and various forms of malicious code (s86(2)) • Denial of Service Attacks (S86(5)) • Devices used to gain unauthorised access to data (s86(4)) • Child pornography • Computer-related fraud • Copyright infringement • Industrial espionage • Piracy • Online gambling (leave to appeal pending) • Phishing/identity theft 3 March 2011 Integrating the prevention of cyber crime into the overall anti-crime strategies of your organisation
PwC Phishing attacks Integrating the prevention of cyber crime into the overall anti-crime strategies of your organisation 4 March 2011 RSA statistics for February 2011 RSA Online Fraud Reports show that South Africa does not fall within the top ten countries hosting phishing attacks, but features high on the list of top ten countries by attack volume. For thirteen (13) consecutive months the US, UK and South Africa have been the top three targets for mass phishing. (RSA Online Fraud Report – March 2011)
PwC Getting to grips with the Electronic Communications and Transactions Act, No. 25 of 2002 (ECT Act) Integrating the prevention of cyber crime into the overall anti-crime strategies of your organisation 5 March 2011
PwC The ECT ACT 'data message' means data generated, sent, received or stored by electronic means and includes- (a) voice, where the voice is used in an automated transaction; and (b) a stored record; 15 Admissibility and evidential weight of data messages (1) In any legal proceedings, the rules of evidence must not be applied so as to deny the admissibility of a data message, in evidence- (a) on the mere grounds that it is constituted by a data message; or (b) if it is the best evidence that the person adducing it could reasonably be expected to obtain, on the grounds that it is not in its original form. (2) Information in the form of a data message must be given due evidential weight. Integrating the prevention of cyber crime into the overall anti-crime strategies of your organisation 6 March 2011
PwC The ECT ACT In assessing the evidential weight of a data message, regard must be had to- (a) the reliability of the manner in which the data message was generated, stored or communicated; (b) the reliability of the manner in which the integrity of the data message was maintained; (c) the manner in which its originator was identified; and (d) any other relevant factor. Integrating the prevention of cyber crime into the overall anti-crime strategies of your organisation 7 March 2011
PwC CHAPTER XIII: ECT ACT 'access' includes the actions of a person who, after taking note of any data, becomes aware of the fact that he or she is not authorised to access that data and still continues to access that data. 86 Unauthorised access to, interception of or interference with data (1) Subject to the Interception and Monitoring Prohibition Act, 1992, (Act 129 of 1992) a person who intentionally accesses or intercepts any data without authority or permission to do so, is guilty of an offence. (2) A person who intentionally and without authority to do so, interferes with data in a way which causes such data to be modified, destroyed or otherwise rendered ineffective, is guilty of an offence. Integrating the prevention of cyber crime into the overall anti-crime strategies of your organisation 8 March 2011
PwC CHAPTER XIII: ECT ACT (3) A person who unlawfully produces, sells, offers to sell, procures for use, designs, adapts for use, distributes or possesses any device, including a computer program or a component, which is designed primarily to overcome security measures for the protection of data, or performs any of those acts with regard to a password, access code or any other similar kind of data with the intent to unlawfully utilise such item to contravene this section, is guilty of an offence. (4) A person who utilises any device or computer program mentioned in subsection (3) in order to unlawfully overcome security measures designed to protect such data or access thereto, is guilty of an offence. (5) A person who commits any act described in this section with the intent to interfere with access to an information system so as to constitute a denial, including a partial denial, of service to legitimate users is guilty of an offence.Integrating the prevention of cyber crime into the overall anti-crime strategies of your organisation 9 March 2011
PwC CHAPTER XIII: ECT ACT 87 Computer-related extortion, fraud and forgery (1) A person who performs or threatens to perform any of the acts described in section 86, for the purpose of obtaining any unlawful proprietary advantage by undertaking to cease or desist from such action, or by undertaking to restore any damage caused as a result of those actions, is guilty of an offence. (2) A person who performs any of the acts described in section 86 for the purpose of obtaining any unlawful advantage by causing fake data to be produced with the intent that it be considered or acted upon as if it were authentic, is guilty of an offence. Integrating the prevention of cyber crime into the overall anti-crime strategies of your organisation 10 March 2011
PwC The value of good information governance Integrating the prevention of cyber crime into the overall anti-crime strategies of your organisation 11 March 2011
PwC The value of good information governance • IT is the foundation on which we operate our businesses and information is fast becoming the most valuable asset an organisation has. • The value of information has also led to businesses focusing more on the information or data they host, process or use than on the technology employed to perform these functions. • Need for risk management. • The IT risk environment is influenced by both internal and external factors and measures must be put in place to ensure the protection, confidentiality, availability and authenticity of information, to govern the use of external service providers to host/process data, to regulate the access to company networks from remote locations and off course, to be sensitive to the threat of cyber attacks such as hacking, identity theft, cyber espionage, denial of service attacks, computer- related fraud and extortion. Integrating the prevention of cyber crime into the overall anti-crime strategies of your organisation 12 March 2011
PwC Definitions Information Governance • King III: … an emerging discipline with an evolving definition. • Wikipedia: … a set of multi-disciplinary structures, policies, procedures, processes and controls implemented to manage information on all media in such a way that it supports the organisations immediate and future regulatory, legal, risk, environmental and operational requirements. • …an enterprise-wide strategy and framework that establishes the policies, responsibilities and decision-making processes controlling the use of information owned, or accessed by a business. The goal should be to balance risk avoidance, cost reduction and increased business value. Information Governance should also be structured in such a way as to easily adapt to organisational demands, changes in technology and be flexible to provide for new information. Integrating the prevention of cyber crime into the overall anti-crime strategies of your organisation 13 March 2011
PwC The value of good information governance • Information governance involves a balanced approach designed to meet the needs of the organisation and all of its stakeholders, including its customers, shareholders and regulators. Furthermore, information governance is one component of an organisation’s wider enterprise information management strategy, which itself should be directly aligned with the overall business strategy. (SAS White Paper http://www.eurim.org.uk/activities/ig/SAS_WhitePaper.pdf) Integrating the prevention of cyber crime into the overall anti-crime strategies of your organisation 14 March 2011
PwC Implementing a pro-active strategy in your organisation: A hands-on approach to dealing with cybercrime Integrating the prevention of cyber crime into the overall anti-crime strategies of your organisation 15 March 2011
PwC Implementing a pro-active strategy in your organisation: A hands-on approach to dealing with cybercrime • Cyber security is just as important as physical security. • Relationship between physical and network security. • Know and understand your organisation: • This includes an understanding of the external environment and the threats facing the organisation. It also refers to a thorough understanding of the internal environment and the way the organisation operates – its employees, levels of staff morale, business partners of the organisation, service providers, etc. Integrating the prevention of cyber crime into the overall anti-crime strategies of your organisation 16 March 2011
PwC Implementing a pro-active strategy in your organisation: A hands-on approach to dealing with cybercrime • Define security roles and responsibilities: • Although security should be everyone within an organisation’s concern, ownership of information security should be assigned to specific individuals, coupled with the necessary levels of authority and accountability. To assist with the process it is recommended that security roles and responsibilities be incorporated into job descriptions and that performance in terms of these areas be measured accordingly. • Ensure that you have proper policies and procedures in place for the use of IT. • Establish clear processes to enable end-users to report suspected cybercrimes. Integrating the prevention of cyber crime into the overall anti-crime strategies of your organisation 17 March 2011
PwC Implementing a pro-active strategy in your organisation: A hands-on approach to dealing with cybercrime • Effective public private partnerships: • The effective control of cybercrime requires more than just cooperation between public and private security agencies. The role of the communications and IT industries in designing products that are resistant to crime and that facilitate detection and investigation is also of critical importance. To effectively address cyber crime also calls for a less re-active and more pro- active approach to the prevention, detection, investigation and prosecution of these crimes. • Value of intelligence: Exchange information with law enforcement agencies. Know your opponent and use the information to develop and update security policies. Think like a hacker. Integrating the prevention of cyber crime into the overall anti-crime strategies of your organisation 18 March 2011
PwC Implementing a pro-active strategy in your organisation: A hands-on approach to dealing with cybercrime • Stay up to date: • Maintain awareness of new developments in both technology and services. Use a risk-based approach to determine when it would be necessary to upgrade or adapt current systems and processes to accommodate new developments. • Continuous auditing and assessment of process: • It is recommended that a process of continuous auditing be implemented to ensure that the strategy remains aligned to business objectives, adapts to changes in technology or identified threats, and to allow for the analysis of information that is gathered from the different implemented controls. Integrating the prevention of cyber crime into the overall anti-crime strategies of your organisation 19 March 2011
PwC Practical Guidelines and Tips • Email is more than messages. It contains personal information, contact lists, sensitive company information, etc. Email policies: • Do not open suspicious emails. • Use spam filters. • Encrypt important files or records. • Choose complex passwords and change your password regularly. The Post-it problem. • Back up regularly. • Install powerful anti-virus and firewall software and keep it up to date. Regularly update security patches. Integrating the prevention of cyber crime into the overall anti-crime strategies of your organisation 20 March 2011
PwC Practical Guidelines and Tips • Create good habits such as deleting your temporary internet files and cookies. This protects against hackers who can access your accounts from where you have been on the internet. • Turn off your computer and modem/disconnect from the internet when not in use. • Know what information you have, where it is stored and who has access thereto. • Be wary to provide personal information via a website you are not familiar with. • Never allow strange or unfamiliar individuals to use your computer, not even if they say they are from the IT department! Integrating the prevention of cyber crime into the overall anti-crime strategies of your organisation 21 March 2011
PwC Practical Guidelines and Tips • Educate users: • Teach IT users how to identify cyber threats and how to respond. • Share security information with all users of IT in the organisation. • Read up on the latest ways hackers create phishing scams to gain access to your personal information. Integrating the prevention of cyber crime into the overall anti-crime strategies of your organisation 22 March 2011
PwC In summary • Organisations need to realise the true value of information. • Cyber criminals steal information. • We can only effectively combat cybercrime if we share information and collaborate. • Know your opponent. • Be pro-active and not re-active. • Implement good information governance principles in your organisation. • Educate all IT users. • Protect your information with the same vigour as you protect physical property, brand names, money, etc! Integrating the prevention of cyber crime into the overall anti-crime strategies of your organisation 23 March 2011
“Success in preventing cyber attacks depends as much on knowing what to look for as it does on rolling out the right security.” (Howard Schmidt, ComputerWeekly.com 27 March 2009) This publication has been prepared for general guidance on matters of interest only, and does not constitute professional advice. You should not act upon the information contained in this publication without obtaining specific professional advice. No representation or warranty (express or implied) is given as to the accuracy or completeness of the information contained in this publication, and, to the extent permitted by law, PwC, its members, employees and agents do not accept or assume any liability, responsibility or duty of care for any consequences of you or anyone else acting, or refraining to act, in reliance on the information contained in this publication or for any decision based on it. © 2011 PricewaterhouseCoopers (“PwC”), the South African firm. All rights reserved. In this document, “PwC” refers to PricewaterhouseCoopers in South Africa, which is a member firm of PricewaterhouseCoopers International Limited (PwCIL), each member firm of which is a separate legal entity and does not act as an agent of PwCIL.

Recommended

Integrating the prevention of cyber crime into the overall anti-crime strateg...
Integrating the prevention of cyber crime into the overall anti-crime strateg...Integrating the prevention of cyber crime into the overall anti-crime strateg...
Integrating the prevention of cyber crime into the overall anti-crime strateg...
Jacqueline Fick
 
NY State's cybersecurity legislation requirements for risk management, securi...
NY State's cybersecurity legislation requirements for risk management, securi...NY State's cybersecurity legislation requirements for risk management, securi...
NY State's cybersecurity legislation requirements for risk management, securi...
IT Governance Ltd
 
GDPR in practice
GDPR in practiceGDPR in practice
GDPR in practice
ZoneFox
 
#CyberSafeLambeth
#CyberSafeLambeth#CyberSafeLambeth
#CyberSafeLambeth
The Integrate Agency CIC
 
EU GDPR: The role of the data protection officer
EU GDPR: The role of the data protection officer EU GDPR: The role of the data protection officer
EU GDPR: The role of the data protection officer
IT Governance Ltd
 
Cloud and Data Privacy
Cloud and Data PrivacyCloud and Data Privacy
Cloud and Data Privacy
Maganathin Veeraragaloo
 
Accountability under the GDPR: What does it mean for Boards & Senior Management?
Accountability under the GDPR: What does it mean for Boards & Senior Management?Accountability under the GDPR: What does it mean for Boards & Senior Management?
Accountability under the GDPR: What does it mean for Boards & Senior Management?
IT Governance Ltd
 
Appointing a Data Protection Officer under the GDPR
Appointing a Data Protection Officer under the GDPRAppointing a Data Protection Officer under the GDPR
Appointing a Data Protection Officer under the GDPR
IT Governance Ltd
 

Recommended

Integrating the prevention of cyber crime into the overall anti-crime strateg...
Integrating the prevention of cyber crime into the overall anti-crime strateg...Integrating the prevention of cyber crime into the overall anti-crime strateg...
Integrating the prevention of cyber crime into the overall anti-crime strateg...
Jacqueline Fick
 
NY State's cybersecurity legislation requirements for risk management, securi...
NY State's cybersecurity legislation requirements for risk management, securi...NY State's cybersecurity legislation requirements for risk management, securi...
NY State's cybersecurity legislation requirements for risk management, securi...
IT Governance Ltd
 
GDPR in practice
GDPR in practiceGDPR in practice
GDPR in practice
ZoneFox
 
#CyberSafeLambeth
#CyberSafeLambeth#CyberSafeLambeth
#CyberSafeLambeth
The Integrate Agency CIC
 
EU GDPR: The role of the data protection officer
EU GDPR: The role of the data protection officer EU GDPR: The role of the data protection officer
EU GDPR: The role of the data protection officer
IT Governance Ltd
 
Cloud and Data Privacy
Cloud and Data PrivacyCloud and Data Privacy
Cloud and Data Privacy
Maganathin Veeraragaloo
 
Accountability under the GDPR: What does it mean for Boards & Senior Management?
Accountability under the GDPR: What does it mean for Boards & Senior Management?Accountability under the GDPR: What does it mean for Boards & Senior Management?
Accountability under the GDPR: What does it mean for Boards & Senior Management?
IT Governance Ltd
 
Appointing a Data Protection Officer under the GDPR
Appointing a Data Protection Officer under the GDPRAppointing a Data Protection Officer under the GDPR
Appointing a Data Protection Officer under the GDPR
IT Governance Ltd
 
The GDPR for Techies
The GDPR for TechiesThe GDPR for Techies
The GDPR for Techies
Lilian Edwards
 
Revising policies and procedures under the new EU GDPR
Revising policies and procedures under the new EU GDPRRevising policies and procedures under the new EU GDPR
Revising policies and procedures under the new EU GDPR
IT Governance Ltd
 
May 6 evolving international privacy regulations and cross border data tran...
May 6 evolving international privacy regulations and cross border data tran...May 6 evolving international privacy regulations and cross border data tran...
May 6 evolving international privacy regulations and cross border data tran...
Ulf Mattsson
 
Zimbabwe's cybercrime & cybersecurity bill 2017
Zimbabwe's cybercrime & cybersecurity bill 2017Zimbabwe's cybercrime & cybersecurity bill 2017
Zimbabwe's cybercrime & cybersecurity bill 2017
Povo News
 
The Future of the Modern Workplace Event 2019 - Data Security and Protection
The Future of the Modern Workplace Event 2019 - Data Security and ProtectionThe Future of the Modern Workplace Event 2019 - Data Security and Protection
The Future of the Modern Workplace Event 2019 - Data Security and Protection
Atlas_Cloud
 
Law firm information security overview focus on encryption by dave cunningh...
Law firm information security overview focus on encryption by dave cunningh...Law firm information security overview focus on encryption by dave cunningh...
Law firm information security overview focus on encryption by dave cunningh...David Cunningham
 
GDPR 11/1/2017
GDPR 11/1/2017GDPR 11/1/2017
GDPR 11/1/2017
isc2-hellenic
 
Privacy experience in Plone and other open source CMS
Privacy experience in Plone and other open source CMSPrivacy experience in Plone and other open source CMS
Privacy experience in Plone and other open source CMS
Interaktiv
 
Rutkowski OASIS CTI F2F Cybersecurity Act Preso 20160115
Rutkowski OASIS CTI F2F Cybersecurity Act Preso 20160115Rutkowski OASIS CTI F2F Cybersecurity Act Preso 20160115
Rutkowski OASIS CTI F2F Cybersecurity Act Preso 20160115
James Bryce Clark
 
Data Breaches and the EU GDPR
Data Breaches and the EU GDPRData Breaches and the EU GDPR
Data Breaches and the EU GDPR
IT Governance Ltd
 
Data security and privacy
Data security and privacyData security and privacy
Data security and privacy
rajab ssemwogerere
 
The general data protection act overview
The general data protection act overviewThe general data protection act overview
The general data protection act overview
Roy Biakpara, MSc.,CISA,CISSP,CISM,ISO27KLA
 
GDPR-Overview
GDPR-OverviewGDPR-Overview
GDPR-OverviewErica Walker
 
EU GDPR and you: requirements for marketing
EU GDPR and you: requirements for marketingEU GDPR and you: requirements for marketing
EU GDPR and you: requirements for marketing
IT Governance Ltd
 
Data Privacy for Information Security Professionals Part 1
Data Privacy for Information Security Professionals Part 1Data Privacy for Information Security Professionals Part 1
Data Privacy for Information Security Professionals Part 1
Dione McBride, CISSP, CIPP/E
 
Access now : Data Protection: What you should know about it?
Access now : Data Protection: What you should know about it?Access now : Data Protection: What you should know about it?
Access now : Data Protection: What you should know about it?
ANSItunCERT
 
Marketing under the GDPR: What You Can and Cannot Do [Webinar Slides]
Marketing under the GDPR: What You Can and Cannot Do [Webinar Slides]Marketing under the GDPR: What You Can and Cannot Do [Webinar Slides]
Marketing under the GDPR: What You Can and Cannot Do [Webinar Slides]
TrustArc
 
GDPR Is Coming - Get Over It Webinar
GDPR Is Coming - Get Over It WebinarGDPR Is Coming - Get Over It Webinar
GDPR Is Coming - Get Over It Webinar
Sagittarius
 
CyNation: 7 Things You Should Know about EU GDPR
CyNation: 7 Things You Should Know about EU GDPRCyNation: 7 Things You Should Know about EU GDPR
CyNation: 7 Things You Should Know about EU GDPR
Iryna Chekanava
 
Privacy trends 2011
Privacy trends 2011Privacy trends 2011
Privacy trends 2011
Vladimir Matviychuk
 
Secure Data GI - Delivering Contextual Intelligence
Secure Data GI - Delivering Contextual IntelligenceSecure Data GI - Delivering Contextual Intelligence
Secure Data GI - Delivering Contextual Intelligence
Skybox Security
 
Crime Detection And Prevention Method By Using HCI
Crime Detection And Prevention Method By Using HCICrime Detection And Prevention Method By Using HCI
Crime Detection And Prevention Method By Using HCI
PAF KIET
 

More Related Content

What's hot

The GDPR for Techies
The GDPR for TechiesThe GDPR for Techies
The GDPR for Techies
Lilian Edwards
 
Revising policies and procedures under the new EU GDPR
Revising policies and procedures under the new EU GDPRRevising policies and procedures under the new EU GDPR
Revising policies and procedures under the new EU GDPR
IT Governance Ltd
 
May 6 evolving international privacy regulations and cross border data tran...
May 6 evolving international privacy regulations and cross border data tran...May 6 evolving international privacy regulations and cross border data tran...
May 6 evolving international privacy regulations and cross border data tran...
Ulf Mattsson
 
Zimbabwe's cybercrime & cybersecurity bill 2017
Zimbabwe's cybercrime & cybersecurity bill 2017Zimbabwe's cybercrime & cybersecurity bill 2017
Zimbabwe's cybercrime & cybersecurity bill 2017
Povo News
 
The Future of the Modern Workplace Event 2019 - Data Security and Protection
The Future of the Modern Workplace Event 2019 - Data Security and ProtectionThe Future of the Modern Workplace Event 2019 - Data Security and Protection
The Future of the Modern Workplace Event 2019 - Data Security and Protection
Atlas_Cloud
 
Law firm information security overview focus on encryption by dave cunningh...
Law firm information security overview focus on encryption by dave cunningh...Law firm information security overview focus on encryption by dave cunningh...
Law firm information security overview focus on encryption by dave cunningh...David Cunningham
 
GDPR 11/1/2017
GDPR 11/1/2017GDPR 11/1/2017
GDPR 11/1/2017
isc2-hellenic
 
Privacy experience in Plone and other open source CMS
Privacy experience in Plone and other open source CMSPrivacy experience in Plone and other open source CMS
Privacy experience in Plone and other open source CMS
Interaktiv
 
Rutkowski OASIS CTI F2F Cybersecurity Act Preso 20160115
Rutkowski OASIS CTI F2F Cybersecurity Act Preso 20160115Rutkowski OASIS CTI F2F Cybersecurity Act Preso 20160115
Rutkowski OASIS CTI F2F Cybersecurity Act Preso 20160115
James Bryce Clark
 
Data Breaches and the EU GDPR
Data Breaches and the EU GDPRData Breaches and the EU GDPR
Data Breaches and the EU GDPR
IT Governance Ltd
 
Data security and privacy
Data security and privacyData security and privacy
Data security and privacy
rajab ssemwogerere
 
The general data protection act overview
The general data protection act overviewThe general data protection act overview
The general data protection act overview
Roy Biakpara, MSc.,CISA,CISSP,CISM,ISO27KLA
 
EU GDPR and you: requirements for marketing
EU GDPR and you: requirements for marketingEU GDPR and you: requirements for marketing
EU GDPR and you: requirements for marketing
IT Governance Ltd
 
Data Privacy for Information Security Professionals Part 1
Data Privacy for Information Security Professionals Part 1Data Privacy for Information Security Professionals Part 1
Data Privacy for Information Security Professionals Part 1
Dione McBride, CISSP, CIPP/E
 
Access now : Data Protection: What you should know about it?
Access now : Data Protection: What you should know about it?Access now : Data Protection: What you should know about it?
Access now : Data Protection: What you should know about it?
ANSItunCERT
 
Marketing under the GDPR: What You Can and Cannot Do [Webinar Slides]
Marketing under the GDPR: What You Can and Cannot Do [Webinar Slides]Marketing under the GDPR: What You Can and Cannot Do [Webinar Slides]
Marketing under the GDPR: What You Can and Cannot Do [Webinar Slides]
TrustArc
 
GDPR Is Coming - Get Over It Webinar
GDPR Is Coming - Get Over It WebinarGDPR Is Coming - Get Over It Webinar
GDPR Is Coming - Get Over It Webinar
Sagittarius
 
CyNation: 7 Things You Should Know about EU GDPR
CyNation: 7 Things You Should Know about EU GDPRCyNation: 7 Things You Should Know about EU GDPR
CyNation: 7 Things You Should Know about EU GDPR
Iryna Chekanava
 
Privacy trends 2011
Privacy trends 2011Privacy trends 2011
Privacy trends 2011
Vladimir Matviychuk
 

What's hot (20)

The GDPR for Techies
The GDPR for TechiesThe GDPR for Techies
The GDPR for Techies
 
Revising policies and procedures under the new EU GDPR
Revising policies and procedures under the new EU GDPRRevising policies and procedures under the new EU GDPR
Revising policies and procedures under the new EU GDPR
 
May 6 evolving international privacy regulations and cross border data tran...
May 6 evolving international privacy regulations and cross border data tran...May 6 evolving international privacy regulations and cross border data tran...
May 6 evolving international privacy regulations and cross border data tran...
 
Zimbabwe's cybercrime & cybersecurity bill 2017
Zimbabwe's cybercrime & cybersecurity bill 2017Zimbabwe's cybercrime & cybersecurity bill 2017
Zimbabwe's cybercrime & cybersecurity bill 2017
 
The Future of the Modern Workplace Event 2019 - Data Security and Protection
The Future of the Modern Workplace Event 2019 - Data Security and ProtectionThe Future of the Modern Workplace Event 2019 - Data Security and Protection
The Future of the Modern Workplace Event 2019 - Data Security and Protection
 
Law firm information security overview focus on encryption by dave cunningh...
Law firm information security overview focus on encryption by dave cunningh...Law firm information security overview focus on encryption by dave cunningh...
Law firm information security overview focus on encryption by dave cunningh...
 
GDPR 11/1/2017
GDPR 11/1/2017GDPR 11/1/2017
GDPR 11/1/2017
 
Privacy experience in Plone and other open source CMS
Privacy experience in Plone and other open source CMSPrivacy experience in Plone and other open source CMS
Privacy experience in Plone and other open source CMS
 
Rutkowski OASIS CTI F2F Cybersecurity Act Preso 20160115
Rutkowski OASIS CTI F2F Cybersecurity Act Preso 20160115Rutkowski OASIS CTI F2F Cybersecurity Act Preso 20160115
Rutkowski OASIS CTI F2F Cybersecurity Act Preso 20160115
 
Data Breaches and the EU GDPR
Data Breaches and the EU GDPRData Breaches and the EU GDPR
Data Breaches and the EU GDPR
 
Data security and privacy
Data security and privacyData security and privacy
Data security and privacy
 
The general data protection act overview
The general data protection act overviewThe general data protection act overview
The general data protection act overview
 
GDPR-Overview
GDPR-OverviewGDPR-Overview
GDPR-Overview
 
EU GDPR and you: requirements for marketing
EU GDPR and you: requirements for marketingEU GDPR and you: requirements for marketing
EU GDPR and you: requirements for marketing
 
Data Privacy for Information Security Professionals Part 1
Data Privacy for Information Security Professionals Part 1Data Privacy for Information Security Professionals Part 1
Data Privacy for Information Security Professionals Part 1
 
Access now : Data Protection: What you should know about it?
Access now : Data Protection: What you should know about it?Access now : Data Protection: What you should know about it?
Access now : Data Protection: What you should know about it?
 
Marketing under the GDPR: What You Can and Cannot Do [Webinar Slides]
Marketing under the GDPR: What You Can and Cannot Do [Webinar Slides]Marketing under the GDPR: What You Can and Cannot Do [Webinar Slides]
Marketing under the GDPR: What You Can and Cannot Do [Webinar Slides]
 
GDPR Is Coming - Get Over It Webinar
GDPR Is Coming - Get Over It WebinarGDPR Is Coming - Get Over It Webinar
GDPR Is Coming - Get Over It Webinar
 
CyNation: 7 Things You Should Know about EU GDPR
CyNation: 7 Things You Should Know about EU GDPRCyNation: 7 Things You Should Know about EU GDPR
CyNation: 7 Things You Should Know about EU GDPR
 
Privacy trends 2011
Privacy trends 2011Privacy trends 2011
Privacy trends 2011
 

Viewers also liked

Secure Data GI - Delivering Contextual Intelligence
Secure Data GI - Delivering Contextual IntelligenceSecure Data GI - Delivering Contextual Intelligence
Secure Data GI - Delivering Contextual Intelligence
Skybox Security
 
Crime Detection And Prevention Method By Using HCI
Crime Detection And Prevention Method By Using HCICrime Detection And Prevention Method By Using HCI
Crime Detection And Prevention Method By Using HCI
PAF KIET
 
Cyber crime
Cyber crimeCyber crime
Cyber crime
Paul Senthil
 
Hacking computer crime
Hacking computer crimeHacking computer crime
Hacking computer crime
ELDO RAJU
 
Tools and methods used in cybercrime
Tools and methods used in cybercrimeTools and methods used in cybercrime
Tools and methods used in cybercrime
patelripal99
 
Cyber security presentation
Cyber security presentationCyber security presentation
Cyber security presentation
Bijay Bhandari
 
Cybercrime.ppt
Cybercrime.pptCybercrime.ppt
Cybercrime.pptAeman Khan
 
Cyber crime ppt
Cyber crime pptCyber crime ppt
Cyber crime pptMOE515253
 

Viewers also liked (10)

Secure Data GI - Delivering Contextual Intelligence
Secure Data GI - Delivering Contextual IntelligenceSecure Data GI - Delivering Contextual Intelligence
Secure Data GI - Delivering Contextual Intelligence
 
Crime Detection And Prevention Method By Using HCI
Crime Detection And Prevention Method By Using HCICrime Detection And Prevention Method By Using HCI
Crime Detection And Prevention Method By Using HCI
 
CRIME DETECTION
CRIME DETECTIONCRIME DETECTION
CRIME DETECTION
 
Cyber crime
Cyber crimeCyber crime
Cyber crime
 
Hacking computer crime
Hacking computer crimeHacking computer crime
Hacking computer crime
 
Cyber crime
Cyber crimeCyber crime
Cyber crime
 
Tools and methods used in cybercrime
Tools and methods used in cybercrimeTools and methods used in cybercrime
Tools and methods used in cybercrime
 
Cyber security presentation
Cyber security presentationCyber security presentation
Cyber security presentation
 
Cybercrime.ppt
Cybercrime.pptCybercrime.ppt
Cybercrime.ppt
 
Cyber crime ppt
Cyber crime pptCyber crime ppt
Cyber crime ppt
 

Similar to Integrating the prevention of cyber crime into the overall anti-crime strategies of your organisation

Understanding and preventing cyber crime and its impact on your organisation
Understanding and preventing cyber crime and its impact on your organisationUnderstanding and preventing cyber crime and its impact on your organisation
Understanding and preventing cyber crime and its impact on your organisation
Jacqueline Fick
 
National Cyber Security Policy-2013
National Cyber Security Policy-2013National Cyber Security Policy-2013
National Cyber Security Policy-2013Vidushi Singh
 
Data Privacy Introduction
Data Privacy IntroductionData Privacy Introduction
Data Privacy Introduction
G Prachi
 
FLIGHT Amsterdam Presentation - Data Breaches and the Law: A Practical Guide
FLIGHT Amsterdam Presentation - Data Breaches and the Law: A Practical GuideFLIGHT Amsterdam Presentation - Data Breaches and the Law: A Practical Guide
FLIGHT Amsterdam Presentation - Data Breaches and the Law: A Practical Guide
Black Duck by Synopsys
 
clearswift-adaptive-redaction-brochure
clearswift-adaptive-redaction-brochureclearswift-adaptive-redaction-brochure
clearswift-adaptive-redaction-brochureLee Dalton
 
CYBER Crime Cyber Security Cyber Law INDIA
CYBER Crime Cyber Security Cyber Law INDIACYBER Crime Cyber Security Cyber Law INDIA
CYBER Crime Cyber Security Cyber Law INDIA
Anish Rai
 
Outline for an Enterprise IT Security PolicyNo NameJanuary 24, 201.docx
Outline for an Enterprise IT Security PolicyNo NameJanuary 24, 201.docxOutline for an Enterprise IT Security PolicyNo NameJanuary 24, 201.docx
Outline for an Enterprise IT Security PolicyNo NameJanuary 24, 201.docx
alfred4lewis58146
 
Legal and Ethical Implications of Cybersecurity.pptx
Legal and Ethical Implications of Cybersecurity.pptxLegal and Ethical Implications of Cybersecurity.pptx
Legal and Ethical Implications of Cybersecurity.pptx
soulscout02
 
Cybersecurity solution-guide
Cybersecurity solution-guideCybersecurity solution-guide
Cybersecurity solution-guide
AdilsonSuende
 
CTO-CybersecurityForum-2010-Trilok-Debeesing
CTO-CybersecurityForum-2010-Trilok-DebeesingCTO-CybersecurityForum-2010-Trilok-Debeesing
CTO-CybersecurityForum-2010-Trilok-Debeesingsegughana
 
July CLE Webinar material: Best Practices for Victim Response and Reporting o...
July CLE Webinar material: Best Practices for Victim Response and Reporting o...July CLE Webinar material: Best Practices for Victim Response and Reporting o...
July CLE Webinar material: Best Practices for Victim Response and Reporting o...
LexisNexis
 
criminal_division_guidance_on_best_practices_for_victim_response_and_reportin...
criminal_division_guidance_on_best_practices_for_victim_response_and_reportin...criminal_division_guidance_on_best_practices_for_victim_response_and_reportin...
criminal_division_guidance_on_best_practices_for_victim_response_and_reportin...Jon Polenberg
 
SECURITY AND SAFETY OF THE POWER GRID AND ITS RELATED COMPUTER INF.docx
SECURITY AND SAFETY OF THE POWER GRID AND ITS RELATED COMPUTER INF.docxSECURITY AND SAFETY OF THE POWER GRID AND ITS RELATED COMPUTER INF.docx
SECURITY AND SAFETY OF THE POWER GRID AND ITS RELATED COMPUTER INF.docx
bagotjesusa
 
Automatski - The Internet of Things - Privacy Standards
Automatski - The Internet of Things - Privacy StandardsAutomatski - The Internet of Things - Privacy Standards
Automatski - The Internet of Things - Privacy Standards
automatskicorporation
 
Flight East 2018 Presentation–Data Breaches and the Law
Flight East 2018 Presentation–Data Breaches and the LawFlight East 2018 Presentation–Data Breaches and the Law
Flight East 2018 Presentation–Data Breaches and the Law
Synopsys Software Integrity Group
 
International Journal of Engineering Research and Development
International Journal of Engineering Research and DevelopmentInternational Journal of Engineering Research and Development
International Journal of Engineering Research and Development
IJERD Editor
 
MeHI Privacy & Security Webinar 3.18.15
MeHI Privacy & Security Webinar 3.18.15MeHI Privacy & Security Webinar 3.18.15
MeHI Privacy & Security Webinar 3.18.15
MassEHealth
 
Get The Information Here For Mobile Phone Investigation Tools
Get The Information Here For Mobile Phone Investigation ToolsGet The Information Here For Mobile Phone Investigation Tools
Get The Information Here For Mobile Phone Investigation Tools
Paraben Corporation
 
The New Massachusetts Privacy Rules (February 2, 2010)
The New Massachusetts Privacy Rules (February 2, 2010)The New Massachusetts Privacy Rules (February 2, 2010)
The New Massachusetts Privacy Rules (February 2, 2010)
stevemeltzer
 

Similar to Integrating the prevention of cyber crime into the overall anti-crime strategies of your organisation (20)

Understanding and preventing cyber crime and its impact on your organisation
Understanding and preventing cyber crime and its impact on your organisationUnderstanding and preventing cyber crime and its impact on your organisation
Understanding and preventing cyber crime and its impact on your organisation
 
National Cyber Security Policy-2013
National Cyber Security Policy-2013National Cyber Security Policy-2013
National Cyber Security Policy-2013
 
Data Privacy Introduction
Data Privacy IntroductionData Privacy Introduction
Data Privacy Introduction
 
FLIGHT Amsterdam Presentation - Data Breaches and the Law: A Practical Guide
FLIGHT Amsterdam Presentation - Data Breaches and the Law: A Practical GuideFLIGHT Amsterdam Presentation - Data Breaches and the Law: A Practical Guide
FLIGHT Amsterdam Presentation - Data Breaches and the Law: A Practical Guide
 
clearswift-adaptive-redaction-brochure
clearswift-adaptive-redaction-brochureclearswift-adaptive-redaction-brochure
clearswift-adaptive-redaction-brochure
 
CYBER Crime Cyber Security Cyber Law INDIA
CYBER Crime Cyber Security Cyber Law INDIACYBER Crime Cyber Security Cyber Law INDIA
CYBER Crime Cyber Security Cyber Law INDIA
 
Ethiopia reba paper
Ethiopia reba paperEthiopia reba paper
Ethiopia reba paper
 
Outline for an Enterprise IT Security PolicyNo NameJanuary 24, 201.docx
Outline for an Enterprise IT Security PolicyNo NameJanuary 24, 201.docxOutline for an Enterprise IT Security PolicyNo NameJanuary 24, 201.docx
Outline for an Enterprise IT Security PolicyNo NameJanuary 24, 201.docx
 
Legal and Ethical Implications of Cybersecurity.pptx
Legal and Ethical Implications of Cybersecurity.pptxLegal and Ethical Implications of Cybersecurity.pptx
Legal and Ethical Implications of Cybersecurity.pptx
 
Cybersecurity solution-guide
Cybersecurity solution-guideCybersecurity solution-guide
Cybersecurity solution-guide
 
CTO-CybersecurityForum-2010-Trilok-Debeesing
CTO-CybersecurityForum-2010-Trilok-DebeesingCTO-CybersecurityForum-2010-Trilok-Debeesing
CTO-CybersecurityForum-2010-Trilok-Debeesing
 
July CLE Webinar material: Best Practices for Victim Response and Reporting o...
July CLE Webinar material: Best Practices for Victim Response and Reporting o...July CLE Webinar material: Best Practices for Victim Response and Reporting o...
July CLE Webinar material: Best Practices for Victim Response and Reporting o...
 
criminal_division_guidance_on_best_practices_for_victim_response_and_reportin...
criminal_division_guidance_on_best_practices_for_victim_response_and_reportin...criminal_division_guidance_on_best_practices_for_victim_response_and_reportin...
criminal_division_guidance_on_best_practices_for_victim_response_and_reportin...
 
SECURITY AND SAFETY OF THE POWER GRID AND ITS RELATED COMPUTER INF.docx
SECURITY AND SAFETY OF THE POWER GRID AND ITS RELATED COMPUTER INF.docxSECURITY AND SAFETY OF THE POWER GRID AND ITS RELATED COMPUTER INF.docx
SECURITY AND SAFETY OF THE POWER GRID AND ITS RELATED COMPUTER INF.docx
 
Automatski - The Internet of Things - Privacy Standards
Automatski - The Internet of Things - Privacy StandardsAutomatski - The Internet of Things - Privacy Standards
Automatski - The Internet of Things - Privacy Standards
 
Flight East 2018 Presentation–Data Breaches and the Law
Flight East 2018 Presentation–Data Breaches and the LawFlight East 2018 Presentation–Data Breaches and the Law
Flight East 2018 Presentation–Data Breaches and the Law
 
International Journal of Engineering Research and Development
International Journal of Engineering Research and DevelopmentInternational Journal of Engineering Research and Development
International Journal of Engineering Research and Development
 
MeHI Privacy & Security Webinar 3.18.15
MeHI Privacy & Security Webinar 3.18.15MeHI Privacy & Security Webinar 3.18.15
MeHI Privacy & Security Webinar 3.18.15
 
Get The Information Here For Mobile Phone Investigation Tools
Get The Information Here For Mobile Phone Investigation ToolsGet The Information Here For Mobile Phone Investigation Tools
Get The Information Here For Mobile Phone Investigation Tools
 
The New Massachusetts Privacy Rules (February 2, 2010)
The New Massachusetts Privacy Rules (February 2, 2010)The New Massachusetts Privacy Rules (February 2, 2010)
The New Massachusetts Privacy Rules (February 2, 2010)
 

More from Jacqueline Fick

Expanding your horizons how traditional crime can turn hi tech adv j fick
Expanding your horizons how traditional crime can turn hi tech adv j fickExpanding your horizons how traditional crime can turn hi tech adv j fick
Expanding your horizons how traditional crime can turn hi tech adv j fick
Jacqueline Fick
 
A day in the life of a cyber syndicate
A day in the life of a cyber syndicateA day in the life of a cyber syndicate
A day in the life of a cyber syndicate
Jacqueline Fick
 
Cataleya-Security-Feature_SAWC_April2016page-20-23
Cataleya-Security-Feature_SAWC_April2016page-20-23Cataleya-Security-Feature_SAWC_April2016page-20-23
Cataleya-Security-Feature_SAWC_April2016page-20-23Jacqueline Fick
 
International trends in mobile law
International trends in mobile lawInternational trends in mobile law
International trends in mobile law
Jacqueline Fick
 
A kings' ransom iod directorship jan2010
A kings' ransom iod directorship jan2010A kings' ransom iod directorship jan2010
A kings' ransom iod directorship jan2010
Jacqueline Fick
 
Cyber training 23 5 2012
Cyber training 23 5 2012Cyber training 23 5 2012
Cyber training 23 5 2012
Jacqueline Fick
 
Cyber crime 101
Cyber crime 101Cyber crime 101
Cyber crime 101
Jacqueline Fick
 
Cybercrime in government
Cybercrime in governmentCybercrime in government
Cybercrime in government
Jacqueline Fick
 
Cyber forensic readiness cybercon2012 adv j fick
Cyber forensic readiness cybercon2012 adv j fickCyber forensic readiness cybercon2012 adv j fick
Cyber forensic readiness cybercon2012 adv j fick
Jacqueline Fick
 
Creating cyber forensic readiness in your organisation
Creating cyber forensic readiness in your organisationCreating cyber forensic readiness in your organisation
Creating cyber forensic readiness in your organisationJacqueline Fick
 
Women in law enforcement 2014
Women in law enforcement 2014Women in law enforcement 2014
Women in law enforcement 2014Jacqueline Fick
 
Mr SIM Swap Gone Phishing
Mr SIM Swap Gone PhishingMr SIM Swap Gone Phishing
Mr SIM Swap Gone PhishingJacqueline Fick
 

More from Jacqueline Fick (12)

Expanding your horizons how traditional crime can turn hi tech adv j fick
Expanding your horizons how traditional crime can turn hi tech adv j fickExpanding your horizons how traditional crime can turn hi tech adv j fick
Expanding your horizons how traditional crime can turn hi tech adv j fick
 
A day in the life of a cyber syndicate
A day in the life of a cyber syndicateA day in the life of a cyber syndicate
A day in the life of a cyber syndicate
 
Cataleya-Security-Feature_SAWC_April2016page-20-23
Cataleya-Security-Feature_SAWC_April2016page-20-23Cataleya-Security-Feature_SAWC_April2016page-20-23
Cataleya-Security-Feature_SAWC_April2016page-20-23
 
International trends in mobile law
International trends in mobile lawInternational trends in mobile law
International trends in mobile law
 
A kings' ransom iod directorship jan2010
A kings' ransom iod directorship jan2010A kings' ransom iod directorship jan2010
A kings' ransom iod directorship jan2010
 
Cyber training 23 5 2012
Cyber training 23 5 2012Cyber training 23 5 2012
Cyber training 23 5 2012
 
Cyber crime 101
Cyber crime 101Cyber crime 101
Cyber crime 101
 
Cybercrime in government
Cybercrime in governmentCybercrime in government
Cybercrime in government
 
Cyber forensic readiness cybercon2012 adv j fick
Cyber forensic readiness cybercon2012 adv j fickCyber forensic readiness cybercon2012 adv j fick
Cyber forensic readiness cybercon2012 adv j fick
 
Creating cyber forensic readiness in your organisation
Creating cyber forensic readiness in your organisationCreating cyber forensic readiness in your organisation
Creating cyber forensic readiness in your organisation
 
Women in law enforcement 2014
Women in law enforcement 2014Women in law enforcement 2014
Women in law enforcement 2014
 
Mr SIM Swap Gone Phishing
Mr SIM Swap Gone PhishingMr SIM Swap Gone Phishing
Mr SIM Swap Gone Phishing
 

Recently uploaded

办理(waikato毕业证书)新西兰怀卡托大学毕业证双学位证书原版一模一样
办理(waikato毕业证书)新西兰怀卡托大学毕业证双学位证书原版一模一样办理(waikato毕业证书)新西兰怀卡托大学毕业证双学位证书原版一模一样
办理(waikato毕业证书)新西兰怀卡托大学毕业证双学位证书原版一模一样
9ib5wiwt
 
Ease of Paying Tax Law Republic Act 11976
Ease of Paying Tax Law Republic Act 11976Ease of Paying Tax Law Republic Act 11976
Ease of Paying Tax Law Republic Act 11976
PelayoGilbert
 
怎么购买(massey毕业证书)新西兰梅西大学毕业证学位证书注册证明信原版一模一样
怎么购买(massey毕业证书)新西兰梅西大学毕业证学位证书注册证明信原版一模一样怎么购买(massey毕业证书)新西兰梅西大学毕业证学位证书注册证明信原版一模一样
怎么购买(massey毕业证书)新西兰梅西大学毕业证学位证书注册证明信原版一模一样
9ib5wiwt
 
XYZ-v.-state-of-Maharashtra-Bombay-HC-Writ-Petition-6340-2023.pdf
XYZ-v.-state-of-Maharashtra-Bombay-HC-Writ-Petition-6340-2023.pdfXYZ-v.-state-of-Maharashtra-Bombay-HC-Writ-Petition-6340-2023.pdf
XYZ-v.-state-of-Maharashtra-Bombay-HC-Writ-Petition-6340-2023.pdf
bhavenpr
 
ALL EYES ON RAFAH BUT WHY Explain more.pdf
ALL EYES ON RAFAH BUT WHY Explain more.pdfALL EYES ON RAFAH BUT WHY Explain more.pdf
ALL EYES ON RAFAH BUT WHY Explain more.pdf
46adnanshahzad
 
Synopsis On Annual General Meeting/Extra Ordinary General Meeting With Ordina...
Synopsis On Annual General Meeting/Extra Ordinary General Meeting With Ordina...Synopsis On Annual General Meeting/Extra Ordinary General Meeting With Ordina...
Synopsis On Annual General Meeting/Extra Ordinary General Meeting With Ordina...
Syed Muhammad Humza Hussain
 
定制(nus毕业证书)新加坡国立大学毕业证学位证书实拍图原版一模一样
定制(nus毕业证书)新加坡国立大学毕业证学位证书实拍图原版一模一样定制(nus毕业证书)新加坡国立大学毕业证学位证书实拍图原版一模一样
定制(nus毕业证书)新加坡国立大学毕业证学位证书实拍图原版一模一样
9ib5wiwt
 
The Reserve Bank of India Act, 1934.pptx
The Reserve Bank of India Act, 1934.pptxThe Reserve Bank of India Act, 1934.pptx
The Reserve Bank of India Act, 1934.pptx
nehatalele22st
 
new victimology of indonesian law. Pptx.
new victimology of indonesian law. Pptx.new victimology of indonesian law. Pptx.
new victimology of indonesian law. Pptx.
niputusriwidiasih
 
Daftar Rumpun, Pohon, dan Cabang Ilmu (28 Mei 2024).pdf
Daftar Rumpun, Pohon, dan Cabang Ilmu (28 Mei 2024).pdfDaftar Rumpun, Pohon, dan Cabang Ilmu (28 Mei 2024).pdf
Daftar Rumpun, Pohon, dan Cabang Ilmu (28 Mei 2024).pdf
akbarrasyid3
 
1比1制作(swansea毕业证书)英国斯旺西大学毕业证学位证书托业成绩单原版一模一样
1比1制作(swansea毕业证书)英国斯旺西大学毕业证学位证书托业成绩单原版一模一样1比1制作(swansea毕业证书)英国斯旺西大学毕业证学位证书托业成绩单原版一模一样
1比1制作(swansea毕业证书)英国斯旺西大学毕业证学位证书托业成绩单原版一模一样
9ib5wiwt
 
Bharatiya Nagarik Suraksha Sanhita power.pptx
Bharatiya Nagarik Suraksha Sanhita power.pptxBharatiya Nagarik Suraksha Sanhita power.pptx
Bharatiya Nagarik Suraksha Sanhita power.pptx
ShivkumarIyer18
 
NATURE, ORIGIN AND DEVELOPMENT OF INTERNATIONAL LAW.pptx
NATURE, ORIGIN AND DEVELOPMENT OF INTERNATIONAL LAW.pptxNATURE, ORIGIN AND DEVELOPMENT OF INTERNATIONAL LAW.pptx
NATURE, ORIGIN AND DEVELOPMENT OF INTERNATIONAL LAW.pptx
anvithaav
 
Secure Your Brand: File a Trademark Today
Secure Your Brand: File a Trademark TodaySecure Your Brand: File a Trademark Today
Secure Your Brand: File a Trademark Today
Trademark Quick
 
Car Accident Injury Do I Have a Case....
Car Accident Injury Do I Have a Case....Car Accident Injury Do I Have a Case....
Car Accident Injury Do I Have a Case....
Knowyourright
 
Understanding about ITR-1 and Documentation
Understanding about ITR-1 and DocumentationUnderstanding about ITR-1 and Documentation
Understanding about ITR-1 and Documentation
CAAJAYKUMAR4
 
Rokita Releases Soccer Stadium Legal Opinion
Rokita Releases Soccer Stadium Legal OpinionRokita Releases Soccer Stadium Legal Opinion
Rokita Releases Soccer Stadium Legal Opinion
Abdul-Hakim Shabazz
 
Business and Corporate Case Update (2024)
Business and Corporate Case Update (2024)Business and Corporate Case Update (2024)
Business and Corporate Case Update (2024)
Wendy Couture
 
The Main Procedures for Obtaining Cypriot Citizenship
The Main Procedures for Obtaining Cypriot CitizenshipThe Main Procedures for Obtaining Cypriot Citizenship
The Main Procedures for Obtaining Cypriot Citizenship
BridgeWest.eu
 
Military Commissions details LtCol Thomas Jasper as Detailed Defense Counsel
Military Commissions details LtCol Thomas Jasper as Detailed Defense CounselMilitary Commissions details LtCol Thomas Jasper as Detailed Defense Counsel
Military Commissions details LtCol Thomas Jasper as Detailed Defense Counsel
Thomas (Tom) Jasper
 

Recently uploaded (20)

办理(waikato毕业证书)新西兰怀卡托大学毕业证双学位证书原版一模一样
办理(waikato毕业证书)新西兰怀卡托大学毕业证双学位证书原版一模一样办理(waikato毕业证书)新西兰怀卡托大学毕业证双学位证书原版一模一样
办理(waikato毕业证书)新西兰怀卡托大学毕业证双学位证书原版一模一样
 
Ease of Paying Tax Law Republic Act 11976
Ease of Paying Tax Law Republic Act 11976Ease of Paying Tax Law Republic Act 11976
Ease of Paying Tax Law Republic Act 11976
 
怎么购买(massey毕业证书)新西兰梅西大学毕业证学位证书注册证明信原版一模一样
怎么购买(massey毕业证书)新西兰梅西大学毕业证学位证书注册证明信原版一模一样怎么购买(massey毕业证书)新西兰梅西大学毕业证学位证书注册证明信原版一模一样
怎么购买(massey毕业证书)新西兰梅西大学毕业证学位证书注册证明信原版一模一样
 
XYZ-v.-state-of-Maharashtra-Bombay-HC-Writ-Petition-6340-2023.pdf
XYZ-v.-state-of-Maharashtra-Bombay-HC-Writ-Petition-6340-2023.pdfXYZ-v.-state-of-Maharashtra-Bombay-HC-Writ-Petition-6340-2023.pdf
XYZ-v.-state-of-Maharashtra-Bombay-HC-Writ-Petition-6340-2023.pdf
 
ALL EYES ON RAFAH BUT WHY Explain more.pdf
ALL EYES ON RAFAH BUT WHY Explain more.pdfALL EYES ON RAFAH BUT WHY Explain more.pdf
ALL EYES ON RAFAH BUT WHY Explain more.pdf
 
Synopsis On Annual General Meeting/Extra Ordinary General Meeting With Ordina...
Synopsis On Annual General Meeting/Extra Ordinary General Meeting With Ordina...Synopsis On Annual General Meeting/Extra Ordinary General Meeting With Ordina...
Synopsis On Annual General Meeting/Extra Ordinary General Meeting With Ordina...
 
定制(nus毕业证书)新加坡国立大学毕业证学位证书实拍图原版一模一样
定制(nus毕业证书)新加坡国立大学毕业证学位证书实拍图原版一模一样定制(nus毕业证书)新加坡国立大学毕业证学位证书实拍图原版一模一样
定制(nus毕业证书)新加坡国立大学毕业证学位证书实拍图原版一模一样
 
The Reserve Bank of India Act, 1934.pptx
The Reserve Bank of India Act, 1934.pptxThe Reserve Bank of India Act, 1934.pptx
The Reserve Bank of India Act, 1934.pptx
 
new victimology of indonesian law. Pptx.
new victimology of indonesian law. Pptx.new victimology of indonesian law. Pptx.
new victimology of indonesian law. Pptx.
 
Daftar Rumpun, Pohon, dan Cabang Ilmu (28 Mei 2024).pdf
Daftar Rumpun, Pohon, dan Cabang Ilmu (28 Mei 2024).pdfDaftar Rumpun, Pohon, dan Cabang Ilmu (28 Mei 2024).pdf
Daftar Rumpun, Pohon, dan Cabang Ilmu (28 Mei 2024).pdf
 
1比1制作(swansea毕业证书)英国斯旺西大学毕业证学位证书托业成绩单原版一模一样
1比1制作(swansea毕业证书)英国斯旺西大学毕业证学位证书托业成绩单原版一模一样1比1制作(swansea毕业证书)英国斯旺西大学毕业证学位证书托业成绩单原版一模一样
1比1制作(swansea毕业证书)英国斯旺西大学毕业证学位证书托业成绩单原版一模一样
 
Bharatiya Nagarik Suraksha Sanhita power.pptx
Bharatiya Nagarik Suraksha Sanhita power.pptxBharatiya Nagarik Suraksha Sanhita power.pptx
Bharatiya Nagarik Suraksha Sanhita power.pptx
 
NATURE, ORIGIN AND DEVELOPMENT OF INTERNATIONAL LAW.pptx
NATURE, ORIGIN AND DEVELOPMENT OF INTERNATIONAL LAW.pptxNATURE, ORIGIN AND DEVELOPMENT OF INTERNATIONAL LAW.pptx
NATURE, ORIGIN AND DEVELOPMENT OF INTERNATIONAL LAW.pptx
 
Secure Your Brand: File a Trademark Today
Secure Your Brand: File a Trademark TodaySecure Your Brand: File a Trademark Today
Secure Your Brand: File a Trademark Today
 
Car Accident Injury Do I Have a Case....
Car Accident Injury Do I Have a Case....Car Accident Injury Do I Have a Case....
Car Accident Injury Do I Have a Case....
 
Understanding about ITR-1 and Documentation
Understanding about ITR-1 and DocumentationUnderstanding about ITR-1 and Documentation
Understanding about ITR-1 and Documentation
 
Rokita Releases Soccer Stadium Legal Opinion
Rokita Releases Soccer Stadium Legal OpinionRokita Releases Soccer Stadium Legal Opinion
Rokita Releases Soccer Stadium Legal Opinion
 
Business and Corporate Case Update (2024)
Business and Corporate Case Update (2024)Business and Corporate Case Update (2024)
Business and Corporate Case Update (2024)
 
The Main Procedures for Obtaining Cypriot Citizenship
The Main Procedures for Obtaining Cypriot CitizenshipThe Main Procedures for Obtaining Cypriot Citizenship
The Main Procedures for Obtaining Cypriot Citizenship
 
Military Commissions details LtCol Thomas Jasper as Detailed Defense Counsel
Military Commissions details LtCol Thomas Jasper as Detailed Defense CounselMilitary Commissions details LtCol Thomas Jasper as Detailed Defense Counsel
Military Commissions details LtCol Thomas Jasper as Detailed Defense Counsel
 

Integrating the prevention of cyber crime into the overall anti-crime strategies of your organisation

  • 1. Integrating the prevention of cybercrime into the overall anti-crime strategies of your organisation Africa Cybercrime Security Conference 31 March 2011 Adv Jacqueline Fick www.pwc.com
  • 2. PwC Agenda • Common cybercrimes in South Africa • Getting to grips with the Electronic Communications and Transactions Act • The value of information governance • Implementing a pro-active strategy in your organisation: a hands- on approach to dealing with cybercrime 2 March 2011Integrating the prevention of cyber crime into the overall anti-crime strategies of your organisation
  • 3. PwC Common cybercrimes in South Africa • Unauthorised access (s86(1)) • Unauthorised modification of data and various forms of malicious code (s86(2)) • Denial of Service Attacks (S86(5)) • Devices used to gain unauthorised access to data (s86(4)) • Child pornography • Computer-related fraud • Copyright infringement • Industrial espionage • Piracy • Online gambling (leave to appeal pending) • Phishing/identity theft 3 March 2011 Integrating the prevention of cyber crime into the overall anti-crime strategies of your organisation
  • 4. PwC Phishing attacks Integrating the prevention of cyber crime into the overall anti-crime strategies of your organisation 4 March 2011 RSA statistics for February 2011 RSA Online Fraud Reports show that South Africa does not fall within the top ten countries hosting phishing attacks, but features high on the list of top ten countries by attack volume. For thirteen (13) consecutive months the US, UK and South Africa have been the top three targets for mass phishing. (RSA Online Fraud Report – March 2011)
  • 5. PwC Getting to grips with the Electronic Communications and Transactions Act, No. 25 of 2002 (ECT Act) Integrating the prevention of cyber crime into the overall anti-crime strategies of your organisation 5 March 2011
  • 6. PwC The ECT ACT 'data message' means data generated, sent, received or stored by electronic means and includes- (a) voice, where the voice is used in an automated transaction; and (b) a stored record; 15 Admissibility and evidential weight of data messages (1) In any legal proceedings, the rules of evidence must not be applied so as to deny the admissibility of a data message, in evidence- (a) on the mere grounds that it is constituted by a data message; or (b) if it is the best evidence that the person adducing it could reasonably be expected to obtain, on the grounds that it is not in its original form. (2) Information in the form of a data message must be given due evidential weight. Integrating the prevention of cyber crime into the overall anti-crime strategies of your organisation 6 March 2011
  • 7. PwC The ECT ACT In assessing the evidential weight of a data message, regard must be had to- (a) the reliability of the manner in which the data message was generated, stored or communicated; (b) the reliability of the manner in which the integrity of the data message was maintained; (c) the manner in which its originator was identified; and (d) any other relevant factor. Integrating the prevention of cyber crime into the overall anti-crime strategies of your organisation 7 March 2011
  • 8. PwC CHAPTER XIII: ECT ACT 'access' includes the actions of a person who, after taking note of any data, becomes aware of the fact that he or she is not authorised to access that data and still continues to access that data. 86 Unauthorised access to, interception of or interference with data (1) Subject to the Interception and Monitoring Prohibition Act, 1992, (Act 129 of 1992) a person who intentionally accesses or intercepts any data without authority or permission to do so, is guilty of an offence. (2) A person who intentionally and without authority to do so, interferes with data in a way which causes such data to be modified, destroyed or otherwise rendered ineffective, is guilty of an offence. Integrating the prevention of cyber crime into the overall anti-crime strategies of your organisation 8 March 2011
  • 9. PwC CHAPTER XIII: ECT ACT (3) A person who unlawfully produces, sells, offers to sell, procures for use, designs, adapts for use, distributes or possesses any device, including a computer program or a component, which is designed primarily to overcome security measures for the protection of data, or performs any of those acts with regard to a password, access code or any other similar kind of data with the intent to unlawfully utilise such item to contravene this section, is guilty of an offence. (4) A person who utilises any device or computer program mentioned in subsection (3) in order to unlawfully overcome security measures designed to protect such data or access thereto, is guilty of an offence. (5) A person who commits any act described in this section with the intent to interfere with access to an information system so as to constitute a denial, including a partial denial, of service to legitimate users is guilty of an offence.Integrating the prevention of cyber crime into the overall anti-crime strategies of your organisation 9 March 2011
  • 10. PwC CHAPTER XIII: ECT ACT 87 Computer-related extortion, fraud and forgery (1) A person who performs or threatens to perform any of the acts described in section 86, for the purpose of obtaining any unlawful proprietary advantage by undertaking to cease or desist from such action, or by undertaking to restore any damage caused as a result of those actions, is guilty of an offence. (2) A person who performs any of the acts described in section 86 for the purpose of obtaining any unlawful advantage by causing fake data to be produced with the intent that it be considered or acted upon as if it were authentic, is guilty of an offence. Integrating the prevention of cyber crime into the overall anti-crime strategies of your organisation 10 March 2011
  • 11. PwC The value of good information governance Integrating the prevention of cyber crime into the overall anti-crime strategies of your organisation 11 March 2011
  • 12. PwC The value of good information governance • IT is the foundation on which we operate our businesses and information is fast becoming the most valuable asset an organisation has. • The value of information has also led to businesses focusing more on the information or data they host, process or use than on the technology employed to perform these functions. • Need for risk management. • The IT risk environment is influenced by both internal and external factors and measures must be put in place to ensure the protection, confidentiality, availability and authenticity of information, to govern the use of external service providers to host/process data, to regulate the access to company networks from remote locations and off course, to be sensitive to the threat of cyber attacks such as hacking, identity theft, cyber espionage, denial of service attacks, computer- related fraud and extortion. Integrating the prevention of cyber crime into the overall anti-crime strategies of your organisation 12 March 2011
  • 13. PwC Definitions Information Governance • King III: … an emerging discipline with an evolving definition. • Wikipedia: … a set of multi-disciplinary structures, policies, procedures, processes and controls implemented to manage information on all media in such a way that it supports the organisations immediate and future regulatory, legal, risk, environmental and operational requirements. • …an enterprise-wide strategy and framework that establishes the policies, responsibilities and decision-making processes controlling the use of information owned, or accessed by a business. The goal should be to balance risk avoidance, cost reduction and increased business value. Information Governance should also be structured in such a way as to easily adapt to organisational demands, changes in technology and be flexible to provide for new information. Integrating the prevention of cyber crime into the overall anti-crime strategies of your organisation 13 March 2011
  • 14. PwC The value of good information governance • Information governance involves a balanced approach designed to meet the needs of the organisation and all of its stakeholders, including its customers, shareholders and regulators. Furthermore, information governance is one component of an organisation’s wider enterprise information management strategy, which itself should be directly aligned with the overall business strategy. (SAS White Paper http://www.eurim.org.uk/activities/ig/SAS_WhitePaper.pdf) Integrating the prevention of cyber crime into the overall anti-crime strategies of your organisation 14 March 2011
  • 15. PwC Implementing a pro-active strategy in your organisation: A hands-on approach to dealing with cybercrime Integrating the prevention of cyber crime into the overall anti-crime strategies of your organisation 15 March 2011
  • 16. PwC Implementing a pro-active strategy in your organisation: A hands-on approach to dealing with cybercrime • Cyber security is just as important as physical security. • Relationship between physical and network security. • Know and understand your organisation: • This includes an understanding of the external environment and the threats facing the organisation. It also refers to a thorough understanding of the internal environment and the way the organisation operates – its employees, levels of staff morale, business partners of the organisation, service providers, etc. Integrating the prevention of cyber crime into the overall anti-crime strategies of your organisation 16 March 2011
  • 17. PwC Implementing a pro-active strategy in your organisation: A hands-on approach to dealing with cybercrime • Define security roles and responsibilities: • Although security should be everyone within an organisation’s concern, ownership of information security should be assigned to specific individuals, coupled with the necessary levels of authority and accountability. To assist with the process it is recommended that security roles and responsibilities be incorporated into job descriptions and that performance in terms of these areas be measured accordingly. • Ensure that you have proper policies and procedures in place for the use of IT. • Establish clear processes to enable end-users to report suspected cybercrimes. Integrating the prevention of cyber crime into the overall anti-crime strategies of your organisation 17 March 2011
  • 18. PwC Implementing a pro-active strategy in your organisation: A hands-on approach to dealing with cybercrime • Effective public private partnerships: • The effective control of cybercrime requires more than just cooperation between public and private security agencies. The role of the communications and IT industries in designing products that are resistant to crime and that facilitate detection and investigation is also of critical importance. To effectively address cyber crime also calls for a less re-active and more pro- active approach to the prevention, detection, investigation and prosecution of these crimes. • Value of intelligence: Exchange information with law enforcement agencies. Know your opponent and use the information to develop and update security policies. Think like a hacker. Integrating the prevention of cyber crime into the overall anti-crime strategies of your organisation 18 March 2011
  • 19. PwC Implementing a pro-active strategy in your organisation: A hands-on approach to dealing with cybercrime • Stay up to date: • Maintain awareness of new developments in both technology and services. Use a risk-based approach to determine when it would be necessary to upgrade or adapt current systems and processes to accommodate new developments. • Continuous auditing and assessment of process: • It is recommended that a process of continuous auditing be implemented to ensure that the strategy remains aligned to business objectives, adapts to changes in technology or identified threats, and to allow for the analysis of information that is gathered from the different implemented controls. Integrating the prevention of cyber crime into the overall anti-crime strategies of your organisation 19 March 2011
  • 20. PwC Practical Guidelines and Tips • Email is more than messages. It contains personal information, contact lists, sensitive company information, etc. Email policies: • Do not open suspicious emails. • Use spam filters. • Encrypt important files or records. • Choose complex passwords and change your password regularly. The Post-it problem. • Back up regularly. • Install powerful anti-virus and firewall software and keep it up to date. Regularly update security patches. Integrating the prevention of cyber crime into the overall anti-crime strategies of your organisation 20 March 2011
  • 21. PwC Practical Guidelines and Tips • Create good habits such as deleting your temporary internet files and cookies. This protects against hackers who can access your accounts from where you have been on the internet. • Turn off your computer and modem/disconnect from the internet when not in use. • Know what information you have, where it is stored and who has access thereto. • Be wary to provide personal information via a website you are not familiar with. • Never allow strange or unfamiliar individuals to use your computer, not even if they say they are from the IT department! Integrating the prevention of cyber crime into the overall anti-crime strategies of your organisation 21 March 2011
  • 22. PwC Practical Guidelines and Tips • Educate users: • Teach IT users how to identify cyber threats and how to respond. • Share security information with all users of IT in the organisation. • Read up on the latest ways hackers create phishing scams to gain access to your personal information. Integrating the prevention of cyber crime into the overall anti-crime strategies of your organisation 22 March 2011
  • 23. PwC In summary • Organisations need to realise the true value of information. • Cyber criminals steal information. • We can only effectively combat cybercrime if we share information and collaborate. • Know your opponent. • Be pro-active and not re-active. • Implement good information governance principles in your organisation. • Educate all IT users. • Protect your information with the same vigour as you protect physical property, brand names, money, etc! Integrating the prevention of cyber crime into the overall anti-crime strategies of your organisation 23 March 2011
  • 24. “Success in preventing cyber attacks depends as much on knowing what to look for as it does on rolling out the right security.” (Howard Schmidt, ComputerWeekly.com 27 March 2009) This publication has been prepared for general guidance on matters of interest only, and does not constitute professional advice. You should not act upon the information contained in this publication without obtaining specific professional advice. No representation or warranty (express or implied) is given as to the accuracy or completeness of the information contained in this publication, and, to the extent permitted by law, PwC, its members, employees and agents do not accept or assume any liability, responsibility or duty of care for any consequences of you or anyone else acting, or refraining to act, in reliance on the information contained in this publication or for any decision based on it. © 2011 PricewaterhouseCoopers (“PwC”), the South African firm. All rights reserved. In this document, “PwC” refers to PricewaterhouseCoopers in South Africa, which is a member firm of PricewaterhouseCoopers International Limited (PwCIL), each member firm of which is a separate legal entity and does not act as an agent of PwCIL.