Governments must play a more central role in their country’s cyber security by investing in digital skills and infrastructure, while also improving collaboration other players, most notably the private sector.
This emerged at a webinar on Accelerated Digital Transformation and Government’s Broader role in Cyber recently hosted by Deloitte. The webinar took place with cyber security in the spotlight as key government entities such as Transnet, the Department of Justice, and the National Space Agency suffered cyber-attacks recently.
The webinar is part of a series to launch the Government Trends Report 2021, produced by Deloitte. Gaba Tabane, the Government and Public Services Industry Leader at Deloitte Africa says the report, now in its fifth year of publication, highlights nine global trends and focuses on government operations, rather than policy. Tabane notes that South Africa has focused on five of the trends starting with digital transformation of government.
Thinus Bekker, a panelist at the webinar and General Manager: Information Technology (IT) at Rand Water pointed out that Rand Water, which supplies water to Gauteng and parts of surrounding provinces such as Mpumalanga and North West, has successfully digitised significant parts of its water supply value chain. This delivers immense benefits, but also presents new risks.
His colleague at Rand Water Mogan Padayachee, who is Manager for Innovation and Technology said
Covid has forced us to rethink our business and operating model. It has opened the door to new methods for monitoring and managing our plants and operations, ensuring business continuity, and serving our customers.
Padayachee further added that Rand Water uses smart technology which comprises data, hardware, and software to stay connected to employees, customers, and critical assets.
Rand Water has an Innovation Hub housed in the Rand Water Institute, which currently has approximately 100 innovation and technology projects, ranging from satellite leak detection, smart water pipe grid projects, and a new system to simulate and monitor raw water quality in its catchment. Rand Water works with international counterparts from Singapore, Europe and Australasia to ensure the highest quality standards and successful adoption of new technologies.
Bekker further said as organisations digitise business processes, there is not enough being done to ensure the authenticity and integrity of electronic records, such that they are admissible as evidence for compliance, assurance and litigation purposes.
Eric McGee, an Associate Director for Cyber Risk at Deloitte Africa said utilities are increasingly becoming targets of cyber-attacks because they are usually sole suppliers of their service—be it water supply, electricity or in the case of Transnet, transport, and logistics—and therefore offer a single source of failure.McGee noted that the increase of remote work, while increasing connectivity in a country like South Africa through the proliferation of more cell phones, and the Internet connectivity but most importantly the adoption of cloud, presents new risks.
McGee added that collaboration between government and the private sector is crucial in combatting cyber-attacks. In South Africa, the National Cybersecurity Hub was established at the Centre for Scientific and Industrial Research (CSIR) for this purpose. The South African Banking Risk Information Centre (SABRIC) is another example of industry collaboration to fight fraud more broadly in the South African Banking sector.
McGee further said,
Privacy legislation enacted in South Africa and across the African continent has changed the urgency and impact that cyber breaches will have on organisations and individuals.
Following its implementation of the Protection of Personal Information Act (POPIA) in July, South Africa is also enacting the Cybercrime Act, which will further provide law enforcement with better measures and processes to deal with cybercrime which forces government and other organisations to ensure that they are not inadvertently complicit in cybercrimes through their infrastructure.
Sipho Ndaba, the Corporate Executive for Specialised Audit Services at the Auditor General of South Africa, said the government processes have become increasingly digitised and automated, this makes them a target for cyber crime. Ndaba says even in the digitised environment, lapses are still caused by the human element and there is a general lack of cyber security governance and consequences management in many of the government departments and entities they audit.
Andrew Johnston, who is the Digital Transformation Strategy Lead at Deloitte points out several steps that government can take to move towards digital maturity. The first is mastery of their data, which includes the collection of underutilised, data located in “silos”, which government may already have, through its departments and entities such as Statistics South Africa.
Johnston said some of the benefits of digital transformation include improvement in efficiency and revenue collection in those parts that collect revenues such as taxes or licence fees. Correctly executed, digital transformation can also lead to improved customer satisfaction, which in the case of the public service would be citizens and improved employee engagement, which is critical in government.
In addition to digital transformation, other trends to be explored in the Deloitte webinar series include remote working in the public service, seamless service delivery, and sustaining public trust in government.