SANS training comes to SA
SECURITY| Aug. 30, 2012, 11:57 a.m.
Organisations are not prepared for the arrival of South Africa’s Protection of Personal Information (PoPI) Bill says a leading expert. With this in mind, globally recognised SANS training courses will be delivered in the country.
“It has been a long journey but South Africa’s first comprehensive information security and privacy legislation is at the final stages of becoming law,” comments Craig Rosewarne, Director EMEA - Africa region for the SANS Institute, “However, it is still not certain that many of the organisations that need to understand the ramifications of compliance with PoPI, in my opinion, are probably not yet ready.”
State law advisors have presented the 9th Draft of the Protection of Personal Information bill to the Committee to deliberate on a clause-by-clause basis. In short order, a potentially ‘final’ 10th version is likely to be referred to the National Assembly for a final vote then referral to the NCOP for that House’s approval.
“We are starting to have some interesting discussions with government departments, large private enterprises and consultants as to what they need to do to prepare themselves for PoPI which is probably less than a year away,” comments Rosewarne, “Information privacy is not just a regulatory issue but the arrival of the new law has accelerated the demand for training and certification and our upcoming event is in part a reaction to these specific drivers.”
SANS will be running its first full training conference in South Africa this October at the Radisson Blu Gautrain Hotel in Johannesburg. The programme will include courses covering essential security best practice, incident handling and computer forensics.
Of particular interest in relation to PoPI is the SANS Security 504: Hacker Techniques, Exploits & Incident Handling course. Taught by highly experienced SANS Certified Instructor James Tarala, an expert practitioner who has dealt with high profile incidents across the world; the six day course is aimed at helping information security professionals understand attackers' tactics and design a comprehensive incident handling plan. This plan includes the legal issues associated with responding to computer attacks, including employee monitoring, working with law enforcement, and handling evidence.
“We have negotiated a discount for government employees and members of the Information Security Group of Africa who wish to attend any of the courses as a further incentive to kick start the process,” explains Rosewarne, “PoPI is coming and organisations need to get ready sooner rather than later as the potential reputation damage and fines for breaches are significant.”
MORE SECURITY NEWS
Top targets for cyber attacks in East AfricaGovernments are East Africa’s top target sector for cyber attacks, followed by telecoms and financial services, says a report by Control Risks. Read More
Connecting the dots: respond-to-alerts based security posture will not protectAccording to an Arbor paper, “Connecting the Dots in Enterprise Security”, advanced threats target a specific company, are designed to bypass traditional controls, and comprise a planned and orchestrated set of attack activities. Read More
DNS attacks on the increase, concern for SA firmsSouth African organisations will likely see an increase in the volume and severity of network attacks over the coming years, says Arbor Networks. Read More
RSA: 75 percent of organisations at significant risk of cyber incidentsRSA, The Security Division of EMC, has released data demonstrating that organisations that invest in detection and response technologies, rather than perimeter-based solutions, are better poised to defend against cyber incidents. Read More
DDoS attacks don’t have to mean ‘game over’The problem of inadequate protection from DDoS attacks is a growing concern for South African organisations, says Arbor Networks. Read More
DNS attacks on the increase, concern for SA firmsArbor Networks Annual Worldwide Infrastructure Security Report provides a rare insight into the nature of today’s network security threats, and the ways in which enterprise network operators and service providers are facing up to these challenges. Read More
Arbor Networks Spectrum v2.1 pioneers new network approach for security teamsArbor Networks Inc., the security division of NETSCOUT, has introduced version 2.1 of Arbor Networks Spectrum, its advanced security analytics and threat-hunting platform, to the African region. Read More
Things to ask your MSSP to increase your network’s securityArbor Networks has drawn up five questions to ask an MSSP to better ensure security throughout your organization. Read More
Unpacking penetration testing for SMEsMWR Infosecurity outlines penetration testing best practice for SMEs. Read More
FEATURED STORYGovernment should encourage youths in ICT early
Youths should be given more encouragement to develop their ICT skills, an 11-year-old app developer told Kokumo Goodie.
BEST READ NEWS
IN DEPTHIBM Opens First Cloud Data Centre in South Africa
IBM is opening a new IBM Cloud Data Centre in Johannesburg, South Africa. The new cloud center is the result of a close collaboration with Gijima and Vodacom and is designed to support cloud adoption and customer demand across the continent.