information security

/Tag:information security

Appointment of the Information Regulator for POPI and PAIA

Today, 7 September 2016,  the South African National Assembly voted in favour of the appointment of the Information Regulator for POPI and PAIA. Parliament voted for the five nominated candidates to run the newly-formed office of the Information Regulator. This is not [...]

By | September 7th, 2016|Categories: POPI and Data Protection|Tags: , , |

“Fraudulent” access to an IT system containing unprotected public data

Is it an offence to access data that is freely available on the Internet? Many of us would think that it isn’t if the data is accessible by the public. Can a person use public data (that may include public [...]

By | September 26th, 2014|Categories: POPI and Data Protection|Tags: , , |

PCI DSS Compliance

Interested in PCI DSS compliance? Do you need to comply with the Payment Card Industry (PCI) Data Security Standard (DSS)? A merchant, service provider or bank that processes any cardholder data, needs to know about PCI DSS and what is means [...]

By | March 14th, 2014|Categories: IT Law|Tags: , , , , , , |

Electronic signatures and cryptography

Digital signatures, digital certificates, and advanced electronic signatures are all types of electronic signatures that use cryptography to authenticate the identity of the person signing and to secure their electronic signature. They are all very reliable, but they each have [...]

By | January 14th, 2014|Categories: Electronic Signature Law|Tags: , |

Cryptography laws in South Africa

What is cryptography? Wikipedia defines "cryptography" as "the practice and study of hiding information". Where a document or communication has been encrypted, the act of encrypting serves several purposes? To: establish its authenticity; prevent its undetected modification; prevent its repudiation [...]

By | May 25th, 2012|Categories: POPI and Data Protection|Tags: , , |

Forensic IT and the Law

Forensic IT and computer forensics is big business. There are now many forensic investigators. Especially because most business documents are created electronically nowadays. The need for electronic evidence is not confined to obvious cybercrime events such as hacking, fraud and [...]

By | May 22nd, 2012|Categories: Cyber Crime|Tags: , , |

Do you need to register as a Cryptography Provider?

Cryptography and encryption presents a challenge to security conscious governments in that it allows message content to be concealed from the authorities. Therefore, the purpose of the cryptography provisions in our law is, amongst other things, to assist the investigative [...]

By | April 23rd, 2012|Categories: IT Law|Tags: , , , , |

Map of International Crypto and Encryption Laws

Click here to view a map of International Crypto laws and regulations captured from several sources.

By | May 16th, 2009|Categories: POPI and Data Protection|Tags: , , |

Measures to be taken by companies to guarantee security of Internet transactions

Section 43(5) of the ECT Act requires the supplier in an electronic transaction to "utilise a payment system that is sufficiently secure with reference to accepted technological standards at the time of the transaction and the type of transaction concerned." [...]

Information Security Policies support Compliance

Information Security policies support compliance in many ways. Vicarious liability Beyond sensitising employees to the risks posed by technology, information security policies minimise the organisation's exposure to vicarious liability for unauthorised or unlawful acts carried out by employees during the [...]