Categories

Editor's Choice
Tech Jobs Network
News & Events
Access Control & Identity Management
AI & Data Analytics
Asset Management
Associations
Conferences & Events
Facilities & Building Management
Fire & Safety
Information Security
Infrastructure
Integrated Solutions
IoT & Automation
Perimeter Security, Alarms & Intruder Detection
Power Management
Products & Solutions
Security Services & Risk Management
Smart Home Automation 
Surveillance
Training & Education
Videos
Security by Industry Sector ▾








Print this page printer friendly version

Understanding South Africa’s Cybercrimes Act

December 2024 Information Security, Security Services & Risk Management

By Zaakir Mohamed (Director, Head of Corporate Investigations and Forensics) and Shuaib Vahed (Legal Intern, Corporate Investigations and Forensics) at CMS South Africa.


In June this year, South Africans got yet another taste of how destructive criminal cyberattacks can be. As the month drew to a close, the National Health Laboratory Service (NHLS) fell victim to a ransomware attack. The incident delayed the processing of millions of blood samples, affecting patient waiting times. By mid-July, the service’s IT systems still had not been restored.

It was the latest example of how cybercrime has become a growing problem for the public and private sectors alike. In fact, data released by cybersecurity firm Check Point shows that there has been a 37% increase in cyberattacks across Africa over the past 12 months. The scope of cybercrime is also increasing and covers everything from online versions of traditional crimes such as fraud, theft, extortion, and child pornography, as well as crimes which became possible as a result of computer usage, such as hacking, phishing, and piracy, among others.

While organisations should always do everything in their power to prevent and mitigate these attacks, they must also understand what legal protections are available to them. In South Africa, the most relevant piece of legislation is the Cybercrimes Act No.19 of 2020. Officially signed into law on 1 December 2021, the Act is a comprehensive legislative response to the evolving landscape of cyberthreats in South Africa. The Act’s effectiveness, however, relies on enforcement, which relies on several factors, including implementation, international cooperation, and collaboration between the public and private sectors.

Understanding the Cybercrimes Act

Before exploring those factors and how they can combine, it is worth understanding a little more about the Cybercrimes Act.

The primary objective of the Act is to create provisions and criminalise various forms of cyber-related crimes and establish mechanisms for the investigation, prosecution, and prevention of cybercrimes. It encompasses a wide range of illicit activities, including, among others, unlawful access, unlawful interception of data, unlawful interference with data and computer programs/systems, and cyberfraud.

It additionally sets out provisions addressing cybercrimes and penalties for those found guilty of committing them. This means that individuals who engage in activities such as malicious hacking or spreading software viruses can face fines or even imprisonment. Another key aspect of the Act is that it provides for extraterritorial jurisdiction. In this respect, it provides South African courts with the power to deal with both cybercrimes perpetrated within South Africa as well as those that affect South African interests, even if they occur outside the country.

Making the Act effective

Ensuring the effectiveness of the act relies on several factors coming together. These include:

• Enforcement and implementation: Successfully enforcing and implementing the Act depends on the capacity and readiness of law enforcement agencies, the judiciary, and other relevant stakeholders to meaningfully deal with cybercrimes. Ensuring that these stakeholders have adequate training, resources, and cooperation is crucial to the effective execution and enforcement of the Act. Providing law enforcement with the necessary tools and knowledge to handle cybercrimes efficiently is, therefore, essential.

• Technological advances and adaptability: Cyberthreats evolve very rapidly, necessitating continuous updates and amendments to the legislative framework to keep up with emerging challenges. The broad scope of the Act covers various forms of cybercrimes that help address many contemporary threats. Ensuring that the legislation remains relevant and effective in combating new types of cyberthreats means periodic reviews and amendments must be made to the Act. This ongoing legislative oversight and the incorporation of new provisions will help accommodate advancements in technology and changes in cybercrime tactics and risks.

• International cooperation: Given the global nature of cyberthreats, international cooperation is essential for effectively combating cybercrimes. The Act facilitates collaboration with foreign counterparts through mutual legal assistance treaties and information-sharing mechanisms. By working with other countries, South Africa can enhance its ability to track and apprehend cybercriminals operating across borders. This cooperation involves sharing intelligence, coordinating joint investigations, and providing legal support, ensuring that cybercriminals are brought to justice, regardless of their location. Strengthening international partnerships helps to build a global network of defence against cyberthreats, making it harder for criminals to exploit jurisdictional boundaries.

• Public-private sector collaboration: Collaboration between the government, the public, and the private sectors is vital for a comprehensive approach to cybersecurity. The government plays a critical role in setting policies, regulations, and standards to safeguard national infrastructure and data. The public sector, including law enforcement agencies and regulatory bodies, provides expertise and resources for cybercrime prevention and response. The private sector, comprising businesses and organisations, meanwhile contributes valuable insights, innovations, and investments in cybersecurity solutions, fostering a collective effort to address cyberthreats effectively. This collaboration ensures that cybersecurity measures are robust, coordinated, and aligned with the needs of all stakeholders, which ultimately enhances the resilience of the digital environment.

Addressing growing threats

Cybercrime poses a growing threat worldwide as technology advances. South Africa’s Cybercrimes Act represented a proactive response to that threat. Its ongoing effectiveness, however, hangs on robust enforcement, technological advancements, adaptability, civil freedom protection, international cooperation, and public-private collaboration. By addressing these key aspects, South Africa can strengthen its resilience against cyberthreats and foster a safer digital environment for its citizens, businesses, and the economy at large.




Share this article:
Share via emailShare via LinkedInPrint this page


Further reading:

Want effective Attack Surface Management? Think like an attacker.
Information Security
Effective ASM requires companies to think like attackers, anticipate risks, and act decisively to reduce exposure by knowing their environment, deploying a structured approach, leveraging capable tools, and addressing both internal and external risks.

Read more...
Your Wi-Fi router is about to start watching you
News & Events Surveillance Security Services & Risk Management
Advanced algorithms are able to analyse your Wi-Fi signals and create a representation of your movements, turning your home's Wi-Fi into a motion detection and personal identification system.

Read more...
The growing role of hybrid backup
Infrastructure Information Security
As Africa’s digital economy rapidly grows, businesses across the continent are facing the challenge of securing data in an environment characterised by evolving cyberthreats, unreliable connectivity and diverse regulatory frameworks.

Read more...
POPIA non-compliance puts municipalities at risk
Information Security Government and Parastatal (Industry)
Digital responsibility must go beyond POPIA compliance to recognising that privacy and service delivery are fundamentally linked. Despite this, only 51 out of 257 municipalities submitted their mandatory data protection and access to information reports in 2024.

Read more...
Choicejacking bypasses smartphone charging security
News & Events Information Security
Choicejacking is a new cyberthreat that bypasses smartphone charging security defences to confirm, without the victim’s input or consent, that the victim wishes to connect in data-transfer mode.

Read more...
Most wanted malware
News & Events Information Security
Check Point Software Technologies unveiled its Global Threat Index for June 2025, highlighting a surge in new and evolving threats. Eight African countries are among the most targeted as malware leaders AsyncRAT and FakeUpdates expand.

Read more...
Welcome to the new cyber battleground
Information Security
The Iran-Israel conflict is rapidly redefining modern warfare, pushing the boundaries of cyber capabilities and creating a new, borderless digital battlefield. Fortinet’s CISO, Dr Carl Windsor, offers a critical, in-depth analysis of the escalating tactics and global implications in his latest report.

Read more...
African industries may overestimate cyber defences
Information Security
] A significant perception gap exists in security awareness training: 68% of leaders believe training is tailored to roles, yet only a third of employees feel adequately trained. Many organisations only conduct annual or biannual generic training that may not effectively change behaviour.

Read more...
SMARTpod talks to Sophos and Phishield
SMART Security Solutions Technews Publishing Sophos Videos Information Security News & Events
SMARTpod recently spoke with Pieter Nel, Sales Director for SADC at Sophos, and Sarel Lamprecht, MD at Phishield, about ransomware and their new cyber insurance partnership.

Read more...
Cybersecurity and insurance partnership for sub-Saharan Africa
Sophos News & Events Information Security Security Services & Risk Management
Sophos and Phishield Announce first-of-its-kind cybersecurity and insurance partnership for sub-Saharan Africa. The SMARTpod podcast, discussing the deal and the state of ransomware in South Africa and globally, is now also available.

Read more...











SMART Security Business Directory


While every effort has been made to ensure the accuracy of the information contained herein, the publisher and its agents cannot be held responsible for any errors contained, or any loss incurred as a result. Articles published do not necessarily reflect the views of the publishers. The editor reserves the right to alter or cut copy. Articles submitted are deemed to have been cleared for publication. Advertisements and company contact details are published as provided by the advertiser. Technews Publishing (Pty) Ltd cannot be held responsible for the accuracy or veracity of supplied material.

Published by Technews

»  Dataweek Electronics & Communications Technology
»  Electronics Buyers' Guide (EBG)

»  SMART Security Solutions
»  SMART Security Business Directory

»  Motion Control in Southern Africa
»  Motion Control Buyers' Guide (MCBG)

»  South African Instrumentation & Control
»  South African Instrumentation & Control Buyers' Guide (IBG)



© Technews Publishing (Pty) Ltd. | All Rights Reserved.