Without a doubt, we live in a net-centric world. New information technologies arrive at lightning speed, allowing us to share information across town, across the country, or around the world faster than ever before. The value that information provides is drastically changing, in such way that protection of critical information including privacy information is much more challenged.

The South African Centre for Information Security is established to develop and promote a coherent governance framework to drive implementation of effective information security programs. Although information security is often viewed as a technical issue, it is also a governance challenge that involves risk management, reporting and accountability. As such, it requires the active engagement of executive management.

This is one of the reasons we are running in multi countries conferences on Information Security Governance and other key information security issues like insider threat and social engineering.

We also start of the year with highlighing top information security threats for 2011 and we base our threats analysis and mitigation strategies and programmes towards these threats. We have started a broad based interactive conference on combating cyber crime in three cities in order to share our findings and address new threats to information such as wikileaks and social networking issues.

Today’s economic environment demands that enterprises in both the public and private sectors reach beyond traditional boundaries. Citizens, customers, educators, suppliers, investors and other partners are all demanding more access to strategic resources. As enterprises reinvent themselves to meet this demand, traditional boundaries are disappearing and the premium on information security is rising. Heightened concerns about critical infrastructure protection and national security are accelerating this trend.

The Centre is committed to provide a framework and guidelines to help organisations assess their performance and put in place an information security governance program in Botswana, South Africa and other African coutnreis. By themselves, however, these tools are not enough. To succeed we need a private sector commitment to implement this framework and begin to integrate information security into its corporate governance program.

South African Centre for Information Security (SACFiS) is the trusted security partner for government, parastatlas, private sectors and citizens around the SADC region, helping them to effectively improve their information security processes, meet security best practices and achieve regulatory compliance.

As we embrace information security governance and face wave of cyber crime attacks, it is important to remember that, like quality, it is a journey that requires continuous improvement over time. We are still in the early stages of this journey.

As we progress, we will not only reap the rewards of productivity growth, customer satisfaction and improved competitiveness, but also gain the larger reward of enhanced security to our critical infrastructure and corporate bodies.

The road to information security goes through corporate governance. South Africa, Botswana and the entire SADC region cannot solve its information and cyber security challenges by delegating them to government officials or IT managers. The best way to strengthen the region’s information security is to treat it as a corporate governance issue that requires the attention of Boards and CEOs and every individual.

We encourage you to join us in this effort and be our partner.
Thank You

Beza Belayneh
CEO/Chief Information Architect