What concerns me is that there is very little focus on consumer protection. The state's issues are being addressed, business issues are addressed, but apart from the CPA and POPIA, their is very little further protection for end users in the proposed bill, apart from where it happens to be in the interest of the financial industry as well as an overlap.
Another negative aspect of the proposed legislation is the decentralisation of cyber-related responsibilities to a number of government departments. This is likely to create a silo-based approach to cyber governance. It will lead to inefficiencies and duplication of effort. By combining some, or all, of the new structures in the bill, scarce technical resources should be better used.
I disagree. By ring-fencing focus areas, it can be assured that adequate skills can be developed for that areas specific threats. The threats that a state may experience is different to those a bank sees. It also ensures that all resources are not allocated to one area, leaving a lack in another functional area. Cross pollination would be good though and there should be an exchange of notes on an ongoing basis.
From the discussion document:
...submit the request together with his or her recommendations, to the Cabinet member responsible for the administration of justice, for his or her approval. If the request is approved by the Minister it must be submitted to the designated judge for approval.
We find a few such points. I query why this has to via to the cabinet member? Why can't it bypass this step, or rather specify the cabinet member needs to be notified. I fear this may open the door to political interference in the process. Politics and justice does not always mingle well.