The South African National Cyber Security Policy Framework: a Critical Analysis

Abstract

Contemporary security concerns emanating from or carried out via the cyber terrain have propelled states to develop policies and frameworks such as South Africa’s National Cyber Security Policy Framework (NCPF) 2015. This study addresses this and other questions by analysing the efficacy of NCPF dealing with cyber security threats. In pursuing these questions, the study employs a qualitative desktop approach. A discussion on concepts and theoretical frameworks on cyber security is done. Specifically, it compares the NCPF to policy frameworks of comparable democracies such as India and the United States of America (USA). The main realisation from the NCPF is that it significantly proffers strong points that can substantially aid South Africa’s cyber security posture. Some of the strong points include calls for greater coordination, cooperation and partnerships in building cyber security in South Africa. However, several loopholes or contradictory issues have been noted such as being underspecified, lacking clarity on cooperation and partnership, and flimsy implementation by the state. The main suggestion is that the NCPF need to focus more on reducing the likelihood and consequences of both intentional and accidental cyberattacks. Finally, recommendations and areas for possible further research are suggested.