Towards an aligned South African National Cybersecurity Policy Framework

This thesis measured and aligned factors that contribute to the misalignment of the South African National Cybersecurity Policy Framework (SA-NCPF). The exponential growth rate of cyber-attacks and threats has caused more headaches for cybersecurity experts, law enforcement agents, organisations and the global business economy. The emergence of the global Corona Virus Disease-2019 has also contributed to the growth of cyber-attacks and threats thus, requiring concerted efforts from everyone in society to devise appropriate interventions that mitigate unacceptable user behaviour in the reality of cyberspace. In this study, various theories were identified and pooled together into an integrative theoretical framework to provide a better understanding of various aspects of the law-making process more comprehensively. The study identified nine influencing factors that contributed to misalignment of the South African National Cybersecurity Policy Framework. These influencing factors interact with each other continuously producing complex relationships, therefore, it is difficult to measure the degree of influence of each factor, hence the need to look at and measure the relationships as Gestalts. Gestalts view individual interactions between pairs of constructs only as a part of the overall pattern. Therefore, the integrative theoretical framework and Gestalts approach were used to develop a conceptual framework to measure the degree of alignment of influencing factors. This study proposed that the stronger the coherence among the influencing factors, the more aligned the South African National Security Policy Framework. The more coherent the SA-NCPF is perceived, the greater would be the degree of alignment of the country's cybersecurity framework to national, regional and global cyberlaws. Respondents that perceived a strong coherence among the elements also perceived an effective SA-NCPF. Empirically, this proposition was tested using nine constructs. Quantitative data was gathered from respondents using a survey. A major contribution of this study was that it was the first attempt in South Africa to measure the alignment of the SA-NCPF using the Gestalts approach as an effective approach for measuring complex relationships. The study developed the integrative theoretical framework which integrates various theories that helped to understand and explain the South African law making process. The study also made a significant methodological contribution by adopting the Cluster-based perspective to distinguish, describe and predict the degree of alignment of the SA-NCPF. There is a dearth of information that suggests that past studies have adopted or attempted to address the challenge of alignment of the SA-NCPF using the cluster-based and Gestalts perspectives. Practical implications from the study include a review of the law-making process, skills development strategy, a paradigm shift to address the global Covid-19 pandemic and sophisticated cybercrimes simultaneously. The study asserted the importance of establishing an independent cybersecurity board comprising courts, legal, cybersecurity experts, academics and law-makers to provide cybersecurity expertise and advice. From the research findings, government and practitioners can draw lessons to review the NCPF to ensure the country develops an effective national cybersecurity strategy. Limitations and recommendations for future research conclude the discussions of this study

CPA\u27s handbook of fraud and commercial crime prevention

https://egrove.olemiss.edu/aicpa_guides/1823/thumbnail.jp

Cyber Infrastructure Protection: Vol. III

Despite leaps in technological advancements made in computing system hardware and software areas, we still hear about massive cyberattacks that result in enormous data losses. Cyberattacks in 2015 included: sophisticated attacks that targeted Ashley Madison, the U.S. Office of Personnel Management (OPM), the White House, and Anthem; and in 2014, cyberattacks were directed at Sony Pictures Entertainment, Home Depot, J.P. Morgan Chase, a German steel factory, a South Korean nuclear plant, eBay, and others. These attacks and many others highlight the continued vulnerability of various cyber infrastructures and the critical need for strong cyber infrastructure protection (CIP). This book addresses critical issues in cybersecurity. Topics discussed include: a cooperative international deterrence capability as an essential tool in cybersecurity; an estimation of the costs of cybercrime; the impact of prosecuting spammers on fraud and malware contained in email spam; cybersecurity and privacy in smart cities; smart cities demand smart security; and, a smart grid vulnerability assessment using national testbed networks.https://press.armywarcollege.edu/monographs/1412/thumbnail.jp

An evaluation of identification methods used in the investigation of counterfeit card fraud

Today, the use of one's bank card to pay or withdraw money is common. Modern technology provides us with the convenience of instant transactions at the automated teller machine or point of sale but unfortunately, it has also brought the reality and risk of card skimming and counterfeit card fraud. Criminals have become very efficient and technologically advanced in skimming and counterfeiting cards, to such an extent that counterfeit card fraud has become a significant threat to the public, banking, retail and business in South Africa. Counterfeit card fraud is a complex, multi-faceted crime, requiring specific skills and knowledge of card counterfeiting methods from police and bank investigators. The scope of its investigation is wide. It includes different crime scenes and offenders, sophisticated equipment and various aspects that need to be identified positively. Investigators find it difficult to identify perpetrators and certain aspects unique to this crime and, as a result, many investigations are unsuccessful. This research endeavours to establish what identification methods are available to investigators and which are effective.Police PracticeM. Tech. (Forensic Investigation

Statistical modelling for detection of fraudulent activity on banking cards

The current global recession has highlighted the fragile banking and related systems exposure to risks and acts of fraud. As a result of the ever changing information technology environment, where the internet has become an important retail sector channel, new fraud challenges are being encountered. The rapid growth in credit and cheque card transactions as a payment mechanism has led to an increase in card fraud. Approximately 70% of consumers utilising credit and cheque cards, as payment mechanisms, are significantly concerned about fraud (McAlearney, 2008). Additionally, credit card fraud has broader negative implications, such as funding organised crime, international narcotics trafficking and even the financing of terrorist activities. The first section of this study develops classification models that will improve on existing methods used to detect fraud and, as a result thereof, reduce the number of fraudulent transactions. Using confidential data obtained from a South African Bank, logistic regression and scoring techniques have been combined to develop a classification model that improves on the existing fraudulent identification methods. Using the methods developed in this study, a higher percentage of fraudulent transactions are classified correctly when compared to discriminant analysis, a method often used to identify fraudulent transactions. These models enable the banking business to identify demographic, socio-economic and banking-specific determinants which contribute significantly towards fraudulent transactions. The early detection methods will allow banks to put in place measures that will reduce the occurrence of fraudulent transactions on customer’s cards. The second section involves understanding how card holders and merchants contribute towards the occurrence of fraudulent incidents. This was achieved through two surveys which were carried out in the Johannesburg metropolitan area. These surveys aimed at understanding the perceptions of card holders and merchants with regard to aspects pertaining to card fraud contributed towards the occurrence of card fraud. Multinomial logistic regression (MLR) is used to classify card holders and merchants according to their likelihood of experiencing card fraud incidents. These results are based on their perceptions of certain aspects related to card fraud as obtained from the survey instruments

Cryptocurrencies and future financial crime.

Background: Cryptocurrency fraud has become a growing global concern, with various governments reporting an increase in the frequency of and losses from cryptocurrency scams. Despite increasing fraudulent activity involving cryptocurrencies, research on the potential of cryptocurrencies for fraud has not been examined in a systematic study. This review examines the current state of knowledge about what kinds of cryptocurrency fraud currently exist, or are expected to exist in the future, and provides comprehensive definitions of the frauds identified. Methods: The study involved a scoping review of academic research and grey literature on cryptocurrency fraud and a 1.5-day expert consensus exercise. The review followed the PRISMA-ScR protocol, with eligibility criteria based on language, publication type, relevance to cryptocurrency fraud, and evidence provided. Researchers screened 391 academic records, 106 of which went on to the eligibility phase, and 63 of which were ultimately analysed. We screened 394 grey literature sources, 128 of which passed on to the eligibility phase, and 53 of which were included in our review. The expert consensus exercise was attended by high-profile participants from the private sector, government, and academia. It involved problem planning and analysis activities and discussion about the future of cryptocurrency crime. Results: The academic literature identified 29 different types of cryptocurrency fraud; the grey literature discussed 32 types, 14 of which were not identified in the academic literature (i.e., 47 unique types in total). Ponzi schemes and (synonymous) high yield investment programmes were most discussed across all literature. Participants in the expert consensus exercise ranked pump-and-dump schemes and ransomware as the most profitable and feasible threats, though pump-and-dumps were, notably, perceived as the least harmful type of fraud. Conclusions: The findings of this scoping review suggest cryptocurrency fraud research is rapidly developing in volume and breadth, though we remain at an early stage of thinking about future problems and scenarios involving cryptocurrencies. The findings of this work emphasise the need for better collaboration across sectors and consensus on definitions surrounding cryptocurrency fraud to address the problems identified

FedAccounts: Digital Dollars

We are entering a new monetary era. Central banks around the world— spurred by the development of privately controlled digital currencies as well as competition from other central banks—have been studying, building, and, in some cases, issuing central bank digital currency (“CBDC”). Although digital fiat currency is one of the hottest topics in macroeconomics and central banking today, the discussion has largely overlooked the most straightforward and appealing strategy for implementing a U.S. dollar-based CBDC: expanding access to bank accounts that the Federal Reserve already offers to a small, favored set of clients. These accounts consist of entries in a digital ledger—like other digital currencies—and are extremely desirable, offering high interest, instant payments, and full government backing with no limit. But U.S. law restricts these accounts to an exclusive clientele consisting primarily of banks. Privileged access to these accounts creates a striking asymmetry at the core of our monetary framework: government-issued physical currency is available to all, but government-issued digital currency (in the form of central bank accounts) is not. This dichotomy is unwarranted. Congress should authorize the Federal Reserve to give everyone—individuals, businesses, and institutions—the option to maintain accounts at the central bank. We call these accounts FedAccounts. Unlike the CBDC approaches currently under discussion, which would use complicated and inefficient distributed ledger technology and be walled off from the existing system of money and payments, FedAccounts would be seamlessly interoperable with the mainstream payment system, relying on technologies that the Federal Reserve has used for decades