[6 November 2025]
CASA is surveying individual licence holders (IECS | IECNS) to evaluate the ICT sector’s current cybersecurity readiness. The questionnaire, which must be completed by 16:00 on 21 November 2025, covers key areas including:
- Organizational Capacity
- Preventative Measures
- Detection & Monitoring
- Response & Recovery
- Consumer-Focused Protections
- Future Preparedness
- SIM Registration Security
Questionnaire: https://forms.office.com/Pages/ResponsePage.aspx?id=Sm6YN8QvTEqAncCBGwIx2rmqyEdDDGpLpl5ZrqnNuQBUNUtQTVRJMTdFM0NaOVZMUEtYSjgwODEzMi4u
ICASA is empowered to request information reasonably required to perform its functions. Full participation ensures an accurate, fair and sector-wide evidence base. Partial participation weakens the collective picture and may lead to less tailored outcomes.
[18 December 2023]
The National Security Agency (NSA) has begun preliminary discussions on a new Cybersecurity Bill, with a workshop planned for mid-January 2024.
[10 November 2022]
A private member’s bill introduced by the Liberty Alliance seeks to amend the Constitution to establish the office of a Cyber Commissioner. This role would be a Chapter 9 institution, similar to the Public Defender, with a five-year term and broad authority over cybersecurity matters, including data interception and monitoring.
Download the Draft Cyber Commissioner Bill PDF
[4 July 2021]
The Cybersecurity Hub within the Department of Communications and Digital Services has launched a Cybersecurity Awareness Portal that offers valuable resources and information.
[30 March 2019]
The Communications Authority has released its findings on the potential roles and responsibilities it might have in cybersecurity, particularly in relation to electronic communication services and network service providers.
Findings and Position Paper on the Role of the Communications Authority in Cybersecurity
The key points are as follows:
- There were differing opinions on the Authority’s role in cybersecurity. It has decided to take on a limited role, focusing mainly on consumer protection.
- The Authority believes its mandate under the Electronic Communications Act (ECA) is confined to network reliability and information security, with the latter not being clearly defined in the ECA.
- The Authority will collaborate with other organizations involved in cybersecurity to avoid duplication and ensure clear role demarcation. It will also participate in research and development within the ICT sector and collaborate with relevant institutions and government departments like Communications and Justice. The Authority will advise the Minister on policy matters and amendments to the ECA.
- Regarding standards setting, the Authority will work with the Departments of Communications and Justice, as well as the industry, to identify appropriate standards for South Africa, guided by international standards from bodies like the ITU. These standards may include consumer protection aspects, such as providing choices about whether location services are automatically enabled on new cell phones.
- This concludes the Authority’s involvement in the cybersecurity process.
[2 January 2019]
The following written submissions were provided to the Communications Authority in response to its inquiry on its potential involvement in cybersecurity:
[21 December 2018]
The Communications Authority will hold public hearings on the “Roles and Responsibilities of the Communications Authority in Cybersecurity” following submissions on the discussion document. The hearings will take place on 17 and 18 January 2019 at the Authority’s headquarters in Centurion. The schedule is available via the link below:
[4 October 2018]
The Communications Authority has issued a discussion document seeking stakeholder input on whether it should play a role in cybersecurity, specifically regarding:
- Private sector collaboration and industry regulation
- Capacity building
- Research and development
- Cybersecurity standards regulation
Inquiry into the Role and Responsibilities of the Communications Authority in Cybersecurity
Discussion Document for Public Comments on the Regulator’s Role in Cybersecurity
The deadline for comments is 16:00 on 30 November 2018. Submissions should be sent to Ms. Violet Letsiri, Senior Manager: Social Policy for ICT Services, via email at vletsiri@icasa.org.za.
[31 May 2018]
The Cybersecurity Hub within the Department of Telecommunications and Postal Services has published a Cyber Readiness report. This report marks the beginning of a broader effort to fulfill the National Cybersecurity Policy Framework’s objectives. It provides a baseline assessment of South Africa’s cybersecurity readiness and aims to enable the Hub to coordinate information and provide support during cybersecurity incidents.