The social issues involved in security are a growing problem – and corporate South Africa has an obligation to become more involved in this area. 

Clint Carrick, CEO, Carrick Holdings, points out that the IT security market continues to be influenced by issues like social engineering, identity theft and compliance with legislation. And corporate South Africa should associate IT security with more than just efforts to protect the business against external threats.
"Traditionally, this segment of the market has been largely defined by policy creation and implementation," he says.
"The main objective of formulating and integrating this policy has been to organise a united front to fend off threats such as viruses, worms, spam and Trojan Horses.
"At the same time policy addresses specific practical, operations-focused procedures regarding the security of systems. It is inextricably linked to corporate governance and serves as a reference guide to monitor the role played by technology and people."
This is especially relevant given the need for businesses to comply with legislation, Carrick adds.
However, the main thrust of security programmes has been to safeguard the integrity of data – and decision-makers are prepared to invest in technology to meet this business requirement.
"But IT security is no longer limited to securing systems and implementing anti-virus," he says. "Innovation in applications, an increase in volume and variety of digital devices and the surge in electronic communication and networks has impacted on the growth of the sector.
"In many ways IT security now mirrors the ongoing focus on personal security and has evolved to incorporate far more than just hardware, software and unfolding information wars in cyber space."
Cyber criminals have been quick to develop their techniques and improve their modus operandi in order to capitalise on the convergence of digital devices with online technology, Carrick adds.
"As such, businesses and individuals need to seriously consider the risks associated with realtime communication. These risks find form in threats such as smishing and phising, both of which rely on social engineering tactics to gain advantage over victims."
It is disturbing to note the visible rise in digitally-based, socially-executed attacks, he says.
"There have been several reports of late of school children being physically assaulted while fellow pupils record the attack and review & swap footage on their mobile phones.
"Authorities recently captured a man who is charged with the kidnapping and alleged sexual assault of a teenager after he reportedly gained her trust through interaction on a mobile chat service," adds Carrick.
"Online chat rooms and dating services, especially those accessed via cell phones, are often used by individuals to stalk their victims."It is this need for vigilance and scrutiny when using communication technology that compels service providers, technology vendors and resellers to better understand the social side of IT security, he points out.
"The implications of an apathetic approach to this growing problem are worrying given the growth of the mobile and wireless market."