The Question was referred to the Electoral Commission which responded as follows:
The Electoral Commission has implemented security and access control policies aimed at mitigating the risk of espionage and cyber attacks. These include the following:
- Access controls – Access to information is controlled and made available on a need to know basis;
- Security Firewalls – Implemented modern and latest security protection and monitoring systems and devices;
- Implemented 24*7/365 real-time monitoring of all security requirements including hacking or attempted hacking, software viruses, malware, etc.
- Use network segmentation to limit access;
- Employs and/or contracts only South African professionals in its ICT department;
- Occasionally commissions an independent audit of the network and data security, in addition to regular security assessment audits by the Internal Audit and the Office of AGSA;
- Commissions a separate parallel SOC (security operations centre) during major electoral events such as elections; and
- Has an added filtering later at its ISP (Internet Service Provider).