South Africa’s leading telecommunication operators, including MTN SA, Vodacom, Telkom SA, Cell C and Liquid Intelligent Technologies have joined forces to establish a non-profit organisation, the Communication Risk Information Centre (COMRiC), which seeks to better protect their network investments and advance the country’s participation in the Fourth Industrial Revolution.

COMRiC will primarily focus on the sector’s collective identification, mitigation and prevention of the common risk issues within the industry with a key focus for 2022 centred on critical infrastructure network vandalism, commercial crimes and cyber security.

COMRiC’s CEO Vernall Muller said: “The formation of COMRiC has enabled formal discussion and solution finding between operators to handle the risks they face. It has also created a platform through which we will engage society on issues of related crime and support government in the overall fight against crime in South Africa.”

Muller says that noticeably, over the last two years especially, the criminal gaze has shifted to the South African telecommunications operators. The economic impact of the COVID-19 pandemic and the advent of load-shedding and related power cuts are factors that have contributed to this upsurge.

Vulnerable to attack

“Telecommunications infrastructure which is the backbone of the information age is particularly vulnerable to attack and this escalating crime has translated into loss of service and network integrity,” says Muller.

Asked how the organisation plans to ensure cooperation between its members, Muller told ITWeb Africa explained the organisation’s working model and said where common risk is identified, working teams will be created to realise the risk mitigation by co-creating solutions.

“The key benefit being that collectively operators can better address the risk issues. Where (there is) a need to create a working group, COMRiC will use the target operating model to manage the business relationship. Subject matter experts within the different operators will always hold the capability and capacity to co-create the solutions e.g. IT specialists for cybercrime risk issues, Investigators for battery theft or regulatory lawyers for unauthorised porting of customers.”

He added that there is a Business Relationship System in place to manage the collaboration between operators i.e. ISO 44001: Collaborative Business Relationship Framework.

The system will focus on the following:

1. Operational awareness - Creating the vision, values, leadership and objectives for the risk engagement initiative.

2. Knowledge - Identify the approach, outcomes of the risk engagement initiative. Prepare the business cases and develop the implementation plan.

3. Internal assessment - Establish policies and processes to create the capability and environment to collaborate effectively. Assess Operators capability to support the risk engagement initiative.

4. Partner selection - Identify potential partners and obtain agreement for the collaborative approach to begin. E.g. engage National Police to get agreements on industry investigations.

5. Working together - The participating Operators shall establish and agree a formal foundation for joint working, including contractual frameworks or agreements, roles, responsibilities and ethical principles.

6. Value creation - A process will be established between operators’ subject matter experts to identify areas of improvement, learnings and how to apply it at their own Operator.

7. Staying together - Management of the joint relationship, monitor behaviour and trust indicators and work towards issue resolution.

8. Exit strategy activation – If the joint management team agrees that the controlled disengagement process is to commence, a joint exit strategy shall be deployed.

“As COMRiC we strive to create risk mitigation value for all operators, which is a key requirement of the competition law. Further, one of the key requirements on the formation of COMRiC was to create a compliance framework to address any operating risk issues when operators engage each other on the issues of collective risk management within the telecommunication industry. To ensure proper governance COMRiC’s board is headed by an independent chairman. A framework that guides collaboration, rules of engagement and data integrity is already in place. As such, COMRiC is confident that it will be able to carry out its mandate without interference,” Muller added.

Collaboration between SA’s Network operators, to fight theft and network infrastructure vandalism, has resulted in the establishment of the Critical Infrastructure Monitoring Operations Centre (CiMOC) that operates under the newly formed COMRiC structure.

The CiMOC will prioritise the collective monitoring of critical network infrastructure theft and vandalism across the combined South African telco network footprint. This includes working closely with the SAPS to identify and apprehend suspects in network vandalism, store robberies, battery theft and fraudulent application scenarios including commercial crimes among other things.

Muller said, “The industry recognises that criminals do not discriminate when it comes to which network, they target. As such, collective working as the Telecommunication Industry provides benefits in terms of risk management for all operators irrespective of market share. The opportunity exists for creating a safer environment that may lead to uninterrupted customer experience in the telecommunication space.”