by Given SHINGANGE
INTRODUCTION
South Africa’s cybersecurity landscape has been marred by a series of high-profile cyber-attacks and data breaches in recent years, underscoring the urgent need for robust cybersecurity measures. In June 2024, the National Health Laboratory Service (NHLS) was hit by a devastating ransomware attack that disrupted critical health services and compromised the data of millions of public health patients[1]. Just a month later, Sibanye-Stillwater[2], a leading multinational mining and metals processing group, suffered a cyber-attack that affected its global IT systems, highlighting the vulnerabilities within the private sector[3]. These incidents, among many others, reveal a troubling trend. South Africa’s cybersecurity defences are inadequate, leaving both public and private sectors vulnerable to increasingly sophisticated cyber threats. It is important to note that these are just some of the incidents that are in the public eye as reported in the media.
Private Sector Data Breaches
| Organization | Date | Impact | Cause | Conviction/Outcome |
| Experian South Africa | August 2020[4] & Nov 2023[5] | 24 million South Africans, 800,000 businesses | Fraudster masqueraded as client | Suspected fraudster arrested |
| ViewFines[6] | May 2018 | 1 million personal records | Server maintenance error | No known convictions |
| Master Deeds (Jigsaw Holdings)[7] | October 2017 | 60 million unique records | Data exposed on public server | No known convictions |
| Life Healthcare Group | June 2020[8] | Admissions, processing systems, email servers | Cyber-attack | No known convictions |
| Transnet | July 2021[9] | IT systems crippled; operations impacted | Ransomware attack | No known convictions |
| Dis-Chem | May 2022[10] | 3.6 million personal records | Cyber-attack | No known convictions |
| Sibanye Stillwater | July 2024[11] | Employee and contractor data | Cyber-attack | No known convictions |
| TransUnion | March 2022[12], November 2023[13] | 54 million personal records | Ransomware attack | No known convictions |
Government Sector Data Breaches
| Organization | Date | Impact | Cause | Conviction/Outcome |
| SA Department of Justice and Constitutional Development | September 2021[14], Mat 2024[15] | 1,200+ confidential files | Ransomware attack | No known convictions |
| City Power (Johannesburg) | July 2019[16] | Power supplies disrupted | Ransomware incident | No known convictions |
| South African National Defence Force (SANDF) | August 2023[17] | Potentially massive data breach | Claimed by Snatch threat group[18] | No known convictions |
| Government Employees Pension Fund (GEPF) | July 2023, March 2024[19] | 668GB of data leaked | Ransomware attack | No known convictions |
As South Africa approaches the 10-year anniversary of its National Cybersecurity Policy Framework (NCPF)[20] in 2025, it is crucial to assess the progress made and challenges faced in implementing this critical policy. This review examines the NCPF’s objectives, achievements, shortcomings, and the role of the Cybersecurity Response Committee (CRC), while also considering the evolving cyber threat landscape and the need for urgent action from policymakers.
Background and Objectives of the NCPF
The NCPF was approved by the South African Cabinet in 2012[21] and officially published by the Minister of State Security in December 2015. This marked the formal adoption of a national cybersecurity policy framework aimed at addressing the identified challenges and achieving the outlined objectives.
The State Security Agency [22](SSA) was designated[23] with overall responsibility and accountability for the coordination, development, and implementation of cybersecurity measures in the country. This centralized approach was intended to streamline efforts and ensure effective management of cybersecurity initiatives.
The comprehensive policy document was aimed at addressing the growing threats in cyberspace[24]. The key objectives of the NCPF include:
- Centralizing coordination of cybersecurity activities
- Fostering cooperation between government, private sector, and civil society
- Promoting international cooperation
- Developing requisite skills and research capacity
- Promoting a culture of cybersecurity
- Ensuring compliance with appropriate technical and operational cybersecurity standards
The NCPF was implemented to address the growing cyber threats, regulatory and institutional gaps, and the need for a coordinated national approach to cybersecurity. The NCPF was designed to provide a framework for South Africa to respond effectively to cyber-attacks and build a robust national cybersecurity posture. However, a decade later, the implementation of this policy has fallen short of expectations, leaving the country vulnerable to increasingly sophisticated cyber threats. It is still debatable if whether had the NCPF been fully implemented, would that have made the country safer. This question is important because the assumption that the only problem with the country’s cybersecurity status should be attributed to the implementation of NCPF may be incorrect. However, this review focuses on the implementation of the NCPF as is.
LIMITED PROGRESS AND PERSISTENT CHALLENGES
Despite the NCPF’s ambitious goals, progress in implementing its provisions has been slow and inconsistent. It is difficult to really gauge the progress as there is not much out there that tells us how far the implementation has been. Several key areas of concern include:
- Lack of a National Cybersecurity Strategy
One of the most glaring omissions is the absence of a comprehensive national cybersecurity strategy, which should have been developed based on the NCPF’s guidelines[25]. This absence leaves South Africa without a clear roadmap for addressing cyber threats at a national level.
A national[26] cybersecurity strategy is crucial for safeguarding a country’s national interests, including its economic stability, national security, and public safety. By implementing robust cybersecurity measures, a country can protect critical infrastructure, sensitive data, and financial systems from cyber threats, thereby fostering a secure environment for economic growth and innovation.
This strategy not only mitigates risks but also enhances public trust and international cooperation. In South Africa, the commitment to cybersecurity aligns with the Medium-Term Strategic Framework (MTSF)[27] goal that “all people are and feel safe,” ensuring a resilient and secure digital landscape for all citizens.
- Inadequate Critical Infrastructure Protection
The failure to identify and protect national critical information infrastructure remains a significant vulnerability. Without a clear understanding of which systems and networks are most crucial to national security and economic stability, it becomes challenging to allocate resources effectively for their protection[28].
South Africa faces significant challenges due to inadequate Critical Infrastructure Protection, particularly concerning its National Critical Information Infrastructure (NCII). As defined in the National Cybersecurity Policy Framework (NCPF), NCII encompasses all ICT systems, data systems, databases, networks, and related assets fundamental to the effective operation of the Republic[29].
The country struggles with protecting these vital systems from cyber threats, physical attacks, and infrastructure[30] failures[31]. This vulnerability exposes South Africa to risks of service disruptions, economic losses, and national security breaches[32]. The lack of a comprehensive, risk-based approach to NCII protection, coupled with insufficient resources and coordination among stakeholders, hinders the country’s ability to safeguard its critical infrastructure effectively[33] [34].
- Regulatory Gaps
The private sector operates with limited oversight due to the absence of cybersecurity laws and regulations. This regulatory vacuum creates inconsistencies in cybersecurity practices across industries and potentially exposes critical sectors to increased risk[35].
The absence of comprehensive cybersecurity laws and regulations in South Africa creates significant vulnerabilities in the private sector’s digital infrastructure. Without proper oversight, companies are left to self-regulate their cybersecurity practices, leading to inconsistent standards across industries.
This regulatory vacuum not only allows some businesses to underinvest in cybersecurity measures, potentially exposing critical sectors to increased risk of cyberattacks. It also creates an environment where unscrupulous entities may exploit the situation. They could offer subpar cybersecurity services or products, taking advantage of the limited accountability and further exacerbating the cybersecurity challenges we face.
Additionally, the absence of clear guidelines makes it challenging for well-intentioned companies to benchmark their security practices effectively. This regulatory gap not only heightens the risk of successful cyberattacks but also hampers South Africa’s ability to build a resilient digital economy[36] [37].
- Skills Shortage
Despite the NCPF’s emphasis on capacity building, South Africa continues to face a severe shortage of cybersecurity professionals. This skills gap hampers the country’s ability to defend against and respond to cyber threats effectively[38].
The global cybersecurity skills shortage exacerbates this issue, with an estimated worldwide shortfall of 3.5 million professionals by 2025[39]. In South Africa, 40% of companies struggle to recruit and retain cybersecurity talent, while 64% agree that the shortage creates additional cyber risks[40]. This scarcity of skilled professionals leaves South African organizations vulnerable to attacks, with 86% experiencing multiple breaches partially attributed to a lack of cybersecurity skills.
The shortage also impacts the country’s ability to implement and maintain robust security measures across its digital infrastructure. As cyber threats continue to evolve, particularly with the advent of AI-powered attacks, closing the skills gap becomes crucial for South Africa’s organizational and national security[41].
- Inadequate Coordination
The centralized coordination of cybersecurity activities, as envisioned by the NCPF, has not been fully realized. This lack of coordination leads to fragmented efforts and inefficient use of resources in combating cyber threats[42].Several factors contribute to this implementation gap.
Firstly, the designation of the State Security Agency (SSA) as the lead department for NCPF implementation has raised concerns among private sector stakeholders. The SSA’s primary focus on national security and intelligence gathering may not align well with the broader cybersecurity needs of businesses and civil society[43] [44].
This misalignment has led to a trust deficit between the public and private sectors, hindering effective collaboration. Additionally, the complex coordination mechanisms outlined in the NCPF, involving multiple government departments and agencies, have proven difficult to manage effectively[45]. Interministerial rivalries and the historical challenges of cross-departmental cooperation in South Africa further complicate this issue.
The lack of transparency in some cybersecurity activities, often shrouded in unnecessary secrecy, has also impeded meaningful private sector engagement. Moreover, resource constraints and skills shortages within government agencies, particularly in the SSA, have limited their capacity to drive and coordinate national cybersecurity efforts effectively[46]. The private sector, which owns and operates much of the country’s critical information infrastructure, has expressed frustration at the slow pace of implementation and the perceived lack ofpractical guidance from the government[47]. Thesechallenges collectively undermine the NCPF’s goal of fostering a cohesive, multi-stakeholder approach to cybersecurity in South Africa.
THE ROLE OF THE CYBERSECURITY RESPONSE COMMITTEE (CRC)
The Cybersecurity Response Committee (CRC) was established as a key component of the NCPF to oversee and coordinate national cybersecurity efforts. According to the NCPF, the CRC’s responsibilities include:
- Implementing cybersecurity measures and initiatives
- Coordinating cybersecurity activities across government departments and agencies
- Advising the government on cybersecurity matters
- Facilitating the development of sector-specific Computer Security Incident Response Teams (CSIRTs)
- Promoting cybersecurity awareness and education
However, the effectiveness of the CRC in fulfilling these roles has been limited. The committee has struggled to assert its authority and drive meaningful progress in national cybersecurity initiatives. This underperformance can be attributed to numerous factors, including resource constraints, lack of clear mandate enforcement, and insufficient engagement with relevant stakeholders[48].
Evolving Cyber Threat Landscape
Since the NCPF’s approval in 2015, the global cyber threat landscape has evolved significantly. South Africa has witnessed a dramatic increase in cyber-attacks, particularly in the wake of the COVID-19 pandemic. Some notable trends include:
- Ransomware Surge: South Africa has become a prime target for ransomware attacks, ranking as the eighth most targeted country globally for such incidents[49].
Critical Infrastructure Attacks: High-profile cyber-attacks on critical infrastructure, such as the 2021 incident affecting Transnet (a state-owned transportation company), have highlighted the vulnerability of essential services.
- Data Breaches: Large-scale data breaches, like the 2020 incident that compromised the information of twenty-four million South Africans, underscore the need for stronger data protection measures.
- Sophisticated State-Sponsored Attacks: The increasing prevalence of advanced persistent threats (APTs) and state-sponsored cyber espionage campaigns poses new challenges for national security.
CONCLUSION
As South Africa faces an increasingly complex and dangerous cyber threat landscape, the shortcomings of the NCPF implementation over the past decade have left the country vulnerable. The approaching 10th anniversary of the framework’s approval should catalyse urgent action from policymakers.
Rather than celebrating progress, this milestone should prompt a critical reassessment of South Africa’s cybersecurity posture and a renewed commitment to implementing effective measures.
The country must do away with a piecemeal approach to cybersecurity, relying on outdated frameworks and unimplemented policies.
Policymakers must prioritise cybersecurity as a matter of national security and economic stability. This requires updating the NCPF to address current threats and ensuring its full implementation through adequate funding, clear accountability measures, and strong political will.
South Africa can significantly enhance its cybersecurity posture by establishing a dedicated national cybersecurity agency and adopting a more structured and collaborative approach.
By taking decisive action now, South Africa can bridge the gap between policy and practice, building a resilient cybersecurity ecosystem that protects its citizens, businesses, and critical infrastructure from ever-evolving cyber threats. The time for complacency has long passed – the next decade must be one of concrete action and measurable progress in South Africa’s cybersecurity journey.
RECOMMENDATIONS
- Establish a Dedicated National Cybersecurity Agency
Create an independent national cybersecurity agency with a clear mandate to oversee all aspects of cybersecurity. This agency should have the authority and resources to coordinate efforts across public and private sectors, fostering better collaboration and trust.
- Develop a Comprehensive National Cybersecurity Strategy
Prioritize the development and implementation of a robust national cybersecurity strategy. This strategy should align with the NCPF’s objectives and be adaptive to address both current and emerging cyber threats. It should include clear goals, timelines, and performance indicators.
- Identify and Protect Critical Infrastructure
Conduct a thorough assessment to identify national critical information infrastructure. Develop and implement specific protection measures for these assets to ensure their resilience against cyber threats.
- Enhance the Regulatory Framework
Strengthen the existing regulatory framework by developing and enforcing comprehensive cybersecurity regulations. These regulations should provide clear guidelines for both public and private sector organizations, ensuring a consistent and unified approach to cybersecurity across all industries.
- Invest in Skills Development
Allocate significant resources to cybersecurity education and training programs. This investment is crucial to address the current skills shortage and to build a capable workforce that can effectively defend against sophisticated cyber threats.
- Strengthen Coordination Mechanisms
Empower the Cybersecurity Response Committee (CRC) or establish a new coordinating body with the necessary authority and resources. This body should be responsible for overseeing national cybersecurity efforts, ensuring a coordinated and proactive approach to threat management.
- Promote International Cooperation
Actively engage in international cybersecurity initiatives and partnerships. Sharing best practices, intelligence, and resources with global partners is essential for combating cyber threats that transcend national borders.
- Regular Policy Review and Update
Implement a mechanism for the regular review and update of the NCPF. This will ensure that the framework remains relevant and effective in addressing the evolving landscape of cyber threats.
[1] https://therecord.media/south-africa-national-health-laboratory-service-ransomware-recovery
[2] https://mybroadband.co.za/news/security/544063-south-african-mining-giant-hacked.html
[3] https://www.itweb.co.za/article/sibanye-stillwater-suffers-cyber-attack-on-global-it-systems/LPp6VMrB2BLMDKQz
[4] https://www.infosecurity-magazine.com/news/experian-data-breach-24-million/
[5] https://www.businesslive.co.za/bd/national/2023-11-23-hackers-demand-60m-from-transunion-and-experian-claiming-data-theft/
[6] https://www.citizen.co.za/news/massive-data-leak-affects-nearly-one-million-south-africans/
[7] https://mybroadband.co.za/news/security/234790-massive-south-african-data-leak-now-over-75-million-records-at-risk.html
[8] https://www.reuters.com/article/technology/south-africas-life-healthcare-hit-by-cyber-attack-idUSKBN23G0MY/
[9] https://www.silicon.co.uk/security/cyberwar/transnet-ransomware-attack-408791
[10] https://www.itweb.co.za/article/over-36m-records-exposed-in-dis-chem-cyber-attack/PmxVE7KEABOqQY85
[11] https://www.moneyweb.co.za/news/tech/sibanye-stillwater-hit-by-global-cyber-attack/#:~:text=Multi%2Dnational%20mining%20group%20Sibanye,became%20aware%20of%20the%20incident.
[12] https://businesstech.co.za/news/cloud-hosting/569658/transunion-cyber-attack-hackers-demand-r225-million-ransom/
[13] https://www.itweb.co.za/article/hackers-demand-r11bn-ransom-from-transunion-experian/DZQ58MV8ymzvzXy2
[14] https://www.news24.com/news24/southafrica/news/justice-departments-it-system-brought-down-in-ransomware-attack-20210909
[15] https://www.itweb.co.za/article/justice-department-suffers-another-cyber-attack/rW1xLv5nJkx7Rk6m
[16] https://www.securitymagazine.com/articles/90618-city-power-hit-by-ransomware-attack
[17] https://www.dailymaverick.co.za/article/2023-09-06-snatched-sandf-data-leaked-in-cyberattack-appears-to-be-authentic-say-cybersecurity-analysts/
[18] https://krebsonsecurity.com/2023/09/a-closer-look-at-the-snatch-data-ransom-group/
[19] https://www.dailymaverick.co.za/article/2023-09-06-snatched-sandf-data-leaked-in-cyberattack-appears-to-be-authentic-say-cybersecurity-analysts/
[20] https://www.gov.za/sites/default/files/gcis_document/201512/39475gon609.pdf
[21] https://carnegieendowment.org/research/2024/01/south-africas-cyber-strategy-under-ramaphosa-limited-progress-low-priority?center=global&lang=en
[22] https://carnegieendowment.org/research/2024/01/south-africas-cyber-strategy-under-ramaphosa-limited-progress-low-priority?center=global&lang=en
[23] 16.2 of the NCPF states the “The Ministry of State Security and the State Security Agency (SSA) has overall responsibility and accountability for coordination, development, and implementation of Cybersecurity measures in the Republic as an integral part of its National Security mandate. 16.5 that deals with the responsibility of the Department of Defence and Military Veterans states that “The Department of Defence and Military Veterans (DOD&MV) has overall responsibility for coordination, accountability and implementation of cyber defence measures in the Republic as an integral part of its National defence mandate. To this end, the Department will develop policies and strategies pursuant to its core mandate” https://www.gov.za/sites/default/files/gcis_document/201512/39475gon609.pdf
[24] https://www.gov.za/sites/default/files/gcis_document/201512/39475gon609.pdf
[25] https://www.gov.za/documents/national-cybersecurity-policy-framework-4-dec-2015-0000
[26] https://www.itu.int/en/ITU-D/Cybersecurity/Documents/National_Strategies_Repository/approved%20botswana-national-cybersecurity-strategy.pdf
[27] https://www.gov.za/speeches/justice-crime-prevention-and-security-clusters-media-briefing-statement-13-dec-2015-0000
[28] https://www.coe.int/en/web/octopus/-/south-africa
[29] https://www.itu.int/en/ITU-T/Workshops-and-Seminars/cybersecurity/Documents/PPT/S4P1_Pillay_KiruV2%20.pdf
[30] https://issafrica.org/iss-today/critical-infrastructure-attacks-why-south-africa-should-worry
[31] https://www.moonstone.co.za/critical-infrastructure-blackouts-are-sa-corporates-biggest-worry/
[32] https://researchspace.csir.co.za/dspace/bitstream/handle/10204/12557/RS_26178_Systemic%20approaches%20to%20critical%20infrastructure%20risk%20and%20security%20capabilities%20Nov%202022.pdf?isAllowed=y&sequence=1
[33] http://www.scielo.org.za/scielo.php?pid=S1727-37812013000100015&script=sci_arttext
[34] https://theconversation.com/south-africa-needs-stronger-security-in-place-to-stop-the-sabotage-of-its-power-supply-187889
[35] https://scielo.org.za/scielo.php?pid=S2077-72132021000200003&script=sci_arttext
[36] https://www.michalsons.com/focus-areas/information-technology-law/information-security-law/cybersecurity-bill-in-south-africa-overview
[37] https://www.fanews.co.za/article/technology/41/general/1204/south-africa-needs-to-become-more-stringent-with-its-cyber-security-enforcement/39366
[38] https://carnegieendowment.org/research/2024/01/south-africas-cyber-strategy-under-ramaphosa-limited-progress-low-priority?center=global&lang=en
[39] https://www.techtarget.com/searchsecurity/tip/Cybersecurity-skills-gap-Why-it-exists-and-how-to-address-it
[40] https://www.itweb.co.za/article/south-africa-under-pressure-to-fill-cyber-security-skills-gap/DZQ587V8bjrqzXy2
[41] https://cybermagazine.com/articles/fortinet-cyber-survey-shows-global-scope-of-skills-gap
[42] https://www.researchgate.net/figure/National-cybersecurity-governance-structure-in-South-Africa_fig1_348114418
[43] https://www.jstor.org/stable/27199954
[44] https://scielo.org.za/scielo.php?pid=S2077-72132017000100005&script=sci_arttext
[45] https://scielo.org.za/scielo.php?pid=S2077-72132017000100005&script=sci_arttext
[46] https://carnegieendowment.org/research/2024/01/south-africas-cyber-strategy-under-ramaphosa-limited-progress-low-priority?center=global&lang=en
[47] https://www.coe.int/en/web/octopus/-/south-africa
[48] https://www.oliverwyman.com/our-expertise/insights/2023/aug/south-africa-protect-cyber-infrastructure.html
[49] https://bizmag.co.za/sas-cybercrime-trends-to-watch-in-2024/
Come dinnertime, the intimate group of guests was first ushered into the foyer for a staircase performance in which Broadway actors and dancers personified Davenport’s star ingredients.
Capes came to town several years ago and then dwindled away again, but if you loved the look you’re in luck as it’s back for autumn. Female empowerment has been at the forefront of people’s thoughts, the news and social media, especially with more and more discussions about closing the gender pay gap happening throughout the world. Seen at the likes of Erdem, Missoni and Isabel Marant, it’s going to be a key piece to own.
Exclusive Daily Sale
What was really interesting about fashion at that time was the way rock ’n’ roll heroes like Jimmy Page, Marc Bolan and David Bowie blended the genders so beautifully. It’s really relevant today. So in those days, the guys were all wearing their girlfriends’ clothes and digging through their wardrobes wearing their flares and their scarves and their blouses.
What you can buy
& Other Stories
Flowy Wrap Midi Dress (£69)
So when I look at my fashion icons from the ’60s and ’70s, they’re all men, but it’s the idea of women who are dressing like those men who are wearing their girlfriends’ clothes
Treat the idea like a game.
Fans were delighted by the funny video, with one writing: “This is priceless,” while another added: “She is the best!” However, one fan was quick to point out an inconsistency with the series, as Monica and Chandler had in fact moved out of that apartment by the series finale, and wrote: “That’s not your home anymore, you moved with Chandler.”
Although there doesn’t seem to be much hope of a Friends reunion episode any time soon, the creator of Friends recently opened up about what the characters would be up to these days, and revealed whether he thought Ross and Rachel’s relationship would last the test of time.
Mining diamonds has a host of possible negative side effects, including displacing the land, wasting water, polluting the air and having an effect on the living conditions of the local communities, as well as being linked to the funding of war. Laboratory-grown diamonds, however, have a far more ethical and sustainable footprint.
We have collated five of the best brands that use only lab-grown diamonds, so the next time you are treating yourself or someone else to something sparkly, you can be sure that your conscious is clean.
If you talk about it, it’s a Dream, if you Envision it, it’s a Possible, but if you are Schedule it, it’s Real.
Tony Robbins
Spring is finally here—even though it doesn’t really feel like it, with temperatures hovering at just about freezing for much of the country. But, if the power of positive thinking works for mastering the problems of everyday living, who says the power of positive decorating can’t do the same?
She’s also sporting a khaki puffer jacket from The Arrivals–”It’s peak street style chic 101″–to stay cozy in the harsh New York City winter. Her gold-toned, cat-eyed sunglasses are from Jimmy Choo and she picked up her Jenny Bird hoop earrings from Intermix.
- “I was talking to the designer behind Seville Michelle, and I told her [that] her chokers are amazing, and she literally gave me this off her neck. I’ve worn it religiously ever since,” says Lenise of her two-tone necklace.Related StoryHandbags Are Getting Smaller and Smaller
- For Christmas, Lenise’s husband gifted her a green suede mini bag from Jacquemus. “When he got it in the mail, he was going to send it back because he didn’t realize it was supposed to be this tiny,” Lenise says with a smile. She appreciates that she can rock the bag as a crossbody, fanny pack style across her waist, or carry it as a handle bag.
Characters
Although there doesn’t seem to be much hope of a Friends reunion episode any time soon, the creator of Friends recently opened up about what the characters would be up to these days, and revealed whether he thought Ross and Rachel’s relationship would last the test of time.
Everything you Need to Know
Spring your mind forward with a lilac flower-inspired pot or, if real flowers are more your thing, a barely-there vase lets nature take center
Thankfully, we have an insider who gave us some valuable tips on how to shop it expertly so you can get there first (and find the pieces you’ve been eyeing up all season).
First up, you need to know that Zara’s sales start online at 10 p.m. the day before the in-store sale begins. Right now, there isn’t a sale on the site, but that only means you have loads of time to prep before the big mid-season sale.stage.
Read more
- Opinion: Learning from the Shadows: Recruitment Issues and Early Retirement in Intelligence
- A Review of South Africa’s National Cybersecurity Policy Framework: Progress and Challenges After Nearly a Decade
- The Looming Shadow of Cognitive Warfare: A Potential Threat to the 2024 South African Elections
You’re a really good writer. Very interesting story, written really well.