- Title
- A framework to implement information security awareness, education and training within the Limpopo economic development agency group
- Creator
- Mokobane, Ntsewa Benjamin
- Subject
- Computer security
- Subject
- Computer networks -- Security measures Data protection
- Date Issued
- 2019
- Date
- 2019
- Type
- Thesis
- Type
- Masters
- Type
- MPhil
- Identifier
- http://hdl.handle.net/10948/42063
- Identifier
- vital:36622
- Description
- Cybersecurity awareness, education and training of employees is key in reducing and preventing cyber-attack opportunities. The ignorance and/or lack of understanding of employees about the information security risks around them might expose the LEDA Group to cyber-attacks. This led to the problem that the level of awareness of employees regarding information security was not known. The implication of this not knowing was that an argument for the nature of an intervention to ensure awareness, as well as to educate and train employees regarding information security was not possible. The aim of this treatise was to develop a framework as an effective guideline for the implementation of cybersecurity awareness, education and training of employees. In the study, the LEDA Group employees were surveyed to determine their cybersecurity knowledge gap. An online questionnaire was randomly sent to 314 LEDA Group employees. The survey was voluntary and confidential. One hundred and thirty seven (137) employees completed the survey. The results of the survey were analysed to determine the gap between the current cybersecurity knowledge of the LEDA Group employees and state-of-the-art cybersecurity knowledge. The gap was used in the development of the framework for the implementation of the cybersecurity awareness, education and training (F-CSAET). Central to F-CSAET is the governance principles guided by best practices such as King IV, COBIT5, ISO27001, ISO27005, ISO27008 and ISO27032 and the compliance requirements to POPIA, the Copyright Act and the Cybercrimes and Cybersecurity Bill. The F-CSAET has six steps, namely Assess, Analyse, Create, Plan, Implement and Reinforce. The framework was evaluated for applicability by the team called the cyber security interest team, which was established specifically for the purpose of the F-CSAET.
- Format
- ix, 101 leaves
- Format
- Publisher
- Nelson Mandela University
- Publisher
- Faculty of Engineering Built Environment and Information Technology
- Language
- English
- Rights
- Nelson Mandela University
- Hits: 1996
- Visitors: 2178
- Downloads: 320
Thumbnail | File | Description | Size | Format | |||
---|---|---|---|---|---|---|---|
View Details Download | SOURCE1 | MPhil Treatise Final s217885993.pdf | 2 MB | Adobe Acrobat PDF | View Details Download |