- Title
- Guidelines for a job role based approach for Phishing awareness in an academic Institution
- Creator
- Mahonga,Sandisiwe
- Subject
- Identity theft -- South Africa
- Subject
- Computer networks --Security measures
- Date Issued
- 2021-12
- Date
- 2021-12
- Type
- Master's theses
- Type
- text
- Identifier
- http://hdl.handle.net/10948/55855
- Identifier
- vital:54394
- Description
- Phishing attacks have become a perpetual threat to organisations and internet users in general. Phishing websites and emails impersonating well-known entities are launched frequently, with the intent to trick unsuspecting employees to give out sensitive information such as login details to acquire access to corporate networks. Various solutions have been developed to combat Phishing emails from reaching employees and internet users. However, security experts and Phishing attackers are in a race as Phishing attacks are also refined as solutions are developed. Thus, this raises a critical need for security awareness. Reports and Phishing studies have noted that Phishing attacks targeted towards specific job roles have been on the rise. Even though research studies and industry reports provided by organisations dedicated to information security have taken note of this phenomenon, not much guidance, recommendations or guidelines are provided on how Phishing awareness can be provided for the job roles that are most vulnerable to Phishing attacks. Therefore, the problem identified within this research is that there is a need for guidelines for a job role based approach for Phishing awareness. The primary research objective of this study, therefore, is to develop guidelines to aid towards a job role based approach for Phishing awareness. In order to meet the primary research objective, secondary research objectives were defined and met, namely; To determine the current state of Phishing trends facing organisations in relation to the job role of employees; to determine the level of Phishing awareness employees have; to identify security awareness elements from security awareness standards, best practices and frameworks; to integrate the identified security awareness elements from standards, best practices and frameworks including themes identified from the questionnaire results to formulate the proposed guidelines for a Phishing awareness approach that is relevant for the job role of employees in order to the formulate guidelines. 5 Mixed methods were used to achieve this study’s research objectives. The research methods used included a literature review which was used to define and provide an indepth discussion relating to the domain in which this study is contained, namely: Social engineering, Phishing and information security awareness and training. Furthermore, a survey which took the form of a questionnaire, was used ascertain the level of Phishing awareness amongst employees within an academic institution in South Africa. Argumentation was used to argue towards the proposed guidelines. Finally, an elite interview was conducted, in the form of a questionnaire, to evaluate the proposed guidelines. It is envisaged that the guidelines proposed for a job role Phishing awareness approach could assist organisations to equip employees in job roles that are vulnerable Phishing attacks with adequate awareness and training.
- Description
- Thesis (MIT) -- Faculty of Engineering, the Built Environment and Information Technology, School of Information and Communication Technology, 2021
- Format
- computer
- Format
- online resource
- Format
- application/pdf
- Format
- 1 online resource (248 pages)
- Format
- Publisher
- Nelson Mandela University
- Publisher
- Faculty of Engineering, the Built Environment and Information Technology
- Language
- English
- Rights
- Nelson Mandela University
- Rights
- All Rights Reserved
- Rights
- Open Access
- Hits: 652
- Visitors: 702
- Downloads: 80
Thumbnail | File | Description | Size | Format | |||
---|---|---|---|---|---|---|---|
View Details Download | SOURCE1 | Mahonga, S.pdf | 5 MB | Adobe Acrobat PDF | View Details Download |