- Title
- A framework for a cybersecurity policy in South African schools
- Creator
- Mhlaba, Surety Aleta
- Subject
- Computer security -- Government policy -- South Africa
- Subject
- Computer security -- South Africa
- Subject
- Cyber intelligence (Computer security)
- Subject
- Computer security -- South Africa Educational technology -- Security measures
- Date Issued
- 2024-04
- Date
- 2024-04
- Type
- Master's theses
- Type
- text
- Identifier
- http://hdl.handle.net/10948/64651
- Identifier
- vital:73835
- Description
- Today, learners at school grow up within an Information and Communication Technology (ICT) environment and have become technology users. A growing number of learners have access to ICT devices, such as mobile phones, tablets and desktop computers owing to their affordability. Access to ICT devices enables learners to interact in cyberspace which offers them numerous advantages and benefits. Cyberspace enables learners to improve their learning by providing ease of access to information and other learning material. Additionally, it allows them to socialise and to communicate with each without having to be in the same place. Furthermore, it allows them to participate in games, including educational games, to help with their learning. Despite these benefits, learners are prone to falling victim to a range of cyber risks and attacks. These cyber risks and attacks include cyberbullying, accessing inappropriate content and being exposed to sexual grooming. This is due to the fact that cyberspace is an unregulated platform and its complex nature does not make it easy to govern. Thus, there is a need to implement a policy that can govern and educate school learners on how to protect and conduct themselves when accessing cyberspace to avoid and reduce exposure to cyber risks. Countries like the United Kingdom (UK), Australia (AU) and Rwanda (RW) have developed cybersecurity policies to assist schools to develop and implement a cybersecurity policy to create a cybersecurity environment for learners with the support and commitment of the government. These countries continue to implement cybersecurity strategies and advocate for a cybersecurity policy to be implemented in schools to foster a cybersecurity culture. However, this does not seem to be the case for South Africa. The South African education system does not have a standard national cybersecurity policy to be implemented in all schools to handle cyber risks and incidents. The Department of Basic Education (DBE) drafted guidelines to assist schools to implement cybersecurity strategies such as a cybersecurity-related policy; however, these guidelines do not include guidance on how to implement them and they have not been enacted. Because of the lack of commitment from the government to implement a cybersecurity policy at school level, learners continue to be exposed to cyber risks. Hence, it is up to each school to create and implement a cybersecurity policy that is unique to that school to help keep their learners safe. In terms of South African law, schools are ultimately responsible for the safety and well-being of school learners. School Governing Bodies (SGBs) have a legal obligation to ensure that cybersecurity measures are in place to protect learners from cyber risks, especially when schools provide access or expect learners to have and use ICT devices during school hours. However, schools (including SGBs) are ill-equipped to implement cybersecurity initiatives by themselves. They lack knowledge about ICT and are hampered by severe time and financial constraints. This study proposes a framework to assist SGBs in implementing a cybersecurity policy in South African schools. To address this need, the study first performed a literature review to identify the problem area, that schools in South Africa have no cybersecurity policy to guide them and protect school learners from cyber risks. There is a need for cybersecurity policies in schools and the SGBs entrusted with such a responsibility lack the resources and capacity to develop them. Moreover, many schools do not have cybersecurity policies in place to protect school learners if cyber risk incidents occur. This led to identifying research objectives together with research methods to address the problem area. The primary objective is to develop a framework to assist SGBs in implementing a basic cybersecurity policy in South African schools. In order to achieve the primary objective, the study determined cybersecurity policy implementation components and characteristics of cybersecurity policies using the literature review method to obtain the framework design components. Thereafter, cybersecurity-related policies, guidelines and best practices in South Africa and globally were identified and analysed for the school environment through the use of a literature review and qualitative content analysis to obtain cybersecurity policy content suitable for the school environment. Once these actions were performed, the formulation and design of the framework for implementing a basic cybersecurity policy using the relevant policy components and characteristics took place, which resulted in the proposed framework solution.
- Description
- Thesis (MIT) -- Faculty of Engineering, the Built Environment, and Technology, School of Information Technology, 2024
- Format
- computer
- Format
- online resource
- Format
- application/pdf
- Format
- 1 online resource (XXX pages)
- Format
- Publisher
- Nelson Mandela University
- Publisher
- Faculty of Engineering, the Built Environment, and Technology
- Language
- English
- Rights
- Nelson Mandela University
- Rights
- All Rights Reserved
- Rights
- Open Access
- Hits: 239
- Visitors: 244
- Downloads: 36
Thumbnail | File | Description | Size | Format | |||
---|---|---|---|---|---|---|---|
View Details Download | SOURCE1 | Mhlaba, SA.pdf | 4 MB | Adobe Acrobat PDF | View Details Download |