A framework to implement information security awareness, education and training within the Limpopo economic development agency group

Mokobane, Ntsewa Benjamin

Title: A framework to implement information security awareness, education and training within the Limpopo economic development agency group
Creator: Mokobane, Ntsewa Benjamin
Subject: Computer security
Subject: Computer networks -- Security measures Data protection
Date Issued: 2019
Date: 2019
Type: Thesis
Type: Masters
Type: MPhil
Identifier: http://hdl.handle.net/10948/42063
Identifier: vital:36622
Description: Cybersecurity awareness, education and training of employees is key in reducing and preventing cyber-attack opportunities. The ignorance and/or lack of understanding of employees about the information security risks around them might expose the LEDA Group to cyber-attacks. This led to the problem that the level of awareness of employees regarding information security was not known. The implication of this not knowing was that an argument for the nature of an intervention to ensure awareness, as well as to educate and train employees regarding information security was not possible. The aim of this treatise was to develop a framework as an effective guideline for the implementation of cybersecurity awareness, education and training of employees. In the study, the LEDA Group employees were surveyed to determine their cybersecurity knowledge gap. An online questionnaire was randomly sent to 314 LEDA Group employees. The survey was voluntary and confidential. One hundred and thirty seven (137) employees completed the survey. The results of the survey were analysed to determine the gap between the current cybersecurity knowledge of the LEDA Group employees and state-of-the-art cybersecurity knowledge. The gap was used in the development of the framework for the implementation of the cybersecurity awareness, education and training (F-CSAET). Central to F-CSAET is the governance principles guided by best practices such as King IV, COBIT5, ISO27001, ISO27005, ISO27008 and ISO27032 and the compliance requirements to POPIA, the Copyright Act and the Cybercrimes and Cybersecurity Bill. The F-CSAET has six steps, namely Assess, Analyse, Create, Plan, Implement and Reinforce. The framework was evaluated for applicability by the team called the cyber security interest team, which was established specifically for the purpose of the F-CSAET.
Format: ix, 101 leaves
Format: pdf
Publisher: Nelson Mandela University
Publisher: Faculty of Engineering Built Environment and Information Technology
Language: English
Rights: Nelson Mandela University

Hits: 1902
Visitors: 2085
Downloads: 317

Collections

NMU School of Information and Communication Technology

		Thumbnail	File	Description	Size	Format
View Details Download			SOURCE1	MPhil Treatise Final s217885993.pdf	2 MB	Adobe Acrobat PDF	View Details Download