Information Technology (IT) Users in Tertiary Education Institutions in Bulawayo, Zimbabwe: Case of Security Awareness

Information Technology (IT) expansion exposes organisations in developing countries to IT security risks. Zimbabwe’s tertiary education institutions (TEIs) are not spared. Every year, cyber-attacks increase and become more sophisticated, resulting in losses of personal and financial data for individuals, organisations and governments. As the world is interconnected, small and big organisations share the same internet platform. Therefore, IT security risks that affect one, affect all. When IT users are unaware of the risks and uninformed of ways to protect their IT systems, they remain vulnerable. Like other organisations in Zimbabwe, TEIs are vulnerable to cyber-attacks. The study that directed this article employed a quantitative methodological approach in the collection of the data and its analysis. A sample of 261 respondents was selected from the population of IT users in TEIs in Bulawayo. The results indicated that IT security awareness of IT users in TEIs in Bulawayo is low. This is evidenced by the low IT drivers’ contribution towards building IT users’ security awareness, and inadequate implementation and utilisation of IT security awareness tools. The prevailing phenomenon exposes TEIs in Bulawayo to a high risk of cyber-attacks. The results indicated a positive and significant correlation between IT security drivers’ contribution and IT security awareness tools utilisation in TEIs in Bulawayo. The implication is that an increase in IT security drivers’ contribution and IT security awareness tools utilisation will lead to increased IT security awareness. The study recommends that IT drivers double their contribution towards building IT security awareness through adequate implementation and utilisation of IT security awareness tools. This will safeguard the information that tertiary education institutions generate.

Download Full-text

Cybersecurity Threat Modelling: A Case Study of An Ecommerce Platform Migration to the Public Cloud

European Journal of Electrical Engineering and Computer Science ◽

10.24018/ejece.2020.4.4.237 ◽

2020 ◽

Vol 4 (4) ◽

Author(s):

Bamidele Ola ◽

Iyobor Egho-Promise

Keyword(s):

Information Technology ◽

Public Cloud ◽

The Public ◽

Goods And Services ◽

It Systems ◽

The World ◽

Modelling Techniques ◽

Security Concerns ◽

Threat Modelling

The emergence of ecommerce almost three decades ago has completely transformed the approach to purchasing goods and services across various countries in the world. Almost every country in the globe, now have some form of ecommerce operations, this has further been enhanced by the stay at home COVID-19 induced lockdowns. The value and volume of transactions has also increased in transactions. However, there has been security concerns impacting ecommerce operations, which has in part, led to increasing adoption of hosting ecommerce systems in the public cloud. Threat modelling offer mechanisms to enhance the security of information technology (IT) systems. In this paper, we apply different threat modelling techniques to decompose the migration of an on-premise hosted ecommerce system to the public cloud and also evaluate these threat modelling techniques.

Download Full-text

Common Mistakes in Delivering Cybersecurity Awareness

Cybersecurity Education for Awareness and Compliance - Advances in Information Security, Privacy, and Ethics ◽

10.4018/978-1-5225-7847-5.ch002 ◽

2019 ◽

pp. 19-32

Author(s):

Joshua Crumbaugh

Keyword(s):

Training Program ◽

Real World ◽

Human Error ◽

Cyber Attacks ◽

Security Awareness ◽

Complete Control ◽

Data Breaches ◽

The World ◽

Gain Access ◽

Successes And Failures

Human error is the cause of over 95% of data breaches and the weakest aspect of cybersecurity in nearly all organizations. These errors guarantee that hackers can easily gain access to almost any network in the world and take complete control of systems, data, and more. This chapter outlines the top mistakes organizations make in security awareness and why most companies are failing to properly prepare their users for cyber-attacks. Each point is accompanied by actionable data derived from real-world training program successes and failures.

Download Full-text

Security Awareness

Handbook of Research on Information Security and Assurance ◽

10.4018/978-1-59904-855-0.ch039 ◽

2009 ◽

pp. 441-446

Author(s):

Edgar Weippl

Keyword(s):

Effective Means ◽

It Security ◽

Security Awareness ◽

Language Awareness ◽

Awareness Training ◽

Training Environment ◽

It Systems ◽

Security Training ◽

Security Awareness Training ◽

A Company

This chapter outlines advanced options for security training. It builds on previous publications (Weippl 2005, 2006) and expands them by including aspects of European-wide cooperation efforts in security awareness. Various examples will show what characterizes successful programs. The authors cooperate with ENISA (http://www. enisa.eu.int/) to create a new multi-language awareness training program that uses virtual environments to allow users to train on real systems without any danger. We describe the design and the proposed implementation of the system. In cooperation with the Austrian Computer Society (http://www.ocg.at) we lay the basis for an ECDLmodule on IT security awareness training. Companies are obliged to reasonably secure their IT systems and user awareness training is one of the most important and effective means of increasing security. If claims are filed against a company, it is in the interest of management to provide proof that all users completed IT security training. Moreover, advanced and experienced users need a training environment that lets them try complex scenarios in a safe environment.

Download Full-text

IT Security

Managing Very Large IT Projects in Businesses and Organizations - Advances in IT Personnel and Project Management ◽

10.4018/978-1-59904-546-7.ch006 ◽

2009 ◽

pp. 84-95

Author(s):

Matthew Guah

Keyword(s):

Information Security ◽

Computer Security ◽

Security Management ◽

Implementation Process ◽

Cyber Attacks ◽

It Security ◽

Security Risk ◽

Corporate Security ◽

It Systems ◽

Organizational Perspective

One area that has scarcely received attention in the IT security literature, is the role that individual compliance plays in preventing cyber-attacks. Specifically, how individuals take precautions, how they are motivated to take precautions, and the impact of corporate security policies on individual precaution-taking behaviour have not been extensively researched. Existing literature has underdeveloped conceptualizations of how these control systems work in the realm of information security. This chapter adds to the body of knowledge concerning the socio-organizational perspective for understanding IT security management in the organization that implement VLITP. It examines the VLITP implementation process for achieving IT security management BS 7799 Part 2 certification. The author also gives regards to the role of individual perceptions of the compulsion of controls as a significant part of the IT security process. Focusing more on behavioural aspects of security during the implementation of VLITP, this book considers Information security is to be different from computer security—which is the encompassing of information security in addition to the other aspects of security such as technical aspects, physical security, system security, networking issues, and so forth.. IT security risk considerations cause are capable of causing particular concern on the interdependence of IT systems and inject another element of complexity in the application of the policies governing VLITPs.

Download Full-text

IMPORTANCE OF BUSINESS SOLUTIONS BASED ON BLOCKCHAIN TECHNOLOGY

Zeszyty Naukowe SGGW Polityki Europejskie Finanse i Marketing ◽

10.22630/pefim.2020.24.73.43 ◽

2020 ◽

pp. 266-278

Author(s):

Marta Wiśniewska

Keyword(s):

Information Technology ◽

The Other ◽

Senior Executives ◽

Legal Regulations ◽

Technical Problems ◽

Blockchain Technology ◽

Business Operations ◽

Organizational Barriers ◽

It Systems ◽

The World

The aim of this study is to determine the essence of blockchain technology and its capabilities to be utilized in business operations. The paper discusses the importance of blockchain technology and practical possibilities of its application. Based on industry reports, statistics on investments of enterprises in blockchain technology and attitudes of their senior executives towards this technology, as well as the validity of its implementation, have been presented. In addition, the most important advantages of blockchain technology in relation to existing information technology (IT) systems have been specified. The article describes organizational barriers hindering investments in blockchain technology and its actual applications in companies. Performed analyses show that companies around the world are actively investing in blockchain technology. This technology has been found to be positively recognized in business by executives, however companies, while planning its implementation, face numerous barriers which mainly arise from a lack of legal regulations, and technical problems. On the other hand, blockchain technology can be used in many areas of company activities, especially in the supply chain.

Download Full-text

Cyber War: Will it define the Limits to IT Security?

The International Review of Information Ethics ◽

10.29173/irie156 ◽

2013 ◽

Vol 20 ◽

pp. 4-15

Author(s):

Ingo Ruhman

Keyword(s):

Information Society ◽

Cyber Attacks ◽

It Security ◽

Cyber Warfare ◽

It Systems ◽

Cyber War ◽

The Military

Cyber warfare exploits the weaknesses in safety and security of IT systems and infrastructures for political and military purposes. Today, not only have various units in the military and secret services become known to engage in attacks on adversary’s IT systems, but even a number of cyber attacks conducted by these units have been identified. Most cyber warfare doctrines aim at a very broad range of potential adversaries, including civilians and allies, thus justifying the involvement of cyber warfare units in various IT security scenarios of non-military origin. Equating IT security with cyber warfare has serious consequences for the civil information society.

Download Full-text

ANALYSIS OF BANK PERFORMANCE WITH INFORMATION TECHNOLOGY PERSPECTIVE

Jurnal Riset Ekonomi Manajemen (REKOMEN) ◽

10.31002/rn.v5i1.4381 ◽

2021 ◽

Vol 5 (1) ◽

pp. 64-72

Author(s):

Yustinus Wahyu Agung Prasetyo ◽

◽

Mohammad Achmad Amin Soetomo ◽

Mulya R. Mashudi ◽

◽

...

Keyword(s):

Information Technology ◽

Credit Card ◽

Cyber Attacks ◽

System Failure ◽

It Security ◽

Mobile Banking ◽

Banking Services ◽

Customer Complaints ◽

Security Services ◽

It Risk

XYZ Bank provides several digital banking services for various segments, including the D-Bank mobile banking application, XYZ Online Banking, D-Card Mobile for credit card management, D-Financial for SMEs, D-BisMart. for the supply chain, as well as XYZ Trade Connect and Cash Connect for various customer businesses. It is known that 1) IT risk on the D-Bank application is still high. This can be seen from the number of risk events for IT system failure in its application. 2) The handling of IT problems is still not optimal, this can be seen from customer complaints that often reappear in the D-Bank application, such as failed logins, failed transactions and slow performance. 3) Lack of handling of IT Security services. This can be seen from the number of cyber-attacks that have successfully entered the D-Bank application. The final result shows that there are several domains and principles that need to be considered by management in order to improve the performance of information technology.

Download Full-text

Security against Surveillance: IT Security as Resistance to Pervasive Surveillance

Surveillance & Society ◽

10.24908/ss.v16i1.5316 ◽

2018 ◽

Vol 16 (1) ◽

pp. 39-52 ◽

Cited By ~ 2

Author(s):

Mike Zajko

Keyword(s):

Information Technology ◽

Cyber Security ◽

Dual Role ◽

It Security ◽

Legal Reforms ◽

Information Technology Security ◽

It Systems ◽

Security Practices ◽

Surveillance Programs

This paper examines Five Eyes surveillance programs as a threat to IT (Information Technology) security and IT security as resistance to these programs. I argue that the most significant of Snowden's disclosures have been the Five Eyes agencies’ systematic compromise of the technologies, networks, and standards in use within their own countries and abroad. Attacks on domestic infrastructure contradict the defensive posture of these agencies but are consistent with the project of cyber security as defined by the Five Eyes. The cyber security project of the Five Eyes nations is expansive in scope and has proceeded along dangerous lines. By assigning signals intelligence agencies the dual role of exploiting IT systems as well as securing them, a contradiction has been baked into our evolving notion of cyber security. A comprehensive response should include political and legal reforms, disentangling the Five Eyes' offensive and defensive roles, and narrowing the scope of the cyber security project. However, the most effective forms of resistance for individuals and institutions so far have been through an increased emphasis on IT security practices.

Download Full-text

A Study of Information Technology in Airlines

International Journal of Scientific Research in Computer Science Engineering and Information Technology ◽

10.32628/cseit206462 ◽

2020 ◽

pp. 345-353

Author(s):

Punyaslok Sarkar ◽

Debasish Dutta

Keyword(s):

Information Technology ◽

The World ◽

A Company

This is a study of information technology within a company and how it works and its structure. In this case, it’s a airlines company called Air India and how IT helps in running the different flights around the world.

Download Full-text

KINERJA iLEARNING RAHARJA ASK AND NEWS (IRAN) DALAM MENDUKUNG KEGIATAN TRIDHARMA IDUHELP!

CCIT Journal ◽

10.33050/ccit.v8i1.270 ◽

2014 ◽

Vol 8 (1) ◽

pp. 18-33

Author(s):

Untung Rahardja ◽

Meta Amalya Dewi ◽

Fitri Lisnawati

Keyword(s):

Information Technology ◽

System Performance ◽

Communication Media ◽

Related Method ◽

Literature Reviews ◽

The World ◽

Information And Communication ◽

System Requirements ◽

Three Stages ◽

Care System

Advances in information technology and communications which we achieve now actually been recognized and felt in the world of education in general. Currently College Prog implement a Tridharma terms Tridharma iDuHelp!. Tridharma is one of the basic responsibilities that students must be developed simultaneously and together. In this Tridharma still there are problems in the system iDuHelp! service. So IRAN (iLearning Prog Ask and News) in collaboration with iDuHelp! in providing answers and information needed by the student. In its application in Tridharma iDuHelp! IRAN There is a related method in it, such as iLearning methods that are currently being developed. With iLearning method can facilitate conduct research in detail, accurately, and clearly by using mindmapping. Besides the method of analysis is also done with three stages namely the identification of the problem, identifying needs, and identifying system requirements. In this study using 4 literature reviews that can be used as references in preparing this paper. In this article explained about the problems that arise and solving problems in accurately using the flow Flowchart. In the implementation of the prototype shown iDuHelp! As well as the performance of Iran. So the end result of the study is a system performance to information and communication media of Iran can maximize iDuHelp! care system It is widely integrated in a university.

Download Full-text