Spelling suggestions: "subject:"computer security -- covernment policy."" "subject:"computer security -- bgovernment policy.""
1 |
Pro-active visualization of cyber security on a National Level : a South African case studySwart, Ignatius Petrus January 2015 (has links)
The need for increased national cyber security situational awareness is evident from the growing number of published national cyber security strategies. Governments are progressively seen as responsible for cyber security, but at the same time increasingly constrained by legal, privacy and resource considerations. Infrastructure and services that form part of the national cyber domain are often not under the control of government, necessitating the need for information sharing between governments and commercial partners. While sharing of security information is necessary, it typically requires considerable time to be implemented effectively. In an effort to decrease the time and effort required for cyber security situational awareness, this study considered commercially available data sources relating to a national cyber domain. Open source information is typically used by attackers to gather information with great success. An understanding of the data provided by these sources can also afford decision makers the opportunity to set priorities more effectively. Through the use of an adapted Joint Directors of Laboratories (JDL) fusion model, an experimental system was implemented that visualized the potential that open source intelligence could have on cyber situational awareness. Datasets used in the validation of the model contained information obtained from eight different data sources over a two year period with a focus on the South African .co.za sub domain. Over a million infrastructure devices were examined in this study along with information pertaining to a potential 88 million vulnerabilities on these devices. During the examination of data sources, a severe lack of information regarding the human aspect in cyber security was identified that led to the creation of a novel Personally Identifiable Information detection sensor (PII). The resultant two million records pertaining to PII in the South African domain were incorporated into the data fusion experiment for processing. The results of this processing are discussed in the three case studies. The results offered in this study aim to highlight how data fusion and effective visualization can serve to move national cyber security from a primarily reactive undertaking to a more pro-active model.
|
2 |
Awareness and training: the influence on end-user' attitude towards information security policy complianceSnyman, Mmabatho Charity 02 1900 (has links)
Research accentuates that end-users‘ noncompliance with information security policy (ISP) is a key concern for government just as it is for the private sector. Although awareness and training programmes are important factors impacting employees‘ intentions to comply with an organisation‘s ISP, it can be argued that there is insufficient empirical evidence to support this assertion. To address this gap, this study seeks to expand research on ISP compliance by focusing on attitudes as targets of change.
A research model based on the Theory of Planned Behaviour was proposed to illustrate the influence of ISP awareness training on end-users‘ attitudes towards complying with their organisation‘s ISP. Relevant hypotheses were developed to test the research conceptualisation. A survey and an experiment was undertaken to collect the data from a sample of 173 end-users of a single government organisation in one province. The data was captured and analysed using a Statistical Package for Social Sciences (SPSS). Furthermore, Structural Equation Modelling (SEM) was used to test whether the overall model appears to be a good fit to support the hypotheses. The reliability, validity, and model fit were found to be statistically significant, and three out of five research hypotheses were supported.
Overall this study contributes to the existing body of knowledge by providing an understanding of the methods that can be used to encourage end-users‘ ISP compliance behaviour through an attitudinal shift, thereby targeting end-users‘ attitude as a means to improve information security policy compliance. Implications of the findings are further discussed in the paper. / Information Technology / M. Tech. (Information Technology)
|
3 |
The threat of cyberterrorism: Contemporary consequences and prescriptionsStocking, Galen Asher Thomas 01 January 2004 (has links)
This study researches the varying threats that emanate from terrorists who carry their activity into the online arena. It examines several elements of this threat, including virtual to virtual attacks and threats to critical infrastructure that can be traced to online sources. It then reports on the methods that terrorists employ in using information technology such as the internet for propaganda and other communication purposes. It discusses how the United States government has responded to these problems, and concludes with recommendations for best practices.
|
4 |
Comparative data protection and security : a critical evealuation of legal standardsLondon, R. W. 09 1900 (has links)
This study1 addresses the key information technology issues of the age and
its unintended consequences. The issues include social control by
businesses, governments, and information age Star Chambers. The study
focuses on a comparative analysis of data protection, data security, and
information privacy (DPSIP) laws, regulations, and practices in five countries.
The countries include Australia, Canada, South Africa, the United Kingdom,
and the United States. The study addresses relevant international legal
standards and justifications. This multidisciplinary analysis includes a
systems thinking approach from a legal, business, governmental, policy,
political theory, psychosocial, and psychological perspective. The study
implements a comparative law and sociolegal research strategy. Historic,
linguistic, and statistical strategies are applied. The study concludes with a
next step proposal, based on the research, for the international community,
the five countries in the study, and specifically, South Africa as it has yet to
enact a sound DPSIP approach. / LL.D. (Laws)
|
5 |
Comparative data protection and security : a critical evaluation of legal standardsLondon, Ray William 09 1900 (has links)
This study1 addresses the key information technology issues of the age and
its unintended consequences. The issues include social control by
businesses, governments, and information age Star Chambers. The study
focuses on a comparative analysis of data protection, data security, and
information privacy (DPSIP) laws, regulations, and practices in five countries.
The countries include Australia, Canada, South Africa, the United Kingdom,
and the United States. The study addresses relevant international legal
standards and justifications. This multidisciplinary analysis includes a
systems thinking approach from a legal, business, governmental, policy,
political theory, psychosocial, and psychological perspective. The study
implements a comparative law and sociolegal research strategy. Historic,
linguistic, and statistical strategies are applied. The study concludes with a
next step proposal, based on the research, for the international community,
the five countries in the study, and specifically, South Africa as it has yet to
enact a sound DPSIP approach. / LL. D.
|
Page generated in 0.1458 seconds