- About
-
The Global ETD Search service is a free service for researchers
to find electronic theses and dissertations. This service is
provided by the
Networked Digital Library of Theses and Dissertations.
Our metadata is collected from universities around the world. If you manage a university/consortium/country archive and want to be added, details can be found on the NDLTD website.
Search results
Showing 11 to 19 of 19 (0.112 seconds)Spelling suggestions: "subject:"asecurity risk management"" "subject:"2security risk management""
| 11 |
Factors Influencing the Implementation of Information Security Risk Management : A case study of Nigerian Commercial BanksAghaunor, Gabriel, Okojie, Bukky E January 2022 (has links)
The banking industry is one of the critical infrastructures in any economy. The services rendered by banks are systematically based on innovation, products, and technology to leverage their services. Several associated risks come along with the rendering of these banking services. The protection of critical information assets of any banking organization should be a top priority of the management. They must ensure that adequate provision is made to develop a strong strategy to control, reduce, and mitigate tasks, such as fraud, cyber-attacks, and other forms of cybersecurity exploitations. Risk management is a series of actions to identify, assess and control threats and vulnerabilities in an organization's capital investment and revenue. These potential risks arise from diverse sources like credit risk, liquidity risk, financial uncertainties, legal actions, technology failures, business strategic management errors, accidental occurrences, and natural disasters. This research study aimed to investigate the factors influencing the implementation of information security risk management in Nigerian Commercial Banks, using a social-technical system framework to address a fundamental human risk factor, which contributes predominately to the failure in information security risk management. These research was motivated by the fact that Nigerian banking sector is facing serious threats' threat emanate from cyber-attacks. Evidenced by the ever-increasing cyber-attacks, as demonstrated by a total of 1,612 complaints from consumers of financial services over banking fraud and aggressive charges received between July and December 2018 of which 99.38% of these incidences were against the commercial banks. The banks are faced with a lot of vulnerabilities and cybersecurity threats, and most of the attacks that happened within the banking sector are focused on the customers, and employees through phishing and social engineering. These showed weaknesses in information security management within the Nigerian banking industry. However, the study was guided by the social-technical theory that advocates for overall training to the stakeholders that helps in changing their beliefs and norms about organization of IS security. In order to find out the factors influencing the implementation of information security risks management in respect of Nigerian Commercial Banks, this study evaluated the influence of management support, technical experts support, funding and users’ security awareness to curb the cyber-attacks in Nigerian financial sector. The contribution of this research is expected to lead to the improvement in the financial system, and organizations, where cybersecurity and information security risk management processes are taken seriously, to reduce the high level of information security risk, threats, and vulnerabilities. Nigeria is a developing country, and at the same time fighting to develop a more conducive business investment environment to attract both national and international investors. A mixed approach research (qualitative and quantitative) method was used to validate this research study. Data collection tools used included interviews and questionnaires. Data analysis was done using the SPSS and logistic regression model.
|
| 12 |
Cyber Supply Chain Security and the Swedish Security Protected Procurement with Security Protective AgreementDios Falk, Carina January 2023 (has links)
Digitalisation and globalisation are increasing the number of integrated and interconnected information technology (IT) systems worldwide. Consequently, these relationships and dependencies develop technological relationships through their services. Identifying all these relations is for organisations a challenge and complex since it involves millions of source code lines and global connections. For this reason, cyber supply chain risk management (C-SCRM) is becoming ever more critical for organisations to manage risks associated with information technology and operational technology (OT). At the same time, during a press conference, the Swedish Minister for Defense Peter Hultquist estimated that there are approx. 100.000 cyber activities against Swedish targets every year that targets both the Private and Public sector. In response to the evolving threat landscape, Sweden is experiencing a paradigm shift in protective security processes with new legislation entering into force that aims to protect Sweden's security against espionage, sabotage, terrorist offences and other crimes against national security. These rules on protective security, the Protective Security Act (2018:585) and Protective Security Ordinance (2021:955) apply to operators that are important for Sweden's national security and affect how public procurement processes are regulated. This thesis aims to study how the Swedish Security Protected Procurement with Security Protective Agreements (SUA) process and Cyber Supply Chain Risk Management (C-SCRM) relate and to understand what practices increase and decrease the level of C-SCRM in the current SUA process. The research questions are Q1) How does the SUA process relate to C-SCRM? and Q2) How does the SUA process affect the level of C-SCRM? This research paper contributes to understanding C-SCRM in the context of the Swedish Security Protected Procurement with Security Protective Agreements (SUA). To answer the research questions a Case study strategy was used, and interviews were conducted with eight key experts as well as a document analysis. The results showed that audit, regulation and people and processes are essential to managing C-SCRM and that processes within other international models, including the CMMC and Cyber Essential Plus, should be adopted to the SUA process to better manage cyber supply chain risks.
|
| 13 |
A security risk management approach to the prevention of theft of platinum group metals: case study of Impala Platinum Mines and RefineryMokhuane, Seadimo Joseph 02 1900 (has links)
Text in English / The purpose of this study was to establish the vulnerabilities of the security control measures that are being used at Impala Platinum mines and refinery to prevent the theft of Platinum Group Metals (PGMs). It is important to ensure that the security control measures in place are effective and efficient in preventing the occurrence of such theft.
The research examined the security risk management approach to the prevention of theft of PGMs and the causes of theft of PGMs by organised crime syndicates operating in South Africa and abroad.
The study found that Impala Platinum employees, in collusion with contractors and members of mine security services, are involved in the theft of PGMs.
To achieve the goals and objective of the research study, effective security control measures were identified that will help Impala Platinum mines and refinery to overcome the risks and challenges related to the theft of PGMs. / Security Risk Management / M. Tech. (Security Management)
|
| 14 |
Automating Security Risk and Requirements Management for Cyber-Physical SystemsHansch, Gerhard 15 October 2020 (has links)
No description available.
|
| 15 |
An investigation of the bombing of automated teller machines (ATMs) with intent to steal cash content : case study from GautengSewpersad, Sarika 01 1900 (has links)
An investigation of the bombing of automated teller machines (ATMs) with intent to steal cash contentof ATMs. This is inclusive of the impact on society (banks clients) and banking institutions as well as the danger it poses to the general public and public and private law enforcement personnel. / (M.Tech. (Security Management))
|
| 16 |
The challenges facing private security companies in retaining clients : a case study in Gauteng shopping mallsBanda, Teboho Elliot 06 1900 (has links)
The private security industry is tasked with protecting lives and property against an evolving array of personal and property threats. Rendering such services comes with many market related
challenges for private security providers. These services are rendered to various types of clients like government departments, hospitals, universities and shopping malls amongst others. These clients have unique and different needs and expectations, therefore shopping
malls as clients of the private security industry were selected for the purpose of this research. The qualitative research approach was used for this study wherein a questionnaire was used to obtain information from private security and shopping mall personnel working in shopping
malls in Gauteng. The findings of this study reveals that there are indeed client retention challenges that are facing private security companies providing services to shopping malls. Based on the findings, recommendations for the private security providers and further research in shopping mall security management are made. / Security Risk Management / M.Tech. (Security Management)
|
| 17 |
An investigation of the bombing of automated teller machines (ATMs) with intent to steal cash content : case study from GautengSewpersad, Sarika 01 1900 (has links)
An investigation of the bombing of automated teller machines (ATMs) with intent to steal cash contentof ATMs. This is inclusive of the impact on society (banks clients) and banking institutions as well as the danger it poses to the general public and public and private law enforcement personnel. / (M.Tech. (Security Management))
|
| 18 |
An analysis of security measures implemented on commercial private game reserves in LimpopoHerman, Dewald Gustav 29 November 2020 (has links)
South Africa presently experiences high levels of crime daily. Although crime is accepted as an everyday occurrence for its citizens, it affects the economy of the country. This study analysed security measures implemented on Commercial Private Game Reserves (CPGRs) in Limpopo and the impact of crime thereof. CPGRs are enclosed areas containing various species of fauna and flora. Visitors from domestic and foreign origins visit these reserves to enjoy nature and its tranquillity.
This study analysed the security measures to determine their effectiveness for CPGRs. The study further explored the use of security risk management strategies and risk assessments as crime reduction tools. The study was carried out using a case study research design. Data were collected by the researcher using three methods: observation, onsite checklists and semi-structured one-on-one interviews which were conducted on site. Validity and reliability indicate the trustworthiness of the study. The researcher reduced the data gathered through the use of thematic data analysis. Interviews were transcribed and themes were created and identified by the researcher.
The comprehensive data indicated the importance of a security risk manager on a CPGR. The research found that very few security risk managers are employed and that managers of security risks employed on CPGRs have various titles. However, while the CPGRs have similar risks, their risk reduction strategies vary. The most commonly used measures are people, physical and technological measures with each having various subdivisions.
The security measures implemented by CPGRs in the Limpopo province which were analysed are not formulated using a scientific approach as most properties do not make use of a formal security risk assessment. The study is deemed valuable as a model was developed from the findings that could be used by game reserves to guide them to apply relevant security measures.
A formal security programme is often limited due to financial constraints of the reserve or the reserve owners, however, not all strategies should be considered as a financial expense as much can be done without exhausting financial reserves.
The findings contributed to making recommendations to improve the overall security of CPGRs. This study encourages more research into the subject to improve the security industry and to stimulate the tourism industry. / Security Risk Management / M. Tech. (Security Management)
|
| 19 |
Dynamic Risk Management in Information Security : A socio-technical approach to mitigate cyber threats in the financial sector / Dynamisk riskhantering inom informationssäkerhet : Ett sociotekniskt tillvägagångssätt för att hantera cyberhot i den finansiella sektornLundberg, Johan January 2020 (has links)
In the last decade, a new wave of socio-technical cyber threats has emerged that is targeting both the technical and social vulnerabilities of organizations and requires fast and efficient threat mitigations. Yet, it is still common that financial organizations rely on yearly reviewed risk management methodologies that are slow and static to mitigate the ever-changing cyber threats. The purpose of this research is to explore the field of Dynamic Risk Management in Information Security from a socio-technical perspective in order to mitigate both types of threats faster and dynamically to better suit the connected world we live in today. In this study, the Design Science Research methodology was utilized to create a Dynamic Information Security Risk Management model based on functionality requirements collected through interviews with professionals in the financial sector and structured literature studies. Finally, the constructed dynamic model was then evaluated in terms of its functionality and usability. The results of the evaluation showed that the finalized dynamic risk management model has great potential to mitigate both social and technical cyber threats in a dynamic fashion. / Under senaste decenniet har en ny våg av sociotekniska cyberhot uppkommit som är riktade både mot de sociala och tekniska sårbarheterna hos organisationer. Dessa hot kräver snabba och effektiva hotreduceringar, dock är det fortfarande vanligt att finansiella organisationer förlitar sig på årligen granskade riskhanteringsmetoder som både är långsamma och statiska för att mildra de ständigt föränderliga cyberhoten. Syftet med denna forskning är att undersöka området för dynamisk riskhantering inom informationssäkerhet ur ett sociotekniskt perspektiv, med målsättningen att snabbare och dynamiskt kunna mildra bägge typerna av hot för att bättre passa dagens uppkopplade värld. I studien användes Design Science Research för att skapa en dynamisk riskhanteringsmodell med syfte att hantera sociotekniska cyberhot mot informationssäkerheten. Riskhanteringsmodellen är baserad på funktionskrav insamlade genom intervjuer med yrkesverksamma inom finanssektorn, samt strukturerade litteraturstudier. Avslutningsvis utvärderades den konstruerade dynamiska modellen avseende dess funktionalitet och användbarhet. Resultaten av utvärderingen påvisade att den slutgiltiga dynamiska riskhanteringsmodellen har en stor potential att mitigera både sociala och tekniska cyberhot på ett dynamiskt sätt.
|
Page generated in 0.1196 seconds