A model for the alignment of information security requirements within South African small, medium and micro enterprises
- Authors: Speckman, Timothy Harambee
- Date: 2019
- Subjects: Computer security -- Management , Data protection -- Management Small business -- South Africa Knowledge management
- Language: English
- Type: Thesis , Masters , MIT
- Identifier: http://hdl.handle.net/10948/44012 , vital:37092
- Description: Small, medium and micro enterprises (SMMEs) are reported to be the hope of the economy in many developing countries, such as South Africa (SA). The unique characteristics of SMMEs such as their ability to evolve rapidly, and to employ larger labour forces as they grow, make these enterprises valuable to the SA economy, in which poverty and unemployment rates are alarmingly high. Like most modern enterprises, SA SMMEs make use of information and communication technology (ICT) systems - as a vehicle to store, transmit and process information, which is an asset that is critical to their business operations. Thus, the vulnerabilities of these ICT systems need to be addressed, in order to protect the information assets of enterprises. However, SMMEs are known to only implement measures to protect their information assets on an ad hoc basis and frequently as reactive measures to information security incidents. This can be attributed to the fact that most of these enterprises lack the ability to establish their unique information security requirements. Information security requirements are a measure of the level of security needed to adequately protect the information assets of an enterprise. Furthermore, it is reported that information security best practices and standards, which provide guidance on information security, are too complex for SA SMMEs to implement and for SMMEs to use for establishing their unique information security requirements.
- Full Text:
- Date Issued: 2019
A strategy to promote awareness and adherence to information security policy at Capricorn District Municipality
- Authors: Mamabolo, Mokgadi Hellen
- Date: 2019
- Subjects: Computer security -- Management , Data protection -- Management Computer security Computer networks -- Security measures
- Language: English
- Type: Thesis , Masters , MPhil
- Identifier: http://hdl.handle.net/10948/40867 , vital:36245
- Description: The purpose of this research was to investigate the reasons for non-adherence to the ISP and to measure the current level of adherence to the ISP. The research revealed that non adherence to the ISP is caused by lack of training or awareness, and through non-communication of the ISP to employees. The study was conducted at Capricorn District Municipality, Polokwane Local Municipality, Molemole Local Municipality and Blouberg Local Municipality. A web-based questionnaire (QuestionPro) was developed and it was directed to every official who uses or interacts with municipal information, to quantify the level of adherence to ISP by employees. An email with the questionnaire link administered by www.questionpro.com was then sent to the population of 152 employees. Presently ISP adherence is one of the key concerns that are faced by organisations. Employees are perceived as one of the reasons that there are security breaches within organisations; hence, it is of paramount importance that these security breaches are noticed, as well as technical matters. Most researchers have reasoned that non-adherence to ISP is one of the major challenges faced by organisations. The non-adherence to ISP will lead to potential information security threats and unauthorised access to information that might compromise municipal business operations. The Information Security Officer together with the help of management must educate employees regarding the value of IS and why it is crucial to adhere to these policies. The proposed strategy summarises the various concepts required in the promotion of awareness and adherence to an effective ISP. Ultimately, this research study concludes that if management continually trains employees, raising awareness about ISP and monitoring their adherence to ISP, this should increase the adherence level.
- Full Text:
- Date Issued: 2019
Targeted attack detection by means of free and open source solutions
- Authors: Bernardo, Louis F
- Date: 2019
- Subjects: Computer networks -- Security measures , Information technology -- Security measures , Computer security -- Management , Data protection
- Language: English
- Type: text , Thesis , Masters , MSc
- Identifier: http://hdl.handle.net/10962/92269 , vital:30703
- Description: Compliance requirements are part of everyday business requirements for various areas, such as retail and medical services. As part of compliance it may be required to have infrastructure in place to monitor the activities in the environment to ensure that the relevant data and environment is sufficiently protected. At the core of such monitoring solutions one would find some type of data repository, or database, to store and ultimately correlate the captured events. Such solutions are commonly called Security Information and Event Management, or SIEM for short. Larger companies have been known to use commercial solutions such as IBM's Qradar, Logrythm, or Splunk. However, these come at significant cost and arent suitable for smaller businesses with limited budgets. These solutions require manual configuration of event correlation for detection of activities that place the environment in danger. This usually requires vendor implementation assistance that also would come at a cost. Alternatively, there are open source solutions that provide the required functionality. This research will demonstrate building an open source solution, with minimal to no cost for hardware or software, while still maintaining the capability of detecting targeted attacks. The solution presented in this research includes Wazuh, which is a combination of OSSEC and the ELK stack, integrated with an Network Intrusion Detection System (NIDS). The success of the integration, is determined by measuring postive attack detection based on each different configuration options. To perform the testing, a deliberately vulnerable platform named Metasploitable will be used as a victim host. The victim host vulnerabilities were created specifically to serve as target for Metasploit. The attacks were generated by utilising Metasploit Framework on a prebuilt Kali Linux host.
- Full Text:
- Date Issued: 2019