TY - GEN
T1 - Cybersecurity Knowledge Requirements for a Water Sector Employee
AU - Thomani, R.
AU - Marnewick, A.
AU - von Solms, S.
AU - Malatji, M.
N1 - Publisher Copyright:
© 2022, IFIP International Federation for Information Processing.
PY - 2022
Y1 - 2022
N2 - Critical infrastructure in South Africa remains highly vulnerable to cybercrime threats due to a poor cyber-crime fighting capacity and a lack of a strong cybersecurity policy. South Africa appears to have fallen behind in securing and protecting cyberspace, considering the country’s dependability as well as the interconnectedness to the internet. Globally, the water and wastewater sector were ranked number four in the global security incidents. This study presents the findings of a systematic literature review conducted to assess the cybersecurity knowledge necessary for a general employee in the water sector. The study proposes a framework for determining the minimum knowledge that a general employee in the water sector should have. The frameworks start by defining the eight different types of cybersecurity challenges, then move on to mitigation strategies for dealing with such attacks. Several approaches and strategies were provided for mitigating various cybersecurity challenges. To deal with such risks, mitigations such as cybersecurity knowledge and skills, cybersecurity awareness, and cybersecurity training were proposed. The strategies for developing knowledge to deal with various sorts of dangers were provided at both the individual and organizational levels.
AB - Critical infrastructure in South Africa remains highly vulnerable to cybercrime threats due to a poor cyber-crime fighting capacity and a lack of a strong cybersecurity policy. South Africa appears to have fallen behind in securing and protecting cyberspace, considering the country’s dependability as well as the interconnectedness to the internet. Globally, the water and wastewater sector were ranked number four in the global security incidents. This study presents the findings of a systematic literature review conducted to assess the cybersecurity knowledge necessary for a general employee in the water sector. The study proposes a framework for determining the minimum knowledge that a general employee in the water sector should have. The frameworks start by defining the eight different types of cybersecurity challenges, then move on to mitigation strategies for dealing with such attacks. Several approaches and strategies were provided for mitigating various cybersecurity challenges. To deal with such risks, mitigations such as cybersecurity knowledge and skills, cybersecurity awareness, and cybersecurity training were proposed. The strategies for developing knowledge to deal with various sorts of dangers were provided at both the individual and organizational levels.
KW - Awareness
KW - Critical infrastructure
KW - Cybersecurity knowledge
KW - Water sector employee
UR - http://www.scopus.com/inward/record.url?scp=85135078005&partnerID=8YFLogxK
U2 - 10.1007/978-3-031-12172-2_8
DO - 10.1007/978-3-031-12172-2_8
M3 - Conference contribution
AN - SCOPUS:85135078005
SN - 9783031121715
T3 - IFIP Advances in Information and Communication Technology
SP - 91
EP - 105
BT - Human Aspects of Information Security and Assurance - 16th IFIP WG 11.12 International Symposium, HAISA 2022, Proceedings
A2 - Clarke, Nathan
A2 - Furnell, Steven
PB - Springer Science and Business Media Deutschland GmbH
T2 - 16th IFIP WG 11.12 International Symposium on Human Aspects of Information Security and Assurance, HAISA 2022
Y2 - 6 July 2022 through 8 July 2022
ER -