Cloud leakage in higher education in South Africa: A case of University of Technology

IF 16.4 1区 化学 Q1 CHEMISTRY, MULTIDISCIPLINARY Accounts of Chemical Research Pub Date : 2024-02-16 DOI:10.4102/sajim.v26i1.1783
Tshepiso Ntloedibe, T. Foko, M. A. Segooa
{"title":"Cloud leakage in higher education in South Africa: A case of University of Technology","authors":"Tshepiso Ntloedibe, T. Foko, M. A. Segooa","doi":"10.4102/sajim.v26i1.1783","DOIUrl":null,"url":null,"abstract":"Background: Users with knowledge of an organisation can pose risks to Cloud Computing, including current and past employees and external stakeholders with access to the organisation’s cloud. These insiders may engage in intentional or unintentional disruptive behaviors, causing significant harm to the organisation. A study focused on insider threats in South African higher education examined the tactics used by cybersecurity leaders to enforce cybersecurity policies.Objectives: The goal of this study was to develop a comprehensive insider mitigation framework for cloud leakage in a South African University.Method: The study employed qualitative methodologies and a case study approach. Open-ended interviews were conducted to collect data from the participants. The collected data was coded and analysed using ATLAS.ti 22.Results: The study’s findings revealed that some of the major sources of cloud leakage are a lack of effective training, ineffective information security (IS) policy regulation, and the implementation of information security awareness workshops that provided advice on how information security should be managed in the university.Conclusion: Insider threats pose a serious risk to organisations. To mitigate this threat, it is crucial for organisations to establish strong security policies and closely monitor employee activities. By conducting a thorough assessment of insider threats, organisations can enhance their understanding of this dynamic threat and strengthen their defenses.Contribution: Although every employee is ultimately responsible for an organisation’s security, the most effective IS programmes demonstrate strong top-level leadership by setting a ‘tone at the top’ and promoting the benefits of IS through careful policy and guidance.","PeriodicalId":1,"journal":{"name":"Accounts of Chemical Research","volume":null,"pages":null},"PeriodicalIF":16.4000,"publicationDate":"2024-02-16","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Accounts of Chemical Research","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.4102/sajim.v26i1.1783","RegionNum":1,"RegionCategory":"化学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q1","JCRName":"CHEMISTRY, MULTIDISCIPLINARY","Score":null,"Total":0}
引用次数: 0

Abstract

Background: Users with knowledge of an organisation can pose risks to Cloud Computing, including current and past employees and external stakeholders with access to the organisation’s cloud. These insiders may engage in intentional or unintentional disruptive behaviors, causing significant harm to the organisation. A study focused on insider threats in South African higher education examined the tactics used by cybersecurity leaders to enforce cybersecurity policies.Objectives: The goal of this study was to develop a comprehensive insider mitigation framework for cloud leakage in a South African University.Method: The study employed qualitative methodologies and a case study approach. Open-ended interviews were conducted to collect data from the participants. The collected data was coded and analysed using ATLAS.ti 22.Results: The study’s findings revealed that some of the major sources of cloud leakage are a lack of effective training, ineffective information security (IS) policy regulation, and the implementation of information security awareness workshops that provided advice on how information security should be managed in the university.Conclusion: Insider threats pose a serious risk to organisations. To mitigate this threat, it is crucial for organisations to establish strong security policies and closely monitor employee activities. By conducting a thorough assessment of insider threats, organisations can enhance their understanding of this dynamic threat and strengthen their defenses.Contribution: Although every employee is ultimately responsible for an organisation’s security, the most effective IS programmes demonstrate strong top-level leadership by setting a ‘tone at the top’ and promoting the benefits of IS through careful policy and guidance.
查看原文
分享 分享
微信好友 朋友圈 QQ好友 复制链接
本刊更多论文
南非高等教育中的云泄漏:技术大学案例
背景:了解组织情况的用户可能会给云计算带来风险,其中包括当前和过去的员工以及能够访问组织云的外部利益相关者。这些内部人员可能会有意或无意地实施破坏行为,对组织造成重大损害。一项针对南非高等教育机构内部威胁的研究考察了网络安全领导者在执行网络安全政策时所使用的策略:本研究的目标是针对南非一所大学的云泄漏问题制定一个全面的内部人员缓解框架:研究采用了定性方法和案例研究方法。通过开放式访谈收集参与者的数据。使用 ATLAS.ti 22 对收集到的数据进行编码和分析:研究结果表明,云泄漏的一些主要来源是缺乏有效的培训、信息安全(IS)政策监管不力以及信息安全意识研讨会的实施,这些研讨会就大学应如何管理信息安全提供了建议:内部威胁对组织构成严重威胁。要减轻这种威胁,组织必须制定强有力的安全政策,并密切监控员工的活动。通过对内部威胁进行全面评估,组织可以提高对这种动态威胁的认识,并加强防御:虽然每个员工都要对组织的安全负最终责任,但最有效的信息安全计划通过制定 "高层基调 "和通过谨慎的政策和指导来宣传信息安全的益处,展示了强有力的高层领导。
本文章由计算机程序翻译,如有差异,请以英文原文为准。
求助全文
约1分钟内获得全文 去求助
来源期刊
Accounts of Chemical Research
Accounts of Chemical Research 化学-化学综合
CiteScore
31.40
自引率
1.10%
发文量
312
审稿时长
2 months
期刊介绍: Accounts of Chemical Research presents short, concise and critical articles offering easy-to-read overviews of basic research and applications in all areas of chemistry and biochemistry. These short reviews focus on research from the author’s own laboratory and are designed to teach the reader about a research project. In addition, Accounts of Chemical Research publishes commentaries that give an informed opinion on a current research problem. Special Issues online are devoted to a single topic of unusual activity and significance. Accounts of Chemical Research replaces the traditional article abstract with an article "Conspectus." These entries synopsize the research affording the reader a closer look at the content and significance of an article. Through this provision of a more detailed description of the article contents, the Conspectus enhances the article's discoverability by search engines and the exposure for the research.
期刊最新文献
Management of Cholesteatoma: Hearing Rehabilitation. Congenital Cholesteatoma. Evaluation of Cholesteatoma. Management of Cholesteatoma: Extension Beyond Middle Ear/Mastoid. Recidivism and Recurrence.
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
现在去查看 取消
×
提示
确定
0
微信
客服QQ
Book学术公众号 扫码关注我们
反馈
×
意见反馈
请填写您的意见或建议
请填写您的手机或邮箱
已复制链接
已复制链接
快去分享给好友吧!
我知道了
×
扫码分享
扫码分享
Book学术官方微信
Book学术文献互助
Book学术文献互助群
群 号:481959085
Book学术
文献互助 智能选刊 最新文献 互助须知 联系我们:info@booksci.cn
Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。
Copyright © 2023 Book学术 All rights reserved.
ghs 京公网安备 11010802042870号 京ICP备2023020795号-1