Faculty of Commerce, Law and Management (ETDs)

Permanent URI for this communityhttps://hdl.handle.net/10539/37778

Browse

Filters

2020 - 20222

Settings

Has files: YesSubject: search.filters.subject.Cyber risk

Search Results

Now showing 1 - 2 of 2
  • Thumbnail Image
    Item
    Investigating cyber resilience in Small, Medium, and Micro Enterprises (SMME’s) in Gauteng
    (University of the Witwatersrand, Johannesburg, 2022) Kamanga, Edna Clara; Pillay, Kiru
    Cyber resilience is becoming increasingly vital for Small, Medium, and Micro Enterprises (SMMEs) to withstand and quickly recover from cyber threats. This qualitative study investigates the cyber resilience strategies, critical success factors, and best practices within SMMEs in Gauteng, South Africa. The research aims to understand SMMEs approach to cyber resilience and whether they incorporate all dimensions of the Cyber Resilience-Self Assessment Tool (CR- SAT), a framework specifically recommended for enhancing the cyber resilience of SMMEs. The study identifies key critical success factors that are prevalent among Gauteng’s SMMEs. The methodology involves semi-structured interviews with business owners, IT Managers, and cybersecurity experts within a variety of SMMEs in Gauteng. The selection of participants ensures representation across different industries to allow for comprehensive insights into the cyber resilience landscape within this economic sector. Thematic analysis of the interview data provides an in-depth understanding of the experiences, practices, and perceptions of cyber resilience among participants. Preliminary findings reveal that while some SMMEs demonstrate awareness and implementation of cyber resilience best practices, there is a varied degree of adoption concerning the CR-SAT framework. Several critical success factors emerge, these include adoption of best practices in implementation of training and awareness, risk management, business continuity, the implementation of incident response plans, outsourcing, dealing with credible vendors. However, the research also identifies significant gaps in knowledge and resource constraints, which impede full-scale implementation of recommended cyber resilience measures
  • Thumbnail Image
    Item
    Factors influencing cyber insurance adoption in South Africa industry
    (University of the Witwatersrand, Johannesburg, 2020) Mbatha, Nkosinathi Sphiwe
    Organisations are benefiting from the use of emerging digital technologies for improved efficiencies. These technologies are vulnerable to cyber-attacks resulting in breaches on organisational assets. Cyber-attacks necessitates boards and top management to strategically rethink their cybersecurity approaches to managing cyber risks. The purpose of the study was to explore the factors influencing cyber insurance adoption in the South African industry. The study adapted Technology-Organisation-Environment (TOE) theoretical framework to investigate cyber insurance adoption relevant to the South African context. The review of literature focused on the cybersecurity, cyber risk management, and cyber insurance phenomenon to understand the global and developing world landscape. The research design followed the systemic collection of qualitative data through semi-structured interview questions on the purposefully selected sample of professionals in the public and private sectors of the South African industry. The analysis and interpretation through categorisation of patterns of data collected enabled presentation and discussion of emerging themes resulting in findings. The key findings relate to effective cybersecurity awareness, organisational approach to managing cyber risks, as well as the nature of industry and compliance with legislation. The study established that the combination of effective cybersecurity awareness, the relationship between the strategic organisational approach to cybersecurity and top management support towards cyber risk management as well as compliance with legislation are the factors influencing cyber insurance adoption in the South African industry. In order to meet the research objectives, various conclusions were made. The study concluded that effective cybersecurity awareness must be viewed as a strategic imperative to enable organisations to operate securely. The study also concluded that organisations must proactively approach cybersecurity strategically thereby ensuring effective top management buy-in. The study concluded that the POPI Act is the primary driver of cyber insurance adoption in the South African industry.