Mobile bullying : investigating the non-technical factors that influence forensic readiness in township schools in South Africa

The increasing use of mobile devices by high school learners has resulted in increased networking activities for learners who take advantage of opportunities presented by mobile technologies. Mobile technology continues to play a key role in facilitating online interactions amongst South African youth, and some learners use mobile technology to enhance their learning capabilities. However, such electronic operations have also presented new risks particularly in the developing countries where online bullying is on the rise and investigations of such incidents or threats are expensive. Mobile bullying and lack of discipline of bullies, for instance, are major concerns in the society at large. To control these incidents, learners and teachers need to know what to do when incidents arise. The process of digital forensic investigation is typically left for those specialising in the field of digital forensics. Those responsible for learner's safety in schools are often faced with situations where they have to perform basic investigations or preserve evidence for incident escalation to the specialists. However, schools often do not prepare themselves well enough for the challenges relating to mobile bullying. They find themselves not knowing where to start or how to preserve evidence. Digital forensic investigations are even more challenging in school settings because of the dynamic nature of these environments. While studies have been conducted in the developed countries, little is still known about how schools in the developing world, for instance South Africa, may handle mobile bullying. Very little is known about how schools in the developing countries may maximise their potential to use digital evidence while minimising the impact resulting from the incident. There is limited guidance on how to be digital forensic ready in schools where teachers, learners, principals, and other role players are not trained well enough to deal with mobile bullying. The objective of this study was to provide insight into factors that enhance the non-technical forensic readiness program in township schools and the ability of teachers to investigate mobile bullying incidents. The study aimed at employing concepts of forensic readiness to ignite schools' ability to prepare for response to mobile bullying incidents and create a digital forensic ready learning environment. The study was conducted in South Africa, Limpopo and North West provinces. Five schools agreed to participate in this study; eighty-two valid responses were obtained from teachers. The study followed mixed methods approach to the theory

Aspects of Digital Forensics in South Africa

This paper explores the issues facing digital forensics in South Africa. It examines particular cyber threats and cyber threat levels for South Africa and the challenges in addressing the cybercrimes in the country through digital forensics. The paper paints a picture of the cy-bercrime threats facing South Africa and argues for the need to develop a skill base in digi-tal forensics in order to counter the threats through detection of cybercrime, by analyzing cybercrime reports, consideration of current legislation, and an analysis of computer foren-sics course provision in South African universities. The paper argues that there is a need to develop digital forensics skills in South Africa through university programs, in addition to associated training courses. The intention in this paper is to promote debate and discussion in order to identify the cyber threats to South Africa and to encourage the development of a framework to counter the threats – through legislation, high tech law enforcement structures and protocols, digital forensics education, digital forensics skills development, and a public and business awareness of cybercrime threats

Understanding the threat of cybercrime: A comparative study of cybercrime and the ICT legislative frameworks of South Africa, Kenya, India, the United States and the United Kingdom’

As broadband infrastructure investments in developing nations intensify and barriers to accessing the internet diminish, the more they increasingly become the quintessential destination for cybercrime. For their lax cyber laws and general cybercrime illiteracy, developing nations such as South Africa, Kenya, and India have become the destination of choice for cybercriminal enterprises. The focus of this dissertation is to comparatively analyse South Africa’s ICT regulatory framework against those of developing and developed nations and to determine its effectiveness in addressing the threat posed by cybercrime. This dissertation hopes to contribute towards establishing a greater understanding and appreciation of the scourge of cybercrime by studying the frameworks, structures, and arrangements, installed to safeguard against the threat of cybercrime in both developing nations, namely Kenya and India, and developed nations, namely the United States of America and the United Kingdom. Some of the key challenges identified in the dissertation, arising from the analysis of South Africa’s cyber laws and policy framework, point to legislation that is out of date and in desperate need of revision, a lack of definitional clarity for cybercrime related terminology, jurisdiction limitations to investigate international cybercrimes, no harmonisation with international laws, standards, and a poor record of implementing strategy and policies. The dissertation concludes that the battle against cybercrime cannot be won without first understanding what cybercrime is. Developing a common understanding of cybercrime and related terminology, and recommends the revision of the necessary ICT strategies, policies, and regulatory frameworks. Concluding international cooperation and mutual assistance agreements to assist with transnational cybercrime investigations and prosecutions is paramount. Establishing cross-sector, intra-ministerial, public-private, and multinational partnerships is also vital to managing the threat of cybecrime. Lastly, this dissertation recommends the development of dedicated cybersecurity and cybercrime mechanisms for the prosecution and safeguarding of the nation’s critical information infrastructure, the mission critical information of corporates and the personal information of citizens against cybercrime

A national cybersecurity management framework for developing countries

Abstract : Please refer to full text to view abstract.D.Phil. (Computer Science

Guidelines to address the human factor in the South African National Research and Education Network beneficiary institutions

Even if all the technical security solutions appropriate for an organisation’s network are implemented, for example, firewalls, antivirus programs and encryption, if the human factor is neglected then these technical security solutions will serve no purpose. The greatest challenge to network security is probably not the technological solutions that organisations invest in, but the human factor (non-technical solutions), which most organisations neglect. The human factor is often ignored even though humans are the most important resources of organisations and perform all the physical tasks, configure and manage equipment, enter data, manage people and operate the systems and networks. The same people that manage and operate networks and systems have vulnerabilities. They are not perfect and there will always be an element of mistake-making or error. In other words, humans make mistakes that could result in security vulnerabilities, and the exploitation of these vulnerabilities could in turn result in network security breaches. Human vulnerabilities are driven by many factors including insufficient security education, training and awareness, a lack of security policies and procedures in the organisation, a limited attention span and negligence. Network security may thus be compromised by this human vulnerability. In the context of this dissertation, both physical and technological controls should be implemented to ensure the security of the SANReN network. However, if the human factors are not adequately addressed, the network would become vulnerable to risks posed by the human factor which could threaten the security of the network. Accordingly, the primary research objective of this study is to formulate guidelines that address the information security related human factors in the rolling out and continued management of the SANReN network. An analysis of existing policies and procedures governing the SANReN network was conducted and it was determined that there are currently no guidelines addressing the human factor in the SANReN beneficiary institutions. Therefore, the aim of this study is to provide the guidelines for addressing the human factor threats in the SANReN beneficiary institutions

A Coordinated Communication & Awareness Approach for Information Security Incident Management: An Empirical Study on Ethiopian Organizations

The coordination of communication and awareness efforts in the process of Information Security Incident Management (ISIM) has been identified as a critical means of enhancing information security protection in organizations. This paper aims to explore the nuances of organizational information security with respect to the coordination of communication and awareness efforts among organizational stakeholders towards achieving a shared, interactive, and participatory ISIM. According to the findings of the study in the organizations sampled, it has been identified that reporting, communication, and awareness efforts within ISIM were found to be largely uncoordinated. The exploratory findings provided a rationale for the proposal of a conceptual model. The model would unify and subsume situational awareness and interactive modes of communication toward improving the coordination of awareness and communication efforts among stakeholders in the management of information security incidents

Reporting racism: what you say matters

This project seeks to understand the type of experiences people have, and the extent and nature of material that people experience that is racist or vilifying. It aims to raise awareness of racism and to build capacity for victims and bystanders to report racism and vilification when they experience it. Some people think racism doesn’t happen anymore, or that it is a rare and isolated incident. However, the Commission regularly receives stakeholder feedback and complaints from Victorians who are confronted with behaviour that is intimidating, abusive and vilifying because of their racial or religious background. For many people, it is the daily, sometimes unconscious but persistent, racism they face, that has the most profound impact. In 2012 the Commission ran an on-line survey. 227 people took part. As well as providing evidence of racism and vilification the survey helped to identify actions and solutions that we can all take to help address racism and vilification. In addition, key informant interviews were undertaken with peak and community organisations in Victoria to understand both the prevalence and severity of racist conduct within their communities. The Commission also reviewed and collected incidents of racial and religious hate speech online and in the media, including in social media sites. To collect evidence on the nature and extent of racism in Victoria, the Commission conducted an online survey, interviews with a broad range of community stakeholders and a review of online content. This project seeks to understand the type of experiences people have, and the extent and nature of material that people see, experience, hear, are sent or simply come across in their daily lives that is racist or vilifying. This might include flyers and stickers, graffiti, websites, blog material, verbal abuse or other treatment that people experience as racism or vilification because of their race or religion

A framework to integrate information and communication technology security awareness into the South African education system

Text in EnglishThere is general consensus about the importance of Information and Communication Technology (ICT) security in South Africa. This consensus is evident from initiatives related to the formulation of legislation and policies like the Electronic Communications and Transactions (ECT) Act and the National Cyber Security Policy. A number of South African academic institutions have also come on board with initiatives aimed at enhancing ICT security awareness all over the country. In fact, ICT security awareness has been classified as an important component of South Africa’s national security. Many countries use ICT to improve and enhance the standard of their education systems. A number of scholars in South Africa have conducted studies with the aim of proving that ICT can play a major role in improving the quality of education in the country. The research in hand investigates the lack of integration of ICT security awareness into the South African education system. The literature review that was conducted reveals that there is a huge problem especially when it comes to the integration of ICT security awareness into the South African schooling system. The advancement of technology has come with a number of advantages and disadvantages. The easy access to information via the internet, coupled by unsupervised access to instant messaging applications (Skype, MXiT) and social media platforms (Facebook, Twitter and many more), hugely increases the vulnerability of school learners to ICT security attacks and ICT-related crime. The current research therefore investigates the vulnerability caused by the lack of ICT security awareness among school learners as one of the main disadvantages of the advancement of information technology. An analysis of existing models and frameworks in the two spheres of ICT, namely education and ICT security was conducted. The aim was to determine any similarities or overlap between these spheres and to determine whether the existing ICT models and frameworks are relevant to South Africa. The analysis showed a significant disparity and inconsistency between the two spheres and proved that there is a definite need for a framework (relevant to South Africa) that can be used for the integration of ICT security awareness into South African education. Hence, the researcher proposed a more integrated approach in the form of a framework that is directed at South African school learners, based on an in-depth literature review of past scholarly work, models and frameworks. Having reviewed a number of existing models and frameworks, and identifying the potential gaps, the researcher proposed a framework to address the lack of integration of ICT security awareness into the South African education system. The proposed framework, called the South African ICT Security Awareness Framework for Education (SAISAFE), was reviewed for its potential applicability in the South African context, and the results of the literature review analysis are reported to support the analysis of models and frameworks.School of ComputingM. A. (Computing

Barriers to implementation of the (SA) National Cybersecurity Policy Framework

Thesis (M.M. (Security))--University of the Witwatersrand, Faculty of Commerce, Law and Management, Graduate School of Public and Development Management, 2016Technological advancement have seen South African government departments, state owned entities and private companies using cyberspace as a platform of interaction and the storage of information. Technological advancements have a positive impact due to the compression of space, time and thereby ensuring fastpaced interaction across borders. These technological advancements have, however resulted in most organisations, both private and public, becoming prone to cybercrimes and related incidents. In an initiative aimed at countering these threats, the South African government has passed various laws. The National Cybersecurity Policy Framework (NCPF) is a South African Policy framework aimed at countering an increase in the occurrence of cybercrimes and related incidents. This research analyses the status in the implementation of the NCPF objectives allocated to the Department of Telecommunications and Postal Services (DTPS). Then the barriers in the Implementation are unpacked guided by the literature reviewed and finally recommendations on how to counter the identified barriers are provided post the data collection. The report firstly provides an outline of the global perspectives on cybersecurity which is followed by the regional cybersecurity measures, and then the national cybersecurity measures proposed by the South African Government department are outlined. The latter parts of the report focuses on the NCPF in terms of its scope, goals, objectives and stakeholders. Finally, focus is shifted to the DTPS as a chosen area of research wherein data was collected in a form of one-on-one, semi-structured interviews with relevant parties. The results of this research are presented as a narrative description that is synthesised to develop the theoretical conjecture and empirical generalisation of the entire research. This research uncovered that there are numerous barriers in the implementation of the NCPF both within the DTPS as well as between the DTPS and various stakeholders entrusted with the implementation responsibility. The last chapter consists of general conclusions made by the researcher based on the research conducted which is then followed by recommended countermeasures which will be communicated to the DTPS as well as all stakeholders who will be affected by the proposed recommendations.GR201