Cybersecurity knowledge requirements for a water sector employee

Abstract: Critical infrastructure in South Africa remains highly vulnerable to cybercrime threats due to a poor cyber -crime fighting capacity and a lack of a strong cybersecurity policy. South Africa appears to have lagged behind in terms of securing and defending cyberspace, despite the country’s reliability and its interconnectedness to the Internet. Furthermore, the rapid increase in remote working owing to Covid-19 has raised cybersecurity concerns, the prevalence of cybersecurity assaults and cybercrime has substantially increased, and state organizations have recently been victim to cyber-attacks. Cyber threats can be defined as attempting to gain unauthorized access to infrastructure systems through data communication pathways in an unauthorized manner. Globally, the water and wastewater sector were ranked number four in the global security incidents based on the Repository of Industrial Security Incidents. To date, systems that can protect themselves without involving human element has not yet been realized, as a consequence, systems are prone to be threatened by random or organized crimes through preying on humans. There is therefore a need to examine internal procedures and protection mechanisms to prevent cyber-attacks. Research shows that humans are the weakest link in cyberspace security as the internet users as well as the only guardian of computers and organizational network. This research presents the findings of a systematic literature review conducted to assess the cybersecurity knowledge required for a general employee in the water sector. This research further proposes a framework for determining the minimum knowledge required of a general employee in the water sector in order to protect the critical infrastructure. A systematic literature review was adopted from which this research followed the guidelines and procedures from the Cochrane handbook for Systematic Reviews of Interventions. Following the rigorous process and procedure of the systematic literature review, the final studies chosen for analysis and synthesis amounted to 23 out of the initial collected 2013 studies. Thematic analysis was used to examine the 23 studies. Following the analysis, eight themes for challenges were identified, the blocks of cybersecurity knowledge that employees must have been identified as: 1) Security breaches, 2) Unauthorized access, 3) Negligence, 4) Social Engineering, 5) Malicious insider, 6) Malware/Ransomware, 7) Stolen credentials, and 8) Denial of service. Furthermore, four themes for mitigating the eight identified cybersecurity challenges were identified as: 1) Cybersecurity knowledge and skills, 2) Cybersecurity awareness, 3) Cybersecurity culture and 4) Cybersecurity training. The first theme (cybersecurity knowledge and skills) assisted in identifying the cybersecurity knowledge required for employees. The second theme (cybersecurity awareness) and the third theme (cybersecurity culture) looked at finding meaning in what organisations can do to urge cybersecurity culture and awareness. Overall, the first, second and third themes assisted in answering the research question. The fourth and last theme focused on identifying the types of general employee cybersecurity training methods that can be undertaken to improve cyber resilience. The identified challenges and the mitigations were further used to develop a model to train employees in cybersecurity, the model will benefit the water sector by identifying key aspects to train employees in order to reduce the intrusion into cyber systems and processes that are used to run and operate critical infrastructure.M.Phil. (Engineering Management