A framework to integrate information and communication technology security awareness into the South African education system

Text in EnglishThere is general consensus about the importance of Information and Communication Technology (ICT) security in South Africa. This consensus is evident from initiatives related to the formulation of legislation and policies like the Electronic Communications and Transactions (ECT) Act and the National Cyber Security Policy. A number of South African academic institutions have also come on board with initiatives aimed at enhancing ICT security awareness all over the country. In fact, ICT security awareness has been classified as an important component of South Africa’s national security. Many countries use ICT to improve and enhance the standard of their education systems. A number of scholars in South Africa have conducted studies with the aim of proving that ICT can play a major role in improving the quality of education in the country. The research in hand investigates the lack of integration of ICT security awareness into the South African education system. The literature review that was conducted reveals that there is a huge problem especially when it comes to the integration of ICT security awareness into the South African schooling system. The advancement of technology has come with a number of advantages and disadvantages. The easy access to information via the internet, coupled by unsupervised access to instant messaging applications (Skype, MXiT) and social media platforms (Facebook, Twitter and many more), hugely increases the vulnerability of school learners to ICT security attacks and ICT-related crime. The current research therefore investigates the vulnerability caused by the lack of ICT security awareness among school learners as one of the main disadvantages of the advancement of information technology. An analysis of existing models and frameworks in the two spheres of ICT, namely education and ICT security was conducted. The aim was to determine any similarities or overlap between these spheres and to determine whether the existing ICT models and frameworks are relevant to South Africa. The analysis showed a significant disparity and inconsistency between the two spheres and proved that there is a definite need for a framework (relevant to South Africa) that can be used for the integration of ICT security awareness into South African education. Hence, the researcher proposed a more integrated approach in the form of a framework that is directed at South African school learners, based on an in-depth literature review of past scholarly work, models and frameworks. Having reviewed a number of existing models and frameworks, and identifying the potential gaps, the researcher proposed a framework to address the lack of integration of ICT security awareness into the South African education system. The proposed framework, called the South African ICT Security Awareness Framework for Education (SAISAFE), was reviewed for its potential applicability in the South African context, and the results of the literature review analysis are reported to support the analysis of models and frameworks.School of ComputingM. A. (Computing

The “three M’s” counter-measures to children’s risky online behaviors:mentor, mitigate and monitor

PurposeThe purpose of this paper is to scope the field of child-related online harms and to produce a resource pack to communicate all the different dimensions of this domain to teachers and carers.Design/methodology/approachWith children increasingly operating as independent agents online, their teachers and carers need to understand the risks of their new playground and the range of risk management strategies they can deploy. Carers and teachers play a prominent role in applying the three M’s: mentoring the child, mitigating harms using a variety of technologies (where possible) and monitoring the child’s online activities to ensure their cybersecurity and cybersafety. In this space, the core concepts of “cybersafety” and “cybersecurity” are substantively different and this should be acknowledged for the full range of counter-measures to be appreciated. Evidence of core concept conflation emerged, confirming the need for a resource pack to improve comprehension. A carefully crafted resource pack was developed to convey knowledge of risky behaviors for three age groups and mapped to the appropriate “three M’s” to be used as counter-measures.FindingsThe investigation revealed key concept conflation, and then identified a wide range of harms and countermeasures. The resource pack brings clarity to this domain for all stakeholders.Research limitations/implicationsThe number of people who were involved in the empirical investigation was limited to those living in Scotland and Nigeria, but it is unlikely that the situation is different elsewhere because the internet is global and children’s risky behaviors are likely to be similar across the globe.Originality/valueOthers have investigated this domain, but no one, to the authors’ knowledge, has come up with the “Three M’s” formulation and a visualization-based resource pack that can inform educators and carers in terms of actions they can take to address the harms

Analysis of a South African cyber-security awareness campaign for schools using interdisciplinary communications frameworks

To provide structure to cyber awareness and educational initiatives in South Africa, Kortjan and Von Solms (2014) developed a five-layer cyber-security awareness and education framework. The purpose of the dissertation is to determine how the framework layers can be refined through the integration of communication theory, with the intention to contribute towards the practical implications of the framework. The study is approached qualitatively and uses a case study for argumentation to illustrate how the existing framework can be further developed. Drawing on several comprehensive campaign planning models, the dissertation illustrates that not all important campaign planning elements are currently included in the existing framework. Proposed changes in the preparation layer include incorporating a situational and target audience analysis, determining resources allocated for the campaign, and formulating a communication strategy. Proposed changes in the delivery layer of the framework are concerned with the implementation, monitoring and adjustment, as well as reporting of campaign successes and challenges. The dissertation builds on, and adds to, the growing literature on the development of campaigns for cyber-security awareness and education aimed at children

Cybersafety guidelines to prepare South African schools for the 4th Industrial Revolution

M.Ed. (ICT in Education)Abstract: Technology has become one of the driving forces behind what people do and how they do it. Technology is changing all aspects of human interaction, work-related processes and information sharing. Technology has allowed people to create global networks, print objects in 3D, create digital currencies and created virtual online worlds (cyberspace). Cyberspace allows billions of people across the globe to instantly connect, without boundaries, to anywhere in the world. Instant messages, videos and documents can be uploaded to cyberspace and shared to all other cyber users who are connected. Connectivity has become the focus of world economies and personal interactions and the basis for online social communities. Technological devices have become cheaper and more available to individuals and the cost of accessing cyberspace is slowly becoming affordable across the world. Information and Communication Technologies (ICT) has changed reality as we know it. The advantages of ICT are enormous to industries and governments, as well individual cyber users. Education, online banking, shopping, socialising and work are some of the actions that have changed for the better due to technology..

Effective Online Safety Awareness for Young People in Less Developed Countries

In less developed countries (LDCs) there is a research deficit on the positive and negative aspects of their respective emerging digital cultures. Education programmes that seek to raise awareness of online safety, needs to be based on evidence and not simply transposed from other countries as the issues involved may be very different. Thailand, in particular, has very little data that can be used to create meaningful educational material. This was determined after a thorough literature review which found that most of the research has been carried out in the advanced economies of North America, Europe and Australasia. By contrast in South East Asia very little research had been carried out. This research proposes an integrative security awareness education framework for emerging digital cultures. It was constructed from the ground up so that it would be evidence led. In the first phase, a survey of the online behaviour and attitudes of young people in Thai schools was undertaken. Between November 2016 and June 2018, 352 students aged between 12 and 18 completed a comprehensive online questionnaire. In addition, 25 students were interviewed and asked to describe their online experiences both good and bad. From the survey it was found that 69% of students had been upset by an online interaction with 55% experiencing some form of cyber-bullying. They were also exposed to potentially harmful content. At least a third or more had seen posts or discussions on; committing suicide, self harm, being very thin, sexual images and hate messages against individuals and groups. In terms of mediation the interviews revealed a slightly different picture than the one painted in the survey. In the latter, young people suggested that they did sometimes talk to their parents and teachers about upsetting experiences. In the interviews most said that they did not tell their parents or teachers about negative online interactions. This was backed up during the workshops with most reasoning that what they were going through was not important enough to tell a parent or teacher or that they might be the ones that get blamed. They would either stay silent or tell a close friend. A series of online safety workshops were carried out structured around the theme of cyber-bullying as that was the standout issue from the surveys and interviews. An action-research approach was taken to determine what kind of activities would be best to engage Thai students. Activities that were based around active learning strategies like gamification (i.e. using elements of game design) and involving cooperation or competition proved the most successful. Activities where students had to present something or be involved in classroom discussions did not fare too well. The resulting education framework from the field research consists of themes and topics that are relevant to LDCs as well as the type of activities that works best. A novel component, ‘Cultural Mask’ was added to the framework. This looks at the influence of a country’s culture and its impact on education. In Thailand this includes the Sufficiency Economy Philosophy (SEP). In the education sector, SEP schools should promote student centric learning with creativity, critical thinking and problem solving amongst other goals. Knowledge they learn should lead to the betterment of their school and community. Therefore, the education framework can be adapted to reflect the SEP goals. In other LDCs by working through the education framework, awareness programmes can be developed that will be effective and culturally relevant

A cybersafety educational framework for primary school learners in South Africa

Information and communication technologies (ICTs) have made life much easier for many people but have also brought many dangers to the world. School learners are amongst the users of ICT who are becoming cyber citizens. This age is good at exploring new things, with a growing number of school learners having access to ICT devices, such as mobile phones, tablets and desktop computers. This is due to the affordability of mobile phones, which they normally receive as gifts from their parents. Due to easy access of ICT, school learners can now access cyberspace which offers them many advantages and benefits. Such advantages and benefits include having a platform to socialise, improved and ease of access to information as well as improving their learning. Despite these benefits, school learners (primary school learners in particular) are prone to falling victim to a range of cyber risks and attacks since cyberspace is an unregulated platform that poses many potential dangers Common cybersafety threats associated with school learners include cyberbullying, sexting/“sextortion”, engaging with strangers, accessing inappropriate content and being exposed to a breach of privacy. Because the cybersafety of children, especially primary school learners, is often compromised, there is a need to protect them from the threats associated with ICT. However, protecting children from the aforementioned cybersafety threats is complicated because access to cyberspace is no longer confined to the home computer, but has extended to mobile phones, which are even more pervasive. Therefore, it is essential for school learners to be educated on how to protect themselves and their information in the virtual computer world. A number of developed countries like Australia, New Zealand, Canada, United States of America (USA) and United Kingdom (UK) have included cybersafety education in their school curricula. Similarly, the rapid growth of the Internet around the world, allowed some countries in Africa to take the initiative to start implementing cybersafety education in schools including Mauritius, Tunisia, Kenya, Ghana, Mozambique, Cameroon, Egypt and Rwanda. Countries like Uganda, Sudan, Morocco and South Africa are still facing challenges in this aspect. This study is focused on the cybersafety of primary school learners in the South African context

A cybersafety educational framework for primary school learners in South Africa

Information and communication technologies (ICTs) have made life much easier for many people but have also brought many dangers to the world. School learners are amongst the users of ICT who are becoming cyber citizens. This age is good at exploring new things, with a growing number of school learners having access to ICT devices, such as mobile phones, tablets and desktop computers. This is due to the affordability of mobile phones, which they normally receive as gifts from their parents. Due to easy access of ICT, school learners can now access cyberspace which offers them many advantages and benefits. Such advantages and benefits include having a platform to socialise, improved and ease of access to information as well as improving their learning. Despite these benefits, school learners (primary school learners in particular) are prone to falling victim to a range of cyber risks and attacks since cyberspace is an unregulated platform that poses many potential dangers Common cybersafety threats associated with school learners include cyberbullying, sexting/“sextortion”, engaging with strangers, accessing inappropriate content and being exposed to a breach of privacy. Because the cybersafety of children, especially primary school learners, is often compromised, there is a need to protect them from the threats associated with ICT. However, protecting children from the aforementioned cybersafety threats is complicated because access to cyberspace is no longer confined to the home computer, but has extended to mobile phones, which are even more pervasive. Therefore, it is essential for school learners to be educated on how to protect themselves and their information in the virtual computer world. A number of developed countries like Australia, New Zealand, Canada, United States of America (USA) and United Kingdom (UK) have included cybersafety education in their school curricula. Similarly, the rapid growth of the Internet around the world, allowed some countries in Africa to take the initiative to start implementing cybersafety education in schools including Mauritius, Tunisia, Kenya, Ghana, Mozambique, Cameroon, Egypt and Rwanda. Countries like Uganda, Sudan, Morocco and South Africa are still facing challenges in this aspect. This study is focused on the cybersafety of primary school learners in the South African context

Towards a framework to promote the development of secure and usable online information security applications

The proliferation of the internet and associated online activities exposes users to numerous information security (InfoSec) threats. Such online activities attract a variety of online users who include novice computer users with no basic InfoSec awareness knowledge. Information systems that collect and use sensitive and confidential personal information of users need to provide reliable protection mechanisms to safeguard this information. Given the constant user involvement in these systems and the notion of users being the weakest link in the InfoSec chain, technical solutions alone are insufficient. The usability of online InfoSec systems can play an integral role in making sure that users use the applications effectively, thereby improving the overall security of the applications. The development of online InfoSec systems calls for addressing the InfoSec problem as a social problem, and such development must seek to find a balance between technical and social aspects. The research addressed the problem of usable security in online InfoSec applications by using an approach that enabled the consideration of both InfoSec and usability in viewing the system as a socio-technical system with technical and social sub-systems. Therefore, the research proposed a socio-technical framework that promotes the development of usable security for online information systems using online banking as a case study. Using a convergent mixed methods research (MMR) design, the research collected data from online banking users through a survey and obtained the views of online banking developers through unstructured interviews. The findings from the two research methods contributed to the selection of 12 usable security design principles proposed in the sociotechnical information security (STInfoSec) framework. The research contributed to online InfoSec systems theory by developing a validated STInfoSec framework that went through an evaluation process by seven field experts. Although intended for online banking, the framework can be applied to other similar online InfoSec applications, with minimum adaptation. The STInfoSec framework provides checklist items that allow for easy application during the development process. The checklist items can also be used to evaluate existing online banking websites to identify possible usable security problems.Computer ScienceD. Phil. (Computer Science