Please use this identifier to cite or link to this item: https://etd.cput.ac.za/handle/20.500.11838/4080
DC FieldValueLanguage
dc.contributor.advisorCronjé, Johannes C.en_US
dc.contributor.advisorFrancke, Errol Rolanden_US
dc.contributor.authorOkigui, Hugues Hermannen_US
dc.date.accessioned2024-04-30T07:30:06Z-
dc.date.available2024-04-30T07:30:06Z-
dc.date.issued2023-
dc.identifier.urihttps://etd.cput.ac.za/handle/20.500.11838/4080-
dc.descriptionThesis (MTech (Information Technology))--Cape Peninsula University of Technology, 2023en_US
dc.description.abstractn the contemporary digital landscape, cyber-attacks and incidents have placed cyber-security at the forefront of priorities in organizations. As organizations face cyber risks, it becomes imperative to implement and comply with various cyber-security policies. However, due to factors such as policy complexity and resistance from employees, compliance can be a challenging task. The study investigated the variables that affect an organization's adherence to cyber-security policies. A case study design was chosen as part of a qualitative approach to answer the research question. For data gathering, semi-structured interviews were performed, and existing documents were also considered when available to supplement interviews. The gathered data was meticulously organized, coded, and analyzed using the Actor-Network Theory perspective, with a focus on its four moments of translation: problematization, interessement, enrolment, and mobilization. The analysis revealed that insider threats and phishing attempts are the two cyber threats that affect organizations, behavioral challenges and enforcement limitations are factors influence and contribute to the non-compliance of cyber-security policy, phishing exercises and policy development process are used to enforce cyber-security policies. The study concludes that both insider Threats, involving staff or internal end-users, and Phishing Attempts perpetrated by external individuals, pose significant risks to organizations. Despite awareness initiatives, behavioral challenges persist among internal end-users, which complicate adherence to available security measures. A one-size-fit cyber-security policies are sometimes inadequate due to the diversity in business sectors, necessitating a tailored solution. Periodic phishing exercises serve to evaluate the readiness of internal end-users or staff, and identify areas for improvements. Ultimately, for effectiveness, cyber-security policies development process should follow a collaborative and inclusive approach where organization stakeholders will be participating.en_US
dc.language.isoenen_US
dc.publisherCape Peninsula University of Technologyen_US
dc.subjectBusiness enterprises -- Computer securityen_US
dc.subjectBusiness enterprises -- Computer networks -- Security measuresen_US
dc.subjectData protectionen_US
dc.subjectInternet -- Security measuresen_US
dc.subjectInternet -- Safety measuresen_US
dc.titleAn analysis of cyber-security policy compliance in organisationsen_US
dc.typeThesisen_US
Appears in Collections:Information Technology - Master's Degree
Files in This Item:
File Description SizeFormat 
Okigui_Hugues_210051124.pdf860.41 kBAdobe PDFView/Open
Show simple item record

Page view(s)

145
Last Week
13
Last month
41
checked on Nov 19, 2024

Download(s)

88
checked on Nov 19, 2024

Google ScholarTM

Check


Items in Digital Knowledge are protected by copyright, with all rights reserved, unless otherwise indicated.