a cyber- security portal for southern africa dr. johan van niekerk & prof. rossouw von solms
TRANSCRIPT
![Page 1: A Cyber- Security Portal for Southern Africa Dr. Johan van Niekerk & Prof. Rossouw von Solms](https://reader030.vdocuments.site/reader030/viewer/2022032604/56649e6b5503460f94b68c23/html5/thumbnails/1.jpg)
A Cyber-Security Portal for Southern
Africa
Dr. Johan van Niekerk
&
Prof. Rossouw von Solms
![Page 2: A Cyber- Security Portal for Southern Africa Dr. Johan van Niekerk & Prof. Rossouw von Solms](https://reader030.vdocuments.site/reader030/viewer/2022032604/56649e6b5503460f94b68c23/html5/thumbnails/2.jpg)
Agenda
BackgroundWhy a Portal?Overview
• Information security governance toolbox• E-learning portal• Awareness Game• E-learning for children• Resource Portal
Future work
![Page 3: A Cyber- Security Portal for Southern Africa Dr. Johan van Niekerk & Prof. Rossouw von Solms](https://reader030.vdocuments.site/reader030/viewer/2022032604/56649e6b5503460f94b68c23/html5/thumbnails/3.jpg)
Background
The Internet • Brought many advantages• Used both at home and in organizations• Not only used by the rich or educated
Internet Usage in South Africa• 8.6% of entire population (World Bank, 2010)
• 83% of low-income urban black youths (Kreutzer, 2009)
• All sectors of the population- Young/old, poor/rich, educated/uneducated, rural/urban
• Many platforms- PC, Mobile phones, Mxit, etc
![Page 4: A Cyber- Security Portal for Southern Africa Dr. Johan van Niekerk & Prof. Rossouw von Solms](https://reader030.vdocuments.site/reader030/viewer/2022032604/56649e6b5503460f94b68c23/html5/thumbnails/4.jpg)
Background
Internet also brought many RISKSOrganizations address these risks through “Information
Security”• Typically controls are selected from a standard like
ISO/IEC 27002• Three categories of controls
- Physical- Technical- Operation
• Physical & Technical Controls depend on Operational controls
• Thus all controls depend on humans
![Page 5: A Cyber- Security Portal for Southern Africa Dr. Johan van Niekerk & Prof. Rossouw von Solms](https://reader030.vdocuments.site/reader030/viewer/2022032604/56649e6b5503460f94b68c23/html5/thumbnails/5.jpg)
Background
Organizations• Information Security Awareness, Training & Education• Smaller organizations might lack resources
Home Users• Currently no Cyber Security Education
Society as a whole needs to develop a Cyber Security culture• Children are usually taught about physical security or
financial security by their parents• Current parents are possibly even less equipped than their
children to be secure online• Last year alone 4400 cases of identity theft were reported to
the SAFPS (More than R200 million in fraud)
![Page 6: A Cyber- Security Portal for Southern Africa Dr. Johan van Niekerk & Prof. Rossouw von Solms](https://reader030.vdocuments.site/reader030/viewer/2022032604/56649e6b5503460f94b68c23/html5/thumbnails/6.jpg)
Why a Portal?
There is a need for Cyber-Security education for all Southern Africans
A “one size fits all” approach won’t work for everyone
![Page 7: A Cyber- Security Portal for Southern Africa Dr. Johan van Niekerk & Prof. Rossouw von Solms](https://reader030.vdocuments.site/reader030/viewer/2022032604/56649e6b5503460f94b68c23/html5/thumbnails/7.jpg)
A Cyber Security Portal
We are developing a Cyber Security Portal (Institute for ICT Advancement at the Nelson Mandela Metropolitan University)
This portal consists of several sub-projects• A web-based information security governance toolbox• A pedagogically sound e-learning portal for basic
information security education• A web-based game to raise awareness about information
security in organizations• An e-learning portal catering for the specific needs of
children and teenagers• An information security resource portal
![Page 8: A Cyber- Security Portal for Southern Africa Dr. Johan van Niekerk & Prof. Rossouw von Solms](https://reader030.vdocuments.site/reader030/viewer/2022032604/56649e6b5503460f94b68c23/html5/thumbnails/8.jpg)
Information security governance toolbox
Information security governance • Expensive• Requires staff • & other resources
An information security policy requires• Expertise to create• Compliance
Smaller organizations may lack resources and/or knowledge
![Page 9: A Cyber- Security Portal for Southern Africa Dr. Johan van Niekerk & Prof. Rossouw von Solms](https://reader030.vdocuments.site/reader030/viewer/2022032604/56649e6b5503460f94b68c23/html5/thumbnails/9.jpg)
Information security governance toolbox
We’re creating a Web-based Toolset• Automatic policy generation• Compliance measurement• Digital “dashboard”• Low Cost
Based on a framework & existing desktop toolset developed over several years• Redevelopment of PC Based “consulting tool” to “self
service” web based tool
![Page 10: A Cyber- Security Portal for Southern Africa Dr. Johan van Niekerk & Prof. Rossouw von Solms](https://reader030.vdocuments.site/reader030/viewer/2022032604/56649e6b5503460f94b68c23/html5/thumbnails/10.jpg)
A pedagogically sound e-learning portal
Current information security education lacks pedagogical basis (Puhakainen, 2006)
No current program targets home users• Social networking• Internet banking• Etc
Moodle 2.0 Portal• Free access to basic education• Brain compatible learning principles• Activities planned according to learning taxonomies
![Page 11: A Cyber- Security Portal for Southern Africa Dr. Johan van Niekerk & Prof. Rossouw von Solms](https://reader030.vdocuments.site/reader030/viewer/2022032604/56649e6b5503460f94b68c23/html5/thumbnails/11.jpg)
A web-based awareness game
Information Security often not seen as a core business component
Employees lack motivation to learn about securityAddress motivational issues by making security awareness
“fun”Game design based on sound educational gaming research
• Employees compete in virtual “race” over 2 weeks• Daily clues• Use of Google Maps and other tools to simulate race• Leaderships boards & Daily + Weekly prizes
Framework to be tested towards end of 2011• Can be customized for other organizations
![Page 12: A Cyber- Security Portal for Southern Africa Dr. Johan van Niekerk & Prof. Rossouw von Solms](https://reader030.vdocuments.site/reader030/viewer/2022032604/56649e6b5503460f94b68c23/html5/thumbnails/12.jpg)
E-learning portal for children
Children have specific Cyber Security needs• Social Networking• Mxit, etc
Parents lack knowledgePortal will provide
• Games• Age relevant Cyber Security material
For Parents• Information brochures• Parental control tools
![Page 13: A Cyber- Security Portal for Southern Africa Dr. Johan van Niekerk & Prof. Rossouw von Solms](https://reader030.vdocuments.site/reader030/viewer/2022032604/56649e6b5503460f94b68c23/html5/thumbnails/13.jpg)
Information security resource portal
Research papers Information Security Standards Informational brochuresContact information for research collaborationLinks to “other” cyber security research projects
![Page 14: A Cyber- Security Portal for Southern Africa Dr. Johan van Niekerk & Prof. Rossouw von Solms](https://reader030.vdocuments.site/reader030/viewer/2022032604/56649e6b5503460f94b68c23/html5/thumbnails/14.jpg)
Aims of the portal
The aim of this portal is to be a single point of access for all free, or low-cost, cyber & information security related resources in
Southern Africa
![Page 15: A Cyber- Security Portal for Southern Africa Dr. Johan van Niekerk & Prof. Rossouw von Solms](https://reader030.vdocuments.site/reader030/viewer/2022032604/56649e6b5503460f94b68c23/html5/thumbnails/15.jpg)
Questions / Comments
?