IAA Digital Repository
ASSESSING THE SIGNIFICANCE OF CIA TRIAD SECURTY MODEL IN ESTABLISHNG ICT SECURTY CONTROLS IN THE PUBLIC SECTOR;
- DSpace Home
- →
- Thesis and Dissertations
- →
- MASTERS
- →
- MBA (INFORMATION TECHNOLOGY MANAGEMENT
- →
- View Item
JavaScript is disabled for your browser. Some features of this site may not work without it.
| dc.contributor.author | HIZA, Dismas. | |
| dc.date.accessioned | 2024-01-26T09:36:33Z | |
| dc.date.available | 2024-01-26T09:36:33Z | |
| dc.date.issued | 2022 | |
| dc.identifier.uri | http://dspace.iaa.ac.tz:8080/xmlui/handle/123456789/2245 | |
| dc.description | SUPERVISOR :CHOGO,Pamela | en_US |
| dc.description.abstract | The ICT advancement in Tanzania's public sector has caused an increase in cyber security threats in terms of confidentiality, integrity, and availability of information. The statistics show cyber security threats index level of Tanzania is not stable at a low point. This means that there are some security vulnerabilities which have to be researched and recommended security controls against them. Therefore, the study aimed to assess vulnerabilities, exploit them, and suggest strong security controls which could fix the observed weaknesses. The research was designed (structured) as a case study of the Shinyanga public sector and their efforts to avoid cyber-attacks based on Confidentiality, Integrity and Availability (CIA) of information. This research focuses on the phenomena of public sector firms taking preventive measures against cyber security incidents. For the case of population, the study targeted the employees of two public organizations, which are KASHWASA and SHUWASA. The ICT unit heads, Cyber security specialists, and other ICT users were included in the population. The sample size was 105 respondents, which were obtained by purposive, simple, and random sampling techniques. The study was approached quantitatively, where both primary and secondary data were collected for analysis. Primary data were collected through a questionnaire and penetration test, while secondary data were collected from other researchers' works. Ms Excel and STATA were the tools used for data analysis, which was followed by interpretation. The conclusion showed the existence of vulnerabilities in terms of users, infrastructure, and documents. Users' awareness of cyber security was too low to stand against cyber attack techniques such as Social Engineering etc. However, the infrastructure was found vulnerable to attacks like DOS, payload and others Moreover, ICT documents were not fully operationalized, so the users were utilizing ICT resources without adhering to guidelines. According to the findings obtained, the researcher recommended strong security controls to be established to secure public sector information by considering confidentiality, integrity, and availability. | en_US |
| dc.language.iso | en | en_US |
| dc.publisher | Institute of accountancy Arusha (iaa) | en_US |
| dc.subject | CIA TRIAD SECURITY MODEL | en_US |
| dc.title | ASSESSING THE SIGNIFICANCE OF CIA TRIAD SECURTY MODEL IN ESTABLISHNG ICT SECURTY CONTROLS IN THE PUBLIC SECTOR; | en_US |
| dc.title.alternative | A CASE STUDY OF SHINYANGA REGION | en_US |
| dc.type | Thesis | en_US |
