Factors that Contributes Information Security Vulverabilities in Public Organization

Abstract

The study sought to investigate factors that contribute information security vulnerabilities in public organizations: A case of TEMDO and TAEC - Arusha. The study established the external organizational factors that may contribute to information security vulnerabilities in public organizations. The study also determined internal organizational factors that may contribute to information security vulnerabilities in public organizations. Descriptive cross-sectional survey research design was useful for collecting data and techniques used in analysis. Data was collected using administered questionnaires and interviews. Data was analysed using IBM SPSS Version 25 for descriptive and inferential statistics. The results from the analysis revealed that externally, attacker-victim remoteness, presence of skilled and knowledgeable hackers and fake offers on the internet to share security credentials contribute to information security vulnerabilities in public organizations. The findings unveiled that internally, employees action derived for personal financial gains, ease to execute and available internet tools, disgruntled employees launching retaliatory attacks to sabotage systems and weak information infrastructure systems contribute to information security vulnerabilities in public organizations. Moreover, study findings revealed user awareness training on cyber security issues, carrying out cyber risk assessment on its critical assets and cyber security or information security audits as well as establishing cyber security policy will address the issue information security vulnerabilities in public organizations. The study recommends that same study should be conducted in other institutions and in other countries for comparison and generalization of findings