Skip to main content
SpringerLink
Log in
Book cover

International Conference on Advanced Research in Technologies, Information, Innovation and Sustainability

ARTIIS 2022: Advanced Research in Technologies, Information, Innovation and Sustainability pp 339–351Cite as

A Cyber4Dev Security Culture Model

  • Conference paper
  • First Online:

  • 386 Accesses

Part of the book series: Communications in Computer and Information Science ((CCIS,volume 1676))

Abstract

Researchers have conducted studies to investigate factors influencing information security and cybersecurity culture, and to develop models and frameworks. However, very little research has been done on cybersecurity culture for developing countries, Cyber4Dev. The purpose of this paper is to develop an Ubuntu Cyber4Dev Security Culture Model. The current study deployed the PRISMA and scoping literature review methods to review existing cybersecurity culture models and to identify significant factors influencing cybersecurity culture to address unique challenges in developing countries like Africa. An Ubuntu Cyber4Dev Security Culture Model is proposed integrating African languages and the Ubuntu philosophy with 13 factors derived from literature that influence cybersecurity culture. The proposed conceptual model can be used as a point of reference to conduct further research on Cyber4Dev security culture in Africa and other developing countries. This study is one of the first studies on Cyber4Dev security culture and can inform policymakers on how to foster a cybersecurity culture with the aim of influencing the behaviour of end users to improve the protection of information.

This is a preview of subscription content, log in via an institution.

Chapter
USD   29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD   79.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD   99.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Learn about institutional subscriptions

References

  1. Lombardi, M., Pascale, F., Santaniello, D.: Internet of Things: a general overview between architectures, protocols and applications. Inf. 12(87), 1–21 (2021). https://doi.org/10.3390/info12020087

    Article  Google Scholar 

  2. Shammar, E.A., Zahary, A.T., Al-Shargabi, A.A.: A survey of IoT and blockchain integration: security perspective. IEEE Access. 9, 156114–156150 (2021). https://doi.org/10.1109/ACCESS.2021.3129697

    Article  Google Scholar 

  3. Elkhannoubi, H., Belaissaoui, M.: Assess developing countries’ cybersecurity capabilities through a social influence strategy. In: 7th International Conference on Science Electronic and Technological Information. Telecommun. SETIT 2016. pp. 19–23 (2017). https://doi.org/10.1109/SETIT.2016.7939834

  4. Cyber4d – Cyber Resilience for Development – A European Union project designed to protect public and private enterprises across countries in Asia and Africa

    Google Scholar 

  5. Peters, M.D.J., et al.: Updated methodological guidance for the conduct of scoping reviews. JBI Evid. Synth. 18, 2119–2126 (2020). https://doi.org/10.11124/JBIES-20-00167

  6. Mutemwa, M.: Developing a cyber threat intelligence sharing platform for South African Organisations. In: 2017 Conference on Information Communication Technology and Society (ICTAS), pp.  1–6 (2020)

    Google Scholar 

  7. BusinessTech: TransUnion cyber attack – hackers demand R225 million ransom, https://businesstech.co.za/news/cloud-hosting/569658/transunion-cyber-attack-hackers-demand-r225-million-ransom/

  8. Nasir, A., Abdullah Arshah, R., Ab Hamid, M.R.: A dimension-based information security culture model and its relationship with employees’ security behavior: a case study in Malaysian higher educational institutions. Inf. Secur. J. 28, 55–80 (2019). https://doi.org/10.1080/19393555.2019.1643956

    Article  Google Scholar 

  9. Alnatheer, M.A.: Information security culture critical success factors. In: 12th Interanational Conference in Information Technology of New Generation. ITNG 2015. 731–735 (2015). https://doi.org/10.1109/ITNG.2015.124

  10. Govender, S., Kritzinger, E., Loock, M.: The influence of national culture on information security culture. In: IST-Africa Week Conference, pp. 1–9 (2016). https://doi.org/10.1109/ISTAFRICA.2016.7530607

  11. Alkalabi, W., Simpson, L., Morarji, H.: Barriers and incentives to cybersecurity threat information sharing in developing countries: a case study of Saudi Arabia. In: ACM International Conference Proceeding Series (2021). https://doi.org/10.1145/3437378.3437391

  12. Reid, R., Van Niekerk, J.: From information security to cyber security cultures. In: Inforamation Security South Africa - Proceedings of the ISSA 2014 Conference, pp. 1–7 (2014). https://doi.org/10.1109/ISSA.2014.6950492

  13. Babate, I., Musa, A., Kida, M., Saidu, K.: State of cyber security: emerging threats landscape. Int. J. Adv. Res. Comput. Sci. Technol. (IJARCST 2015). 3, 113–119 (2015)

    Google Scholar 

  14. Sayoc, V.R., Dolores, T.K., Lim, M.C., Sophia, L., Miguel, S.: Computer systems in analytical applications. Int J. Adv. Trends Comp. Sci. Eng. 8(3), 195–200 (2019). https://doi.org/10.30534/ijatcse/2019/68832019

  15. Mahfuth, A., Yussof, S., abu bakar, A., Ali, N.B., Abdallah, W.: A conceptual model for exploring the factors influencing information security culture. Int. J. Secur. Its Appl. 11, 15–26 (2017). https://doi.org/10.14257/ijsia.2017.11.5.02

  16. Georgiadou, A., Mouzakitis, S., Askounis, D.: Assessing mitre attack risk using a cyber-security culture framework. Sensors. 21, 9 (2021). https://doi.org/10.3390/s21093267

    Article  Google Scholar 

  17. Heerden, R. Van, Solms, S. Von, Vorster, J., Solms, S. Von, Vorster, J.: Major security incidents since 2014: an African perspective. In: IST-Africa Week Conference, pp. 1–11 (2018)

    Google Scholar 

  18. Allen, B.N.: Africa’s evolving cyber threats, pp. 1–6. https://africacenter.org/spotlight/africa-evolving-cyber-threats/ (2021)

  19. Chigada, J., Madzinga, R.: Cyberattacks and threats during COVID-19: a systematic literature review. S. Afr. J. Inf. Manag. 23, 1 (2021). https://doi.org/10.4102/sajim.v23i1.1277

    Article  Google Scholar 

  20. Dolley, C.: Cyberattacks: South Africa, you’ve been hacked, Dailymaveric. https://www.dailymaverick.co.za/article/2021-11-06-cyberattacks-south-africa-youve-been-hacked/ (2021)

  21. Interpol: INTERPOL report identifies top cyberthreats in Africa. https://www.interpol.int/en/News-and-Events/News/2021/INTERPOL-report-identifies-top-cyberthreats-in-Africa (2021)

  22. Da Veiga, A.: A cybersecurity culture research philosophy and approach to develop a valid and reliable measuring instrument. Comput. Conf. SAI 2016. pp. 1006–1015 (2016). https://doi.org/10.1109/SAI.2016.7556102

  23. Da Veiga, A., Astakhova, L.V., Botha, A., Herselman, M.: Defining organisational information security culture - perspectives from academia and industry. Comput. Secur. 92 (2020)

    Google Scholar 

  24. Nasir, A., Arshah, R.A., Ab Hamid, M.R.: Information security policy compliance behavior based on comprehensive dimensions of information security culture: aconceptual framework. In: ACM International Confernce Proceeding Ser. Part F1282, 56–60 (2017). https://doi.org/10.1145/3077584.3077593

  25. Alshaikh, M.: Developing cybersecurity culture to influence employee behavior: a practice perspective. Comput. Secur. 98 (2020). https://doi.org/10.1016/j.cose.2020.102003

  26. Grant, M.J., Booth, A.: A typology of reviews: an analysis of 14 review types and associated methodologies. Health Info. Libr. J. 26(2), 91–108 (2009). https://doi.org/10.1111/j.1471-1842.2009.00848.x

    Article  Google Scholar 

  27. Moher, D., Liberati, A., Tetzlaff, J., Altman, D.G.: Preferred reporting Items for systematic reviews and meta-analyses: the PRISMA statement. PLoS Med 6(7) e1000097 (2009). https://doi.org/10.1371/journal.pmed.1000097

  28. Hassan, N.H.: Information Security Culture in Health Informatics Environment : A Qualitative Approach. In: International Conference on Research and Innovation in Information Systems (ICRIIS), IEEE, pp. 1–6 (2017)

    Google Scholar 

  29. Nasir, A., Rashid, M., Hamid, A.: Information Security Culture for Guiding Employee’s Security Behaviour: A Pilot Study. In: 6th International Conference on Information Management (ICIM), IEEE, 205–209 (2020)

    Google Scholar 

  30. Ikenwe, I.J., Igbinovia, O.M., Elogie, A.A.: Information Security in the Digital Age: The Case of Developing Countries. Chinese Librariansh. Int. Electron. J. 42, 16–24 (2016)

    Google Scholar 

  31. Kabanda, S., Tanner, M., Kent, C.: Exploring SME cybersecurity practices in developing countries. J. Organ. Comput. Electron. Commer. 28(3), 269–282 (2018). https://doi.org/10.1080/10919392.2018.1484598

    Article  Google Scholar 

  32. Uchendu, B., Nurse, J.R.C., Bada, M., Furnell, S.: Developing a cyber security culture: Current practices and future needs. Comput. Secur. 109, 102387 (2021). https://doi.org/10.1016/j.cose.2021.102387

  33. Tolah, A., Furnell, S.M., Papadaki, M.: A Comprehensive Framework for Cultivating and Assessing Information Security Culture. In: 11th International Symposium on Human Aspects of Information Security & Assurance, pp.  52–64 (2017)

    Google Scholar 

  34. Martins, N., Da Veiga, A.: An Information security culture model validated with structural equation modelling. In: Human Aspects of Information Security & Assurance HAISA, pp. 11–21 (2015)

    Google Scholar 

  35. Reegård, K.: The Concept of Cybersecurity Culture The Concept of Cybersecurity Culture. In: 29th European Safety and Reliability Conference, pp. 4036–4043 (2019)

    Google Scholar 

  36. Ioannou, M., Stavrou, E., Bada, M.: Cybersecurity Culture in Computer Security Incident Response Teams. In: International Conference on Cyber Security and Protection of Digital Services (Cyber Security), pp. 1–4. IEEE (2019)

    Google Scholar 

  37. Huang, K., Pearlson, K.: For what technology can’t fix: Building a model of organizational cybersecurity culture. In: Annual Hawaii International Conference System Scince -Janua, pp. 6398–6407 (2019). https://doi.org/10.24251/hicss.2019.769

  38. Van Niekerk, J., Von Solms, R.: Understanding Information Security Culture: A Conceptual Framework. In: Information Security South Africa - Proceedings ISSA, pp. 1–10 (2006)

    Google Scholar 

  39. Schein, E.H.: Organisation Culture and Leadership. 3rd edn, p. 458. Wiley (2010)

    Google Scholar 

  40. Woermann, M., Engelbrecht, S.: The Ubuntu Challenge to Business: from Stakeholders to Relationholders. J. Bus. Ethics 157(1), 27–44 (2017). https://doi.org/10.1007/s10551-017-3680-6

    Article  Google Scholar 

  41. Adeleye, I., Luiz, J., Muthuri, J., Amaeshi, K.: J. Bus. Ethics 161(4), 717–729 (2019). https://doi.org/10.1007/s10551-019-04338-x

  42. Van Pinxteren, B.: Language of instruction in education in Africa: how new questions help generate new answers. Int. J. Educ. Dev. 88, 102524 (2022)

    Google Scholar 

  43. Ndiege, J., Okello, G.: Information security awareness amongst students joining higher academic institutions in developing countries: evidence from Kenya. African J. Inf. Syst. 10, 4 (2018)

    Google Scholar 

  44. Al Hogail, A.: Cultivating and assessing an organizational information security culture; an empirical study. Int. J. Secur. its Appl. 9, 163–178 (2015). https://doi.org/10.14257/ijsia.2015.9.7.15

  45. Aitchison, J.: South Africa's reading crisis is a cognitive catastrophe. The Conversation (2018). https://theconversation.com/south-africas-reading-crisis-is-a-cognitive-catastrophe-89052

  46. Stats SA South Africa’s youth continues to bear the burden of unemployment (2022) https://www.statssa.gov.za/?p=15407#:~:text=According%20to%20the%20Quarterly%20Labour,stands%20at%2034%2C5%25

Download references

Author information

Authors and Affiliations

  1. School of Computing, College of Science, Engineering and Technology, UNISA, Florida, Johannesburg, South Africa

    Morena Abiel Tsoeu & Adéle da Veiga

Authors
  1. Morena Abiel Tsoeu
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Adéle da Veiga
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Adéle da Veiga .

Editor information

Editors and Affiliations

  1. Universidad Estatal Península de Santa, La Libertad, Ecuador

    Teresa Guarda

  2. University of Minho, Guimarães, Portugal

    Filipe Portela

  3. BITrum Research Group, Leon, Spain

    Maria Fernanda Augusto

Rights and permissions

Reprints and permissions

Copyright information

© 2022 The Author(s), under exclusive license to Springer Nature Switzerland AG

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Tsoeu, M.A., da Veiga, A. (2022). A Cyber4Dev Security Culture Model. In: Guarda, T., Portela, F., Augusto, M.F. (eds) Advanced Research in Technologies, Information, Innovation and Sustainability. ARTIIS 2022. Communications in Computer and Information Science, vol 1676. Springer, Cham. https://doi.org/10.1007/978-3-031-20316-9_26

Download citation

  • DOI: https://doi.org/10.1007/978-3-031-20316-9_26

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-031-20315-2

  • Online ISBN: 978-3-031-20316-9

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation