1 / 15

A Cyber-Security Portal for Southern Africa

A Cyber-Security Portal for Southern Africa. Dr. Johan van Niekerk & Prof. Rossouw von Solms. Agenda. Background Why a Portal? Overview Information security governance toolbox E-learning portal Awareness Game E-learning for children Resource Portal Future work. Background.

jalena
Download Presentation

A Cyber-Security Portal for Southern Africa

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. A Cyber-Security Portal for Southern Africa Dr. Johan van Niekerk & Prof. Rossouw von Solms

  2. Agenda • Background • Why a Portal? • Overview • Information security governance toolbox • E-learning portal • Awareness Game • E-learning for children • Resource Portal • Future work

  3. Background • The Internet • Brought many advantages • Used both at home and in organizations • Not only used by the rich or educated • Internet Usage in South Africa • 8.6% of entire population (World Bank, 2010) • 83% of low-income urban black youths (Kreutzer, 2009) • All sectors of the population • Young/old, poor/rich, educated/uneducated, rural/urban • Many platforms • PC, Mobile phones, Mxit, etc

  4. Background • Internet also brought many RISKS • Organizations address these risks through “Information Security” • Typically controls are selected from a standard like ISO/IEC 27002 • Three categories of controls • Physical • Technical • Operation • Physical & Technical Controls depend on Operational controls • Thus all controls depend on humans

  5. Background • Organizations • Information Security Awareness, Training & Education • Smaller organizations might lack resources • Home Users • Currently no Cyber Security Education • Society as a whole needs to develop a Cyber Security culture • Children are usually taught about physical security or financial security by their parents • Current parents are possibly even less equipped than their children to be secure online • Last year alone 4400 cases of identity theft were reported to the SAFPS (More than R200 million in fraud)

  6. Why a Portal? There is a need for Cyber-Security education for all Southern Africans A “one size fits all” approach won’t work for everyone

  7. A Cyber Security Portal • We are developing a Cyber Security Portal (Institute for ICT Advancement at the Nelson Mandela Metropolitan University) • This portal consists of several sub-projects • A web-based information security governance toolbox • A pedagogically sound e-learning portal for basic information security education • A web-based game to raise awareness about information security in organizations • An e-learning portal catering for the specific needs of children and teenagers • An information security resource portal

  8. Information security governance toolbox • Information security governance • Expensive • Requires staff • & other resources • An information security policy requires • Expertise to create • Compliance • Smaller organizations may lack resources and/or knowledge

  9. Information security governance toolbox • We’re creating a Web-based Toolset • Automatic policy generation • Compliance measurement • Digital “dashboard” • Low Cost • Based on a framework & existing desktop toolset developed over several years • Redevelopment of PC Based “consulting tool” to “self service” web based tool

  10. A pedagogically sound e-learning portal • Current information security education lacks pedagogical basis (Puhakainen, 2006) • No current program targets home users • Social networking • Internet banking • Etc • Moodle 2.0 Portal • Free access to basic education • Brain compatible learning principles • Activities planned according to learning taxonomies

  11. A web-based awareness game • Information Security often not seen as a core business component • Employees lack motivation to learn about security • Address motivational issues by making security awareness “fun” • Game design based on sound educational gaming research • Employees compete in virtual “race” over 2 weeks • Daily clues • Use of Google Maps and other tools to simulate race • Leaderships boards & Daily + Weekly prizes • Framework to be tested towards end of 2011 • Can be customized for other organizations

  12. E-learning portal for children • Children have specific Cyber Security needs • Social Networking • Mxit, etc • Parents lack knowledge • Portal will provide • Games • Age relevant Cyber Security material • For Parents • Information brochures • Parental control tools

  13. Information security resource portal • Research papers • Information Security Standards • Informational brochures • Contact information for research collaboration • Links to “other” cyber security research projects

  14. Aims of the portal The aim of this portal is to be a single point of access for all free, or low-cost, cyber & information security related resources in Southern Africa

  15. Questions / Comments ?

More Related