Information Security Management: A South African Public Sector Perspective

Information Security Management: A South African Public Sector Perspective

Harold Patrick (University of KwaZulu-Natal, South Africa), Brett van Niekerk (University of KwaZulu-Natal, South Africa) and Ziska Fields (University of KwaZulu-Natal, South Africa)
DOI: 10.4018/978-1-5225-4763-1.ch014
OnDemand PDF Download:
No Current Special Offers


The frequency and sophistication of cyberthreats and attacks are increasing globally. All organizations including governments are at risk as more devices are connected to a growing network coverage. There is no doubt that the new technologies in the Fourth Industrial Revolution bring numerous opportunities for smarter and efficient ways of doing business. However, these new processes, technology, and people interacting increases the cyber-risks. Cyber-risks cause a threat to the reputation, operations, data, and assets of the organization. A holistic information security management plan is needed that will transform the organization's approach to mitigate the cyber-risks, protect its infrastructure, devices, and data. This approach will inevitably improve information technology governance and better accountability to the public.
Chapter Preview


Cyber-attacks are an international and local reality, therefore, it is essential that management accept that threat actors are moving towards espionage, crime and intentional disruptions of their networks and systems. Management and government leaders must acknowledge this reality and institute measures to curb threats and attacks (Ross, 2014, p. 4). As new technology is introduced universally, timely, and easy access to government networks and services will be essential to ensure good quality and complete information. Technology in the digital age will continue to drive organisations, creating information security concerns for management and the designated information technology staff (TraceSecurity, 2012, p. 1). Government departments are under excessive strain to protect their networks and systems from cyber-threats a result of new modernizing technology to render better services to the public (Govloop, 2014, p. 10). An insider or external threat or attack can disrupt government services and critical infrastructure operations. Therefore, government departments need to be resilient against these potential threats and attacks. Also, government departments are already part of the interconnected world of technologies and other organisations and will continue to be vulnerable to threats and attacks by cyber-criminals (Ixia, 2014, p. 4).

Key Terms in this Chapter

Mitigation: Is a process that reduces the exposure of a risk.

Digital: Is the introduction of electronic technology.

Complete Chapter List

Search this Book: