PPT for postgraduate proposal Presentation (3).pptx

Name:- Ahmed Hassen September , 2024 CPU College, Ethiopia 1 Proposal Title:- Cybersecurity Auditing Framework (CSAF) for organization in Ethiopian

Outline Introduction Background of the study Statement of the Problem Research Questions Objectives of the study Significance of the Study Literature Review Overview of Cyber Security Global Cyber Security Ethiopia’s Cybersecurity Landscape Methodology of the study Research Design Research Approach Population and Sampling Design Data Sources and Method of Collection Method of Data Analysis

Background of the study The proposal will provide an in-depth overview of the current state of cybersecurity globally and with in Ethiopia. It will outline the importance of cybersecurity for ministry office stability and integrity, emphasizing the need for a structured approach to cybersecurity auditing The introduction will also highlight the unique challenges faced by Ethiopian due to limited resources and expertise, setting the stage for the development of a tailored CyberSecurity Auditing Framework

Background contd … Cybersecurity is , basically, the process of ensuring the safety of cyberspace from known and unknown threats The International Telecommunication Union states that cybersecurity is the collective application of strategies, security measures, plans, threats administration tactics, engagements, training , paramount practices, and assurance and expertise that can be used to guard the cyber system, organization and related assets Cyber security is important because government , military, corporate, financial, and health organizations collect, process, and store unprecedented amounts of data on computers and other devices

Statement of the Problem Cybersecurity is one of the biggest concerns that Government Organization have today. They get more digitized, and they undergo higher risks to be hacked . Large databases with information about internal operations, customer data and all the sensitive facts may be lost if they do nothing to protect this all The consequences of a security breach may be not only the loss of reputation but also negative implications for private and corporate customers according to research in wall street journal . Ethiopia lacks a standardized legal cybersecurity framework at the national level. Only 11.6 % of government institutions have legal frameworks in place, while the majority (87.4 %) operate without recognized guidelines to prevent cyber attacks

Statement of the Problem ..contd Ministry offices is increasingly reliant on digital platforms and internet-based operations, which exposes it to a myriad of cybersecurity threats. Despite this growing reliance, many Ethiopian organizations lack robust cybersecurity measures and face significant challenges in implementing effective security practices The lack of awareness and training contributes to weak security cultures within organizations, increasing the likelihood of human errors that can lead to security breaches . These problems collectively highlight the urgent need for a Cybersecurity Auditing Framework that is specifically designed for Ministry offices

Statement of the Problem .. contd The proposed CSAF aims to address these issues by providing a structured approach to cybersecurity auditing, enhancing the ability of Ministry to protect their information systems, mitigate cyber threats, and comply with relevant standards and regulations . This framework will be developed considering the unique challenges and resource constraints of Ministry offices , making it practical and implementable in the Ethiopian context

Research questions The study intended to address the following research questions : What are the existing practices and processes of cyber security auditing and the methods, techniques , standards and tools used in Ministry What are the major challenges that the Ministry are facing on cyber security management. What framework can support Ethiopian organization sector to perform effective cybersecurity auditing and ensure that cyber resources are well protected?

Objective of the Study The general objective of this study is proposing a cybersecurity auditing framework that enables Ministry offices to perform cybersecurity auditing . Specific Objective The specific objectives of this research are : To Evaluate the current practices and processes of cyber security auditing systems along with the methods and techniques utilized in Ministry offices

Specific Objective Cont .. To Identify the differences in cyber security systems and processes, as well as the primary causes of these discrepancies . Pinpoint the key issues obstructing the cyber security auditing process within the Ministry offices. To Review various cyber security frameworks developed by scholars globally . Propose a cyber security auditing framework designed to address existing challenges and standardize the cyber security management process applicable to the Ministry offices . The House of Academic Excellence!

Significance of the Study This research contributes to existing efforts in cybersecurity by identifying the challenging threat to Ministry offices, in addition from this study the following will help Ministry offices To It allows all Ministry offices to adopt a unified cyber security framework. • To introduces a novel perspective to the existing body of knowledge. • It adds a new way of thinking in the existing body of knowledge. • It also provides a foundation for practitioners and researchers to carry out more in-depth research in cybersecurity management.

Literature Review The researcher attempts to assess the ministry office’s theoretical and empirical frameworks as well as the Cyber Security Auditing Framework in this chapter. Review subjects include : Overview of Cybersecurity, Auditing Activities and Implications, and Cybersecurity

Overview of Cyber Security The way governmental organizations process and store data has changed significantly as a result of the deployment of information technology. This industry is currently prepared to handle a variety of innovations, including automated online government services It is also automating various government services from traditional to automated , which are the most cutting-edge ways to provide services to consumers. Customers worry a lot about identity theft and privacy

Global Cyber Security Global Cyber Security Index / GCI/ stated that the global community is increasingly embracing ICTs as key enabler for social and economic development. It further stated that governments across the world recognizes that digital transformation has the power to further the prosperity and wellbeing of their citizens. However , these enablers came with the possible threat for social, economic , and political wellbeing for every nation. Due to this GCI affirmed that governments recognize that cyber security must be an integral and indivisible part of technological progress.

Ethiopia’s Cybersecurity Landscape Let’s shift our focus to Ethiopia, where the Information Network Security Administration(INSA ) has been at the forefront of the fight against cyber threats. During the last Ethiopian Fiscal Year, INSA reported successfully blocking just 6,768 cyberattack attempts targeting the country. Additionally, it was reported that INSA’s efforts saved Ethiopia a significant 23.2 billion Birr by mitigating these attacks . These figures are notably lower compared to global or even regional statistics.

Ethiopia’s Cybersecurity Landscape Cont … Part of this can be attributed to Ethiopia’s relatively recent surge in the digital domain. The country has made considerable strides in improving its telecommunications and mobile network infrastructure. There is optimistic growth; as of early 2023, Ethiopia’s internet penetration rate was 16.7%, with an estimated 2.6% increase in internet users between 2022 and 2023 alone.

Ethiopia’s Cybersecurity Landscape Cont … However, it’s important to note that even well-established institutions, and government bodies still rely on personal email services like Yahoo or Gmail for official communication. This is particularly alarming, considering that human error is responsible for 82% of global data breaches . Common mistakes , such as sharing passwords, neglecting patch management, clicking on unsafe links, and accessing organizational data on personal devices, pose significant security risks—many of which could be mitigated through basic digital literacy training .

Cybersecurity Auditing Cyber Security Auditing is an independent review and examination of system records, activities , and related documents to assess the adequacy of system controls, ensure compliance with established security policies and approved operational procedures, and detect security breaches to verify data integrity, safeguard assets, achieve organizational goals effectively, and use resources efficiently. CSA involves a systematic, measurable technical assessment of how security policies are integrated into data systems

Cybersecurity Auditing Cont … CSA differs from traditional auditing as it requires a solid understanding of computer systems in addition to basic auditing concepts . Overall , CSA, as a new auditing discipline, emphasizes a comprehensive examination of cyber security . This approach entails checking all levels, from the establishment of the cyber security organization and personnel issues to system configurations

Cyber Security Audit Principle A security audit principle ensures that the audit serves as an effective and dependable tool to support management policies and controls by delivering actionable insights for organizational performance improvement . Following these principles is essential for producing audit conclusions that are both relevant and necessary, allowing auditors to work independently while arriving at consistent conclusions in similar situations.

Methodology of the Study This chapter shows what kind of research design and method we should use to answer the research questions being formulated. Overview of Research Methods: Qualitative, quantitative and mixed methods research methods will be developed and the choice of research methods and the reasons for that will be discussed. Questions to be answered in this section: What research method will be used ? How are the samples selected for the study and why? What data collection methods are used? How is data analyzed? What tools are used for data analysis?

Research Design The research design was done informed by the findings of the literature review. The study will utilize survey questionnaires, document analysis and interviews for data collection, employing a mixed research method as the research paradigm. Given that cybersecurity issues are complex and interdependent, involving threats, attacks, and vulnerabilities, mixed research methods will be used to address this goal . Both qualitative and quantitative research help in understanding the problem and developing ideas.

Research Approach To achieve the overall and specific objectives, this research utilizes a mixed-methods approach, integrating both qualitative and quantitative methods. The qualitative component investigates the general expertise of professionals in managing cyber security issues, while the quantitative component assesses current practices, resource needs, training types, and the research methods employed by experts

Data source The intention with this thesis was in discovering, assessing, and understanding the challenging threats of cyber security in Ethiopia industries and proposing appropriate cyber security framework . Therefore , the samples have been selected, questionnaires will have distributed and interviews will be conducted, which are the characteristics of both quantitative and qualitative research methods. However , the fact that questionnaire is used as a tool for data collection dictates more of quantitative research methods though it is used in both qualitative and quantitative (i.e. Mixed research) methods

Study Population The overall population of the study concentrates on the Ministry offices of selected organization located in Addis Ababa. The researchers assumed that there is difference in the characteristics of the overall selected Ministry profile in terms of technology usage, staff Ministry, resource, service coverage and service year . The selection of the Ministry is based on purposive sampling, due to the interest of individual Ministry in terms of willingness in conducting research in their company.

Schedule Plan

Budget Plan

Thank You

PPT for postgraduate proposal Presentation (3).pptx

About This Presentation

Slide Content

Tags

Categories

Download

Quick Actions

Statistics

Related Slideshows

PPT for postgraduate proposal Presentation (3).pptx

About This Presentation

Slide Content

Slide 1

Slide 2

Slide 3

Slide 4

Slide 5

Slide 6

Slide 7

Slide 8

Slide 9

Slide 10

Slide 11

Slide 12

Slide 13

Slide 14

Slide 15

Slide 16

Slide 17

Slide 18

Slide 19

Slide 20

Slide 21

Slide 22

Slide 23

Slide 24

Slide 25

Slide 26

Slide 27

Slide 28

Tags

Categories

Download

Quick Actions

Statistics

Related Slideshows

8-top-ai-courses-for-customer-support-representatives-in-2025.pptx

7-essential-ai-courses-for-call-center-supervisors-in-2025.pptx

25-essential-ai-courses-for-user-support-specialists-in-2025.pptx

8-essential-ai-courses-for-insurance-customer-service-representatives-in-2025.pptx

Know for Certain

PPT OPD LES 3ertt4t4tqqqe23e3e3rq2qq232.pptx