Original Research

A model to reduce insider cybersecurity threats in a South African telecommunications company

Carol B. Silaule, Lean M. Makhubele, Stevens P. Mamorobela
South African Journal of Information Management | Vol 24, No 1 | a1573 | DOI: https://doi.org/10.4102/sajim.v24i1.1573 | © 2022 Carol B. Silaule, Lean M. Makhubele, Stevens P. Mamorobela | This work is licensed under CC Attribution 4.0
Submitted: 10 May 2022 | Published: 17 October 2022

About the author(s)

Carol B. Silaule, Department of Informatics, Faculty of Information and Communication Technology, Tshwane University of Technology, Pretoria, South Africa
Lean M. Makhubele, Department of Informatics, Faculty of Information and Communication Technology, Tshwane University of Technology, Pretoria, South Africa
Stevens P. Mamorobela, Department of Informatics, Faculty of Information and Communication Technology, Tshwane University of Technology, Pretoria, South Africa

Abstract

Background: Cybersecurity breaches have become a growing challenge in today’s digital economy. Organisations are faced with the responsibility of protecting their information resources from cybersecurity threats, and insider threats are one of them. Organisations have sophisticated technologies to protect themselves against these attacks, and their employees are often less guarded when it comes to protecting valuable company information systems.

Objectives: This research was aimed to develop and conceptualise a model to reduce cybersecurity insider threats in a South African telecommunication organisation.

Method: This study was conducted using a survey research approach, where close-ended questionnaires were utilised to collect data from respondents. The collected data was then analysed using IBM Statistical Package for Social Science (SPSS).

Results: The findings of the study indicated that personal norms in the domain of cybersecurity have a positive influence on individuals’ attitude towards engaging in cybersecurity misbehaviour, and this has a significant relationship with their reduction of insider threats (RIT).

Conclusion: This study suggests that management should give close and thoughtful attention to factors that encourage their employees to engage in cybersecurity misbehaviour. As an efficient and effective approach to mitigate the risk of cybersecurity insider threats, identification and classification of these factors should be followed by proper planning with a goal of reducing their negative effect on employees’ behaviour.


Keywords

cyberspace; cybersecurity; cyberthreats; insider threats; cybersecurity misbehaviour; information resources; telecommunications

Metrics

Total abstract views: 1776
Total article views: 1736


Crossref Citations

No related citations found.