Browsing by Author "Mtsweni, Jabu S"

Now showing 1 - 20 of 43
  • No Thumbnail Available
    Item
    A strategic path for digital transformation in cyber warfare for African  militaries
    (2024-03) Mphahlela, James M; Mtsweni, Jabu S
    Digital disruption has changed the battlefield and increased its complexity for the war fighter. The modern battlefield continues to increase this complexity, due to the evolution of components that constitute military capability. The technologies, processes and the users are such components. The modern battlefield relies on advanced technologies tapping on high connectivity, are more lethal, precise, and autonomous. Due to this evolution, areas once thought to be safe from conventional attacks are increasingly becoming vulnerable. This evolution of technology and shorter development curves have also increased the prominence of the cyberspace, as a domain of war. However, many militaries, especially in Africa are still operating legacy systems and struggling with modernizing their systems to take advantage of the digital evolution. This paper, therefore, uses a systematic literature review and benchmarking focusing on selected super cyber power nations’ indices to propose a strategic path for African militaries to drive digital transformation in their operational environments. The roadmap is proposed to stimulate the establishment and enhancement of African militaries’ cyber warfighting capabilities in the digital age. The objectives of this digital transformation path include establishing a digital backbone, where all the sensors, effectors and the deciders are plugged to share information and intelligence.
  • Thumbnail Image
    Item
    Adding up the numbers: COVID-19 in South Africa
    (2022-06) Suliman, Ridhwaan; Mtsweni, Jabu S
    The SARS-CoV-2 pandemic has wreaked havoc globally, with over half a billion people infected and millions of lives lost. The pandemic has also interrupted every aspect of our lives, with most governments imposing various interventions and restrictions on people’s movement and behaviour to minimise the impact of the virus and save lives. The debate among scholars on the effectiveness of the interventions and restrictions, particularly in the context of a developing country like South Africa, continues. The data and scientific evidence indicate that non-pharmaceutical interventions, and particularly the implementation and adherence thereto, may have been ineffective in terms of containment in the South African context and had minimal impact in stopping the spread of the SARS-CoV-2 virus.
  • Thumbnail Image
    Item
    The adoption of crowdsourcing platforms in South Africa
    (2015-05) Chuene, D; Mtsweni, Jabu S
    Crowdsourcing has increasingly become a popular phenomenon where organisations solicit the help of the public to accomplish activities that are usually performed by employees. These activities can range from scientific problems to menial tasks that are sometimes too mundane for employees. A lot of organisations in different countries have adopted and embraced this phenomenon with gusto. South Africa being the African continent’s most developed economy is also embracing crowdsourcing. However, the adoption of crowdsourcing initiatives has been slow, especially amongst public organisations, due to various reasons, such as lack of awareness. This research paper reports on the investigation conducted pertaining to the adoption of crowdsourcing platforms in South Africa. The primary research methods used for the study included a systematic literature review and document analysis. The results from the study suggest that the most prominent crowdsourcing platforms in South Africa deal with funding. However, there is still a lack of information pertaining to the status and number of users benefiting from the adopted and/or deployed platforms.
  • Thumbnail Image
    Item
    Analyzing the security posture of South African websites
    (IEEE, 2015-08-12) Mtsweni, Jabu S
    oday, public-facing websites are virtually used across all different sectors by different types of organizations for information sharing and conducting core business activities. At the same time, the increasing use of mobile devices in Africa has also propelled the deployment and adoption of web-based applications. However, as the use of websites increases, so are the cyber-attacks. Web-based attacks are prevalent across the globe, and in South Africa an increase in such attacks is being observed. Research studies also suggest that over 80% of the active websites are vulnerable to a myriad of attacks. This paper reports on a study conducted to passively analyze and determine the security posture of over 70 South African websites from different sectors. The security posture of the local websites was thereafter compared against the top ten (10) global websites. The list of the websites was mainly chosen using the Amazon’s Alexa service. The focus of the study was mainly on the security defense mechanisms employed by the chosen websites. This approach was chosen because the client-side security policies, which may give an indication of the security posture of a website, can be analyzed without actively scanning multiple websites. Consequently, relevant web-based vulnerabilities and security countermeasures were selected for the analysis. The results of the study suggest that most of the 70 South African websites analyzed are vulnerable to cross-site scripting, injection vulnerabilities, clickjacking and man-in-middle attacks. Over 67% of the analyzed websites unnecessarily expose server information, approximately 50% of the websites do not protect session cookies, about 30% of the websites use secure communications, in particular for transmitting users’ sensitive information, and some websites use deprecated security policies. From the study, it was also determined that South African websites lag behind in adopting basic security defense mechanisms when compared against top global websites.
  • Thumbnail Image
    Item
    Barriers to electronic access and delivery of educational information in resource constrained public schools: a case of Greater Tubatse Municipality
    (IEEE, 2016-05) Pholotho, T; Mtsweni, Jabu S
    Information and Communication Technologies (ICTs) are capable of expanding access to quality education, educational resources and provide teachers with new skills. Nevertheless, a majority of rural public schools have limited ICTs, mainly due to geographical landscape, lack of service delivery and poverty. As a result, they currently seem not to be adequately benefiting from current advancements in ICTs. The main objective of the research presented in this paper was to understand the challenges faced by resource constrained schools under the Greater Tubatse Municipality (GTM) in the Limpopo Province of South Africa regarding lack of access to electronic educational information. An exploratory case study approach was adopted to identify and understand the challenges faced by rural schools, including educational services and content considered by schools as relevant and useful. The results indicate that resource-constrained schools in the GTM are facing challenges of lack of access to electronic educational information and services, as the result teaching and learning becomes difficult.
  • Thumbnail Image
    Item
    Beyond the Convenience of the Internet of Things: Security and Privacy Concerns
    (2017-06) Moganedi, Mapoung S; Mtsweni, Jabu S
    The significant growth of the Internet of Things (IoT) is revolutionizing the way people live by transforming everyday Internet-enabled objects into an interconnected ecosystem of digital and personal information accessible anytime and anywhere. As more objects become Internet-enabled, the security and privacy of the personal information generated, processed and stored by IoT devices become complex and challenging to manage. This paper details the current security and privacy challenges presented by the increasing use of the IoT. Furthermore, investigate and analyze the limitations of the existing solutions with regard to addressing security and privacy challenges in IoT and propose a possible solution to address these challenges. The results of this proposed solution could be implemented during the IoT design, building, testing and deployment phases in the real-life environments to minimize the security and privacy challenges associated with IoT.
  • No Thumbnail Available
    Item
    Bibliometric analysis of cyber warfare research in Africa: Landscape and trends
    (2024-03) Mtsweni, Jabu S; Thaba, James M
    As the digital landscape continues to evolve, cyber warfare has emerged as a prominent domain of warfare, with superpower nations actively demonstrating their capabilities in the cyberspace. This study posits that African countries exhibit a relative lag in research and development of cyber warfare capabilities, as evidenced by the absence of African nations in the National Cyber Power Index released by the Belfer Centre for Science and International Affairs in 2022. To address this knowledge gap, this paper presents a comprehensive bibliometric analysis of cyber warfare research and development within the African continent. The analysis aims to illuminate research productivity, performance, science mapping, and key contributors at both national and institutional levels. It seeks to uncover thematic trends, pinpoint key research areas, and identify research connections within the African context. This research evaluates the African continent's research participation and development in the cyber and/or information warfare domain over the past 23 years. The analysis encompasses scholarly articles and conference proceedings published between 2000 and 2023, utilizing Scopus as the primary data source. Preliminary findings suggest that cyber warfare research in Africa is concentrated in a limited number of countries, with South Africa emerging as the leading contributor. A comparative analysis further reveals that developed countries generally outpace African nations in cyber warfare research and development, corroborating the rankings presented in the National Cyber Power Index (NCPI) and Global Cybersecurity Index (GCI).
  • Thumbnail Image
    Item
    Big data privacy and security: A systematic analysis of current and future challenges
    (Academic Conferences and Publishing Limited, 2016-03) Shozi, Nobubele A; Mtsweni, Jabu S
    Big data is a term that describes data of huge volumes, variable speeds, and different structures. Even though the rise of big data can yield positives, the nature of big data poses challenges as capturing, processing and storing becomes difficult. One of the challenges introduced by big data relates to its privacy and security. Privacy and security of big data is considered one of the most prominent challenges as it directly impacts on individuals. Through big data, individuals lose control over how their data is used and are unable to protect it. An invasion of privacy occurs when one’s data is used to infer aspects of one’s life without our consent. The prospect of data breaches in big data is also expected and can result in millions of records containing personal information being leaked. This paper aims to understand the privacy and security challenges that relate to big data. In order to gain this understanding, a systematic literature review is conducted to firstly identify the general challenges of big data. Currently, a number of research papers are identifying the challenges of big data however these papers do not follow a sound methodological process in identifying these challenges. The systematic literature review process consists of sequenced steps that must be followed to ensure that your research produces the required results. The systematic literature review was chosen to ensure that the three questions posed in this research are answered. These questions are: What are the current big data related challenges, what challenges are related to privacy and security and what future challenges can be identified from the analysis of these challenges. The top challenges of big data are discussed briefly and narrowed down into the challenges that are related to privacy and security of big data. In conclusion, this paper will provide reflections on future big data challenges. This outcome of this research is firstly to identify the big data challenges, secondly to understand the privacy and security challenges that relate to big data and lastly to provide insight into the future challenges that can impact on big data.
  • Thumbnail Image
    Item
    Big data privacy in social media sites
    (IEEE, 2017-06) Shozi, Nobubele A; Mtsweni, Jabu S
    Social media sites have provided us with the ability to share information about our daily activities. However, users do not understand the implications of sharing their personal data on social media sites. Individuals on these social sites share information without realising that this could lead to their privacy being invaded. All of this has been made possible through the growth of data which is now a phenomenon known as y`big data'. At the same time, most developing countries such as those found in Africa do not have legislations in place to deal with the increasing challenges of online data and personal information privacy. This paper aims to discuss privacy issues in the social media context through highlighting how big data plays a role towards impacting on the privacy of individuals. This paper will also analyse privacy policies of social media sites and lastly an African perspective towards privacy is presented. This paper provides recommendations towards data privacy in general and in the African context.
  • Thumbnail Image
    Item
    Building an integrated cyber defence capability for African missions
    (2022) Mtsweni, Jabu S; Thaba, James M
    Cyberspace has been designated by organizations such as NATO as the fifth domain for battlespace, and many nations are already having and/or building their capabilities in the cyber defence environment in order to protect and defend their assets against any onslaught by their adversaries. It is a common belief that many African countries are not well positioned or prepared to respond effectively to cyberattacks against their citizens, critical infrastructure, and government. In many instances, the gap can be traced to the shortage of skills, lack of cybersecurity readiness and preparedness, and lack of investment in cybersecurity programmes, including policies within the military’s strategic, tactical, and operational environments. This paper seeks to present a conceptual approach into how African countries could develop a resilient cyber defence capability in order to effectively respond to constant cyberattacks. The approach is underpinned by an integrated capability management philosophy using case studies in large and complex environments, including strategic and capability development learnings from other military domains outside the African continent. It is envisaged that the output of this paper may influence and support African states in building their cyber defence capabilities in a coordinated and integrated manner.
  • No Thumbnail Available
    Item
    Building cyber warfare capability: A phased approach to integrating cyber operations into military structures
    (2024-09) Thaba, James M; Mtsweni, Jabu S
    As the cyber domain increasingly becomes a critical battlefield, modern militaries must develop the capacity to conduct operations in and through the cyberspace. This paper presents a systematic approach to establishing cyber warfare capabilities within existing operational structures, offering a pathway for militaries to incrementally build and enhance their cyber capabilities. The approach emphasizes the integration of cyber warfare into traditional military operations, ensuring that new capabilities are developed in alignment with existing doctrines and structures. By proposing a phased methodology, the paper guides military organizations in creating appropriate command and control structures, training regimes, and technological frameworks to exploit cyberspace effectively. The focus is on developing a scalable and flexible cyber force that can adapt to evolving threats and leverage cyberspace for both defensive and offensive operations.
  • Thumbnail Image
    Item
    Conceptual mapping of the cybersecurity culture to human factor domain framework
    (2023-03) Mwim, EN; Mtsweni, Jabu S; Chimbo, B
    Human related vulnerability challenges continue to increase as organisations intensify their use of interconnected technologies for operations particularly due to the emergence of COVID-19 pandemic. Notwithstanding the challenge of a human problem on cybersecurity, existing cybersecurity measures predominately focused on technological solutions which on their own have proven to be insufficient. To ensure all-inclusive cybersecurity solution, efforts are shifting to accommodate human angle which complements technological efforts towards eradicating cybersecurity challenges hence the move to cybersecurity culture (CSC). The importance of the human-related factor on the security of information and IT system has been emphasised by various research leading to the development of Human Factor Diamond (HFD) framework. This paper at the conceptual level mapped the articulated list of identified CSC factors to the HFD framework to determine the CSC factors that are associated with the different domains of human factor framework. The mapping depicts that each domain of human factor framework has CSC factors associated to it. Management appeared as the domain with the predominate number of factors, followed by responsibility, environment and preparedness respectively.
  • Thumbnail Image
    Item
    Context aware mobile application for mobile devices
    (IEEE, 2016-08) Masango, Mfundo G; Mouton, Francois; Nottingham, Alastair; Mtsweni, Jabu S
    Android smart devices have become an integral part of peoples lives, having evolved beyond the capability of just sending a text message or making a call. Currently, smart devices have applications that can restrict access to other applications on the same device, implemented through user authentication. Android smart devices offer the capability of Android Smart Lock, which uses different authentication methods for unlocking the device based on the users location. However, Android Smart Lock does not allow locking for individual applications. A possible solution to this limitation is an application that performs user authentication using a context-aware approach. This paper proposes a context-aware application, which provides different user authentication methods that are set up according to the auto-detection of areas designated as safe zones by the user. This application aims to improve the overall security of the content of a given device by securing individual applications.
  • Thumbnail Image
    Item
    A context-sensitive trust model for online social networking
    (IEEE, 2016-11) Danny, MN; Kogeda, OP; Mtsweni, Jabu S
    In Social Networking Sites (SNSs), users tend to accept friend requests and share their personal information based on intuitive trust levels. Mistakenly trusting and sharing private information with malicious users may lead to a wide variety of privacy attacks. In the quest to address this problem, this paper proposes a context-sensitive trust model. The proposed trust model was designed using fuzzy logic theory and implemented using MATLAB. Contrary to existing trust models, the context-sensitive trust model does not rely on the transitive relationship but rather addresses the subjectivity aspect of trust in SNSs. Furthermore, the proposed trust model allows social network users to evaluate the degree of trustworthiness of an unknown user based on their own trust rules and contextual parameters found on the user’s profile. The context-sensitive trust model shows an accuracy of 80% in evaluating the trustworthiness of an unknown user. As a result, the presented trust model could help social network users to evaluate the trustworthiness of an unknown user before mistakenly trusting and sharing private information with malicious users.
  • Thumbnail Image
    Item
    A cybersecurity architecture that supports effective incident response
    (2022-03) Mutemwa, Muyowa; Mtsweni, Jabu S
    A Cybersecurity Operation Centre (SOC) is a centralized hub within an organisation that houses people, processes, and technologies aimed at continuous monitoring of the organization’s assets in order to prevent, detect, analyse, and respond to cybersecurity incidents against that organisation. SOCs are critical to the collection, analysis, and response to cybersecurity events and incidents faced by an organisation. This article discusses the architecture of an SOC that enables quick and timely responses to events and incidents. Firstly, the article describes an architecture of the SOC, the SOC’s processes, personnel, and technologies. Secondly, the article discusses what type of information and logs should be collected, analysed, and interpreted. Lastly the article discusses how to handle an incident through the six stages of incident response.
  • Thumbnail Image
    Item
    Defining cyber warfare capability attributes and characteristics for African Cyber Missions
    (2023-11) Thaba, James M; Mtsweni, Jabu S
    The domains of warfare have become complex, where cyberspace is declared as the fifth domain. The complexity of cyber space is that it is borderless, and war could be launched from anywhere, and is a serious concern for national security. There is also a different understanding on what cyber warfare needs to entail for nations to be able to defend and/or exploit the cyber space to sustain their territorial integrity and sovereignty. At the same time, the cyber warfare domain is dominated by developed nations, whilst African states are mostly left behind without fully appreciating the comprehensive capabilities (e.g. processes, people, and technologies) required to participate in this arena. This paper extends on the research of the authors in unpacking a comprehensive framework for developing cyber warfare capabilities for African militaries. It unpacks the framework to specific and measurable cyber warfare capability attributes and characteristics, especially for offensive objectives. This could aid African militaries to develop and mature their cyber warfare capabilities over time. This paper also suggests the implementation roadmap, considering all stakeholders and the most efficient way for establishing this strategic and national capability. The significance of the work presented in this paper is that it may aid nation states to systematically develop their cyber warfare capabilities to enable them to participate and/or be ready for participation in the fifth domain of warfare.
  • Thumbnail Image
    Item
    Developing a cyber threat intelligence sharing platform for South African organisations
    (IEEE, 2017-03) Mutemba, M; Mtsweni, Jabu S; Mkhonto, NN
    Cyber attacks are on the increase in severity, complexity and frequency, negatively affecting the citizens, government, and businesses. Adversely, the security and Defence role-players in developing countries, such as South Africa, are short of the required capacity and capability to adequately defend and protect the national cyberspace against these fast moving and persistent threats and attacks. Be that as it may, the South African cyberspace still requires national attention and protection by the mandated role-players, such as the Defence force and its industry partners. Thus, within the cyber domain, the various Defence force role-players can no longer rely on traditional solutions to detect, defend, and respond to the forever changing cyber threats and cyber attacks. In order to reduce cyber security risks and strengthen cyber resilience of the nation, strategic cyber security information sharing in the Defence environment is becoming a necessity. Thus, the contribution from this paper is a systematic discussion and demonstration of a conceptual cyber threat intelligence sharing model and platform that could stimulate and enable different stakeholders within the Defence environment to seamlessly and collaboratively aggregate, analyse, and timely share contextual and actionable cyber-threat intelligence that could lead to a resilient cyber security posture and better protection of the national cyberspace.
  • Thumbnail Image
    Item
    Developing robust cyber warfare capabilities for the African battlespace
    (2023-06) Thaba, James M; Mtsweni, Jabu S
    The evolution of technology in the African battlespace continues to pose a significant challenge to the African militaries. This evolution increases the need for the African militaries to be able to operate in the cyberspace strategically and effectively. Developing cyber warfare capabilities remains a challenge to many African militaries who are struggling to remain afloat due to ever decreasing resources, including budgets. This in turn reduces the effect of these militaries in the evolving battlespace. This paper seeks to present a comprehensive framework for developing cyber warfare capabilities for African militaries to be able to operate efficiently in the cyber battlespace. The proposed POSTEDFIT aligned framework, requires a comprehensive system thinking approach towards developing capabilities in a phased manner. This includes the ability to define the capabilities in terms of the requirements presented by the cyberspace, and the components forming these capabilities. The generic framework is based on the basic understanding of a capability, as the ability to do something, in this case, the ability to secure and operate in the cyberspace for African militaries, ability to conduct offensive cyber operations and ability to keep abreast with the evolving cyber battlespace.
  • Thumbnail Image
    Item
    Development of a cyber-threat intelligence-sharing model from big data sources
    (2016) Mtsweni, Jabu S; Mutemwa, Muyowa; Mkhonto, Njabulo
    As data in cyberspace continues to grow because of the ubiquity of Information Communication Technologies (ICT), it is becoming challenging to obtain context-aware, actionable information from Big Data to timely detect and respond to cyberattacks that are increasing in severity, complexity, and frequency. In fact, cybercriminals are developing and sharing advanced techniques for their cyber espionage, reconnaissance missions, and ultimately devastating attacks. In order to reduce cybersecurity risks and strengthen cyber resilience, strategic cybersecurity information-sharing is a necessity. This article discusses one way of handling large volumes of unstructured data that have been generated by multiple sources across different sectors into a cyber-threat intelligence-sharing model.
  • Thumbnail Image
    Item
    Development of a semantic-enabled cybersecurity threat intelligence sharing model
    (2016-03) Mtsweni, Jabu S; Shozi, Nobubele A; Matenche, Kqwadi; Mutemwa, Muyowa; Mkhonto, Njabulo; Jansen van Vuuren, Joey
    Big Data is transforming the global technological landscape by elevating online information access required for addressing everyday challenges, such as detecting in real-time the spread of diseases within areas of interest. As the data in the cyberspace continues to grow in a gargantuan manner due to the popularity and successes of Web 2.0 technologies and social networks, amongst other reasons, organizations also continue to face the complex challenge of sifting through this data to timely detect and respond to security threats relevant to their operating domain. Traditional businesses and governmental organisations generally rely on inefficient and discrete solutions that rely on limited sources of information, signature-based and anomaly-based approaches to detect known cyber threats and attacks. On the contrary, threat agents continue to develop advanced techniques for their cyber espionage, reconnaissance missions, and ultimately devastating attacks. In addition, emerging cybersecurity intelligence solutions lack the semantic knowledge essential for automated sharing of timely and context-aware information within a specific operating domain. Moreover, existing cybersecurity information sharing solutions lack the visualization and intelligence necessary for handling the large volume of unstructured data generated by multiple sources across different sectors. In an attempt to address some of these challenges, this paper presents a preposition of a semantic-enabled sharing model for exchanging timely and relevant cybersecurity intelligence with trusted collaborators. Drawing from previous research and open source sharing platforms, such as CRITS, this model is underpinned by common information exchange standards, such as STIX and TAXII. The proposed cross-platform sharing model is evaluated by exploiting a large stream of cybersecurity-related tweets and semantic knowledge available from a variety of data sources. Preliminary results suggest that semantic knowledge is essential towards enabling collaborative and automated exchange of timely and actionable cybersecurity intelligence.