Dawood, Zubeida CMkuzangwe, Nenekazi NP2022-05-092022-05-092022-03Dawood, Z.C. & Mkuzangwe, N.N. 2022. Advancing cybersecurity capabilities for South African organisations through R&D. http://hdl.handle.net/10204/12406 .978-1-914587-26-9http://hdl.handle.net/10204/12406There is a growth of cyber-attacks in South Africa. Seeing that there are over 38 million Internet users in South Africa, this is no surprise. The South African government has published the National Cybersecurity Policy Framework (NCPF) and Protection of Personal Information Act (POPIA) to move towards mitigating cyber threats due to the increase of the presence of South African organisations and citizens in cyber space. This demonstrates that there is a need for organisations to have a clear roadmap to implement and improve on their own cybersecurity capabilities. South African organisations need to take a proactive stance in cybersecurity because businesses rely heavily on technology for day-to-day operations. Currently cyber-attacks cost South African organisations over R2 billion, and the current work-from-home arrangement that most organisations have implemented will only worsen the situation. While a cybersecurity roadmap will differ in every organisation based on the organisation’s vision, goals, and objectives, along with their information technology (IT) and operations technology (OT), a starting point is perhaps the identification of key research and development (R&D) areas together with key activities that organisations can focus on in order to improve their cybersecurity capabilities. Cybersecurity capabilities are tools that organisations use to strengthen their organisation and protect themselves from potential cyber threats. The purpose of this study was to investigate R&D areas that organisations should invest in for the purpose of improving their cybersecurity capabilities. There are various subfields in cybersecurity that can be explored for organisations to advance their cybersecurity capabilities. Five integral R&D dimensions were identified together with key activities and are presented and discussed. A conceptual framework is also presented which maps the R&D dimensions and activities to the main pillars of cybersecurity, i.e., People, Processes, and Technology. South African organisations could reference the framework and adapt it for their business needs to protect themselves against potential cyber threats.FulltextenCybersecurityCyber threatsCybersecurity capabilitiesCyber-attacksResearch and developmentConference PresentationDawood, Z. C., & Mkuzangwe, N. N. (2022). Advancing cybersecurity capabilities for South African organisations through R&D. http://hdl.handle.net/10204/12406Dawood, Zubeida C, and Nenekazi NP Mkuzangwe. "Advancing cybersecurity capabilities for South African organisations through R&D." <i>Proceedings of the 17th International Conference on Cyber Warfare and Security, New York, USA, 17-18 March 2022</i> (2022): http://hdl.handle.net/10204/12406Dawood ZC, Mkuzangwe NN, Advancing cybersecurity capabilities for South African organisations through R&D; 2022. http://hdl.handle.net/10204/12406 .TY - Conference Presentation AU - Dawood, Zubeida C AU - Mkuzangwe, Nenekazi NP AB - There is a growth of cyber-attacks in South Africa. Seeing that there are over 38 million Internet users in South Africa, this is no surprise. The South African government has published the National Cybersecurity Policy Framework (NCPF) and Protection of Personal Information Act (POPIA) to move towards mitigating cyber threats due to the increase of the presence of South African organisations and citizens in cyber space. This demonstrates that there is a need for organisations to have a clear roadmap to implement and improve on their own cybersecurity capabilities. South African organisations need to take a proactive stance in cybersecurity because businesses rely heavily on technology for day-to-day operations. Currently cyber-attacks cost South African organisations over R2 billion, and the current work-from-home arrangement that most organisations have implemented will only worsen the situation. While a cybersecurity roadmap will differ in every organisation based on the organisation’s vision, goals, and objectives, along with their information technology (IT) and operations technology (OT), a starting point is perhaps the identification of key research and development (R&D) areas together with key activities that organisations can focus on in order to improve their cybersecurity capabilities. Cybersecurity capabilities are tools that organisations use to strengthen their organisation and protect themselves from potential cyber threats. The purpose of this study was to investigate R&D areas that organisations should invest in for the purpose of improving their cybersecurity capabilities. There are various subfields in cybersecurity that can be explored for organisations to advance their cybersecurity capabilities. Five integral R&D dimensions were identified together with key activities and are presented and discussed. A conceptual framework is also presented which maps the R&D dimensions and activities to the main pillars of cybersecurity, i.e., People, Processes, and Technology. South African organisations could reference the framework and adapt it for their business needs to protect themselves against potential cyber threats. DA - 2022-03 DB - ResearchSpace DP - CSIR J1 - Proceedings of the 17th International Conference on Cyber Warfare and Security, New York, USA, 17-18 March 2022 KW - Cybersecurity KW - Cyber threats KW - Cybersecurity capabilities KW - Cyber-attacks KW - Research and development LK - https://researchspace.csir.co.za PY - 2022 SM - 978-1-914587-26-9 T1 - Advancing cybersecurity capabilities for South African organisations through R&D TI - Advancing cybersecurity capabilities for South African organisations through R&D UR - http://hdl.handle.net/10204/12406 ER -25631