Constructing Cyber Resilience: A Focus on Cybersecurity Measures in the South African Construction Sector †
Abstract
:1. Introduction
2. Literature Review
2.1. Security Tools Used to Counter Cyberattacks
2.1.1. Firewalls
2.1.2. Intrusion Detection System (IDS)
2.1.3. Digital Certificates
2.1.4. One-Time Password (OTP)
2.1.5. Two-Factor Authentication
2.1.6. Biometrics
2.1.7. Digital Signature
2.1.8. Vulnerability Scanning Tools
3. Research Methodology
4. Results (Discussions)
4.1. Practices for Improving Cybersecurity
4.2. Exploratory Factor Analysis of the Best Practices for Improving Cybersecurity
5. Conclusions and Recommendations
Author Contributions
Funding
Institutional Review Board Statement
Informed Consent Statement
Data Availability Statement
Conflicts of Interest
References
- Nyamuchiwa, K.; Lei, Z.; Aranas, C., Jr. Cybersecurity vulnerabilities in off-site construction. Appl. Sci. 2019, 12, 5037. [Google Scholar] [CrossRef]
- Klinc, R.; Turk, Ž. Construction 4.0–digital transformation of one of the oldest industries. Econ. Bus. Rev. 2019, 21, 393–410. [Google Scholar] [CrossRef]
- Gcaza, N.; von Solms, R. A strategy for a cybersecurity culture: A South African perspective. Electron. J. Inf. Syst. Dev. Ctries. 2017, 80, 1–17. [Google Scholar] [CrossRef]
- Barrett, M. Path Forward to Support Adoption and Adoption of Cybersecurity Framework the Framework for Improving Critical Infrastructure Cybersecurity. 2018. Available online: https://www.nist.gov/system/files/documents/2018/02/06/session_iii_-_barrett_csf.pdf (accessed on 2 February 2024).
- Beckage, J.A.; Parziale, D.J. Why the Construction Industry Is Being Impacted by Cyberattacks, and What to Do about It. 2021. Available online: https://www.agc.org/sites/default/files/Galleries/enviro_members_file/CLE%20Paper_%20Cyber%20Attacks%20and%20the%20Construction%20Industry.pdf (accessed on 14 December 2023).
- Pieterse, H. The cyber threat landscape in South Africa: A 10-year review. Afr. J. Inf. Commun. 2021, 28, 1–21. [Google Scholar] [CrossRef]
- Eunice, A.D.; Gao, Q.; Zhu, M.Y.; Chen, Z.; Na, L.V. Network anomaly detection technology based on deep learning. In Proceedings of the 2021 IEEE 3rd International Conference on Frontiers Technology of Information and Computer (ICFTIC), Greenville, SC, USA, 12–14 November 2021. [Google Scholar]
- Kortjan, N.; von Solms, R. Cybersecurity education in developing countries: A South African perspective. In e-Infrastructure and e-Services for Developing Countries; Springer: London, UK, 2013; pp. 289–297. [Google Scholar]
- Luiijf, E.; Besseling, K.; De Graaf, P. Nineteen national cyber security strategies. Int. J. Crit. Infrastruct. 2013, 9, 3–31. [Google Scholar] [CrossRef]
- Mallik, A.; Ahsan, A.; Shahadat, M.; Tsou, J. Man-in-the-middle-attack: Understanding in simple words. Int. J. Data Netw. Sci. 2019, 3, 77–92. [Google Scholar] [CrossRef]
- Mantha, B.R.; Garcia de Soto, B. Cybersecurity Challenges and Vulnerability Assessment in the Construction Industry. 2019. Available online: https://www.semanticscholar.org/paper/Cyber-security-challenges-and-vulnerability-in-the-Mantha-Soto/0d76974ae70fd1d58e212347b59925427dbed858 (accessed on 4 February 2024).
- Namanya, A.P.; Cullen, A.; Awan, I.U.; Disso, J.P. The world of malware: An overview. In Proceedings of the 2018 IEEE 6th International Conference on Future Internet of Things and Cloud (FiCloud), Barcelona, Spain, 6–8 August 2018; pp. 420–427. [Google Scholar]
- Nguyen, B.; Buscher, V.; Cavendish, W.; Gerber, D.; Leung, S.; Krzyzaniak, A.; Flapper, T. Blockchain and the Built Environment; Arup: London, UK, 2019. [Google Scholar]
- Odlyzko, A. Cybersecurity Is Not Very Important; Ubiquity: New York, NY, USA, 2019; pp. 1–23. [Google Scholar]
- Olofinbiyi, S. A reassessment of public awareness and legislative framework on cybersecurity in South Africa. Jurid. Sci. 2022, 2, 1–12. [Google Scholar] [CrossRef]
- Priyadarshini, I. Introduction to Cybersecurity. 2019. Available online: https://www.researchgate.net/publication/331992988 (accessed on 3 January 2024).
- Sharp, R. An Introduction to Malware. 2017. Available online: https://core.ac.uk/download/pdf/24847956.pdf (accessed on 17 January 2024).
- Arowoiya, V.A.; Oke, A.E.; Aigbavboa, C.O.; Aliu, J. An appraisal of the adoption internet of things (IoT) elements for sustainable construction. J. Eng. Des. Technol. 2020, 18, 1193–1208. [Google Scholar] [CrossRef]
- Yong, A.; Pearce, S. A beginner’s guide to factor analysis: Focusing on exploratory factor analysis (EFA). Tutor. Quant. Methods Psychol. 2013, 9, 79–94. [Google Scholar] [CrossRef]
- Kritzinger, E. Cyber-Safety a South African School Perspective. 2014. Available online: http://eagle.unisa.ac.za/elmarie/images/Pdf/r2.pdf (accessed on 3 February 2024).
- Grobler, M.; Bryk, H. Common challenges faced during the establishment of a CSIRT. In Proceedings of the 2010 Information Security for South Africa, Johannesburg, South Africa, 2–4 August 2020; pp. 1–6. [Google Scholar]
- De Lanerolle, I. Internet Freedom: Why Access Is Becoming a Human Right. 2016. Available online: https://theconversation.com/internet-freedom-why-access-is-becoming-a-human-right-59125 (accessed on 3 February 2024).
- Tamarkin, E. The AU’s Cybercrime Response: A Positive Start, But Substantial Challenges ahead. 2015. Available online: https://issafrica.org/research/policy-brief/the-aus-cybercrime-response-a-positive-start-but-substantial-challenges-ahead (accessed on 25 January 2024).
- Cybersecurity and Infrastructure Security Agency (CISA). Cybersecurity Awareness Month Theme and Schedule. 2021. Available online: https://www.cisa.gov/cybersecurity-awareness-month (accessed on 25 January 2024).
- García de Soto, B.; Georgescu, B.R.; Turk, M.Z.; Maciel, A. Construction Cybersecurity and Critical Infrastructure Protection: Significance, Overlaps, and Proposed Action Plan. 2020. Available online: https://www.preprints.org/manuscript/202005.0213/v1 (accessed on 18 January 2024).
Practices for Improving Cybersecurity | Mean | SD | Rank |
---|---|---|---|
Two-factor authentication | 4.55 | 0.597 | 1 |
One-time password | 4.51 | 0.737 | 2 |
Firewalls | 4.48 | 0.598 | 3 |
Biometrics | 4.47 | 0.661 | 4 |
Utilize threat intelligence | 4.47 | 0.680 | 5 |
Digital signature | 4.43 | 0.594 | 6 |
Strategic approach | 4.43 | 0.733 | 7 |
Digital certificate | 4.40 | 0.654 | 8 |
Be prepared for when, not if | 4.40 | 0.799 | 9 |
Cyber liability insurance | 4.40 | 0.712 | 10 |
Security tokens | 4.39 | 0.610 | 11 |
Vulnerability scanning tool | 4.39 | 0.691 | 12 |
Focus on compliance | 4.39 | 0.652 | 13 |
Collaborate and report | 4.39 | 0.746 | 14 |
Intrusion detection system | 4.38 | 0.586 | 15 |
Personal data protection (PDP) | 4.38 | 0.726 | 16 |
Private sector-initiated cybersecurity implementation frameworks | 4.36 | 0.724 | 17 |
Evaluating risks so it is properly allocated through contract | 4.36 | 0.724 | 18 |
Capacity building and awareness | 4.36 | 0.647 | 19 |
Adopt a defense-in-depth approach | 4.35 | 0.703 | 20 |
Promote a security-focused cyberculture | 4.35 | 0.644 | 21 |
International information security standards | 4.34 | 0.736 | 22 |
Developing national cybersecurity strategies/agendas | 4.32 | 0.768 | 23 |
Picking the plan that is right for you | 4.31 | 0.674 | 24 |
The role of the private sector in cybersecurity | 4.31 | 0.693 | 25 |
Country-initiated cybersecurity implementation frameworks | 4.30 | 0.745 | 26 |
National cybersecurity framework | 4.30 | 0.689 | 27 |
Strengthening regional and international cooperation | 4.29 | 0.776 | 28 |
Building a team of trusted advisors | 4.23 | 0.759 | 29 |
Frameworks for implementing national cybersecurity initiatives | 4.17 | 0.768 | 30 |
Pattern Matrix a | |||||
---|---|---|---|---|---|
Cybersecurity Measures | Component | ||||
1 | 2 | 3 | 4 | 5 | |
International information security standards | 0.857 | ||||
Digital certificate | 0.742 | ||||
Cyber liability insurance | 0.711 | ||||
Developing national cybersecurity strategies/agendas | 0.657 | ||||
Frameworks for implementing national cybersecurity initiatives | 0.653 | ||||
Private sector-initiated cybersecurity implementation frameworks | 0.649 | ||||
Country-initiated cybersecurity implementation frameworks | 0.641 | ||||
Picking the plan that is right for you | 0.532 | ||||
One-time password | 0.496 | ||||
Two-factor authentication | 0.850 | ||||
Vulnerability scanning tool | 0.749 | ||||
Security tokens | 0.727 | ||||
Digital signature | 0.681 | ||||
Focus on compliance | 0.518 | ||||
Biometrics | 0.508 | ||||
Intrusion detection system | 0.495 | ||||
The role of the private sector in cybersecurity | 0.409 | ||||
Strategic approach | 0.817 | ||||
Personal data protection (PDP) | 0.789 | ||||
National cybersecurity framework | 0.657 | ||||
Capacity building and awareness | 0.628 | ||||
Strengthening regional and international cooperation | 0.618 | ||||
Firewalls | 0.617 | ||||
Building a team of trusted advisors | 0.380 | ||||
Collaborate and report | 0.620 | ||||
Be prepared for when, not if | 0.524 | ||||
Evaluating risks so it is properly allocated through contract | 0.441 | ||||
Adopt a defense-in-depth approach | 0.584 | ||||
Utilize threat intelligence | 0.399 | ||||
Promote a security-focused cyberculture | 0.371 |
Disclaimer/Publisher’s Note: The statements, opinions and data contained in all publications are solely those of the individual author(s) and contributor(s) and not of MDPI and/or the editor(s). MDPI and/or the editor(s) disclaim responsibility for any injury to people or property resulting from any ideas, methods, instructions or products referred to in the content. |
© 2024 by the authors. Licensee MDPI, Basel, Switzerland. This article is an open access article distributed under the terms and conditions of the Creative Commons Attribution (CC BY) license (https://creativecommons.org/licenses/by/4.0/).
Share and Cite
Stephen, S.; Aigbavboa, C.; Oke, A.; Akinradewo, O.; Idowu, A. Constructing Cyber Resilience: A Focus on Cybersecurity Measures in the South African Construction Sector. Eng. Proc. 2024, 76, 3. https://doi.org/10.3390/engproc2024076003
Stephen S, Aigbavboa C, Oke A, Akinradewo O, Idowu A. Constructing Cyber Resilience: A Focus on Cybersecurity Measures in the South African Construction Sector. Engineering Proceedings. 2024; 76(1):3. https://doi.org/10.3390/engproc2024076003
Chicago/Turabian StyleStephen, Seyi, Clinton Aigbavboa, Ayodeji Oke, Opeoluwa Akinradewo, and Ayobami Idowu. 2024. "Constructing Cyber Resilience: A Focus on Cybersecurity Measures in the South African Construction Sector" Engineering Proceedings 76, no. 1: 3. https://doi.org/10.3390/engproc2024076003
APA StyleStephen, S., Aigbavboa, C., Oke, A., Akinradewo, O., & Idowu, A. (2024). Constructing Cyber Resilience: A Focus on Cybersecurity Measures in the South African Construction Sector. Engineering Proceedings, 76(1), 3. https://doi.org/10.3390/engproc2024076003