A knowledge-sharing framework for improving information security in a South African financial institution
Date
2024-12
Authors
Journal Title
Journal ISSN
Volume Title
Publisher
Stellenbosch : Stellenbosch University
Abstract
Financial institutions have established themselves as a reliable way to increase access to financial services for customers worldwide, despite the information security concerns they are confronted with. The adoption of Information and Communication Technology made it easy for these financial institutions to do business and it is almost impossible to do without them. Financial institutions may be able to strengthen information security management practices and build more effective and efficient security mitigation methods by addressing knowledge-sharing hurdles. This study draws attention to the largely unexplored factors that can be considered when improving an organisation’s information security outlook.
This study draws from the unexplored factors and proposes a theoretical framework for improving the information security through knowledge sharing in the financial sectors in South Africa. The framework was developed using the Design Science Research methodology approach to enhance information security through knowledge sharing. Two theories, namely Social Exchange Theory and General Deterrence Theory were used for this study. The study found that factors such as technological factors, security support staff, policies, awareness, vulnerabilities, attitudes and management measures influence enhanced security evaluation.
Feedback provided by the study’s participants on the suggested framework overcomes some of the major information security challenges. In addition to its contribution to the body of knowledge on the subject, the research has identified areas where there is a significant scope for further research. The financial industry has benefited from research on information security and knowledge sharing which addresses the complexity of the information security environment. This framework aims to develop, design and deliver more secure organisations through improved information security management.
Description
Thesis (MPhil)--Stellenbosch University, 2024.