Challenges Facing Information Systems Security Management in Higher Learning Institutions: A Case Study of the Catholic University of Eastern Africa - Kenya

Okibo, Bichanga Walter; Ochiche, Obara Brigit

doi:10.17722/ijme.v3i1.133

Cited by 2 publications

(4 citation statements)

References 28 publications

(9 reference statements)

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Sociotechnical, holistic approach (Hedström, Dhillon, & Karlsson, 2010) (Loser, Nolte, Herrmann, & Te Neues, 2011) (Noghondar et al, 2012) (Okibo & Ochiche, 2014) Technical solutions (Bhilare, Ramani, & Tanwani, 2009) (Lee, Larose, & Rifon, 2008) Culture and awareness (Ngoqo & Flowerday, 2014) (North, George, & North, 2006) (Yamanoue et al, 2013) Governance (Liu et al, 2017) (Nie & Dai, 2017)…”

Section: Discussionmentioning

confidence: 99%

“…As a result of these complex dynamics, the number of reported information security accidents in HE is growing throughout the world (Chapman, 2019), with several eminent cases making headlines in recent years (Table 1) Academic research on information security management in HE is still nascent (Marks, 2007;Okibo & Ochiche, 2014). At the same time, as demonstrated by prior research (Doherty, Anastasakis, & Fulford, 2009), information security in universities differs from other organisations, which renders information security management in HE a research domain per se.…”

Section: Introductionmentioning

confidence: 99%

See 1 more Smart Citation

The least secure places in the universe? A systematic literature review on information security management in higher education

Bongiovanni

2019

Computers & Security

View full text Add to dashboard Cite

Current research has demonstrated the progressively more strategic role that information security has in modern organisations. Higher education is no exception. The increasing number of security breaches experienced in recent years by higher education institutions epitomises the importance of confidentiality, integrity and availability of information in universities. To synthesise research in this field, this literature review systematically examines papers that have been published in the last thirteen years. The present review aims at expanding our understanding of the sub-topics, perspectives, methodologies, and trends that characterise this nascent field of investigation. Literature gaps are highlighted and an agenda for further work is proposed. First of its kind, this review concludes that information security management in higher education is a highly underinvestigated topic. Areas for further research include information security culture; comparative studies on information security management in industries other than higher education; comparative studies across universities; and economics of information security management.

show abstract

Section: Discussionmentioning

confidence: 99%

Section: Introductionmentioning

confidence: 99%

The least secure places in the universe? A systematic literature review on information security management in higher education

Bongiovanni

2019

Computers & Security

View full text Add to dashboard Cite

show abstract

“…Institutions of higher learning retain sensitive data making them highly attractive targets for cybercrime (Verizon, 2017). Security risks on information systems in higher learning institutions are not theoretical, as some incidents have revealed; ranging from theft of information, unauthorised disclosure, unauthorised alteration of information, corruption of data or damage to networks (Verizon, 2017;Okibo and Ochibe, 2014;Ndolo et al, 2018;Juma, 2011;Capital Campus, 2015;Mugyenyi, 2017;BBC, 2018;Perlroth, 2012). In Kenya, a catholic university of Eastern Africa system was hacked by some students and this resulted into alteration of grades, registration for courses not yet covered and grading them, clearance/alteration of their financial balances (Okibo and Ochibe, 2014).…”

Section: Related Workmentioning

confidence: 99%

“…Security risks on information systems in higher learning institutions are not theoretical, as some incidents have revealed; ranging from theft of information, unauthorised disclosure, unauthorised alteration of information, corruption of data or damage to networks (Verizon, 2017;Okibo and Ochibe, 2014;Ndolo et al, 2018;Juma, 2011;Capital Campus, 2015;Mugyenyi, 2017;BBC, 2018;Perlroth, 2012). In Kenya, a catholic university of Eastern Africa system was hacked by some students and this resulted into alteration of grades, registration for courses not yet covered and grading them, clearance/alteration of their financial balances (Okibo and Ochibe, 2014). In 2011, a report was circulated by the Permanent Secretary, Ministry of Higher Education, Science and Technology to all Vice Chancellors of Jomo Kenyatta University of Agriculture and Technology, the Catholic University of Eastern Africa, Daystar University and Maseno University about a group of university students that compromised academic and financial systems' integrity by altering grades and fee balances (Ndolo et al, 2018).…”

Section: Related Workmentioning

confidence: 99%

A Secure Model for Storage and Dissemination of Examination Results: A Case Study of Zambia Technical Education Vocational and Entrepreneurship Training Authority

Mseteka

Phiri

2019

Journal of Computer Science

View full text Add to dashboard Cite

Most developing countries and public higher institutions of learning have low levels of Information and Communication Technology (ICT) and hence face challenges in securing information and information systems. Therefore, dissemination of examination results through web and mobile applications usually raise security concerns on how to ensure the confidentiality, integrity and authenticity of students' examination results due to susceptibility of web and mobile applications. In this study, we are proposing a secure model for storage and dissemination of students' examination results using encryption and cryptographic hash functions to simultaneously provide confidentiality, integrity and authenticity assurances of students' examination results. The study is based on Technical Education, Vocational and Entrepreneurship Training Authority (TEVETA), an examination body in Zambia. A baseline study was conducted to determine the challenges faced by TEVETA and students regarding dissemination of students' examination results. Data was collected from 558 respondents consisting of 514 students, 36 members of staff in-charge of examinations in TEVETA registered institutions and 8 TEVETA ICT staff. The results from the study indicate that the current TEVETA examination cycle business processes have a number of irregularities. These include candidate registration, storage of students' examination results and dissemination of students' examination results. The results from the baseline study were used to come up with the model which was then used to develop a prototype. The results obtained from the test and evaluation of the developed prototype based on the model shows that the system provides an avenue to ensure the confidentiality of students' results through encryption as well of integrity and authenticity of students' examination results through detection of altered students' examination results during transmission and storage through cryptographic hash function.

show abstract

Challenges Facing Information Systems Security Management in Higher Learning Institutions: A Case Study of the Catholic University of Eastern Africa - Kenya

Abstract: Abstract-

Cited by 2 publications

References 28 publications

The least secure places in the universe? A systematic literature review on information security management in higher education

The least secure places in the universe? A systematic literature review on information security management in higher education

A Secure Model for Storage and Dissemination of Examination Results: A Case Study of Zambia Technical Education Vocational and Entrepreneurship Training Authority

Contact Info

Product

Resources

About