Analysis of COVID-19 fffects on cybersecurity in South African-based organisations

Thesis / Dissertation

2025

Permanent link to this Item
http://hdl.handle.net/11427/41513
Files
thesis_com_2025_daya mahima.pdf (5.3 MB)
Authors
Daya, Mahima
Supervisors
Kyobe, Michael
Journal Title
Link to Journal
Journal ISSN
Volume Title
Publisher
Publisher

University of Cape Town

Department
Department of Information Systems
Faculty
Faculty of Commerce
License
Series
Abstract
The COVID-19 pandemic has significantly impacted cybersecurity practices in South African organisations across various sectors, including financial services, healthcare, retail, and technology, with vulnerabilities arising from remote work, digital infrastructure, and financial strain. This study applied Engström's Activity Theory Framework to explore the effects of the pandemic on cyber-threats, vulnerabilities, and organisational responses. The findings reveal that remote workers faced significant vulnerabilities during the pandemic, making them susceptible to phishing and social engineering attacks. The study highlights the importance of cybersecurity awareness training and education for employees in South African organisations. The economic instability of South Africa during the pandemic led to an increased appeal of cyber-threats, underscoring the need for enhanced cybersecurity strategies. The study's findings provide practical recommendations for enhancing cybersecurity strategies, including the adoption of secure remote work solutions and the development of incident response plans. The results underscore the importance of cybersecurity awareness training and education for employees. The study's methodology involved conducting 30 semi-structured interviews with South African organisations from the financial, healthcare, retail, and technology sectors, employing thematic analysis to delve into the realm of cybersecurity management practices during the pandemic. Despite its limitations, including a limited data sample and potential lack of generalisability to all South African organisations, this study contributes to the existing literature and provides valuable insights for policymakers, organisations, and cybersecurity professionals. The findings suggest that to mitigate risks, organisations should prioritise cybersecurity and invest in comprehensive cybersecurity solutions. Employee training is essential for enhancing cybersecurity awareness and preventing cyberattacks. Regulatory compliance is crucial for ensuring data privacy and security standards are met. Investments in digital infrastructure and cybersecurity education and training are also recommended to equip future professionals with the necessary skills to address emerging cyber threats. Future research should consider expanding data sources and conducting long-term analyses to gain a more comprehensive understanding of the cybersecurity challenges during and beyond the pandemic.
Description
Keywords
COVID-19
Cybersecurity
cybersecurity awareness training
remote work
South African organisations
vulnerabilities

Reference:

Daya, M. 2025. Analysis of COVID-19 fffects on cybersecurity in South African-based organisations. . University of Cape Town ,Faculty of Commerce ,Department of Information Systems. http://hdl.handle.net/11427/41513

Collections
Masters