A Framework for the Evaluation of Cybersecurity Effectiveness of Abu Dhabi Government Entities
Abstract
Cyberspace has become one of the new frontiers for countries to demonstrate their power to survive in the digitized world. The UAE has become a major target for cyber conflicts due to the rapid increase in economic activity and technology. Further, the widespread use of internet in the region to the tune of 88% by the end of 2014 has exposed the critical infrastructure to all forms of cyber threats.
In this dissertation, the researcher presents a detailed study of the existing cybersecurity defences globally and an investigation into the factors that influence effectiveness of cybersecurity defences in Abu Dhabi government entities. Further, the role of cybersecurity education, training and awareness in enhancing effectiveness of cybersecurity and the role of senior management in providing strategic direction to government entities on cybersecurity are evaluated in addition to determining the contribution of strategic planning and technology level in ensuring an effective cybersecurity system.
The study has evaluated the level of Cybersecurity Effectiveness (CSE) in Abu Dhabi Government. Entities and the results show that science and technology entity performed better than all other Entities; with CSE Mean = 4.37 while Public Order showed the least performance with CSE Mean = 3.83 and the combined model of six factors with R-square value 0.317 after multiple regression implying that 32% change in CSE in the government entities is occurring due to the six (6) independent variables used in the study. Further, results show that management has the responsibility of putting in place strategies, frameworks and policies that respond appropriately to the prevention, detection and mitigation of cyberattacks. Results further indicate that culture sensitive training and awareness programs add to the quality and effectiveness of cybersecurity systems in government entities.
Further, study findings reveal that qualified and experienced personnel in government entities show greater understanding of cyber and information security issues. Finally, the researcher proposes a cybersecurity framework and a checklist, with checkpoints, for evaluating t