A Framework for the Evaluation of Cybersecurity Effectiveness of Abu Dhabi Government Entities
Cyberspace has become one of the new frontiers for countries to demonstrate their power to survive in the digitized world. The UAE has become a major target for cyber conflicts due to the rapid increase in economic activity and technology. Further, the widespread use of internet in the region to the tune of 88% by the end of 2014 has exposed the critical infrastructure to all forms of cyber threats.
In this dissertation, the researcher presents a detailed study of the existing cyber security defences globally and an investigation into the factors that influence effectiveness of cyber security defences in Abu Dhabi government entities. Further, the role of cyber security education, training and awareness in enhancing effectiveness of cyber security and the role of senior management in providing strategic direction to government entities on cyber security are evaluated in addition to determining the contribution of strategic planning and technology level in ensuring an effective cyber security system.
The study has evaluated the level of Cyber security Effectiveness (CSE) in Abu Dhabi Government Entities and the results show that Science and Technology entity performed better than all other Entities with CSE Mean = 4.37 while Public Order showed the least performance with CSE Mean = 3.83 and the combined model of six factors with R-square value 0.317 after multiple regression implying that 32% change in CSE in the government entities is occurring due to the six (6) independent variables used in the study. Further, results show that management has the responsibility of putting in place strategies, frameworks and policies that respond appropriately to the prevention, detection and mitigation of cyber attacks. Results
Further, study findings reveal that qualified and experienced personnel in government entities show greater understanding of cyber and information security issues. Finally, the researcher proposes a cyber security framework and a checklist, with checkpoints, for evaluating the effectiveness of cyber security systems within government entities and future research interventions.