A Model for identifying vulnerabilities on critical infrastructures: case of cyber threats in Kenya

Date
2021-11
Authors
Maina, Simon Kuria
Journal Title
Journal ISSN
Volume Title
Publisher
Strathmore University
Abstract
With advancement in technology, industry-focused technological systems have over time faced the challenge of attacks given their vulnerabilities resulting in denial of services and catastrophic operations for countries. This study focused at analysing the risk exposure on Kenya’s Critical Information Infrastructure (CII). A model for identifying the vulnerabilities that critical infrastructures are exposed to by detecting anomalies in the set thresholds was developed. This study adopted the vulnerability system development lifecycle to develop the model. The model was developed following the Rapid Assessment Methodology and used the Common Vulnerability Scoring System (CVSS) to measure the severity of potential vulnerabilities against critical infrastructure. This allowed the model to prioritize responses and resources to remediate against the vulnerability identified. The study found that vulnerabilities pose a security threat on systems that are deemed critical and as such recommends that organisations should invest on vulnerability assessment tools. These will help them detect, remediate and monitor and evaluate vulnerabilities on CIIs.
Description
A Thesis Submitted to the Faculty of Information in partial fulfillment of the requirements for the award of Master of Science in Information Technology
Keywords
Cyber threats, Information security, Critical information infrastructures
Citation
URI
http://hdl.handle.net/11071/12208
Collections
MSIT Theses and Dissertations (2020)