Hanifa Abdullah - Academia.edu (original) (raw)

Papers by Hanifa Abdullah

Research paper thumbnail of Design and Comparative Analysis of Microstrip Patch Antenna by Using Various Materials in HFSS

Lecture notes in electrical engineering, 2022

Research paper thumbnail of Analyzing the technological challenges of Governance, Risk and Compliance (GRC)

2019 4th International Conference on Electrical, Electronics, Communication, Computer Technologies and Optimization Techniques (ICEECCOT)

Governance, Risk and Compliance (GRC) is a novel and multifaceted means to an approach, whereby E... more Governance, Risk and Compliance (GRC) is a novel and multifaceted means to an approach, whereby Enterprise Risk Management (ERM) and compliance are regarded as strategic initiatives that link to the business objectives. This, in turn, requires corporate governance to foster the growth and performance of the organization. The proper implementation and execution of GRC has a host of benefits for organizations. Some of these benefits include risk-based decision-making, organizational efficiency, visibility, transparency and business agility. The most convincing and demonstrable argument for integrated GRC is as an enabler for the organizational strategy. Whilst acknowledging the many benefits GRC has for organizations, it is equally important to address the numerous challenges GRC has in respect to frameworks, people, process and technology. This paper addresses the technological challenges of GRC by means of analyzing a commercial GRC software tool. The objective of this analysis is to ascertain if the challenges are valid and if organizations should invest in GRC software.

Research paper thumbnail of Utilizing Information and Communications Technology to enhance risk management

2022 Conference on Information Communications Technology and Society (ICTAS)

Information and Communication Technology (ICT) is concerned about technology to provide access to... more Information and Communication Technology (ICT) is concerned about technology to provide access to information through platforms of telecommunication. Risk management is a process of identifying, assessing, and managing the risks. This paper explores the use of ICT and how it contributes to the effectiveness of risk management in the national department of Water and Sanitation within the public sector. The key contributing factors to the use of technology include the availability and access to the ICT resources which results in the organization's ability to measure the influence of technologies to communicate risk information to improve the process. In depth interviews and online surveys were conducted. Data collected was analyzed using thematical analysis and key themes were identified. The findings indicate that ICT plays a critical role on the effectiveness of risk management and has a potential to enhance risk management regardless of the challenges identified.

Research paper thumbnail of Towards the development of an information privacy protection awareness inititiative for data subjects and organizations

2021 National Computing Colleges Conference (NCCC)

Technology has transformed the manner whereby users and organizations conduct their daily activit... more Technology has transformed the manner whereby users and organizations conduct their daily activities facilitating high levels of convenience for both users and organizations alike. Unfortunately, many users and organizations are oblivious that the convenience and accessibility of technology may come at a detrimental expense to their privacy. The collection and dissemination of user’s privacy can manifest in identity theft and financial deception for users. For organizations, trust, reputation, and loyalty are compromised if personal information of users is mismanaged. A highly publicized data breach may not only yield regulatory penalties but may trigger lawsuits or generate destructive publicity that can compromise a promising business. This study aspires to propagate information privacy protection awareness for users and organizations by means of documenting the essential factors of information privacy protection awareness in terms of the rationale for information privacy protection, privacy environment, information privacy protection measures/program, responsibility for information privacy protection, and consequences of a privacy breach. The objective of this exercise is to develop a theoretical base for the development of an information privacy protection awareness initiative and to illustrate that both users and organizations despite having different approaches to information privacy protection should assume full responsibility thereof to evade the impact of a privacy breach.

Research paper thumbnail of Towards the design of pre questionnaires to promote information privacy protection awareness

2021 22nd International Arab Conference on Information Technology (ACIT), 2021

The number of victims of cyber-attacks escalates daily as cyber criminals become more sophisticat... more The number of victims of cyber-attacks escalates daily as cyber criminals become more sophisticated in their attack methods. Many organizations have well developed information privacy protection mechanisms in place but there are still many organizations that fail to proactively prepare themselves in terms of a rigid organizational information privacy protection program. The same applies for individuals who lack the required knowledge to proactively protect their personal information from being compromised and therefore fall victims to data breaches. For organizations, a data breach can cost the organization millions in terms of recovery expenses and operational interruptions and can cause serious reputational damage to individuals.The objective of this study is to use an honors project presented by the School of Computing at the University of South Africa (UNISA) to promote information privacy protection awareness. This is by means of creating a pre questionnaire for different contexts for organizations and individuals to elicit their current level of understanding regarding information privacy protection awareness. This will serve as a preliminary step for the development of an artefact to promote information privacy protection awareness and the subsequent evaluation of the artefact by means of a post questionnaire. The creation of pre questionnaires will also serve as guidance to students who experience difficulties in their literature review and identifying a suitable context for their study.

Research paper thumbnail of Assessing the Impact of Information Privacy Protection Awareness Among Online Users and Consumers

2021 IEEE Mysore Sub Section International Conference (MysuruCon), 2021

Innovation in Information Technology (IT) has brought about many advantages but has also raised c... more Innovation in Information Technology (IT) has brought about many advantages but has also raised challenges, such as privacy issues. For society to realize the full potential of technology, individuals must have the ability to protect their personal information. The aim of this study is to investigate the information privacy protection awareness level of online users and consumers. A quantitative research method was used for this study. This study found that online users and consumers are aware of information privacy protection but still need to be educated to improve their awareness level. This study identified information privacy protection education as the basic need for the community to be able to reap the full potential of technology. To address privacy challenges, online users and consumers must improve their information privacy protection awareness level to protect their personal information and hold any party handling and processing their personal information incorrectly accountable.

Research paper thumbnail of Proposition of a framework for consumer information privacy protection

2020 International Conference on Artificial Intelligence, Big Data, Computing and Data Communication Systems (icABCD), 2020

The growing use of digital technologies has provided businesses with various avenues of collectin... more The growing use of digital technologies has provided businesses with various avenues of collecting data about consumers and potential consumers. Due to the discreet manner whereby information is collected, consumers are often oblivious that they are providing businesses with information such as IP addresses and the pages they view. Cookies and tracking devices can also provide personal information of consumers to businesses. Businesses do not comprehend their misuse of consumer data until they sustain a privacy breach, which could lead to financial and reputational damage to the business as well as a loss of consumer trust and loyalty. Businesses however have both a legal and moral onus to protect consumer's personal data in a dignified manner. The objective of this study is to propose a framework for consumer privacy protection strategy. Forrester's data security and privacy playbook provides the tools, information and analysis to help businesses protect sensitive data from cybercrime and privacy abuse by means of a framework that has a three-step process, Discover, Plan and Act. The framework is developed within Forrester's playbook. The justification for the proposition of this framework is to mitigate the detrimental consequences of a privacy breach and ensure that businesses no longer treat consumer privacy protection as an afterthought.

Research paper thumbnail of Enhancing and enriching students' reading experience by using social media technologies

Traditionally, learners obtain information from newspapers, books, encyclopedias and magazines, i... more Traditionally, learners obtain information from newspapers, books, encyclopedias and magazines, i.e. printed media. This traditional mode of acquiring information should continue, but the learning experience can be greatly enhanced and enriched by using social media or Web 2.0 technologies. Examples of such technologies include collaborative projects (e.g., Wikis), blogs and microblogs (e.g., Twitter), content communities (e.g., YouTube), social networking sites (e.g., Facebook), virtual game worlds (e.g., World of Warcraft) and virtual social worlds (e.g. Second Life). The use of social media in enhancing and enriching reading could be guided by social interaction learning principles that encourage active learning through the interaction of learners with capable individuals, software and educational material over social networks. There are concerns regarding the use of social media, such as addiction to online games, music and live chatting, as well as teacher-student online relati...

Research paper thumbnail of A conceptual framework for integrated information privacy protection

2016 International Conference on Advances in Computing and Communication Engineering (ICACCE), 2016

Successful organizations strive to achieve a high degree of corporate governance, effective techn... more Successful organizations strive to achieve a high degree of corporate governance, effective techniques for risk management, and an assurance regarding the fulfilment of compliance requirements. This effort bears the Governance, Risk and Compliance (GRC) label, which entails integrating these three disparate disciplines to achieve effectiveness and efficiency in meeting the organization's strategic objectives. An interesting development has been the integration of privacy within a GRC context. Privacy has a number of elements, including governance, management, legal, technical aspects, compliance, risk management, information security, business processes and organizational issues which fall into the GRC processes. A large number of privacy breaches and a growing number of privacy regulations will steer organizations in the realm of managing privacy protection within a GRC context. There are a number of privacy facets but the focus of this paper is specifically on information priv...

Research paper thumbnail of The potentials and concerns of Web 2.0 technologies in teaching and learning in distance education

Web 2.0 refers to the adoption of open technologies to facilitate participative computing. It is ... more Web 2.0 refers to the adoption of open technologies to facilitate participative computing. It is about exploiting the potential of the Internet to foster collaborative participation by harnessing the collective intelligence of people. Web 2.0 or Social Web is transforming the mode whereby users express themselves on the Internet. Web 2.0 allows people to collaborate and share information online in novel ways such as in wikis, communication tools, social networking applications and social tagging. Web 2.0 applications are largely used in private setting as leisure tools. However, this technology has not really infiltrated the educational sector. Although Web 2.0 was not initially designed for educational purposes, it has great potential for teaching and learning. Education has been going through significant changes in the past ten years. Ten years ago, the Internet alone was a salient topic and the concept of e-learning was being introduced into educational institutions. Today, tools...

Research paper thumbnail of Exploring the potential of social computing for collaborative knowledge management

Knowledge management refers to information technology (IT) based systems for the management of an... more Knowledge management refers to information technology (IT) based systems for the management of an organisation's knowledge assets and includes knowledge creation, sharing, storage and application. Knowledge management has become a fundamental imperative for all types of organisations as organisations are becoming aware of the importance of tacit and explicit knowledge of people which corresponds to their experience and accumulated knowledge about the organisation's activities. The proliferation of social computing yields an exciting new development in knowledge management, creating new opportunities and challenges for people and organisations that want to embrace this mode of social interaction. The introduction of social computing which is broadly defined as the interactive and collaborative behaviour between computer users has provided a different perspective on organisational learning, knowledge sharing and information dissemination. This has been facilitated by technolog...

Research paper thumbnail of Stimulating and maintaining students’ interest in Computer Science using the hackathon model

The Journal of Teaching and Learning, 2015

Computer Science (CS) enrolments at higher education institutions across the globe remain low in ... more Computer Science (CS) enrolments at higher education institutions across the globe remain low in comparison to other disciplines. The low interest in CS is often attributed to students' misconceptions about the discipline, such as CS being construed as complex, asocial, and only for computer wizards. Consequently, hackathons, which are self-organised programmes that bring together different stakeholders to collaborate in rapidly building software prototypes, are emerging as one potential solution to address some of the students' misconceptions about the CS field. Using an exploratory case study and activity theory for data analysis; this research article presents substantive research findings that posit hackathons as an approach that could stimulate and maintain students' interest in CS. The key elements of the hackathon model are collaborations, networking, mentoring, hands-on engagement in socially-relevant computing projects, and community involvement. The model was e...

Research paper thumbnail of Rapid and collaborative development of socially relevant computing solutions for developing communities

Information and communication technologies (ICTs) have an immense potential as a tool for develop... more Information and communication technologies (ICTs) have an immense potential as a tool for development. It is now common knowledge that advances in the use of technology can improve economic opportunities for the poor, improve service delivery to the underserved, provide employment opportunities, and benefit social change. ICT4D projects as agents driving developmental objectives using ICTs have made some significant strides in our local communities, especially with the uptake mobile telephony in developing countries. However, many ICT4D projects still fail to meet their objectives and intended impact. At the same time other initiatives such as the hackathons, as short software development events, that foster collaborations amongst different stakeholders, including communities to work on common social challenges over a short period of time are emerging to address the technological gaps in ICT4D projects. This research expands on the extensive work that has been done over the years in ICT4D projects to propose a hackathon model that focuses on the rapid development of socially relevant technological interventions that could be implemented in communities within a shorter period of time. The approach was conceived based on an exploratory case study using a community engagement project at one of the universities in South Africa. The model centres around four key elements that could expedite the development of technological artefacts together with the community, stakeholders, and digital volunteers in ICT4D projects.

Research paper thumbnail of The role of e-tutors in promoting e-learning using Web 2.0 technologies

The University of South Africa (UNISA) is South Africa's largest Open Distance Learning (ODL) ins... more The University of South Africa (UNISA) is South Africa's largest Open Distance Learning (ODL) institution and the leading provider of higher education opportunities within the ODL sphere. UNISA's high student enrolment figures and its strict adherence to its ODL policy requires heightened efforts in student support. One mode of providing student support and increasing the throughput rate, is through the new e-tutoring model that was implemented in 2013. This e-tutoring model is provided via the Learner Management System (LMS), myUNISA. UNISA currently has the capability to provide fully online programmes through its LMS, myUnisa. The role of Web 2.0 technologies in particular fosters a new construct to enhance the learning experience of students. This paper explores the concept of interactive learning by focussing on the use of Web 2.0 technologies by e-tutors in undergraduate modules to enhance the teaching and learning process.

Research paper thumbnail of A formal qualitative risk management approach for IT security

2015 Information Security for South Africa (ISSA), 2015

Information technology (IT) security, which is concerned about protecting the confidentiality, in... more Information technology (IT) security, which is concerned about protecting the confidentiality, integrity and availability of information technology assets, inherently possesses a significant amount of risk, some known and some unknown. IT security risk management has gained considerable attention over the past decade due to the collapsing of some large organisations in the world. Previous investigative research in the field of IT security have indicated that despite the efforts that organisations employ to reduce IT security risks, the trend of IT security attacks are still increasing. One of the contributing factors to poor management of IT security risk is attributed to the fact that IT security risk management is often left to the technical security technologist who do not necessarily employ formal risk management tools and reasoning. For this reason, organisations find themselves in a position where they do not have the correct approach to identify, assess and treat IT security risks. Employing a formal risk based approach in managing IT security risk assist in ensuring that risks that matter to an organisation are accounted for and as a result, receive the correct level of attention. Defining an approach of how IT security risk is managed should be seen as a fundamental task, which is the basis of this research. The objective of this paper is to propose an approach for identifying, assessing and treating IT security risk which incorporates a robust risk analysis and assessment process. The risk analysis process aims to make use of a comprehensive IT security risk universe which caters for the complex and dynamic nature of IT security. The research will contribute to the field of IT security by using a consolidated approach that utilises coherent characteristics of the available qualitative risk management frameworks to provide a stronger approach that will enable organisations to treat IT security risk better.

Research paper thumbnail of COBIT 5: an evolutionary framework and only framework to address the governance and management of enterprise IT

In many organizations, Information Technology (IT) has become vital in the support, sustainabilit... more In many organizations, Information Technology (IT) has become vital in the support, sustainability and growth of the business. This pervasive use of technology has created a dependency on IT that calls for a specific focus on IT Governance. IT Governance is an integral part of enterprise governance exercised by the Board overseeing the definition and implementation of processes, structures and relational mechanism in the organization. This enables both the business and IT people to execute their responsibilities in support of business/IT alignment and the creation of business value from IT-enabled business investments. When approaching IT Governance, there are a number of frameworks, maintained by various governing bodies. The focus of this paper will be on the COBIT 5 framework as this framework concerns the governance and management of enterprise information. In order to operate a business both governance and management is needed. The Control Objectives for Information and related...

Research paper thumbnail of Information security risk management in small-scale organisations: A case study of secondary schools computerised information systems

2013 Information Security for South Africa, 2013

Research paper thumbnail of Is bring your own device an institutional information security risk for small-scale business organisations?

2014 Information Security for South Africa, 2014

Research paper thumbnail of A Risk Analysis and Risk Management Methodology for Mitigating Wireless Local Area Networks (WLANs) Intrusion Security Risks

Every environment is susceptible to risks and Wireless Local Area Networks (WLANs) based on the I... more Every environment is susceptible to risks and Wireless Local Area Networks (WLANs) based on the Institute of Electrical and Electronics Engineers (IEEE) 802.11 standard are no exception. The most apparent risk of WLANs is the ease with which itinerant intruders obtain illicit entry into these networks. These intrusion security risks must therefore be addressed which means that information security risk analysis and risk management need to be considered as integral elements of the organisation's business plan. A well-established qualitative risk analysis and risk management methodology, the Operationally Critical Threat, Asset, and Vulnerability Evaluation (OCTAVE) is selected for conducting the WLAN intrusion security risk analysis and risk management process. However, the OCTAVE risk analysis methodology is beset with a number of problems that could hamper a successful WLAN intrusion security risk analysis. The ultimate deliverable of this qualitative risk analysis methodology is the creation of an organisation-wide protection strategy and risk mitigation plan. Achieving this end using the OCTAVE risk analysis methodology requires an inordinate amount of time, ranging from months to years. Since WLANs are persistently under attack, there is a dire need for an expeditious risk analysis methodology. Furthermore, the OCTAVE risk analysis methodology stipulates the identification of assets and corresponding threat scenarios via a brainstorming session, which may be beyond the scope of a person who is not proficient in information security issues. This research was therefore inspired by the pivotal need for a risk analysis and risk management methodology to address WLAN intrusion attacks and the resulting risks they pose to the confidentiality, integrity and availability of information processed by these networks.

Research paper thumbnail of Promoting Information Privacy Protection Awareness for Internet of Things (IoT)

Mobile Information Systems

The Internet of Things (IoT) has had a considerable influence on our daily lives by enabling enha... more The Internet of Things (IoT) has had a considerable influence on our daily lives by enabling enhanced connection of devices, systems, and services that extends beyond machine-to-machine interactions and encompasses a wide range of protocols, domains, and applications. However, despite privacy concerns shown by IoT users, little has been done to reduce and protect individual information exposure. It is extremely difficult to mitigate IoT devices from reidentification threats which is why it is still a major challenge for IoT users to securely protect their information. The trust controls how we regulate privacy in our IoT platforms in the same way that it governs personal relationships. As IoT devices become increasingly linked, more data is shared across individuals, businesses, governments, and ecosystems. Technologies, sensors, machines, data, and cloud connections all rely largely on trust relationships that have been formed. With the rapid growth of additional types of IoT devic...

Research paper thumbnail of Design and Comparative Analysis of Microstrip Patch Antenna by Using Various Materials in HFSS

Lecture notes in electrical engineering, 2022

Research paper thumbnail of Analyzing the technological challenges of Governance, Risk and Compliance (GRC)

2019 4th International Conference on Electrical, Electronics, Communication, Computer Technologies and Optimization Techniques (ICEECCOT)

Governance, Risk and Compliance (GRC) is a novel and multifaceted means to an approach, whereby E... more Governance, Risk and Compliance (GRC) is a novel and multifaceted means to an approach, whereby Enterprise Risk Management (ERM) and compliance are regarded as strategic initiatives that link to the business objectives. This, in turn, requires corporate governance to foster the growth and performance of the organization. The proper implementation and execution of GRC has a host of benefits for organizations. Some of these benefits include risk-based decision-making, organizational efficiency, visibility, transparency and business agility. The most convincing and demonstrable argument for integrated GRC is as an enabler for the organizational strategy. Whilst acknowledging the many benefits GRC has for organizations, it is equally important to address the numerous challenges GRC has in respect to frameworks, people, process and technology. This paper addresses the technological challenges of GRC by means of analyzing a commercial GRC software tool. The objective of this analysis is to ascertain if the challenges are valid and if organizations should invest in GRC software.

Research paper thumbnail of Utilizing Information and Communications Technology to enhance risk management

2022 Conference on Information Communications Technology and Society (ICTAS)

Information and Communication Technology (ICT) is concerned about technology to provide access to... more Information and Communication Technology (ICT) is concerned about technology to provide access to information through platforms of telecommunication. Risk management is a process of identifying, assessing, and managing the risks. This paper explores the use of ICT and how it contributes to the effectiveness of risk management in the national department of Water and Sanitation within the public sector. The key contributing factors to the use of technology include the availability and access to the ICT resources which results in the organization's ability to measure the influence of technologies to communicate risk information to improve the process. In depth interviews and online surveys were conducted. Data collected was analyzed using thematical analysis and key themes were identified. The findings indicate that ICT plays a critical role on the effectiveness of risk management and has a potential to enhance risk management regardless of the challenges identified.

Research paper thumbnail of Towards the development of an information privacy protection awareness inititiative for data subjects and organizations

2021 National Computing Colleges Conference (NCCC)

Technology has transformed the manner whereby users and organizations conduct their daily activit... more Technology has transformed the manner whereby users and organizations conduct their daily activities facilitating high levels of convenience for both users and organizations alike. Unfortunately, many users and organizations are oblivious that the convenience and accessibility of technology may come at a detrimental expense to their privacy. The collection and dissemination of user’s privacy can manifest in identity theft and financial deception for users. For organizations, trust, reputation, and loyalty are compromised if personal information of users is mismanaged. A highly publicized data breach may not only yield regulatory penalties but may trigger lawsuits or generate destructive publicity that can compromise a promising business. This study aspires to propagate information privacy protection awareness for users and organizations by means of documenting the essential factors of information privacy protection awareness in terms of the rationale for information privacy protection, privacy environment, information privacy protection measures/program, responsibility for information privacy protection, and consequences of a privacy breach. The objective of this exercise is to develop a theoretical base for the development of an information privacy protection awareness initiative and to illustrate that both users and organizations despite having different approaches to information privacy protection should assume full responsibility thereof to evade the impact of a privacy breach.

Research paper thumbnail of Towards the design of pre questionnaires to promote information privacy protection awareness

2021 22nd International Arab Conference on Information Technology (ACIT), 2021

The number of victims of cyber-attacks escalates daily as cyber criminals become more sophisticat... more The number of victims of cyber-attacks escalates daily as cyber criminals become more sophisticated in their attack methods. Many organizations have well developed information privacy protection mechanisms in place but there are still many organizations that fail to proactively prepare themselves in terms of a rigid organizational information privacy protection program. The same applies for individuals who lack the required knowledge to proactively protect their personal information from being compromised and therefore fall victims to data breaches. For organizations, a data breach can cost the organization millions in terms of recovery expenses and operational interruptions and can cause serious reputational damage to individuals.The objective of this study is to use an honors project presented by the School of Computing at the University of South Africa (UNISA) to promote information privacy protection awareness. This is by means of creating a pre questionnaire for different contexts for organizations and individuals to elicit their current level of understanding regarding information privacy protection awareness. This will serve as a preliminary step for the development of an artefact to promote information privacy protection awareness and the subsequent evaluation of the artefact by means of a post questionnaire. The creation of pre questionnaires will also serve as guidance to students who experience difficulties in their literature review and identifying a suitable context for their study.

Research paper thumbnail of Assessing the Impact of Information Privacy Protection Awareness Among Online Users and Consumers

2021 IEEE Mysore Sub Section International Conference (MysuruCon), 2021

Innovation in Information Technology (IT) has brought about many advantages but has also raised c... more Innovation in Information Technology (IT) has brought about many advantages but has also raised challenges, such as privacy issues. For society to realize the full potential of technology, individuals must have the ability to protect their personal information. The aim of this study is to investigate the information privacy protection awareness level of online users and consumers. A quantitative research method was used for this study. This study found that online users and consumers are aware of information privacy protection but still need to be educated to improve their awareness level. This study identified information privacy protection education as the basic need for the community to be able to reap the full potential of technology. To address privacy challenges, online users and consumers must improve their information privacy protection awareness level to protect their personal information and hold any party handling and processing their personal information incorrectly accountable.

Research paper thumbnail of Proposition of a framework for consumer information privacy protection

2020 International Conference on Artificial Intelligence, Big Data, Computing and Data Communication Systems (icABCD), 2020

The growing use of digital technologies has provided businesses with various avenues of collectin... more The growing use of digital technologies has provided businesses with various avenues of collecting data about consumers and potential consumers. Due to the discreet manner whereby information is collected, consumers are often oblivious that they are providing businesses with information such as IP addresses and the pages they view. Cookies and tracking devices can also provide personal information of consumers to businesses. Businesses do not comprehend their misuse of consumer data until they sustain a privacy breach, which could lead to financial and reputational damage to the business as well as a loss of consumer trust and loyalty. Businesses however have both a legal and moral onus to protect consumer's personal data in a dignified manner. The objective of this study is to propose a framework for consumer privacy protection strategy. Forrester's data security and privacy playbook provides the tools, information and analysis to help businesses protect sensitive data from cybercrime and privacy abuse by means of a framework that has a three-step process, Discover, Plan and Act. The framework is developed within Forrester's playbook. The justification for the proposition of this framework is to mitigate the detrimental consequences of a privacy breach and ensure that businesses no longer treat consumer privacy protection as an afterthought.

Research paper thumbnail of Enhancing and enriching students' reading experience by using social media technologies

Traditionally, learners obtain information from newspapers, books, encyclopedias and magazines, i... more Traditionally, learners obtain information from newspapers, books, encyclopedias and magazines, i.e. printed media. This traditional mode of acquiring information should continue, but the learning experience can be greatly enhanced and enriched by using social media or Web 2.0 technologies. Examples of such technologies include collaborative projects (e.g., Wikis), blogs and microblogs (e.g., Twitter), content communities (e.g., YouTube), social networking sites (e.g., Facebook), virtual game worlds (e.g., World of Warcraft) and virtual social worlds (e.g. Second Life). The use of social media in enhancing and enriching reading could be guided by social interaction learning principles that encourage active learning through the interaction of learners with capable individuals, software and educational material over social networks. There are concerns regarding the use of social media, such as addiction to online games, music and live chatting, as well as teacher-student online relati...

Research paper thumbnail of A conceptual framework for integrated information privacy protection

2016 International Conference on Advances in Computing and Communication Engineering (ICACCE), 2016

Successful organizations strive to achieve a high degree of corporate governance, effective techn... more Successful organizations strive to achieve a high degree of corporate governance, effective techniques for risk management, and an assurance regarding the fulfilment of compliance requirements. This effort bears the Governance, Risk and Compliance (GRC) label, which entails integrating these three disparate disciplines to achieve effectiveness and efficiency in meeting the organization's strategic objectives. An interesting development has been the integration of privacy within a GRC context. Privacy has a number of elements, including governance, management, legal, technical aspects, compliance, risk management, information security, business processes and organizational issues which fall into the GRC processes. A large number of privacy breaches and a growing number of privacy regulations will steer organizations in the realm of managing privacy protection within a GRC context. There are a number of privacy facets but the focus of this paper is specifically on information priv...

Research paper thumbnail of The potentials and concerns of Web 2.0 technologies in teaching and learning in distance education

Web 2.0 refers to the adoption of open technologies to facilitate participative computing. It is ... more Web 2.0 refers to the adoption of open technologies to facilitate participative computing. It is about exploiting the potential of the Internet to foster collaborative participation by harnessing the collective intelligence of people. Web 2.0 or Social Web is transforming the mode whereby users express themselves on the Internet. Web 2.0 allows people to collaborate and share information online in novel ways such as in wikis, communication tools, social networking applications and social tagging. Web 2.0 applications are largely used in private setting as leisure tools. However, this technology has not really infiltrated the educational sector. Although Web 2.0 was not initially designed for educational purposes, it has great potential for teaching and learning. Education has been going through significant changes in the past ten years. Ten years ago, the Internet alone was a salient topic and the concept of e-learning was being introduced into educational institutions. Today, tools...

Research paper thumbnail of Exploring the potential of social computing for collaborative knowledge management

Knowledge management refers to information technology (IT) based systems for the management of an... more Knowledge management refers to information technology (IT) based systems for the management of an organisation's knowledge assets and includes knowledge creation, sharing, storage and application. Knowledge management has become a fundamental imperative for all types of organisations as organisations are becoming aware of the importance of tacit and explicit knowledge of people which corresponds to their experience and accumulated knowledge about the organisation's activities. The proliferation of social computing yields an exciting new development in knowledge management, creating new opportunities and challenges for people and organisations that want to embrace this mode of social interaction. The introduction of social computing which is broadly defined as the interactive and collaborative behaviour between computer users has provided a different perspective on organisational learning, knowledge sharing and information dissemination. This has been facilitated by technolog...

Research paper thumbnail of Stimulating and maintaining students’ interest in Computer Science using the hackathon model

The Journal of Teaching and Learning, 2015

Computer Science (CS) enrolments at higher education institutions across the globe remain low in ... more Computer Science (CS) enrolments at higher education institutions across the globe remain low in comparison to other disciplines. The low interest in CS is often attributed to students' misconceptions about the discipline, such as CS being construed as complex, asocial, and only for computer wizards. Consequently, hackathons, which are self-organised programmes that bring together different stakeholders to collaborate in rapidly building software prototypes, are emerging as one potential solution to address some of the students' misconceptions about the CS field. Using an exploratory case study and activity theory for data analysis; this research article presents substantive research findings that posit hackathons as an approach that could stimulate and maintain students' interest in CS. The key elements of the hackathon model are collaborations, networking, mentoring, hands-on engagement in socially-relevant computing projects, and community involvement. The model was e...

Research paper thumbnail of Rapid and collaborative development of socially relevant computing solutions for developing communities

Information and communication technologies (ICTs) have an immense potential as a tool for develop... more Information and communication technologies (ICTs) have an immense potential as a tool for development. It is now common knowledge that advances in the use of technology can improve economic opportunities for the poor, improve service delivery to the underserved, provide employment opportunities, and benefit social change. ICT4D projects as agents driving developmental objectives using ICTs have made some significant strides in our local communities, especially with the uptake mobile telephony in developing countries. However, many ICT4D projects still fail to meet their objectives and intended impact. At the same time other initiatives such as the hackathons, as short software development events, that foster collaborations amongst different stakeholders, including communities to work on common social challenges over a short period of time are emerging to address the technological gaps in ICT4D projects. This research expands on the extensive work that has been done over the years in ICT4D projects to propose a hackathon model that focuses on the rapid development of socially relevant technological interventions that could be implemented in communities within a shorter period of time. The approach was conceived based on an exploratory case study using a community engagement project at one of the universities in South Africa. The model centres around four key elements that could expedite the development of technological artefacts together with the community, stakeholders, and digital volunteers in ICT4D projects.

Research paper thumbnail of The role of e-tutors in promoting e-learning using Web 2.0 technologies

The University of South Africa (UNISA) is South Africa's largest Open Distance Learning (ODL) ins... more The University of South Africa (UNISA) is South Africa's largest Open Distance Learning (ODL) institution and the leading provider of higher education opportunities within the ODL sphere. UNISA's high student enrolment figures and its strict adherence to its ODL policy requires heightened efforts in student support. One mode of providing student support and increasing the throughput rate, is through the new e-tutoring model that was implemented in 2013. This e-tutoring model is provided via the Learner Management System (LMS), myUNISA. UNISA currently has the capability to provide fully online programmes through its LMS, myUnisa. The role of Web 2.0 technologies in particular fosters a new construct to enhance the learning experience of students. This paper explores the concept of interactive learning by focussing on the use of Web 2.0 technologies by e-tutors in undergraduate modules to enhance the teaching and learning process.

Research paper thumbnail of A formal qualitative risk management approach for IT security

2015 Information Security for South Africa (ISSA), 2015

Information technology (IT) security, which is concerned about protecting the confidentiality, in... more Information technology (IT) security, which is concerned about protecting the confidentiality, integrity and availability of information technology assets, inherently possesses a significant amount of risk, some known and some unknown. IT security risk management has gained considerable attention over the past decade due to the collapsing of some large organisations in the world. Previous investigative research in the field of IT security have indicated that despite the efforts that organisations employ to reduce IT security risks, the trend of IT security attacks are still increasing. One of the contributing factors to poor management of IT security risk is attributed to the fact that IT security risk management is often left to the technical security technologist who do not necessarily employ formal risk management tools and reasoning. For this reason, organisations find themselves in a position where they do not have the correct approach to identify, assess and treat IT security risks. Employing a formal risk based approach in managing IT security risk assist in ensuring that risks that matter to an organisation are accounted for and as a result, receive the correct level of attention. Defining an approach of how IT security risk is managed should be seen as a fundamental task, which is the basis of this research. The objective of this paper is to propose an approach for identifying, assessing and treating IT security risk which incorporates a robust risk analysis and assessment process. The risk analysis process aims to make use of a comprehensive IT security risk universe which caters for the complex and dynamic nature of IT security. The research will contribute to the field of IT security by using a consolidated approach that utilises coherent characteristics of the available qualitative risk management frameworks to provide a stronger approach that will enable organisations to treat IT security risk better.

Research paper thumbnail of COBIT 5: an evolutionary framework and only framework to address the governance and management of enterprise IT

In many organizations, Information Technology (IT) has become vital in the support, sustainabilit... more In many organizations, Information Technology (IT) has become vital in the support, sustainability and growth of the business. This pervasive use of technology has created a dependency on IT that calls for a specific focus on IT Governance. IT Governance is an integral part of enterprise governance exercised by the Board overseeing the definition and implementation of processes, structures and relational mechanism in the organization. This enables both the business and IT people to execute their responsibilities in support of business/IT alignment and the creation of business value from IT-enabled business investments. When approaching IT Governance, there are a number of frameworks, maintained by various governing bodies. The focus of this paper will be on the COBIT 5 framework as this framework concerns the governance and management of enterprise information. In order to operate a business both governance and management is needed. The Control Objectives for Information and related...

Research paper thumbnail of Information security risk management in small-scale organisations: A case study of secondary schools computerised information systems

2013 Information Security for South Africa, 2013

Research paper thumbnail of Is bring your own device an institutional information security risk for small-scale business organisations?

2014 Information Security for South Africa, 2014

Research paper thumbnail of A Risk Analysis and Risk Management Methodology for Mitigating Wireless Local Area Networks (WLANs) Intrusion Security Risks

Every environment is susceptible to risks and Wireless Local Area Networks (WLANs) based on the I... more Every environment is susceptible to risks and Wireless Local Area Networks (WLANs) based on the Institute of Electrical and Electronics Engineers (IEEE) 802.11 standard are no exception. The most apparent risk of WLANs is the ease with which itinerant intruders obtain illicit entry into these networks. These intrusion security risks must therefore be addressed which means that information security risk analysis and risk management need to be considered as integral elements of the organisation's business plan. A well-established qualitative risk analysis and risk management methodology, the Operationally Critical Threat, Asset, and Vulnerability Evaluation (OCTAVE) is selected for conducting the WLAN intrusion security risk analysis and risk management process. However, the OCTAVE risk analysis methodology is beset with a number of problems that could hamper a successful WLAN intrusion security risk analysis. The ultimate deliverable of this qualitative risk analysis methodology is the creation of an organisation-wide protection strategy and risk mitigation plan. Achieving this end using the OCTAVE risk analysis methodology requires an inordinate amount of time, ranging from months to years. Since WLANs are persistently under attack, there is a dire need for an expeditious risk analysis methodology. Furthermore, the OCTAVE risk analysis methodology stipulates the identification of assets and corresponding threat scenarios via a brainstorming session, which may be beyond the scope of a person who is not proficient in information security issues. This research was therefore inspired by the pivotal need for a risk analysis and risk management methodology to address WLAN intrusion attacks and the resulting risks they pose to the confidentiality, integrity and availability of information processed by these networks.

Research paper thumbnail of Promoting Information Privacy Protection Awareness for Internet of Things (IoT)

Mobile Information Systems

The Internet of Things (IoT) has had a considerable influence on our daily lives by enabling enha... more The Internet of Things (IoT) has had a considerable influence on our daily lives by enabling enhanced connection of devices, systems, and services that extends beyond machine-to-machine interactions and encompasses a wide range of protocols, domains, and applications. However, despite privacy concerns shown by IoT users, little has been done to reduce and protect individual information exposure. It is extremely difficult to mitigate IoT devices from reidentification threats which is why it is still a major challenge for IoT users to securely protect their information. The trust controls how we regulate privacy in our IoT platforms in the same way that it governs personal relationships. As IoT devices become increasingly linked, more data is shared across individuals, businesses, governments, and ecosystems. Technologies, sensors, machines, data, and cloud connections all rely largely on trust relationships that have been formed. With the rapid growth of additional types of IoT devic...