Cyber-security governance framework pillars for Zimbabwean local authorities

Abstract

this research study sought to determine pillars suitable for a cyber-security governance framework in Zimbabwean local authorities. this study utilizes an explanatory type of research which prompted the use of mixed methods, i.e. quantitative and qualitative under a pragmatism philosophy. the authors collected quantitative data first and the findings informed the collection and analysis of qualitative data. the study surveyed five urban local authorities namely harare, Bulawayo, gweru, mutare, and masvingo.the study results suggest confidentiality, integrity, availability, authentication, authorization, and non-repudiation as the main pillars of a cyber-security governance framework. in addition, organizational factors including structure, training and development, and risk management also contribute to developing a cyber-security governance framework. Furthermore, the result of this study could be used by both the public and private sectors in developing countries to formulate information technology-related frameworks. the study’s limitations were that data was collected only from the selected five urban local authorities. the results of the study would have a great impact if data were also collected from local authorities in rural districts with less technology. Future studies should focus on the evaluation of cyber-security governance in Zimbabwe’s rural district local authorities.