Full Text Available
Note: Clicking the button above will open the full text document at the original institutional repository in a new window.
A critical evaluation of proactive cybersecurity countermeasures in business information systems and industrial control systems to mitigate cyber attacks
Thesis (MA)--Stellenbosch University, 2025.
Saved in:
| Main Author: | |
|---|---|
| Other Authors: | |
| Format: | Thesis |
| Language: | English |
| Published: |
Stellenbosch : Stellenbosch University
2025
|
| Subjects: | |
| Tags: |
No Tags, Be the first to tag this record!
|
| _version_ | 1867613922941468672 |
|---|---|
| access_status_str | Open Access |
| author | Nzimande, Xolani |
| author2 | Blaauw, Dewald |
| author_browse | Blaauw, Dewald Nzimande, Xolani |
| author_facet | Blaauw, Dewald Nzimande, Xolani |
| author_sort | Nzimande, Xolani |
| collection | Thesis |
| dc_rights_str_mv | Stellenbosch University |
| description | Thesis (MA)--Stellenbosch University, 2025. |
| format | Thesis |
| id | oai:scholar.sun.ac.za:10019.1/133568 |
| institution | Stellenbosch University (South Africa) |
| language | English |
| last_indexed | 2026-06-10T12:43:50.825Z |
| license_str | Other — see source repository |
| provenance_str_mv | Harvested via OAI-PMH from SUNScholar — Stellenbosch University Repository |
| publishDate | 2025 |
| publishDateRange | 2025 |
| publishDateSort | 2025 |
| publisher | Stellenbosch : Stellenbosch University |
| publisherStr | Stellenbosch : Stellenbosch University |
| record_format | dspace |
| source_str | SUNScholar — Stellenbosch University Repository |
| spelling | oai:scholar.sun.ac.za:10019.1/133568 A critical evaluation of proactive cybersecurity countermeasures in business information systems and industrial control systems to mitigate cyber attacks Nzimande, Xolani Blaauw, Dewald Stellenbosch University. Faculty of Arts and Social Sciences. Dept. of Information Science. Information technology -- Security measures Computer networks -- Security measures Risk management -- Computer networks SCADA systems -- Security measures Intrusion detection systems (Computer security) UCTD Thesis (MA)--Stellenbosch University, 2025. Nzimande, X. 2025. A Critical evaluation of proactive cybersecurity countermeasures in business information systems and industrial control systems to mitigate cyber attacks. Unpublished masters thesis. Stellenbosch: Stellenbosch University [online]. Available: https://scholar.sun.ac.za/items/760dc65c-ec65-4f7d-978e-09b9771d227f ENGLISH SUMMARY: There is an unprecedented increase in Cybersecurity attacks worldwide, which has been felt by organisations operating with Business Information Systems and Industrial Control Systems. Adversaries exploit known and unknown vulnerabilities in devices such as computers, servers, handheld, mobile phones and tablets, software, Programmable Logic Controllers (PLCs), Supervisory Control and Data Acquisition (SCADA), Distribution Control System (DCSs), Human Machine Interfaces (HMIs), Remote Terminal Units (RTUs), and communication systems. This study aims to critically evaluate proactive cybersecurity countermeasures in Business Information Systems and Industrial Control Systems. A Dell workstation running the Windows 11 operating system is used to create virtual machines using Workstation Player 17. GNS3 is used to design simulated network with three layers such as business network, Demilitarised zone, and process control network. Kali Linux suite is used in to perform various attacks such as man-in the middle, Ransomware and reconnaissance. Wireshark is therefore utilised to portray network traffic flow for analysis of network packets and critical evaluation of proactive cybersecurity countermeasures. Despite the availability of cybersecurity countermeasures to safeguard the Confidentiality, Integrity, and Availability of Business Information Systems and the Availability, Safety, and Confidentiality of Industrial Control Systems against cyberattacks, cyberattacks continue to rise. Even the current cybersecurity countermeasures seem to be insufficient in the proactive detection and prevention of cyberattacks. To improve the discovery and deterrence of cybersecurity attacks. The study anticipates that the following countermeasures integrated with Artificial Intelligence improve detection and deterrence: Zero Trust Architecture, Improved Firewall Configuration, Identity and Access Management, Inventory Management, Malicious Code Protection, Data Integrity and Confidentiality, Patch Management, Demilitarised Zone, Use and integration of SIEM and SOAR. Combining these countermeasures proved effective against many cyberattacks if combined and continuously monitored and reviewed. AFRIKAANSE OPSOMMING: Daar is 'n ongekende toename in kuberveiligheidsaanvalle wereldwyd, wat gevoel is deur organisasies wat met besigheidsinligtingstelsels en industriele beheerstelsels werk. Teestanders ontgin bekende en onbekende kwesbaarhede in toestelle soos rekenaars, bedieners, handheld, selfone en tablette, sagteware, programmeerbare logiese beheerders (PLC's), toesighoudende beheer en dataverkryging (SCADA), verspreidingsbeheerstelsel (DCS's), menslike masjienkoppelvlakke (HMI's), Afgelee terminale eenhede (RTU's) en kommunikasiestelsels. Hierdie studie het ten doel om proaktiewe kuberveiligheidstoonmaatreels in besigheidsinligtingstelsels en industriele beheerstelsels krities te evalueer. 'n Dell-werkstasie wat die Windows 11-bedryfstelsel bedryf, word gebruik om virtuele masjiene te skep deur Workstation Player 17 te gebruik. GNS3 word gebruik om gesimuleerde netwerk te ontwerp met drie lae soos besigheidsnetwerk, gedemilitariseerde sone en prosesbeheernetwerk. Kali Linux-suite word gebruik om verskeie aanvalle uit te voer soos man-in-die-middel, Ransomeware en verkenning. Wireshark word dus gebruik om netwerkverkeervloei uit te beeld vir ontleding van netwerkpakkies en kritiese evaluering van proaktiewe kuberveiligheid-teenmaatreels. Ten spyte van die beskikbaarheid van kuberveiligheid teenmaatreels om die vertroulikheid, integriteit en beskikbaarheid van besigheidsinligtingstelsels en die beskikbaarheid, veiligheid en vertroulikheid van industriele beheerstelsels teen kuberaanvalle te beskerm, neem kuberaanvalle steeds toe. Selfs die huidige kuberveiligheid teenmaatreels blyk onvoldoende te wees in die proaktiewe opsporing en voorkoming van kuberaanvalle. Om die ontdekking en afskrikking van kuberveiligheidsaanvalle te verbeter. Die studie verwag dat die volgende teenmaatreels wat met Kunsmatige Intelligensie geintegreer is, opsporing en afskrikking verbeter: Zero Trust Architecture, Improved Firewall Configuration, Identity and Access Management, Inventory Management, Malicious Code Protection, Data Integrity and Confidentiality, Patch Management, Demilitarized Zone, Gebruik en integrasie van SIEM en SOAR. Die kombinasie van hierdie teenmaatreels was effektief teen baie kuberaanvalle as dit gekombineer en deurlopend gemonitor en hersien word. Masters 2025-08-18T09:50:23Z 2025-08-18T09:50:23Z 2025-03 Thesis https://scholar.sun.ac.za/handle/10019.1/133568 en Stellenbosch University xvii, 143 pages : illustrations, includes annexures application/pdf Stellenbosch : Stellenbosch University |
| spellingShingle | Information technology -- Security measures Computer networks -- Security measures Risk management -- Computer networks SCADA systems -- Security measures Intrusion detection systems (Computer security) UCTD Nzimande, Xolani A critical evaluation of proactive cybersecurity countermeasures in business information systems and industrial control systems to mitigate cyber attacks |
| title | A critical evaluation of proactive cybersecurity countermeasures in business information systems and industrial control systems to mitigate cyber attacks |
| title_full | A critical evaluation of proactive cybersecurity countermeasures in business information systems and industrial control systems to mitigate cyber attacks |
| title_fullStr | A critical evaluation of proactive cybersecurity countermeasures in business information systems and industrial control systems to mitigate cyber attacks |
| title_full_unstemmed | A critical evaluation of proactive cybersecurity countermeasures in business information systems and industrial control systems to mitigate cyber attacks |
| title_short | A critical evaluation of proactive cybersecurity countermeasures in business information systems and industrial control systems to mitigate cyber attacks |
| title_sort | critical evaluation of proactive cybersecurity countermeasures in business information systems and industrial control systems to mitigate cyber attacks |
| topic | Information technology -- Security measures Computer networks -- Security measures Risk management -- Computer networks SCADA systems -- Security measures Intrusion detection systems (Computer security) UCTD |
| url | https://scholar.sun.ac.za/handle/10019.1/133568 |
| work_keys_str_mv | AT nzimandexolani acriticalevaluationofproactivecybersecuritycountermeasuresinbusinessinformationsystemsandindustrialcontrolsystemstomitigatecyberattacks AT nzimandexolani criticalevaluationofproactivecybersecuritycountermeasuresinbusinessinformationsystemsandindustrialcontrolsystemstomitigatecyberattacks |