Information Systems Security Threats and Vulnerabilities: A Case of the Institute of Accountancy Arusha (IAA)

Information Systems Security Threats and Vulnerabilities: A Case of the Institute of Accountancy Arusha

Abstract

All modern computer users need to be concerned about information system security (individuals and organisations). Many businesses established various security structures to protect information system security from harmful occurrences by implementing security procedures, processes, policies, and information system security organisational structures to ensure data security. Despite all the precautions, information security remains a disaster in Tanzania's learning institutions. The fundamental issue appears to be a lack of awareness of crucial information security factors. Various companies have different security issues due to differences in ICT infrastructure, implementations, and usage. The study focuses on identifying information system security threats and vulnerabilities in public higher learning institutions in Tanzania, particularly the Institute of Accountancy Arusha. The study involved all employees of IAA, academics, and other supporting staff, which totalled three hundred two, and the sample size was one hundred seventy. The study utilised a descriptive research design, where the quantitative methodology was used through a five-point Likert scale questionnaire, and found that key factors that affect the security of information systems at IAA include human factors, policy-related issues, work environment and demographic factors. The study proposed regular awareness and training programs; an increase in women's awareness of information system security; proper policy creation and reviews every four years; promote actions that lessen information system security threats and vulnerabilities, and the creation of information system security policy documents independently from ICT policy.

One. Introduction

Information security can be defined as the process of maintaining information confidentiality, integrity and availability against both internal and external vulnerabilities. Dependence on ICT infrastructure for daily use in achieving organisation objectives has made higher learning institutions a target of malicious activities from both within and from external factors. Researchers have analysed different factors that contribute to poor Information System security in the learning environment. For example, the use of online learning facilities such as portals, online learning systems and mobile apps have increased security threats to learning environments. Studies show that the number of internet users in Tanzania increased to forty-three point six two million just by twenty eighteen. This is about forty-five percent of all adult citizens and the majority of these users are from higher learning institutions with no proper knowledge on how to defend themselves or their institutions from hackers and online attacks. The threats to information system security have been reported to increase for both organisations and individuals. The case is more alarming in learning environments of Tanzania as these incidents do not have formal ways of being documented, which are likely to reverse. Security attacks can result in loss of business, trust, reputation and money. For example, researchers had their research showing the impact of cyber security attacks on learning environments in Tanzania. The study aims at identifying and categorising these threats and vulnerabilities and proposing appropriate solutions in the case of the learning environment of Tanzania.

There is a wealth of information on information system security around the world in the literature and international reports. According to Kaspersky's estimate, there were four hundred forty-five million attacks in twenty twenty. According to research, fifty percent of Internet users admit to having experienced security breaches. According to research, the typical data breach results in the loss of twenty-five thousand five hundred seventy-five records annually, costing an enterprise an estimated three point nine two million U.S.D. Investors and customers may become less trusting of the impacted companies as a result of the data leak and stop doing business with them. Collectively, it is clear that cyberattacks are on the rise; as a result, it is important for stakeholders to remain aware of the variables affecting the security of information systems in learning environments.

As a result, studies about variables influencing information system security are provided in the literature. By concentrating on users' compliance with ICT policies, researchers analyse elements that affect the security of information systems. According to the report, disregarding ICT policies has a negative impact on the security of information systems. The study highlighted low adherence to the security culture as one of the causes of online vulnerability in a different study. The study, in contrast, concentrated on the role of people in defending an organisation from attacks. In addition, researchers hypothesised that variables including a lack of managerial backing,

a woefully inadequate information security policy, and a dearth of information security education programs all play a role in the deficient security of corporate-owned information systems security. In this context, it is clear that there is no consensus on what influences information system security in the modern world. In order to identify the aspects affecting the security of information systems, this study does such analysis in public higher learning institutions in Tanzania, particularly the Institute of Accountancy Arusha.

There is evidence that the use of information systems is becoming more and more important to human activity, especially in learning environments like public higher learning institutions. Information systems are necessary for human activities and decision-making. The rising usage of computers and computer systems is due to the requirement for a reliable information system to fulfil consumer satisfaction. In Tanzania, for example, ICT use is growing at a rate of four point nine percent per year. Currently, sixty percent of individuals worldwide are subscribers, compared to fifty percent of people in Tanzania who use the internet. With this rise, it's clear that efficient use requires reliable information systems to improve the performance of the user organisation. The study focuses on the efficient use of ICT infrastructures within the learning environment to eliminate information system security threats and vulnerabilities.

Evidently, safe supporting infrastructure and accompanying resources are necessary for information system reliability. Nevertheless, according to the researchers, a number of factors influence the necessary level of online safety in eliminating information system security threats and vulnerabilities. These variables include administrative, technological, and human-related variables. The researchers assert that more information system risks are being published online every day. Phishing, social engineering, supply chain attacks, zero-day and polymorphic attacks, IoT, and infrastructure attacks are a few of these dangers. This study aims to find out if these factors are the same for the higher learning environments in Tanzania.

Policies controlling the use of ICT provide the organisation with a solid administrative basis necessary to combat these challenges. This is why the current study assesses information system security threats and vulnerabilities in the learning environments.