Nawa, Eva-Lisa Tuwilika2022-02-282022-02-282021-08-20Nawa, E.T. (2021). Developing a cybersecurity framework for the banking sector of Namibia [Master’s thesis, Namibia University of Science and Technology] Namibia University of Science and Technology Ounongo Repository.http://ir.nust.na:8080/jspui/handle/10628/817The banking sector represents a vast assortment of firms, agencies and institutions with operations ranging from small community banks to massive international corporations. Managing the banking sector in Namibia presents a herculean task to regulators charged with its regulation oversight on cyber risks. The management of cybersecurity takes on greater complexity in considering multinationals with global partners and operations in countries with varying levels of cybersecurity sophistication. With the increase of cyber-attacks worldwide and banking institutions being key targets, the degree of risks from cybersecurity threats that banks are facing has grown rapidly in recent years. The increasing threats place sensitive data and organisational security at risk. This is exacerbated by the absence of a recognised cybersecurity framework that can safeguard the online transactions of financial data between banks and customers in the banking sector. To overcome these problems, a Namibia Banking Cybersecurity Framework (NBCF) to guide banking institutions in safeguarding the online transactions of financial data between banks and customers was developed. A qualitative research approach using the Design Science Research Methodology (DSRM) was adopted to address the research objectives. This research was conducted in the commercial banks of Namibia and involved their staff. In addition to data collected from literature reviews, data were also collected from a sample of 6 out of 10 licenced banks in Namibia using semi-structured interviews. The selection of the banks was done using the purposive sampling method and universally accepted ethical standards were considered. Data were analysed through a technique known as coding. The study identified various elements which are essential for a cybersecurity framework: data protection and privacy, human factors such as soft skills, Principle of Least Privilege (POLP), public knowledge on information security practices, aspect of disaster recovery documentation, and cyber breach simulations. The NBCF framework is proposed as a guideline on how the Namibian banking institutions can securely build cyber resiliency, manage their cyber risks and strategies and also help in implementing an appropriate level of rigor for their cybersecurity programmes. The NBCF framework should therefore guide the adoption of cybersecurity best practices in the Namibian banking sector. In addition, the framework is envisaged to complement the current Namibian government initiatives and the long-term goals of Vision 2030 such as the strategy of attaining infrastructure development as stated in the Harambee Prosperity Plan which highlights the urgent necessity to invest in cybersecurity. Expert reviews of the proposed framework were conducted and they yielded that the framework is relevant, applicable, usable and understandable in combating cybersecurity issues in the Namibian banking sector.enCybersecurity, framework, financial sectorDeveloping a cybersecurity framework for the banking sector of NamibiaThesis