Jackson86
Uploaded by
14 SLIDES
0 VIEWS
0LIKES

Enhancing data sharing security

DESCRIPTION

Enhancing data sharing security

1 / 14

Download Presentation

Enhancing data sharing security

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. ENHANCING DATA SHARING SECURITY IN NAMIBIAN FINANCIAL ORGANIZATIONS THROUGH ZERO TRUST AND IDENTITY-BASED ACCESS CONTROL By: Nghidulika Jackson Machel Jackson Student Number: 218040539 Department: Cyber Security Qualification: B. Comp. Science Hons.: Information Security Supervisor: Mr. Julius Silaa Date: 16/06/2025

  2. Introduction Digitized Financial Sector Namibia's financial sector is undergoing rapid digitization, leading to an increased reliance on real-time data sharing for core operations. Criticality of Data Sharing Real-time data sharing is crucial for enhancing customer service, robust fraud risk management, and ensuring strict regulatory compliance (LicenseSpring, 2025; ENS Africa, n.n.). Vulnerabilities in Legacy Systems Existing legacy systems and outdated access controls pose significant vulnerabilities, potentially exposing sensitive financial data to cyber threats (IT-Online, 2025). Advanced Security Solutions Zero Trust Architecture (ZTA) and Identity-Based Access Control (IBAC) offer advanced, adaptive solutions to these pervasive security challenges.

  3. Problem Statement Rising Cyber Threats The Namibian financial sector faces an escalating number of sophisticated cyber threats, demanding more resilient security postures. Inadequate Perimeter Security Current reliance on perimeter security and traditional Role-Based Access Control (RBAC) is proving insufficient against modern attack vectors (Kindervag, 2020). Lack of Standardized Framework There is a notable absence of a standardized, sector-wide data sharing security framework tailored for Namibia's unique operational context. No Localized ZTA/IBAC Adaptation A significant gap exists in the localized adaptation and implementation of ZTA and IBAC principles specifically for Namibian financial institutions.

  4. Research Objectives 1 Main Objective To develop a Zero Trust (ZT)-based Identity-Based Access Control (IBAC) framework specifically designed for Namibian financial organizations. 2 Evaluate ZTA & IBAC Suitability Assess the practical suitability and theoretical applicability of ZTA and IBAC within the unique operational context of Namibia's financial landscape. 3 Explore Stakeholder Perceptions Investigate and document the perceptions and experiences of key stakeholders regarding the adoption and implementation challenges of ZTA and IBAC. 4 Design a Contextual Framework Formulate a comprehensive and contextualized ZT-based IBAC framework that addresses the specific needs and regulatory environment of Namibian financial institutions. 5 Validate Framework via Expert Feedback Validate the proposed framework through rigorous expert feedback and iterative refinement, ensuring its practical applicability and robustness.

  5. Research Questions 1 2 3 Existing Frameworks Stakeholder Perceptions Policy Impact What existing data sharing security frameworks are currently utilized or are applicable to Namibian financial institutions? What are the key perceptions and attitudes of stakeholders regarding the adoption and efficacy of Zero Trust and IBAC principles in the Namibian financial sector? How might anticipated or future policy changes at both national and international levels affect data sharing security practices in Namibian financial organizations? 4 Efficiency & Security Will a ZT-based IBAC framework effectively enhance data sharing security within Namibian financial institutions while simultaneously maintaining or improving operational efficiency?

  6. Literature Review Traditional RBAC Models IBAC Traditional Role-Based Access Control (RBAC) models are often inflexible and struggle to adapt to dynamic threat landscapes, making them outdated for modern security demands (Kindervag, 2020). Identity-Based Access Control (IBAC) offers dynamic access decisions based on user identity, device posture, and contextual factors, providing more granular control than static roles (JumpCloud, 2025). ZTA Principles Emerging Trends Zero Trust Architecture (ZTA) emphasizes core principles such as least privilege access and continuous verification, challenging the traditional perimeter-based security model (CISA, n.d.). The cybersecurity landscape is rapidly evolving with emerging trends like blockchain for immutable logs, federated identity for seamless access, and decentralized systems for enhanced resilience (Ahmadi, 2025).

  7. Significance/Importance Strengthened Data Protection Regulatory Compliance Secure Collaboration The framework will facilitate secure and trusted data sharing among banks, fintech companies, and regulatory bodies, fostering a more collaborative ecosystem. The proposed framework will significantly enhance the protection of sensitive financial data, safeguarding customer information and organizational assets. It will ensure stricter adherence to national and international financial regulations, reducing the risk of penalties and reputational damage. Extends ZTA Research Academically, this research extends Zero Trust Architecture studies to developing markets like Namibia, providing unique contextual insights.

  8. Research Methodology Qualitative, Interpretivist Approach This research adopts a qualitative, interpretivist approach, aiming to understand the subjective meanings and social realities of cybersecurity practices within the Namibian financial sector. Multi-Case Study Design A multi-case study design will be employed, allowing for an in-depth exploration of data sharing security practices across various financial organizations in Namibia. Data Collection Methods Data will be collected through comprehensive document analysis, semi-structured interviews with key stakeholders, and desktop inspections of relevant systems and policies. Thematic Data Analysis Thematic data analysis will be utilized to identify patterns, recurring themes, and critical insights from the collected qualitative data, providing a rich understanding of the research problem.

  9. Delineations and Limitations Delineation: Formal Financial Sector Only Limitation: Small Sample Size The scope of this research is strictly delineated to focus exclusively on Namibia's formal financial sector, excluding informal financial activities or other economic sectors. A potential limitation is the small sample size due to the specialized nature of the target organizations and the accessibility of key personnel for interviews. Limitation: Restricted Data Access Limitation: Conceptual Framework Evaluation Access to highly sensitive internal data and proprietary security configurations may be restricted, limiting the depth of technical analysis that can be performed. The framework validation will be primarily conceptual, based on expert feedback and theoretical soundness, rather than a full-scale technical implementation and performance evaluation.

  10. Assumptions Reflective Practices Honest Participant Responses The described organizational practices and policies are assumed to accurately reflect the actual operational realities and security implementations within the financial institutions. It is assumed that all participants will provide truthful and candid responses during interviews, reflecting their genuine perceptions and organizational realities. Adequate Infrastructure Receptiveness to Adoption It is assumed that Namibian financial institutions possess the foundational IT infrastructure and technical capabilities necessary to support the conceptual implementation of the proposed framework. There is an assumption of a reasonable level of receptiveness among Namibian financial organizations to consider and potentially adopt advanced security paradigms like ZTA and IBAC.

  11. Risk, Feasibility & Ethical Considerations Risks: • Time constraints. • Limited participant knowledge. • Organizational reluctance. Feasibility: • Clearly defined research scope and institutional support. • Availability of rich, relevant literature to ground the study. Ethical Considerations: • Adherence to NUST research ethics guidelines. • Informed consent will be obtained from all participants. • Data confidentiality and anonymity will be strictly maintained.

  12. Chapter Overview

  13. References

More Related