Authors :
Tinashe Blessing Chuwe; Mainford Mutandavari
Volume/Issue :
Volume 7 - 2022, Issue 2 - February
Google Scholar :
http://bitly.ws/gu88
Scribd :
https://bit.ly/3teKDZC
DOI :
https://doi.org/10.5281/zenodo.6359420
Abstract :
Regardless of massive investment into
complex and advanced computing infrastructure in
Africa and Zimbabwe in particular, there is growing
concern for the asymmetric development in
comprehensive security systems to tally this thrust in
technology investment. As Data Centres are deployed to
solve complex industry and development problems in the
country, the security infrastructure need to be
considered as well by clearly applying identifiable cyber
security risk management framework. This study
therefore sought to:i.develop a cloud-based cyber
security risk system to identify security vulnerabilities. ii
estimate the Data centre aggregate risk score in real-
time, and iii. Control identified threats. The results
indicate that the proposed risk assessment framework is
no like any of the surveyed past such frameworks but
helps to complement such. It adds to the perspective of
managing risks at hybrid data centres. Ability to capture
the human perspectives through creation of
comprehensive requirement. text files helps to capture
not only the technical details of the threats but also
considers the human perspectives enriching the way risk
is calculated and defined. A hybrid data centres have no
unique vulnerabilities and threats than other computing
infrastructure. However, it seems some vulnerabilities
and threats are more common for the data centres than
other infrastructure. In this study, denial of service and
malware are some of the threats which are peculiar to
data centres. Furthermore, due to complexity in the
mixture and combination of software and application
suit at a data centre, the range of threats may not be
predefined nor generalised from one centre to the other.
Empirical testing and verification of these weaknesses
need customised and personalised approach as indicated
in this study. For a comprehensive risk assessment
framework that does not capture computing-related
threats and vulnerabilities, further research is pertinent
that also captures the human perspectives and other
security dimensions such as the physical and personal
security issues at the data centre. Better future
frameworks may need to incorporate not only the
quantitative risk assessments but incorporate the
qualitative elements to risk.
Keywords :
Data Centre, Software, Risk Score, Vulnerabilities, Framework, Threat, Exploits, Security
Regardless of massive investment into
complex and advanced computing infrastructure in
Africa and Zimbabwe in particular, there is growing
concern for the asymmetric development in
comprehensive security systems to tally this thrust in
technology investment. As Data Centres are deployed to
solve complex industry and development problems in the
country, the security infrastructure need to be
considered as well by clearly applying identifiable cyber
security risk management framework. This study
therefore sought to:i.develop a cloud-based cyber
security risk system to identify security vulnerabilities. ii
estimate the Data centre aggregate risk score in real-
time, and iii. Control identified threats. The results
indicate that the proposed risk assessment framework is
no like any of the surveyed past such frameworks but
helps to complement such. It adds to the perspective of
managing risks at hybrid data centres. Ability to capture
the human perspectives through creation of
comprehensive requirement. text files helps to capture
not only the technical details of the threats but also
considers the human perspectives enriching the way risk
is calculated and defined. A hybrid data centres have no
unique vulnerabilities and threats than other computing
infrastructure. However, it seems some vulnerabilities
and threats are more common for the data centres than
other infrastructure. In this study, denial of service and
malware are some of the threats which are peculiar to
data centres. Furthermore, due to complexity in the
mixture and combination of software and application
suit at a data centre, the range of threats may not be
predefined nor generalised from one centre to the other.
Empirical testing and verification of these weaknesses
need customised and personalised approach as indicated
in this study. For a comprehensive risk assessment
framework that does not capture computing-related
threats and vulnerabilities, further research is pertinent
that also captures the human perspectives and other
security dimensions such as the physical and personal
security issues at the data centre. Better future
frameworks may need to incorporate not only the
quantitative risk assessments but incorporate the
qualitative elements to risk.
Keywords :
Data Centre, Software, Risk Score, Vulnerabilities, Framework, Threat, Exploits, Security