National Critical Information Infrastructure Protection through Cybersecurity: A National Government Perspective

The South African national government is forging ahead with digitalisation plans to enhance socioeconomic growth in the country. However, digitalisation is accompanied by detrimental cybersecurity risks that may potentially exacerbate the vulnerability of the National Critical Information Infrastructure (NCII) of South Africa to cyber-attacks. Therefore, the envisaged digitalisation benefits in South Africa may be offset by the increased cybersecurity risk on the NCII of the country. Through a theoretical literature review, this study aims to investigate digitalisation and identify the cybersecurity risks it poses to the National Critical Information Infrastructure of South Africa, from a national government policy perspective. A gap has been identified in Information and Communications Technology for Development (ICT4D) research studies that researchers tend to focus on the implementation of ICTs while neglecting the policy aspect that is meant to direct and control the implementation of ICTs. Therefore, this study bridges this gap by approaching digitalisation and cybersecurity from a national government policy perspective. The output of this study is a National Critical Information Infrastructure Protection (through Cybersecurity) Conceptual Framework (NCIIP-CF) that is applicable to all spheres of government (local, provincial or national) as policy makers. The NCIIP-CF demonstrates an approach that embeds cybersecurity in the digitalisation process for the national government of South Africa, thus enabling an NCII that is resilient to cybersecurity risks.