Abstract:
Organizations in the telecommunication sector have experienced increase in cyber-attacks caused by the Covid-19 pandemic across the globe. An analysis of the cyber threat landscape in the first half of 2021 revealed that both the volume of cyber-attacks as well as the development of new malware families increased exponentially. The purpose of the study was to investigate factors affecting the adoption of cyber security in the telecommunication industry in Kenya. The study was guided by the following specific objectives: to investigate the influence of organizational factors on cyber security in telecommunication companies; to study the influence of user/employee factors on cyber security in telecommunication companies and to examine the influence of security technology factors on cyber security in telecommunication companies. The descriptive design was used in this study. This research design was appropriate for this study since it allowed the researcher to examine how the independent variables (management, technology, and demographic factors) influenced the dependent variable (adoption of cyber security). The target population was 214 respondents in the telecommunication sector and were telecommunication policymakers, industry players, telecom managers and telecommunication professionals. The study used the census method because the population was small. Primary data collection was used in this study using a structured questionnaire. Data was analyzed descriptively using the Statistical Package for Social Sciences (SPSS) tool. Descriptive analysis including simple frequencies and measures of central tendencies like means and standard deviations were applied. The data was analyzed using inferential analysis that included correlations and regression analyses. Assumptions of linear regressions were applied to test for normality and multicollinearity symptoms within the study data, before the regression model, analysis of variance, and regression coefficients were used to examine the existing relationship between the study variables.
The study showed that there were security measures taken to protect information in the organization. The correlation analysis results showed that there was a statistical and significant linear relationship between organizational factors and cyber security (r=.696, p=<0.05). Linear regression analysis model summary revealed that organizational factors account for 48.2% of the change in the adoption of cyber security within the telecommunication industry sector (adjusted R²=.482). Analysis of Variance (ANOVA) results showed that there was a statistical linear relationship between organizational factors and adoption of cyber security (F (1,213) = 199.479, p<0.05), where a single unit change of organizational factors may influence the adoption of cyber security by 69.9%. It was revealed by the study findings that proper training on cyber security was essential in handling cyber security in the organization. The correlation analysis results showed that there was a statistical and significant linear relationship between user/ employee factors and cyber security (r=.751, p=<0.05). Linear regression analysis model summary revealed that user/ employee factors account for 56.3% of the change in the adoption of cyber security within the telecoms industry sector (adjusted R²=.563). ANOVA results showed that there was a statistical linear relationship between user/ employee factors and adoption of cyber security (F (1,213) = 274.968, p<0.05), where a single unit change of user/ employee factors may influence the adoption of cyber security by 69.1%.
The study showed that appropriate usability was an enhancement of privacy protection in the organization. The correlation analysis results showed that there was a statistical and significant linear relationship between security technological factors and cyber security (r=.780, p=<0.05). Linear regression analysis model summary revealed that security technological factors account for 60.7% of the change in the adoption of cyber security within the telecoms industry sector (adjusted R²=.607). ANOVA results showed that there was a statistical linear relationship between security technological factors and adoption of cyber security (F (1,213) = 330.416, p<0.05), where a single unit change of security technological factors may influence the adoption of cyber security by 70.9%.
The study concludes that there were security policies that provided the strategic direction of security and cyber-security culture in the organization. There had been cyber security programs that were focused on dealing with cyber security issues in the organization which ensured that the firm had knowledgeable and skilled workforce that handled escalation of cyber security attacks. There had been evaluation on spending on cyber security activities in considering its potential competitive advantage and cyber security programs were usable by all users in the organization.
This study recommends that managers and policymakers within the telecommunication industry firms in Kenya to create an environment and culture suitable for cyber security adoption within their firms. Managers and policymakers to provide proper cyber security knowledge and skills training for its employees as a significant step to overcome cyber security lameness in the organization. Managers and policy makers to change their paradigm from functional and user-oriented cybersecurity to user-oriented cybersecurity, while taking the human aspect of the users into account.
Further research could be conducted on firms in other sectors. Moreover, further research could be conducted covering other factors that influence cyber security adoption that have not been addressed in this study.