Developing a cyber-security governance framework for Zimbabwe local authorities: Challenges and Solutions

Abstract

The study investigated challenges faced by Zimbabwe local authorities when developing a cyber-security governance framework. This study employed exploratory research which induced a qualitative study guided by the interpretivist philosophy. The case study surveyed Harare, Bulawayo, Gweru, Masvingo and Mutare local authorities. Semi-structured interviews were used to gather data, and forty respondents were chosen using purposive sampling. The study employed structural coding and thematic analysis as data analysis techniques and the software tool used for coding and data analysis was Maxqda. In addition, document review, social media and literature review were used to triangulate data from interviews to strengthen validity and reliability of the study. The results of the study showed that the presence of politics, economic hardships, lack of adaptability to technological changes, obsolete IT infrastructure, and lack of corporate governance practices are major factors which negatively impact the development of a cyber-security governance framework for Zimbabwe local authorities. As such, the study proposed a model with measures to counter these challenges. The proposed model enhances risk management processes, improve regulatory compliance, increase stakeholder confidence, and improve operation efficiency in Zimbabwe local authorities. However, the major limitation of the study was that, only views from the selected five urban local authorities were obtained out of ninety-two local authorities in Zimbabwe.