School of Information Technology and Engineering
Permanent URI for this collection
Browse
Browsing School of Information Technology and Engineering by Author "Elefelious Getachew (PhD)"
Now showing 1 - 3 of 3
Results Per Page
Sort Options
Item Assessing Cybersecurity Readiness in Ethiopia Fintech Sector(Addis Ababa University, 2024-10) Teklehymanot Meheret; Elefelious Getachew (PhD)Ethiopian fintech sector brought a significant transformation on the financial transaction and payment instrument business. This change however poses concerns on various stakeholders that the country’s ability to protect the business and to mitigate the risks caused by bad actors to exploited the vulnerability. The research aim to investigate the cybersecurity readiness and preparedness of fintech and also how their practice is met the international standard through answering three research questions.Regulators and fintech companies the major stakeholders this study utilized the proposes of got the relevant information. The research identified governance, resilience and competency as a core variable to evaluates the readiness of the sector which is very much mapped with the international standard including NIST CSF, ISO/IEC 27001 and FFIEC. The study also prepared two separates the questionnaires to address the two participants current cybersecurity practice. The collected data analyzed and observed that there is clear gap and lack of readiness. The sector lacks comprehensive framework that meet the international standard according to the research findings. There was limited practice of the backup, business continuity plan and an incident response plan which impact the resilience of the sector. The other challenge this research identified was inadequate skilled cybersecurity experts and awareness level that impacted the competency of fintech ecosystem to enhance the awareness level as well as creating cybersecurity culture. The research developed a cybersecurity assessment framework that help the sector to protect their critical assets through a proper evaluation and assessment their risk and weakness. The proposed framework subjected to went through a validation process to make sure the framework relevance to the challenged identified in the research and met the basic global standard. The research concludes with valuable recommendations and consideration to enhance cybersecurity practice, collaboration and developed tailored cybersecurity framework for continuous improvement..Item Cybersecurity Maturity Assessment Framework: The Case of Ethiopian Banks(Addis Ababa University, 2024-10) Yafet Ashebir; Elefelious Getachew (PhD)As the banking sector becomes a key player in globalized cyberspace with increasing reliance on digital services, it is prone to a wide range of emerging cybersecurity risks. As cybersecurity can only be achieved through a well-organized set of controls; existing cybersecurity maturity frameworks, while comprehensive and vague, fail to address the unique cybersecurity challenges faced by Ethiopian banks. The literature review discovered that no study has proposed a cybersecurity maturity assessment framework for the Ethiopian banking sector. This study aims to propose a customized framework by reviewing multiple cybersecurity maturity assessment frameworks to identify their weaknesses and strengths. After a thorough assessment, we have identified the major limitations of the existing frameworks and they are not easy to understand, expensive to implement, require intensive and equipped human resources, and are not tailored to the banking sectors to fix operational challenges. Moreover, to assess existing cybersecurity maturity frameworks in banks, data was collected from 9 selected governmental and private banks, and a thematic analysis approach was utilized for the qualitative data collected. As the findings reveal, all selected banks don’t have a proper cybersecurity maturity assessment framework as well as improper adoption of international standards. To address identified weaknesses, a customized cybersecurity maturity assessment framework is proposed to enable banks to identify their security posture and manage their security risks. The proposed framework comprises various components such as regulatory requirements, personal data protection, supply chain security, awareness and culture development, cyber governance, cyber risk management, business continuity and disaster recovery, incident response plan, information sharing, and collaboration, and incorporates international best practices like General Data Protection Regulation (GDPR). To evaluate the framework expert review has been done as the framework contributes to both academic literature and industry practice by providing a customized framework for banks to assess and improve their cybersecurity maturity.Item Provenance Blockchain with Predictive Auditing Framework for Mitigating Cloud Manufacturing Risks in Industry 4.0(Addis Ababa University, 2025-06) Mifta Ahmed; Gouveia , Luis Borges (PhD); Elefelious Getachew (PhD)Cloud manufacturing is an evolving concept that enables various manufacturers to connect and address shared demand streams regardless of their geographical location. Although this transformation facilitates operational flexibility and resource optimization, it concurrently introduces critical challenges related to continuous visibility, traceability, and proactive security management within Industrial Internet of Things (IIoT)-enabled cloud manufacturing environments. Notably, the absence of real-time insights into device states and operational behaviors increases susceptibility to unauthorized access, latent security breaches, and operational disruptions, whereas existing blockchMLn-based solutions predominantly emphasize initial authentication and transactional integrity but lack mechanisms for ongoing device verification and continuous provenance tracking. Simultaneously, artificial intelligence (ML)-driven predictive auditing techniques have evolved in isolation, without harnessing the immutability, accountability, and policy enforcement capabilities afforded by blockchMLn technology. This fragmentation results in limited traceability and weakened system integrity, particularly in dynamic IIoT ecosystems, where timely data-driven decision making is imperative. This study MLms to address these gaps through three primary objectives: (i) optimize blockchMLn architectures to support continuous monitoring, traceability, and visibility in IIoT environments; (ii) develop and integrate ML-based predictive auditing mechanisms with blockchMLn to proactively detect and mitigate security risks in IIoT-based cloud manufacturing; and (iii) evaluate the effectiveness of the integrated blockchMLn and predictive auditing framework in addressing security, traceability, and real-time visibility challenges while mMLntMLning operational continuity. Adopting a Design Science Research Methodology (DSRM), this study develops and rigorously evaluates an integrated framework that combines dynamic blockchMLn-based provenance logging with ML-driven anomaly detection. The experi-mental evaluation was conducted using a scenario-based experimental setup in a cloud simulated multizone warehouse environment involving IIoT-enabled forklifts that operated under three behavioral scenarios: fully compliant, partially compliant, and rogue. Key evaluation metrics included validation accuracy 94%, prediction precision (up to 99.7%, F1 score 90%, traceability rate (ranging from 82% to 85%, average system latency (3.95 seconds), transaction rejection rate (100% for rogue inputs), and operational uptime (100% resilience with no downtime). The results substantiate the ability of the framework to provide real-time responsiveness, robust security, and continuous traceability while mMLntMLning operational continuity, even under adversarial or non-compliant conditions. This study contributes to the body of knowledge by bridging the gap between blockchMLn technology and ML in IIoT-enabled cloud-manufacturing security. These findings have practical implications for the secure deployment of IIoT technologies across smart manufacturing ecosystems.