African Researchers Magazine (ISSN: 2714-2787) – premier source for latest African research, science and scholarly news

Tag: risk management

  • Strengthening Cybersecurity in Construction: Strategies to Protect Project Data from Phishing, Ransomware, and Digital Threats in the Industry 4.0 Era

    Strengthening Cybersecurity in Construction: Strategies to Protect Project Data from Phishing, Ransomware, and Digital Threats in the Industry 4.0 Era


    Illustrative Image: Strengthening Cybersecurity in Construction: Strategies to Protect Project Data from Phishing, Ransomware, and Digital Threats in the Industry 4.0 Era
    Image Source & Credit: IETresearch
    Ownership and Usage Policy

    A recent study by Tambwe et al. (2025) titled “Measures to Address Cyber‐Attacks in Construction Project Data Management Processes: A Cybersecurity Perspective” published in IET Information Security reveals that the industry faces escalating risks from phishing, ransomware, SQL injection, malware, insider threats, data loss, and denial-of-service (DDoS) attacks.

    Effective cybersecurity in construction requires combining human awareness, organizational policies, and technical safeguards for robust data protection.– Tambwe et al. 2025

    The study explores the growing intersection of digital transformation and cybersecurity in the construction industry. As the sector embraces Industry 4.0 technologies and increasingly digitizes its project data, it becomes more exposed to a range of cyber threats that can disrupt operations, compromise data integrity, and damage reputations. The research focuses on identifying the cybersecurity threats affecting construction data management, evaluating the protective measures currently adopted by professionals, and recommending strategies to strengthen data security across construction projects. The findings reveal that the industry faces escalating risks from phishing, ransomware, SQL injection, malware, insider threats, data loss, and denial-of-service (DDoS) attacks. These threats not only jeopardize sensitive information but also lead to project delays, financial losses, and reputational damage.

    Overall, the study emphasizes that cybersecurity is a vital component of modern construction project management. Technical tools alone are insufficient; human awareness, organizational policies, and compliance with standards are equally crucial. A multi-layered defense strategy, integrating technology, governance, and education, offers the most effective protection. Finally, the research notes that while budget constraints in developing countries remain a barrier to robust cybersecurity adoption, cost-effective alternatives such as open-source tools and cloud-based services can provide practical and scalable solutions to enhance data protection in construction projects.

    How the Study was Conducted

    The study adopted a quantitative research methodology to evaluate how construction professionals manage cybersecurity risks in project data management. A structured online questionnaire, designed using Google Forms, was distributed through LinkedIn and email to reach professionals across Gauteng Province, South Africa. Participants included quantity surveyors, architects, civil, mechanical, and electrical engineers, IT professionals, construction managers, and project managers, all selected based on their professional experience and affiliations.

    To ensure fairness and diversity, a random sampling method was employed, targeting 115 professionals, with 81 valid responses received. The research was ethically approved by the Ethics and Plagiarism Committee of the University of Johannesburg (Approval No. UJ-FEBE-FEPC00246).

    Data collected were analyzed using statistical techniques. Respondents rated cybersecurity measures on a five-point Likert scale, and results were converted into Mean Item Scores (MIS) for ranking. Descriptive statistics were used to interpret demographic data, while Exploratory Factor Analysis (EFA) grouped related cybersecurity measures. The Kruskal–Wallis H test was applied to examine differences in perceptions among professional groups, with p-values less than 0.05 indicating statistically significant variations.

    Overall, the analysis enabled the identification of the most valued cybersecurity measures and assessed the extent of agreement among various professional disciplines in managing cybersecurity risks in construction project data management.

    What the Authors Found

    The authors found that effective cybersecurity in construction project data management depends on a multi-layered approach combining staff training, technological safeguards (like encryption and VPNs), and strong regulatory compliance, as human awareness and organizational strategies were found to be just as crucial as technical measures in mitigating cyber risks.

    Why is this important

    Safeguarding Sensitive Construction Data: The study underscores the urgent need to protect confidential project information—such as designs, contracts, and client details—from cyber-attacks using measures like encryption, VPNs, and staff training to prevent financial losses, delays, and legal risks.

    Promoting Secure Digital Transformation: By addressing cybersecurity concerns, the study provides a clear roadmap for safely integrating Industry 4.0 technologies—including BIM, IoT, and AI tools—helping construction firms adopt digital innovations with confidence.

    Advancing Affordable Cybersecurity for Developing Economies: It highlights that cost-effective solutions like cloud-based systems, open-source software, and public–private partnerships can enable small and medium-sized firms in developing countries to strengthen cybersecurity without excessive costs.

    Strengthening Human-Centered Security: Recognizing that technology alone is insufficient, the study identifies staff training as the most effective defense, emphasizing the importance of human awareness and a strong organizational security culture.

    Delivering Data-Driven Insights for Strategic Decision-Making: Through rigorous statistical analysis, the research offers evidence-based guidance to help construction firms prioritize the most effective cybersecurity measures and allocate resources more strategically.

    What the Authors Recommended

    • The authors recommend prioritizing continuous staff training and cybersecurity awareness programs to reduce insider threats and human error. Educating employees on data protection, password management, and phishing prevention is identified as the most effective first line of defence.
    • A comprehensive defence strategy should combine technical, organizational, and regulatory measures. This includes deploying firewalls, antivirus software, encryption, VPNs, IDS/IPS, SSL, regular backups, software updates, and aligning with recognized standards such as the NIST SP 800-30 framework.
    • To overcome budget limitations—particularly in developing countries—the authors advise using open-source tools and cloud-based services and forming government-private sector partnerships to subsidize training and security initiatives, focusing on low-cost, high-impact actions.
    • Organizations are encouraged to include cyber insurance as part of their overall risk management strategy to mitigate potential financial losses from data breaches, ransomware, or system disruptions.
    • Furthermore, the study urges construction firms to adopt Industry 4.0 technologies—such as BIM, IoT, and AI—while integrating robust cybersecurity measures that evolve alongside technological advancements, enabling safe and confident digital transformation.
    • In addition, recognizing the diversity of infrastructure and expertise across regions, the authors recommend tailoring cybersecurity strategies to local conditions and fostering collaboration among academia, industry, and government to strengthen cybersecurity capacity and resilience.

    In conclusion, the study by Tambwe et al. (2025) reinforces that safeguarding construction project data requires more than just advanced technology—it demands a comprehensive, human-centered cybersecurity culture supported by affordable, scalable solutions and continuous collaboration across industry, academia, and government to ensure resilient and secure digital transformation in the construction sector.

  • GARFISMA Model with α-Stable Innovations: A Breakthrough in Time Series Analysis for Finance, Hydrology, and Telecommunications

    GARFISMA Model with α-Stable Innovations: A Breakthrough in Time Series Analysis for Finance, Hydrology, and Telecommunications

    A study by Keita et al. (2021) titled “Infinite variance stable Gegenbaeur Arfisma models” published in Afrika Statistika reveals that the Gegenbauer ARFISMA process with α-stable innovations offers a powerful framework for modeling time series data characterized by long memory, cyclical patterns, seasonality, and high variability.

    The GARFISMA model with α-stable innovations effectively captures long memory, seasonality, and infinite variance, making it ideal for complex time series analysis.– Keita et al. 2021

    This study focuses on the development and theoretical framework of the Gegenbauer AutoRegressive Fractionally Integrated Seasonal Moving Average (GARFISMA) process with α-stable innovations, offering a robust approach to modeling real-world data characterized by long memory, seasonal patterns, cyclical fluctuations, and high variability. The study explores the family of α-stable distributions, which are widely used in statistical analysis, particularly for modeling data that exhibit jumps and extreme events. These distributions, known for their heavy tails and power-law decay, are applicable in diverse fields such as finance, biomedicine, and physics. Their ability to capture infinite variance makes them essential for analyzing financial market returns, hydrological data, and network traffic.

    GARFISMA Process
    The GARFISMA model is introduced as an extension of existing time series models, incorporating α-stable innovations to better represent data with infinite variance. This process is designed to handle long memory effects, seasonal trends, and high variability, making it suitable for financial markets and other domains where extreme fluctuations are common.

    Causality and Invertibility
    A key contribution of this study is the establishment of conditions for the causality and invertibility of the GARFISMA process. These properties ensure that the model can be used for reliable forecasting and meaningful analysis, making it a practical tool for time series applications. To validate the effectiveness of the GARFISMA model, simulations are conducted, demonstrating its ability to capture infinite variance and heavy tails—key characteristics of real-world time series data. The results illustrate the process’s suitability for modeling financial market returns and other datasets with extreme variations. By extending traditional time series models, the GARFISMA process enhances the ability to analyze data with complex patterns and extreme events. This makes it particularly relevant for financial markets, hydrology, telecommunications, and other fields dealing with long memory and high variability. The study concludes with insights into the model’s practical applications, reinforcing its value for both researchers and practitioners.

    How the Study was Conducted

    Development and Analysis of the GARFISMA Process
    The study introduces the Gegenbauer AutoRegressive Fractionally Integrated Seasonal Moving Average (GARFISMA) process with α-stable innovations, designed to model data exhibiting long memory, seasonal patterns, cyclical fluctuations, and high variability. This model extends traditional time series frameworks to better handle datasets characterized by infinite variance and heavy tails, making it particularly useful in fields such as finance, hydrology, and telecommunications.

    Model Formulation and Theoretical Foundations
    The authors formulate the GARFISMA process, incorporating α-stable innovations to enhance its applicability in real-world scenarios. A key aspect of this development is the establishment of theoretical conditions for causality and invertibility, ensuring that the model remains well-defined and suitable for predictive analysis. These properties are critical for guaranteeing meaningful and reliable time series modeling.

    Simulation Studies and Practical Applications
    To validate the performance of the GARFISMA process, a series of simulations were conducted. These simulations illustrate how the model effectively captures infinite variance, heavy tails, and complex data structures. Additionally, the study applies the model to financial market data, demonstrating its ability to accommodate extreme variations and enhance predictive accuracy in real-world datasets.

    Results and Analysis
    An in-depth analysis of the simulation results confirms the model’s ability to capture key time series characteristics, including long memory, seasonality, and high variability. This evaluation highlights the robustness of the GARFISMA framework in representing complex stochastic processes.

    What the Authors Found

    The authors found that the Gegenbauer ARFISMA process with α-stable innovations offers a powerful framework for modeling time series data characterized by long memory, cyclical patterns, seasonality, and high variability. The posit that the GARFISMA model can capture complex features of time series data, including long memory, seasonality, and cyclical fluctuations. The inclusion of α-stable innovations makes the model particularly suitable for data with infinite variance and heavy tails, which are common in fields like finance and hydrology. Overall, the authors found that the GARFISMA model with α-stable innovations is a valuable tool for researchers and practitioners dealing with time series data exhibiting long memory, seasonality, and high variability. The model’s ability to handle infinite variance makes it particularly useful for financial and hydrological applications.

    Why is this important?

    Modeling Complex Phenomena: Many real-world data sets, especially in finance, hydrology, and telecommunications, exhibit characteristics like long memory, seasonality, and high variability. Traditional models often struggle to capture these complex patterns accurately. The GARFISMA process addresses these challenges, offering a robust tool for analyzing such data.

    Innovative Approach: The incorporation of α-stable distributions into the GARFISMA model represents a significant advancement. α-stable distributions are particularly useful for modeling data with heavy tails and infinite variance, which are common in financial markets and other applications.

    Financial Market Analysis: In finance, understanding and predicting market returns is crucial. The GARFISMA model, with its ability to handle infinite variance and heavy tails, provides a more accurate framework for analyzing financial data, leading to better risk management and investment strategies.

    Extending Existing Models: The study extends several existing time series models by incorporating α-stable innovations. This makes the GARFISMA model a more comprehensive tool, capable of capturing a wider range of data behaviors and patterns.

    Empirical Validation: Through simulations and practical applications, the authors have demonstrated the effectiveness of the GARFISMA process in capturing the characteristics of complex time series data. This empirical validation reinforces the model’s utility and reliability.

    Foundation for Further Research: The findings provide a foundation for future research in time series analysis and related fields. Researchers can build on this work to develop even more refined models and techniques for analyzing complex data.

    What the Authors Recommended

    The authors offer several recommendations based on their findings and the implications of their study:

    • The authors recommend that future research should explore extensions of the GARFISMA model to other types of data beyond finance and hydrology. For example, applications in telecommunications, biomedicine, and environmental sciences could be beneficial.
    • Additional work is needed to refine the parameters of the GARFISMA model, particularly in terms of the α-stable distributions. More precise estimation methods could enhance the model’s accuracy and applicability.
    • The authors recommend further empirical validation of the model using diverse datasets. This would help to establish the robustness and generalizability of the GARFISMA process across different fields and applications.
    • The study emphasizes that developing efficient algorithms for fitting the GARFISMA model to large datasets is crucial. These algorithms should be able to handle the computational complexity associated with the α-stable distributions and long memory processes.
    • Practitioners in finance, hydrology, and other fields should consider adopting the GARFISMA model for their data analysis needs. The model’s ability to capture complex data patterns makes it a valuable tool for decision-making and risk management.
    • The study highlights the importance of educating researchers and practitioners about the benefits and applications of the GARFISMA model. Workshops, seminars, and publications could help disseminate this knowledge.
    • The authors encourage interdisciplinary collaboration to further develop and apply the GARFISMA model. Combining expertise from different fields can lead to innovative solutions and new insights.

    In conclusion, this study marks a significant advancement in time series analysis by introducing the GARFISMA model with α-stable innovations. By effectively capturing long memory, seasonal trends, cyclical fluctuations, and infinite variance, the model provides a robust framework for analyzing complex datasets. The rigorous theoretical development, including the conditions for causality and invertibility, along with supportive simulation studies, underscores its practical value in diverse fields such as finance, hydrology, and telecommunications. This innovative approach not only enhances our ability to model extreme events and heavy-tailed data but also lays a strong foundation for future research and interdisciplinary applications in advanced statistical modeling.

  • Start-Up Microenterprise Financing Boosts Microfinance Institution Performance: Insights from a Global Study

    Start-Up Microenterprise Financing Boosts Microfinance Institution Performance: Insights from a Global Study

    A recent study by Adusei, M., & Adeleye, N. (2024) titled “Start-up microenterprise financing and financial performance of microfinance institutions” published in the Journal of Small Business & Entrepreneurship by Taylor & Francis Group shows start-up microenterprise financing generally improves the financial performance of microfinance institutions (MFIs)

    Start-up microenterprise financing generally enhances MFI financial performance, but its effectiveness diminishes as MFI size increases.-Adusei, M., & Adeleye, N. 2024

    The study explores the impact of start-up microenterprise financing on the financial performance of microfinance institutions (MFIs). It reveals that providing financial support to start-up microenterprises generally leads to improvements in the financial performance of MFIs. However, this positive effect diminishes as the size of the MFI increases, indicating that larger institutions benefit less from financing start-ups compared to smaller ones. To investigate this relationship, the study employs a range of panel estimation techniques, allowing for robust analysis across different MFIs over time. In addition, an interaction analysis is conducted to specifically examine how MFI size moderates the impact of start-up microenterprise financing on financial outcomes. The interaction analysis is critical in understanding the nuances of this relationship, as it highlights that while start-up financing can enhance performance, its effectiveness is not uniform across all MFIs.

    How the Study was Conducted

    The study utilizes data from various sources, including Mix Market, the World Bank, and World Governance Indicators, covering a sample of 532 microfinance institutions (MFIs) across 73 countries between 2010 and 2018. The financial performance of these MFIs is assessed through two key metrics: operational self-sufficiency (OSS) and return on assets (ROA). Start-up microenterprise financing is quantified by the percentage of financed microenterprises classified as start-ups, while MFI size is measured using the natural logarithm of total assets. The study also accounts for a range of control variables, including efficiency, credit risk, capital adequacy ratio, breadth and depth of outreach, financial development, and GDP growth rate, to provide a comprehensive analysis of the factors influencing MFI performance.

    What the Authors Found

    The study found that start-up microenterprise financing generally improves the financial performance of microfinance institutions (MFIs) and the positive impact decreases when start-up financing interacts with the size of the MFI, meaning larger MFIs benefit less.

    Why is this important?

    Financial Performance Insight: The study provides evidence that start-up microenterprise financing improves the financial performance of microfinance institutions (MFIs), which is crucial for their sustainability and growth.
    Risk Management: It highlights that the positive impact of financing start-ups decreases with the size of MFIs, suggesting that larger MFIs might benefit less from such financing, which is important for risk assessment and management.
    Policy Implications: The findings offer valuable insights for policymakers and stakeholders in the microfinance sector, helping them to formulate strategies that enhance the effectiveness and sustainability of MFIs.
    Literature Contribution: This research fills a gap in the existing literature by exploring the relationship between start-up microenterprise financing and MFI financial performance, contributing to a better understanding of the factors influencing MFI success.

    What the Authors Recommended

    • The authors emphasize the importance of collaboration between different stakeholders to improve outcomes.
    • The study suggests implementing policy reforms to address existing challenges and gaps.
    • The study advocates for more research to explore new solutions and validate findings.
    • In addition, the authors recommend increasing education and training opportunities to build capacity and expertise.

    In conclusion, the study by Adusei and Adeleye offers valuable insights into the impact of start-up microenterprise financing on the financial performance of microfinance institutions. While this type of financing generally enhances the operational efficiency and returns of MFIs, its effectiveness is moderated by the size of the institution, with smaller MFIs benefiting more. The findings emphasize the need for targeted strategies and policies that account for the varying effects of start-up financing across different MFI sizes. This research not only contributes to the academic literature but also provides practical guidance for policymakers, stakeholders, and microfinance practitioners in optimizing financial support to drive sustainable growth and performance in the microfinance sector.

  • Strengthening Cybersecurity: The Vital Role of Internal Audit in Governance and Risk Management

    Strengthening Cybersecurity: The Vital Role of Internal Audit in Governance and Risk Management

    In an era marked by rapidly evolving cybersecurity threats, organizations face significant challenges in protecting their digital assets and sensitive information. The role of internal audit functions has become increasingly vital in navigating these challenges and enhancing cybersecurity measures. As the third line of defense in cybersecurity governance, internal auditors provide independent assurance and evaluation, playing a pivotal role in ensuring robust risk management practices and regulatory compliance.

    Assessing Cybersecurity Governance

    Effective cybersecurity governance is essential for aligning cybersecurity objectives with the organization’s overall strategic goals. Internal auditors assess the establishment and effectiveness of cybersecurity policies, procedures, and frameworks. This includes evaluating the clarity of roles and responsibilities within the organization. By scrutinizing the governance structure, internal audit functions can identify areas for improvement and ensure that cybersecurity efforts are integrated into the organization’s overarching governance framework.

    Statistical Insights

    1. Cybersecurity Governance Impact: A study by the International Data Corporation (IDC) revealed that organizations with strong cybersecurity governance frameworks experience 30% fewer security incidents compared to those with inadequate governance structures.
    2. Internal Audit Contribution: Research by the Institute of Internal Auditors (IIA) found that 82% of organizations view internal audit functions as instrumental in assessing and improving cybersecurity governance.
    3. Organizational Integration: According to the Grant Thornton Business Pulse report, 45% of mid-market businesses have implemented a cybersecurity framework, 37% have defined cyber strategies, policies, and procedures, but only 29% have a dedicated team focusing on cybersecurity.

    These statistics highlight the critical role of internal audit functions in reinforcing cybersecurity governance within organizations.

    Evaluating Risk Management Practices

    Cybersecurity risk management involves identifying, analyzing, and mitigating risks related to information technology and security. Internal auditors play a crucial role in evaluating the organization’s risk management practices. This includes the identification of cyber risks, the effectiveness of risk assessment methodologies, and the adequacy of risk mitigation strategies. By conducting comprehensive risk assessments and evaluating risk management processes, internal audit functions help organizations prioritize their cybersecurity efforts and allocate resources effectively.

    The “Cost of a Data Breach Report 2023” by IBM Security and the Ponemon Institute highlighted that the global average cost of a data breach increased by 2.3% compared to the previous year, reaching $4.45 million. The report also noted that the average time to identify and contain a data breach was 196 days, underscoring the prolonged exposure of sensitive data and the potential for extensive damage.

    Data Privacy Concerns

    Data privacy has emerged as a significant risk for businesses, with data breaches posing substantial threats to organizational reputation and financial stability. Various countries have responded by implementing stringent data privacy laws and regulations. Internal audit functions are well-positioned to assess and mitigate these risks effectively, ensuring compliance with regulatory requirements and protecting sensitive data.

    Enhancing Control Processes

    Cybersecurity control processes serve as the frontline defenses against cyber threats. Internal auditors assess the design and effectiveness of these controls, which include technical controls, administrative controls, and physical controls. By evaluating processes such as access controls, encryption mechanisms, and incident response procedures, internal audit functions help identify weaknesses and vulnerabilities in the organization’s cybersecurity defenses. Furthermore, internal auditors ensure that control processes are properly implemented and monitored to detect and respond to cyber threats in a timely manner.

    Cloud Security Challenges

    One area where companies often fall short is in cloud assurance. Major cloud service providers like Microsoft Azure and Amazon Web Services offer robust security measures, but the responsibility for configuring and securing the environment ultimately lies with the organization. In the shared cloud model, ensuring the proper configuration and implementation of security measures becomes even more critical. Many companies mistakenly believe that migrating to the cloud automatically addresses all security concerns. However, inadequately configured environments can leave organizations vulnerable to cyber threats.

    According to a recent survey by McAfee, 83% of organizations store sensitive data in the cloud, yet only 29% have implemented proper security measures to protect it. This highlights the urgent need for organizations to enhance their cloud security practices.

    Leveraging Cybersecurity Topical Requirements

    The cybersecurity topical requirements published by the IIA provide a structured approach to assessing cybersecurity practices. These requirements cover key areas such as governance, risk management, and control processes. By following these guidelines, internal audit teams can ensure their assessments are comprehensive and aligned with industry standards. Additionally, using cybersecurity topical requirements facilitates consistency and comparability across internal audit engagements, enabling organizations to benchmark their cybersecurity practices against industry peers.

    Conclusion

    Internal audit functions play a crucial role in enhancing cybersecurity within organizations. By leveraging established frameworks and standards, such as the cybersecurity topical requirements published by the IIA, internal auditors help organizations assess and improve their cybersecurity governance, risk management, and control processes. Through thorough assessments and valuable insights, internal audit functions contribute to strengthening the organization’s cyber posture and mitigating the risks associated with cyber threats.