Abstract
The water sector has attempted to bridge the gap between operating and information
technology systems by overlapping these systems to reduce maintenance costs and optimise
the control and monitoring systems. Due to this, the potential for cyber threats has increased
significantly. To reduce the risk in cyber threats, resources should be put in place that can
prevent, detect and mitigate these types of threats. Currently, there is no clear definition of the
required work roles for cyber security practitioners in the water sector of South Africa. The aim
of this research was to create a framework that will define the cyber security practitioners'
work roles for the South African water sector. This research is vital to the water sector because
it will provide water quality and quantity assurance to South Africa's diverse domestic and
strategic water users by defining the required cyber security work roles and thereby
decreasing the water sector's potential for cyber threats.
A literature review was conducted to understand the water sector of South Africa and to
determine the available guidelines and frameworks to define the cyber security considerations
as well as the work roles for cyber security practitioners in the water sector.A content analysis
was performed on the identified documentation to develop the cyber security considerations.
Based on these considerations, work roles were defined with the NIST NICE CWF as the
baseline data source. Verification and validation were performed using SFIA. The results from
the data analysis process were used to develop a framework detailing the work roles for cyber
security practitioners for the water sector of South Africa.
The study found that cyber security considerations and work roles such as physical security
of assets related to cyber security, testing and assessment of cyber security methods, cyber
security related to supply chains as well as incident investigation and interfacing with law
enforcement, were not well defined in the industry. These considerations are critical to
ensuring that the cyber security measures in place are effective and that if an incident occurs,
criminal conduct related to cyber risks are identified, investigated and prevented in the future.
It was also identified that there is an alignment issue between the skills and knowledge
required to fulfil the cyber security practitioner work roles and the available educational
programmes. By developing the framework, it can be used to ensure that the correct
individuals are put in the required positions as well as highlight to the industry the skills and
knowledge required to circumvent the rise in cyber threats in the South African water sector.