IJSSME

In the advent of technological growth, information and communication growth, the internet security has become an issue of significant importance attracting the attention of cyber security experts, governments, organizations and individuals. Cyber security has become an issue of great concern to policymakers, organizations, governments, and people yet it has received little attention in empirical literature. Cyber insecurity has resulted to data loss, financial loss, cyber bulling, drive in crime among other problems. The general objective is to establish the effect of internet of things and cyber security on Fintech companies in Kenya. The specific objectives were to analyze the effect of security configuration on cyber security among Fintech companies in Kenya and to establish the effect of system configuration on cyber security among Fintech companies in Kenya. The study employed mixed method research design by incorporating both quantitative and qualitative research. The study population were 66 Fintech companies in Kenya. The study adopted a census approach covering all the 66 information technology managers in the 66 Fintech companies in Kenya. This study employed a semi structured questionnaire and secondary data collection template. The data collected were analyzed using descriptive statistics including mean, modes and measures of dispersion. Further, based on the Common Vulnerability Scoring System ranking, the data was analyzed to provide a combined risk rating and score. Regression model was employed to determine the effect of internet of things on cyber security of Fintech companies in Kenya. Upon data analysis the study concluded that security configuration and security configuration in the Fintech companies are significant determinants of the prevalence of cyber-attacks among the Fintech companies in Kenya. The study recommended that the companies should also ensure that their IoT devices are kept as current as possible and are adequately protected from threats. The Communication Authority of Kenya ought to enact policies that would ensure that genuine IoT devices are allowed to be introduced in Kenya. Furthermore, the Fintech firms ought to ensure that they put in place policies that would ensure that their software are sourced from genuine sources.

Key Words: Internet of Things, Cyber Security, Fintech companies, Security Configuration, System Configuration

Agudelo, C. A., Bosua, R., Ahmad, A., & Maynard, S. B. (2016). Understanding knowledge leakage & BYOD (Bring Your Own Device): A mobile worker perspective. arXiv preprint arXiv:1606.01450.

Ahmad, N., & Habib, M. K. (2010). Analysis of network security threats and vulnerabilities by development & implementation of a security network monitoring solution.

Ajzen, I. (1991). The theory of planned behavior. Organizational behavior and human decision processes, 50(2), 179-211.

Ali, F., Yigang, H., & Yi, R. (2019). A novel security architecture of internet of things. International Journal of Computer Theory and Engineering, 11(5), 89-96.

Amrin, N. (2014). The impact of cyber security on SMEs (Master's thesis, University of Twente).

Anand, P., Singh, Y., Selwal, A., Singh, P. K., Felseghi, R. A., & Raboaca, M. S. (2020). IoVT: internet of vulnerable things? Threat architecture, attack surfaces, and vulnerabilities in Internet of Things And Its Applications Towards Smart Grids. Energies, 13(18), 4813.

Bartczak, K. (2021). Cybersecurity as the Main Challenge to the Effective Use of Digital Technology Platforms in E-Commerce. European Research Studies, 24(2B), 240-256.

Corby, K. (2008). Technology and quality in educational scholarly communication. Behavioral & Social Sciences Librarian, 26(3), 7-19.

de Melo, P. H., Miani, R. S., & Rosa, P. F. (2022). FamilyGuard: A Security Architecture for Anomaly Detection in Home Networks. Sensors, 22(8), 2895.

Dhatrak, A., Sarkar, A., Gore, A., Paygude, M., Waghmare, M., & Sahane, H. (2020). Cyber Security Threats and Vulnerabilities in IoT. International Research Journal of Engineering and Technology, 7(03).

Europol (2016). Cybersecurity and the Internet of Things – a Law Enforcement Perspective. Europol Unclassified – Basic Protection Level. Releasable to EU Member States and EU Institutions. The Hague, 24 April 2016.

Hsu, M. H., & Chiu, C. M. (2004). Predicting electronic service continuance with a decomposed theory of planned behaviour. Behaviour & Information Technology, 23(5), 359-373.

Jain,N.K, Mittal, P. and Saini, R.K., (2020). Security Vulnerabilities in the IoT. In Privacy Vulnerabilities and Data Security Challenges in the IoT (pp. 93-114). CRC Press. (2022).

Kilani, Y. (2020). Cyber-security effect on organizational internal process: Mediating role of technological infrastructure. Problems and Perspectives in Management, 18(1), 449.

Klimburg A, (2012). National cyber security framework manual.

Lenaeus, J. D., O'Neil, L. R., Leitch, R. M., Glantz, C. S., Landine, G. P., Bryant, J. L., ... & Johnson, C. (2015). How to implement security controls for an information security program at CBRN facilities (No. PNNL-25112). Pacific Northwest National Lab.(PNNL), Richland, WA (United States).

Mehdiyev, S. (2017). Computer System's Maintenance In A Corporate Environment. Problems of information technology, 8(1), 84-90.

Moschovitis, C. (2018). Cybersecurity Program Development for Business: The Essential Planning Guide. John Wiley & Sons.

Obaid, H.S. and Abeed, E.H., 2020. Dos and DDoS attacks at OSI layers.International Journal Multidisciplinary Research and Publication, 2(8),

Pal, S., Hitchens, M., Rabehaja, T., & Mukhopadhyay, S. (2020). Security requirements for the internet of things: A systematic approach. Sensors, 20(20), 5897.

Rabbi, F., Jubayer, A. & Hossain, S., M. (2019). Vulnerabilities to Internet of Things and Current State of the Art of Security Architecture. International Journal of Recent Technology and Engineering, 8(4), 1758-1763.

Razzak, F. (2012). Spamming the Internet of Things: A Possibility and its probable Solution. Procedia computer science, 10, 658-665.

Reuben, James & Ouma, Johnmark. (2021). Intrusion Detection and Prevention of Cyber-threats using Open-Source Software for Fintech Startup Firms in Kenya.

Serianu (2018): Africa Cyber Security Report-Kenya.

Solutions, A. S. (2018). Educational. Retrieved March, 5th 2024 from https://www.un.org/sustainabledevelopment/education/.

Statista, (2020): Cyber Crime & Security.

Tsuen-Ho, H., Yi-Sheng, W., & Su-Chan, W. (2006). Using the decomposed theory of planned behavior to analyse consumer behavioral intention towards mobile text message coupons. Journal of Targeting, Measurement & Analysis for Marketing, 14(4), 309-324.

Waithaka, S. W. (2016). Factors affecting cyber security in national government ministries in Kenya (Doctoral dissertation, University of Nairobi).

Wambalaba, F., Musuva, P., Ouma, M. J., & Nicos, K. (2021). Cybersecurity Risks and National Policy Implications-East African Experiences.

Ye, F., & Qian, Y. (2017, December). A security architecture for networked internet of things devices. In GLOBECOM 2017-2017 IEEE Global Communications Conference (pp. 1-6). IEEE.