Cybersecurity of information systems at the National Archives and Records Service of South Africa

  • Ntandoyenkosi Sinqobile Moyana Independent Institute of Education
  • Kabelo Given Chuma University of South Africa


In today's computerised world, cybersecurity attacks have become a major headache with detrimental effects on cultural institutions including libraries, archives, and museums around the world. The exponential growth in the use of Information and Communication Technology (ICT) and advances in digitalisation have increased the complexity of cybersecurity attacks and threats. Archival repositories face greater exposure to cybersecurity threats and attacks due to increasing digitalisation. In South Africa, a growing number of cultural heritage institutions such as archival repositories and libraries are under constant attack by cybersecurity threats and attacks to disrupt systems, networks, and services offered to the citizens. Cybersecurity could serve as the wall keeping malicious actors from attacking these institutions. This qualitative study sought to explore cybersecurity of information systems at the National Archives and Records Service of South Africa (NARSSA) in Pretoria. Data were collected through semi-structured interviews that were tape-recorded and analysed using a thematic analysis and NVivo 12 software package. The findings of this study revealed that the NARSSA is under severe attack from phishing attacks, computer viruses and worms, Trojan horses, password attacks, and Denial of Service attacks. The results further showed that Microsoft firewall, audit train, strong user password and anti-virus software were put in place to mitigate cybersecurity attacks and threats. The NARSSA should achieve a strong cyber resilience security posture to protect computer systems against cyber-attacks. It is concluded that the NARSSA needs to invest heavily in a security awareness program to continually train staff on how to identify and respond appropriately to the growing range of cyber security threats and defend against attacks such as phishing attacks, social engineering attacks, ransomware attacks, and malware attacks.
Research Articles