Abstract

This study examined the risks faced by telecommunication companies due to cyber-attacks and threats to their critical information infrastructure. It suggests control measures to avert the vulnerabilities of such infrastructure to cyber attackers. Critical information infrastructure is important to the companies as a revenue enabler and reputation identifier. However, the infrastructure, if not well protected, can be a national security threat, affect the national economy, and disrupt societal integration and business globally. Cyber security is the protection of internet-connected systems, including hardware, software, people, and data, from cyber-attacks. Its threat exploits the increased complexity and connectivity of critical infrastructure systems. The identification of the critical information infrastructure was done through document analysis and discussion with the network technical teams. The infrastructure systems, such as devices, servers, data, database, firewall, and network, were identified in this study as vulnerable to attack. This study suggests a framework to support timely intrusion detection and for the protection of critical information infrastructure. To secure and safeguard the critical information infrastructure from inherent vulnerabilities, it is recommended that continuous monitoring of the critical infrastructure attack gates should be made part of the overall risk management of a telecommunication company, and innovations in cyber security detection and prevention should be harnessed.