Breaching the gaps between policy and implementation : a study of Nepal's e-government cybersecurity policies, implementation challenges and common cyber threats | |
| Author | Thapaliya, Pramudita |
| Call Number | AIT RSPR no.IM-25-02 |
| Subject(s) | Internet in public administration--Nepal Computer security--Nepal Data protection--Nepal |
| Note | A research study submitted in partial fulfillment of the requirements for the degree of Master of Science in Information Management |
| Publisher | Asian Institute of Technology |
| Abstract | Nepal has increasingly positioned e-government systems at the center of its public sector modernization efforts, yet significant gaps remain between policy formulation and on-the-ground implementation. This study examines how effectively national cybersecurity policies, such as the ICT Policy 2015, Cybersecurity Bylaws 2077, and the Digital Nepal Framework, are being applied across public agencies, the types of cyber threats these institutions commonly face, and how Nepal's cybersecurity posture compares with Sri Lanka and Estonia. A mixed-methods design was used, combining a nationwide quantitative survey with in-depth interviews with officials from MoCIT, NITC, NCSC, NTA, and sectoral agencies. Descriptive statistics, reliability tests, non parametric analyses, and correlation matrices were triangulated with thematic coding to produce an integrated assessment. Findings show that policy implementation remains uneven, with low perceived threat detection despite recurring incidents such as phishing, ransomware, website defacement, and system downtime noted in interviews. Key implementation bottlenecks include limited budgeting, weak inter-agency coordination, dependence on external vendors, inadequate technical expertise, and the absence of standardized security audits. Comparatively, Sri Lanka demonstrates stronger institutional preparedness, while Estonia highlights the architectural and governance features of a highly mature ecosystem.Based on these insights, the study recommends strengthening budgeting and resource allocation, institutionalizing routine security audits, improving coordination mechanisms, expanding technical capacity, and reducing over-reliance on external vendors. The research contributes an empirically grounded E-Government Cybersecurity Implementation Gap Model and offers one of the most detailed evidence based assessments of Nepal's e-government cybersecurity landscape to date. |
| Year | 2025 |
| Type | Research Study Project Report (RSPR) |
| School | School of Engineering and Technology |
| Department | Department of Information and Communications Technologies (DICT) |
| Academic Program/FoS | Information Management (IM) |
| Chairperson(s) | Vatcharaporn Esichaikul (Co-chairperson);Chutiporn Anutariya (Co-chairperson) |
| Examination Committee(s) | Chaklam Silpasuwanchai;Chantri Polprasert |
| Scholarship Donor(s) | AIT Scholarship |
| Degree | Research studies project report (M. Sc.) - Asian Institute of Technology, 2025 |