“…Among the threats, are unauthorised access to the information system, software and maintenance errors, human and natural disasters, manipulation of data, espionage, loss of support services, wrong data entry, vandalism and theft, terrorism, user error, earthquakes, loss of electricity supply, information leakage, all of which have affected many sectors, including the CI. The vulnerabilities include cybersecurity negligence on the physical (hardware, employee), internet and software level such as inadequate control of physical access, lack of backup system, uncontrolled use of information, non-protection of hardware, unmotivated, lack of workers training, uncontrolled download from the internet among others (Sultanate of Oman Information Technology Authority, 2017; Cains et al, 2021;Talha et al, 2019;Tanga et al, 2022a;Zhao, 2023;Erfani et al, 2023). All these can be cured via the installation of a DM process.…”