Open Access. Powered by Scholars. Published by Universities.®
- Keyword
-
- Editorial (2)
- Accessibility (1)
- Awareness (1)
- Bloom’s Taxonomy (1)
- Conference program (1)
-
- Critical Infrastructure (1)
- Cryptography (1)
- Curriculum (1)
- Cyber security (1)
- Cybersecurity Abilities (1)
- Cybersecurity Competency (1)
- Cybersecurity KSAs (1)
- Cybersecurity Knowledge (1)
- Cybersecurity Skills (1)
- Cybersecurity education (1)
- Delphi (1)
- Digital forensics (1)
- Education (1)
- Egovernment (1)
- Enigma (1)
- Human resource professionals (1)
- Hygiene (1)
- Industrial Control Systems (1)
- Information security (1)
- Information security awareness (1)
- Information security behavior; information security compliance; work system design; information security program; data breach; case study (1)
- Information security education (1)
- Information security toolkit (1)
- Interdisciplinary (1)
- Malware (1)
- Publication
- Publication Type
Articles 1 - 19 of 19
Full-Text Articles in Business
Synergistic Security: A Work System Case Study Of The Target Breach, Martha Nanette Harrell
Synergistic Security: A Work System Case Study Of The Target Breach, Martha Nanette Harrell
Journal of Cybersecurity Education, Research and Practice
Recent publicized security breaches can be used to evaluate information security programs. The processes and procedures that allowed the event to occur can be examined in a case study and then be used to find methods for future mitigation of risk. The Target security breach is used in this study to examine the organization’s information security program using a macro-ergonomic model. This research posits that an information security program should consider the work system design, based in macro-ergonomics, to help mitigate information security risk to the organization and ensure an efficient and effective information security program. Based on a seminal …
A Developmental Study On Assessing The Cybersecurity Competency Of Organizational Information System Users, Richard K. Nilsen, Yair Levy, Steven R. Terrell Ph.D., Dawn Beyer
A Developmental Study On Assessing The Cybersecurity Competency Of Organizational Information System Users, Richard K. Nilsen, Yair Levy, Steven R. Terrell Ph.D., Dawn Beyer
Journal of Cybersecurity Education, Research and Practice
Organizational information system users (OISUs) that are open to cyber threats vectors are contributing to major financial and information losses for individuals, businesses, and governments. Moreover, technical cybersecurity controls may be rendered useless due to a lack of cybersecurity competency of OISUs. The main goal of this research study was to propose and validate, using subject matter experts (SMEs), a reliable hands-on assessment prototype tool for measuring the knowledge, skills, and abilities (KSAs) that comprise the cybersecurity competency of an OISU. Primarily using the Delphi methodology, this study implemented four phases of data collection using cybersecurity SMEs for proposing and …
Social Media Risk Perceptions Of Human Resource Professionals: Issues Undergraduate Students Should Consider, Julio C. Rivera, Jack Howard, Samuel Goh, James L. Worrell, Paul Di Gangi
Social Media Risk Perceptions Of Human Resource Professionals: Issues Undergraduate Students Should Consider, Julio C. Rivera, Jack Howard, Samuel Goh, James L. Worrell, Paul Di Gangi
Journal of Cybersecurity Education, Research and Practice
This study contrasts the social media risk perceptions of undergraduate students, versus those of certified Human Resource professionals. Social media is widely used by most segments of the population, and particularly among the age group that includes most undergraduate students. Organizations hiring employees are increasingly examining job applicant's social media postings as part of the applicant screening process. In this study we examine how these groups differ in their perceptions of the risks inherent in using social media, and what these differences may mean for students seeking employment. Recommendations are made for raising undergraduate student awareness of these risks.
A Toolkit Approach To Information Security Awareness And Education, Peter Korovessis, Steven Furnell, Maria Papadaki, Paul Haskell-Dowland
A Toolkit Approach To Information Security Awareness And Education, Peter Korovessis, Steven Furnell, Maria Papadaki, Paul Haskell-Dowland
Journal of Cybersecurity Education, Research and Practice
In today’s business environment where all operations are enabled by technology, information security has become an established discipline as more and more businesses realize its value. The human component has been recognized to have an important role in information security since the only way to reduce security risks is through making employees more information security aware. Towards this goal the research will appreciate the importance of information security awareness by illustrating the need for more effective user training. Further to that it proposes and develops an information security toolkit as a prototype awareness raising initiative. Apart from the elements of …
From The Editors, Herbert J. Mattord, Michael E. Whitman, Carole L. Hollingsworth
From The Editors, Herbert J. Mattord, Michael E. Whitman, Carole L. Hollingsworth
Journal of Cybersecurity Education, Research and Practice
No abstract provided.
Towards A Development Of A Social Engineering Exposure Index (Sexi) Using Publicly Available Personal Information, W. Shawn Wilkerson, Yair Levy, James Richard Kiper, Martha Snyder
Towards A Development Of A Social Engineering Exposure Index (Sexi) Using Publicly Available Personal Information, W. Shawn Wilkerson, Yair Levy, James Richard Kiper, Martha Snyder
KSU Proceedings on Cybersecurity Education, Research and Practice
Millions of people willingly expose their lives via Internet technologies every day, and even those who stay off the Internet find themselves exposed through data breaches. Trillions of private information records flow through the Internet. Marketers gather personal preferences to coerce shopping behavior, while providers gather personal information to provide enhanced services. Few users have considered where their information is going or who has access to it. Even fewer are aware of how decisions made in their own lives expose significant pieces of information, which can be used to harm the very organizations they are affiliated with by cyber attackers. …
A Comparison Of Personal Social Media Risk Perceptions Between Undergraduate Students And Human Resource Professionals, Julio C. Rivera, Jack Howard, Samuel Goh, James Worrell, Paul Di Gangi
A Comparison Of Personal Social Media Risk Perceptions Between Undergraduate Students And Human Resource Professionals, Julio C. Rivera, Jack Howard, Samuel Goh, James Worrell, Paul Di Gangi
KSU Proceedings on Cybersecurity Education, Research and Practice
This study contrasts the social media risk perceptions of undergraduate students, versus those of certified Human Resource professionals. Social media is widely used by most segments of the population, and particularly among the age group that includes most undergraduate students. Organizations hiring employees are increasingly examining job applicant's social media postings as part of the applicant screening process. In this study we examine how these groups differ in their perceptions of the risks inherent in using social media, and what these differences may mean for students seeking employment. Recommendations are made for raising undergraduate student awareness of these risks.
Experiments With Applying Artificial Immune System In Network Attack Detection, Alexis Cooper
Experiments With Applying Artificial Immune System In Network Attack Detection, Alexis Cooper
KSU Proceedings on Cybersecurity Education, Research and Practice
The assurance of security within a network is difficult due to the variations of attacks. This research conducts various experiments to implement an Artificial Immune System based Intrusion Detection System to identify intrusions using the Negative Selection Algorithm. This research explores the implementation of an Artificial Immune System opposed to the industry standard of machine learning. Various experiments were conducted to identify a method to separate data to avoid false-positive results. The use of an Artificial Immune System requires a self and nonself classification to determine if an intrusion is present within the network. The results of an Artificial Immune …
A Developmental Study On Assessing The Cybersecurity Competency Of Organizational Information System Users, Richard Nilsen, Yair Levy, Steven Terrell, Dawn Beyer
A Developmental Study On Assessing The Cybersecurity Competency Of Organizational Information System Users, Richard Nilsen, Yair Levy, Steven Terrell, Dawn Beyer
KSU Proceedings on Cybersecurity Education, Research and Practice
Organizational information system users (OISUs) that are open to cyber threats vectors are contributing to major financial and information losses for individuals, businesses, and governments. Moreover, technical cybersecurity controls may be rendered useless due to a lack of cybersecurity competency of OISUs. The main goal of this research study was to propose and validate, using subject matter experts (SMEs), a reliable hands-on assessment prototype tool for measuring the knowledge, skills, and abilities (KSAs) that comprise the cybersecurity competency of an OISU. Primarily using the Delphi methodology, this study implemented four phases of data collection using cybersecurity SMEs for proposing and …
Voice Hacking Proof Of Concept: Using Smartphones To Spread Ransomware To Traditional Pcs, Leonardo I. Mazuran, Bryson R. Payne, Tamirat T. Abegaz
Voice Hacking Proof Of Concept: Using Smartphones To Spread Ransomware To Traditional Pcs, Leonardo I. Mazuran, Bryson R. Payne, Tamirat T. Abegaz
KSU Proceedings on Cybersecurity Education, Research and Practice
This paper presents a working proof of concept that demonstrates the ability to deploy a sequence of hacks, triggered by speaking a smartphone command, to launch ransomware and other destructive attacks against vulnerable Windows computers on any wireless network the phone connects to after the voice command is issued. Specifically, a spoken, broadcast, or pre-recorded voice command directs vulnerable Android smartphones or tablets to a malicious download page that compromises the Android device and uses it as a proxy to run software designed to scan the Android device’s local area network for Windows computers vulnerable to the EternalBlue exploit, spreading …
Security Device Roles, Vabrice Wilder
Security Device Roles, Vabrice Wilder
KSU Proceedings on Cybersecurity Education, Research and Practice
“An abstract of this article was published in the proceedings of the Conference on Cybersecurity Education, Research & Practice, 2017”. Communication has evolved since the beginning of mankind from smoke signals to drones to now the internet. In a world filled with technology the security of one’s device is not to be taken for granted. A series of research was done in order to gather details about network devices that can aid in the protection of one’s information while being transferred through the internet. The findings included but not limited to, switches, the seven layers of OSI, routers, firewalls, load …
"Think Before You Click. Post. Type." Lessons Learned From Our University Cyber Secuity Awareness Campaign, Rachael Innocenzi, Kaylee Brown, Peggy Liggit, Samir Tout, Andrea Tanner, Theodore Coutilish, Rocky Jenkins
"Think Before You Click. Post. Type." Lessons Learned From Our University Cyber Secuity Awareness Campaign, Rachael Innocenzi, Kaylee Brown, Peggy Liggit, Samir Tout, Andrea Tanner, Theodore Coutilish, Rocky Jenkins
KSU Proceedings on Cybersecurity Education, Research and Practice
This article discusses the lessons learned after implementing a successful university-wide cyber security campaign. The Cyber Security Awareness Committee (CyberSAC), a group comprised of diverse units across campus, collaborated together on resources, talent, people, equipment, technology, and assessment practices to meet strategic goals for cyber safety and education. The project involves assessing student learning and behavior changes after participating in a Cyber Security Password Awareness event that was run as a year-long campaign targeting undergraduate students. The results have implications for planning and implementing university-wide initiatives in the field of cyber security, and more broadly, higher education at large.
Ssetgami: Secure Software Education Through Gamification, Hector Suarez, Hooper Kincannon, Li Yang
Ssetgami: Secure Software Education Through Gamification, Hector Suarez, Hooper Kincannon, Li Yang
KSU Proceedings on Cybersecurity Education, Research and Practice
Since web browsers have become essential to accomplishing everyday tasks, developing secure web applications has become a priority in order to protect user data, corporate databases and critical infrastructure against cyber-crimes . This research presents a game-like (gamification) approach to teach key concepts and skills on how to develop secure web applications. Gamification draws on motivational models, one of psychological theories. Gamification design has great potential over traditional education where we often find students demotivated and lecturers failing to engage them in learning activities. This research created game-like learning modules to teach top vulnerabilities and countermeasures for these top vulnerabilities …
Accessibility And Usability Of Government Websites In Tanzania, Joel S. Mtebe, Aron W. Kondoro
Accessibility And Usability Of Government Websites In Tanzania, Joel S. Mtebe, Aron W. Kondoro
The African Journal of Information Systems
The government of Tanzania has been embracing information systems specifically websites in order to widen access to government services, lower administrative costs, and to increase public participation in decision making. As a result, almost every ministry, department, and agency (MDA) has developed a website of different kind. However, the majority of existing websites were developed without sufficiently considering user needs which indicates that they do have some usability and accessibility problems. This study used SortSite tool to evaluate accessibility and usability of government websites taking a sample of 22 websites. The report from the SortSite tool was then checked against …
How Much Should We Teach The Enigma Machine?, Jeffrey A. Livermore
How Much Should We Teach The Enigma Machine?, Jeffrey A. Livermore
Journal of Cybersecurity Education, Research and Practice
Developing courses and programs in Information Assurance can feel like trying to force ten pounds of flour into a five pound sack. We want to pack more into our courses than we have time to teach. As new technologies develop, we often find it necessary to drop old technologies out of the curriculum and our students miss out on the historical impacts the old technologies had. The discipline is so broad and deep that we have to carefully choose what concepts and technologies we study in depth, what we mention in passing, and what we leave out. Leaving out important …
From The Editors, Carole L. Hollingsworth, Michael E. Whitman, Herbert J. Mattord
From The Editors, Carole L. Hollingsworth, Michael E. Whitman, Herbert J. Mattord
Journal of Cybersecurity Education, Research and Practice
Welcome to the third issue of the Journal of Cybersecurity Education, Research and Practice (JCERP).
Pedagogical Resources For Industrial Control Systems Security: Design, Implementation, Conveyance, And Evaluation, Guillermo A. Francia Iii, Greg Randall, Jay Snellen
Pedagogical Resources For Industrial Control Systems Security: Design, Implementation, Conveyance, And Evaluation, Guillermo A. Francia Iii, Greg Randall, Jay Snellen
Journal of Cybersecurity Education, Research and Practice
Industrial Control Systems (ICS), which are pervasive in our nation’s critical infrastructures, are becoming increasingly at risk and vulnerable to internal and external threats. It is imperative that the future workforce be educated and trained on the security of such systems. However, it is equally important that careful and deliberate considerations must be exercised in designing and implementing the educational and training activities that pertain to ICS. To that end, we designed and implemented pedagogical materials and tools to facilitate the teaching and learning processes in the area of ICS security. In this paper, we describe those resources, the professional …
Cyber Security For Everyone: An Introductory Course For Non-Technical Majors, Marc J. Dupuis
Cyber Security For Everyone: An Introductory Course For Non-Technical Majors, Marc J. Dupuis
Journal of Cybersecurity Education, Research and Practice
In this paper, we describe the need for and development of an introductory cyber security course. The course was designed for non-technical majors with the goal of increasing cyber security hygiene for an important segment of the population—college undergraduates. While the need for degree programs that focus on educating and training individuals for occupations in the ever-growing cyber security field is critically important, the need for improved cyber security hygiene from the average everyday person is of equal importance. This paper discusses the approach used, curriculum developed, results from two runs of the course, and frames the overall structure of …
2017 - The Twenty-Second Annual Symposium Of Student Scholars
2017 - The Twenty-Second Annual Symposium Of Student Scholars
Symposium of Student Scholars Program Books
The full program book from the Twenty-second Annual Symposium of Student Scholars, held on April 20, 2017. Includes abstracts from the presentations and posters.