Information Security Commons^™

Virtue Ethics: Examining Influences On The Ethical Commitment Of Information System Workers In Trusted Positions, John Max Gray

CCE Theses and Dissertations

Despite an abundance of research on the problem of insider threats, only limited success has been achieved in preventing trusted insiders from committing security violations. Virtue ethics may be an approach that can be utilized to address this issue. Human factors such as moral considerations impact Information System (IS) design, use, and security; consequently they affect the security posture and culture of an organization. Virtue ethics based concepts have the potential to influence and align the moral values and behavior of information systems workers with those of an organization in order to provide increased protection of IS assets. An individual’s …

Incremental Sparse-Pca Feature Extraction For Data Streams, Jean-Pierre Nziga

CCE Theses and Dissertations

Intruders attempt to penetrate commercial systems daily and cause considerable financial losses for individuals and organizations. Intrusion detection systems monitor network events to detect computer security threats. An extensive amount of network data is devoted to detecting malicious activities.

Storing, processing, and analyzing the massive volume of data is costly and indicate the need to find efficient methods to perform network data reduction that does not require the data to be first captured and stored. A better approach allows the extraction of useful variables from data streams in real time and in a single pass. The removal of irrelevant attributes …

Designing An Effective Information Security Policy For Exceptional Situations In An Organization: An Experimental Study, George S. Antoniou

CCE Theses and Dissertations

An increasing number of researchers are recognizing the importance of the role played by employees in maintaining the effectiveness of an information security policy. Currently, little research exists to validate the relationship between the actions (behaviors) taken by employees in response to exceptional situations (antecedents) regarding an organization’s information security policy, the impact (consequences) those actions have on an organization, and the motives that prompt those actions. When these exceptional situations occur, employees may feel compelled to engage in behaviors that violate the terms of an information security policy because strict compliance with the policy could cause the organization to …

Identifying Key Determinants Of Service Provider Effectiveness And The Impact It Has On Outsourced Security Success, James B. Lewis

CCE Theses and Dissertations

The purpose of this research was to identify key determinants of service provider effectiveness and how it impacts outsourced security success. As environments have become more robust and dynamic, many organizations have made the decision to leverage external security expertise and have outsourced many of their information technology security functions to Managed Security Service Providers (MSSPs).

Information Systems Outsourcing, at its core, is when a customer chooses to outsource certain information technology functions or services to a service provider and engages in a legally binding agreement. While legal contracts govern many aspects of an outsourcing arrangement, it cannot serve as …