Library and Information Science Commons^™

Predicting The Pebcak: A Quantitative Analysis Of How Cybersecurity Education, Literacy, And Awareness Affect Individual Preparedness., Annie Goodman

Theses/Capstones/Creative Projects

This essay explores the relationship between individuals' cybersecurity education, literacy, awareness, and preparedness. While cybersecurity is often associated with complex hacking scenarios, the majority of data breaches and cyber-attacks result from individuals inadvertently falling prey to phishing emails and malware. The lack of standardized education and training in cybersecurity, coupled with the rapid expansion of technology diversity, raises concerns about individuals' cybersecurity preparedness. As individuals are the first line of defense and the weakest link in cybersecurity, understanding the influence of education, literacy, and awareness on their adherence to best practices is crucial. This work aims to survey a diverse …

Analyzing Small Business Strategies To Prevent External Cybersecurity Threats, Dr. Kevin E. Moore

Walden Dissertations and Doctoral Studies

Some small businesses’ cybersecurity analysts lack strategies to prevent their organizations from compromising personally identifiable information (PII) via external cybersecurity threats. Small business leaders are concerned, as they are the most targeted critical infrastructures in the United States and are a vital part of the economic system as data breaches threaten the viability of these organizations. Grounded in routine activity theory, the purpose of this pragmatic qualitative inquiry was to explore strategies small business organizations utilize to prevent external cybersecurity threats. The participants were nine cybersecurity analysts who utilized strategies to defend small businesses from external threats. Data were collected …

Analyzing Small Business Strategies To Prevent External Cybersecurity Threats, Dr. Kevin E. Moore

Walden Dissertations and Doctoral Studies

Some small businesses’ cybersecurity analysts lack strategies to prevent their organizations from compromising personally identifiable information (PII) via external cybersecurity threats. Small business leaders are concerned, as they are the most targeted critical infrastructures in the United States and are a vital part of the economic system as data breaches threaten the viability of these organizations. Grounded in routine activity theory, the purpose of this pragmatic qualitative inquiry was to explore strategies small business organizations utilize to prevent external cybersecurity threats. The participants were nine cybersecurity analysts who utilized strategies to defend small businesses from external threats. Data were collected …

A Universal Cybersecurity Competency Framework For Organizational Users, Patricia A. Baker

CCE Theses and Dissertations

The global reliance on the Internet to facilitate organizational operations necessitates further investments in organizational information security. Such investments hold the potential for protecting information assets from cybercriminals. To assist organizations with their information security, The National Initiative for Cybersecurity Education (NICE) Cybersecurity Workforce Framework (NCWF) was created. The framework referenced the cybersecurity work, knowledge, and skills required to competently complete the tasks that strengthen their information security. Organizational users’ limited cybersecurity competency contributes to the financial and information losses suffered by organizations year after year. While most organizational users may be able to respond positively to a cybersecurity threat, …

Self-Protection In Cyberspace: Assessing The Processual Relationship Between Thoughtfully Reflective Decision Making, Protection Motivation Theory, Cyber Hygiene, And Victimization, C. Jordan Howell

USF Tampa Graduate Theses and Dissertations

The current study, using structural equation modeling, assesses the processual relationship between thoughtfully reflective decision making (TRDM), theoretical constructs derived from protection motivation theory (PMT), cyber hygiene, and online victimization to determine the cognitive decision-making process that leads to the adoption of online self-protective behaviors, which reduces the occurrence of victimization experiences. Findings, derived from a general sample of Internet users in the United States, reveal: (1) engagement in cyber hygiene practices, as a form of target hardening, decreases Internet users’ experiences with online victimization; (2) thoughtfully reflective decision makers, in the face of cyber threats, develop higher threat appraisals …

Human Errors In Data Breaches: An Exploratory Configurational Analysis, Gabriel A. Cornejo

CCE Theses and Dissertations

Information Systems (IS) are critical for employee productivity and organizational success. Data breaches are on the rise—with thousands of data breaches accounting for billions of records breached and annual global cybersecurity costs projected to reach $10.5 trillion by 2025. A data breach is the unauthorized disclosure of sensitive information—and can be achieved intentionally or unintentionally. Significant causes of data breaches are hacking and human error; in some estimates, human error accounted for about a quarter of all data breaches in 2018. Furthermore, the significance of human error on data breaches is largely underrepresented, as hackers often capitalize on organizational users’ …

Digital Identity: A Human-Centered Risk Awareness Study, Toufic N. Chebib

USF Tampa Graduate Theses and Dissertations

Cybersecurity threats and compromises have been at the epicenter of media attention; their risk and effect on people’s digital identity is something not to be taken lightly. Though cyber threats have affected a great number of people in all age groups, this study focuses on 55 to 75-year-olds, as this age group is close to retirement or already retired. Therefore, a notable compromise impacting their digital identity can have a major impact on their life.

To help guide this study, the following research question was formulated, “What are the risk perceptions of individuals, between the ages of 55 and 75 …

Strategies Used To Mitigate Social Engineering Attacks, Lindiwe T. Hove

Walden Dissertations and Doctoral Studies

Cybercriminal activity performed widely through social engineering attacks is estimated to be one of the substantial challenges the world will face over the next 20 years. Cybercriminal activity is important to chief information security officers (CISOs) because these attacks represent the largest transfer of economic wealth in history and pose risks to the incentives for organizational innovation and investment and eventually become more profitable than the global trade of all major illegal drugs combined. Grounded in the balanced control theory, the purpose of this multiple case study was to explore strategies CISOs use to mitigate social engineering attacks within their …

Effective Strategies Small Business Leaders Use To Address Ransomware, William Jason Tuttle

Walden Dissertations and Doctoral Studies

Small business leaders face a wide range of cybersecurity threats. Ransomware is a specific cybersecurity threat that cybercriminals can use to deny small business leaders’ access to data in exchange for a ransom payment. Grounded in routine activity conceptual framework, the purpose of this qualitative multiple case study was to explore effective strategies small business leaders use to address ransomware. Data were collected from 5 leaders of small businesses in the southeast region of the United States. Data sources included interviews and archival documents. Data were analyzed using Yin’s 5 step process. The analysis revealed 3 primary themes: ransomware strategy, …