Business Commons^™

How State Universities Are Addressing The Shortage Of Cybersecurity Professionals In The United States, Gary Harris

Journal of Cybersecurity Education, Research and Practice

Cybersecurity threats have been a serious and growing problem for decades. In addition, a severe shortage of cybersecurity professionals has been proliferating for nearly as long. These problems exist in the United States and globally and are well documented in literature. This study examined what state universities are doing to help address the shortage of cybersecurity professionals since higher education institutions are a primary source to the workforce pipeline. It is suggested that the number of cybersecurity professionals entering the workforce is related to the number of available programs. Thus increasing the number of programs will increase the number of …

Leveraging Propagation Delay For Wormhole Detection In Wireless Networks, Harry May, Travis Atkison

Journal of Cybersecurity Education, Research and Practice

Detecting and mitigating wormhole attacks in wireless networks remains a critical challenge due to their deceptive nature and potential to compromise network integrity. This paper proposes a novel approach to wormhole detection by leveraging propagation delay analysis between network nodes. Unlike traditional methods that rely on signature-based detection or specialized hardware, our method focuses on analyzing propagation delay timings to identify anomalous behavior indicative of wormhole attacks. The proposed methodology involves collecting propagation delay data in both normal network scenarios and scenarios with inserted malicious wormhole nodes. By comparing these delay timings, our approach aims to differentiate between legitimate network …

The Impact Of Managerial Myopia On Cybersecurity: Evidence From Data Breaches, Wen Chen, Xing Li, Haibin Wu, Liandong Zhang

Research Collection School Of Accountancy

Using a sample of U.S. firms for the period 2005–2017, we provide evidence that managerial myopic actions contribute to corporate cybersecurity risk. Specifically, we show that abnormal cuts in discretionary expenditures, our proxy for managerial myopia, are positively associated with the likelihood of data breaches. The association is largely driven by firms that appear to cut discretionary expenditures to meet short-term earnings targets. In addition, the association is stronger for firms with greater short-term equity incentives, higher earnings response coefficients, low levels of institutional block ownership, or large market shares. Finally, firms appear to increase discretionary expenditures upon the announcement …

Using Gamification To Enhance Mastery Of Network Security Concepts, Kevin Hilliard, Xiaohong Yuan, Kelvin Bryant, Jinsheng Xu, Jinghua Zhang

Journal of Cybersecurity Education, Research and Practice

Gamification has proven to be effective in engaging and encouraging people to work towards and achieve goals. Many students struggle to focus on schoolwork, due to a lack of interest, lack of understanding, or other factors unique to the student. Applying gamification elements to education can help engage these students in learning their course material and help them excel academically. This study examines the effectiveness of using gamification techniques to enhance the learning experience in college Computer Science courses. A video game application is utilized to review and reinforce cybersecurity concepts that students have already been taught in class. Previous …

Development Of Cyber Security Platform For Experiential Learning, Abhishek Vaish, Ravindra Kumar, Samo Bobek, Simona Sternad

Journal of Cybersecurity Education, Research and Practice

The cyber security education market has grown-up exponentially, with a CAGR of 13.9 % as reported by Data Intelo. The report published by the World Economic Fo- rum 2023 indicates a shortfall of 2.27 million cyber security experts in 2021 across different roles and hence manifest that Skill-based cyber security education is the need of the hour. Cybersecurity as a field has evolved as a multi-discipline, multi-stakeholder and multi-role discipline. Therefore, the need to address formal education with an outcome-based philosophy is imperative to address for a wider audience with varied past training in their formal education. With the Internet …

An Alternative Approach To Data Carving Portable Document Format (Pdf) Files, Kevin Hughes, Michael Black

Journal of Cybersecurity Education, Research and Practice

Traditional data carving relies on the successful identification of headers and trailers, unique hexadecimal signatures which are exclusive to specific file types. This can present a challenge for digital forensics examiners when pitted against modern anti-forensics techniques. The interest of this study is file signature obfuscation, a technique which alters headers and trailers. This research will focus on the development of a new, proof-of-concept algorithm that analyzes content in segments based on unique elements found within the body of a file. The file type being targeted is the Portable Document Format (PDF) and this research is built upon previously successful …

Examining Outcomes Of Privacy Risk And Brand Trust On The Adoption Of Consumer Smart Devices, Marianne C. Loes

<strong> Theses and Dissertations </strong>

With more connected devices on earth than there are people, Internet of Things (IoT) is arguably just as innovative as the original introduction of the Internet. Though much of the research on technology acceptance and adoption has been conducted in organizational settings, the consumer use of IoT technologies, such as smart devices, is becoming a fertile field of research. The merger of these research streams is especially relevant from a societal perspective as smart devices become more embedded in consumer’s daily lives, particularly with the introduction of the “meta verse.” While original technology acceptance research is limited to two system-specific …

Comparing Cognitive Theories Of Learning Transfer To Advance Cybersecurity Instruction, Assessment, And Testing, Daniel T. Hickey Ph.D., Ronald J. Kantor

Journal of Cybersecurity Education, Research and Practice

The cybersecurity threat landscape evolves quickly, continually, and consequentially. This means that the transfer of cybersecurity learning is crucial. We compared how different recognized “cognitive” transfer theories might help explain and synergize three aspects of cybersecurity education. These include teaching and training in diverse settings, assessing learning formatively & summatively, and testing & measuring achievement, proficiency, & readiness. We excluded newer sociocultural theories and their implications for inclusion as we explore those theories elsewhere. We first summarized the history of cybersecurity education and proficiency standards considering transfer theories. We then explored each theory and reviewed the most relevant cybersecurity education …

Blockchain Applications In Higher Education Based On The Nist Cybersecurity Framework, Brady Lund Ph.D.

Journal of Cybersecurity Education, Research and Practice

This paper investigates the integration of blockchain technology into core systems within institutions of higher education, utilizing the National Institute of Standards and Technology’s (NIST) Cybersecurity Framework as a guiding framework. It supplies definitions of key terminology including blockchain, consensus mechanisms, decentralized identity, and smart contracts, and examines the application of secure blockchain across various educational functions such as enrollment management, degree auditing, and award processing. Each facet of the NIST Framework is utilized to explore the integration of blockchain technology and address persistent security concerns. The paper contributes to the literature by defining blockchain technology applications and opportunities within …

Improving Belonging And Connectedness In The Cybersecurity Workforce: From College To The Profession, Mary Beth Klinger

Journal of Cybersecurity Education, Research and Practice

This article explores the results of a project aimed at supporting community college students in their academic pursuit of an Associate of Applied Science (AAS) degree in Cybersecurity through mentorship, collaboration, skill preparation, and other activities and touch points to increase students’ sense of belonging and connectedness in the cybersecurity profession. The goal of the project was focused on developing diverse, educated, and skilled cybersecurity personnel for employment within local industry and government to help curtail the current regional cybersecurity workforce gap that is emblematic of the lack of qualified cybersecurity personnel that presently exists nationwide. Emphasis throughout the project …

University Of Johannesburg Institutional Repository Cybersecurity Output: 2015-2021 Interdisciplinary Study, Mancha J. Sekgololo

Journal of Cybersecurity Education, Research and Practice

This study examines cybersecurity awareness in universities by analyzing related research output across different disciplines at the University of Johannesburg. The diffusion of innovation theory is used in this study as a theoretical framework to explain how cybersecurity awareness diffuses across disciplines. The University of Johannesburg Institutional Repository database was the data source for this study. Variations in cybersecurity keyword searches and topic modeling techniques were used to identify the frequency and distribution of research output across different disciplines. The study reveals that cybersecurity awareness has diffused across various disciplines, including non-computer science disciplines such as business, accounting, and social …

Privacy Principles And Harms: Balancing Protection And Innovation, Samuel Aiello

Journal of Cybersecurity Education, Research and Practice

In today's digitally connected world, privacy has transformed from a fundamental human right into a multifaceted challenge. As technology enables the seamless exchange of information, the need to protect personal data has grown exponentially. Privacy has emerged as a critical concern in the digital age, as technological advancements continue to reshape how personal information is collected, stored, and utilized. This paper delves into the fundamental principles of privacy and explores the potential harm that can arise from the mishandling of personal data. It emphasizes the delicate balance between safeguarding individuals' privacy rights and fostering innovation in a data-driven society. By …

Board Of Directors Role In Data Privacy Governance: Making The Transition From Compliance Driven To Good Business Stewardship, David Warner, Lisa Mckee

Journal of Cybersecurity Education, Research and Practice

Data collection, use, leveraging, and sharing as a business practice and advantage has proliferated over the past decade. Along with this proliferation of data collection is the increase in regulatory activity which continues to morph exponentially around the globe. Adding to this complexity are the increasing business disruptions, productivity and revenue losses, settlements, fines, and penalties which can amount to over $15 million, with many penalties now being ascribed to the organization’s leadership, to include the Board of Directors (BoD), the CEO and members of the senior leadership team (SLT). Thus, boards of directors can no longer ignore and in …

Towards Assessing Cybersecurity Posture Of Manufacturing Companies: Review And Recommendations, John Del Vecchio, Yair Levy, Ling Wang, Ajoy Kumar

KSU Proceedings on Cybersecurity Education, Research and Practice

With the continued changes in the way businesses work, cyber-attack targets are in a constant state of flux between organizations, individuals, as well as various aspects of the supply chain of interconnected goods and services. As one of the 16 critical infrastructure sectors, the manufacturing sector is known for complex integrated Information Systems (ISs) that are incorporated heavily into production operations. Many of these ISs are procured and supported by third parties, also referred to as interconnected entities in the supply chain. Disruptions to manufacturing companies would not only have significant financial losses but would also have economic and safety …

Quantum Computing: Computing Of The Future Made Reality, Janelle Mathis

KSU Proceedings on Cybersecurity Education, Research and Practice

Abstract—Quantum computing is an emerging new area focused on technology consisting of quantum theory aspects such as electrons, sub-atomic particles, and other materials engineered using quantum mechanics. Through quantum mechanics, these computers can solve problems that classical computers deem too complex. Today the closest computing technology compared to quantum computers are supercomputers, but similarly to classical computers, supercomputers also have faults. With supercomputers, when a problem is deemed too complex, it is due to the classical machinery components within the computer, thus causing a halt in solving the task or problem. In contrast, these problems could be solved with a …

Rfid Key Fobs In Vehicles: Unmasking Vulnerabilities & Strengthening Security, Devon Magda, Bryson R. Payne

KSU Proceedings on Cybersecurity Education, Research and Practice

No abstract provided.

The Impact Of Individual Techno-Characteristics On Information Privacy Concerns In The Diffusion Of Mobile Contact Tracing, Jiesen Lin, Dapeng Liu, Lemuria Carter

KSU Proceedings on Cybersecurity Education, Research and Practice

In the wake of the global health crisis, mobile contact tracing applications have emerged as important tools in managing disease spread. However, their effectiveness heavily relies on mass adoption, significantly influenced by the public's information privacy concerns. To date, systematic examination of how these privacy concerns relate to the innovation adopter categories in mobile contact tracing remains sparse. Furthermore, the influence of individual techno-characteristics on these concerns is to be explored. This research seeks to fill these gaps. Drawing on the diffusion of innovation theory, we examine the impact of the key techno-characteristics—adopter category, propensity for identification misrepresentation, and exposure …

Exploring Information Privacy Concerns During The Covid-19 Pandemic: A Juxtaposition Of Three Models, Dapeng Liu, Lemuria Carter, Jiesen Lin

KSU Proceedings on Cybersecurity Education, Research and Practice

Government agencies across the globe utilize mobile applications to interact with constituents. In response to the global pandemic, several nations have employed contact tracing services to manage the spread of COVID-19. Extent literature includes various models that explore information privacy. Several researchers have highlighted the need to compare the effectiveness of diverse information privacy models. To fill this gap, we explore the impact of information privacy concerns on citizens’ willingness to download a federal contact tracing app. In particular, we compare three types of prevalent information privacy concerns: global information privacy concerns (GIPC), concern for information privacy (CFIP), and internet …

How Increased Ransomware Attacks Have Impacted Hospitals In The United States, Mackenzie Dotson

Theses, Dissertations and Capstones

Introduction: The healthcare industry, particularly hospitals, have fallen prey to the alarming rise of ransomware attacks. In recent years, highly sophisticated cybergroups, armed with substantial funds and advanced technology, have intensified their focus on hospitals. Despite the advice against it, most hospitals have paid the ransom in order to regain access to their electronic systems and patient data, underlining the severity of these attacks.

Purpose of the Study: The purpose of this research was to evaluate the effects of ransomware attacks on hospitals in the US to determine if the patients were at risk due to hackers withholding patient information …

Applications Of Ai/Ml In Maritime Cyber Supply Chains, Rafael Diaz, Ricardo Ungo, Katie Smith, Lida Haghnegahdar, Bikash Singh, Tran Phuong

School of Cybersecurity Faculty Publications

Digital transformation is a new trend that describes enterprise efforts in transitioning manual and likely outdated processes and activities to digital formats dominated by the extensive use of Industry 4.0 elements, including the pervasive use of cyber-physical systems to increase efficiency, reduce waste, and increase responsiveness. A new domain that intersects supply chain management and cybersecurity emerges as many processes as possible of the enterprise require the convergence and synchronizing of resources and information flows in data-driven environments to support planning and execution activities. Protecting the information becomes imperative as big data flows must be parsed and translated into actions …

A Review Of Hybrid Cyber Threats Modelling And Detection Using Artificial Intelligence In Iiot, Yifan Liu, Shancang Li, Xinheng Wang, Li Xu

Information Technology & Decision Sciences Faculty Publications

The Industrial Internet of Things (IIoT) has brought numerous benefits, such as improved efficiency, smart analytics, and increased automation. However, it also exposes connected devices, users, applications, and data generated to cyber security threats that need to be addressed. This work investigates hybrid cyber threats (HCTs), which are now working on an entirely new level with the increasingly adopted IIoT. This work focuses on emerging methods to model, detect, and defend against hybrid cyber attacks using machine learning (ML) techniques. Specifically, a novel ML-based HCT modelling and analysis framework was proposed, in which regularisation and Random Forest …

Sscm: A Secured Approach To Supply Chain Management Using Blowfish Optimization, Shitharth Selvarajan, Hariprasath Manoharan, Alaa O. Khadidos, Achyut Shankar, Adil O. Khadidos, Wattana Viriyasitavat, Li Da Xu

Information Technology & Decision Sciences Faculty Publications

This study examines the importance of enterprise information systems that link several corporate organisations to share information about diverse products under high security settings. The primary goal of the proposed strategy is to create a direct link between product demand and production to minimise the impact of rising costs. The research motive to make a connection cannot be resolved without suitable data that shows both quantity and quality in each organisation unit. The suggested method is designed to deliver accurate data to authorised end users while preventing any data exposure to unauthorised users. Security cryptographic keys are utilised to create …

Data Science In Finance: Challenges And Opportunities, Xianrong Zheng, Elizabeth Gildea, Sheng Chai, Tongxiao Zhang, Shuxi Wang

Information Technology & Decision Sciences Faculty Publications

Data science has become increasingly popular due to emerging technologies, including generative AI, big data, deep learning, etc. It can provide insights from data that are hard to determine from a human perspective. Data science in finance helps to provide more personal and safer experiences for customers and develop cutting-edge solutions for a company. This paper surveys the challenges and opportunities in applying data science to finance. It provides a state-of-the-art review of financial technologies, algorithmic trading, and fraud detection. Also, the paper identifies two research topics. One is how to use generative AI in algorithmic trading. The other is …

Expanding Australia's Defence Capabilities For Technological Asymmetric Advantage In Information, Cyber And Space In The Context Of Accelerating Regional Military Modernisation: A Systemic Design Approach, Pi-Shen Seet, Anton Klarin, Janice Jones, Michael N. Johnstone, Violetta Wilk, Stephanie Meek, Summer O'Brien

Research outputs 2022 to 2026

Introduction. The aim of the project was to conduct a systemic design study to evaluate Australia'sopportunities and barriers for achieving a technological advantage in light of regional military technological advancement. It focussed on the three domains of (1) cybersecurity technology, (2) information technology, and (3) space technology.

Research process. Employing a systemic design approach, the study first leveraged scientometric analysis, utilising informetric mapping software (VOSviewer) to evaluate emerging trends and their implications on defence capabilities. This approach facilitated a broader understanding of the interdisciplinary nature of defence technologies, identifying key areas for further exploration. The subsequent survey study, engaging 828 …

Reducing Food Scarcity: The Benefits Of Urban Farming, S.A. Claudell, Emilio Mejia

Journal of Nonprofit Innovation

Urban farming can enhance the lives of communities and help reduce food scarcity. This paper presents a conceptual prototype of an efficient urban farming community that can be scaled for a single apartment building or an entire community across all global geoeconomics regions, including densely populated cities and rural, developing towns and communities. When deployed in coordination with smart crop choices, local farm support, and efficient transportation then the result isn’t just sustainability, but also increasing fresh produce accessibility, optimizing nutritional value, eliminating the use of ‘forever chemicals’, reducing transportation costs, and fostering global environmental benefits.

Imagine Doris, who is …

Turnstile File Transfer: A Unidirectional System For Medium-Security Isolated Clusters, Mark Monnin, Lori L. Sussman

Journal of Cybersecurity Education, Research and Practice

Data transfer between isolated clusters is imperative for cybersecurity education, research, and testing. Such techniques facilitate hands-on cybersecurity learning in isolated clusters, allow cybersecurity students to practice with various hacking tools, and develop professional cybersecurity technical skills. Educators often use these remote learning environments for research as well. Researchers and students use these isolated environments to test sophisticated hardware, software, and procedures using full-fledged operating systems, networks, and applications. Virus and malware researchers may wish to release suspected malicious software in a controlled environment to observe their behavior better or gain the information needed to assist their reverse engineering processes. …

How Chatgpt Can Be Used As A Defense Mechanism For Cyber Attacks, Michelle Ayaim

Cybersecurity Undergraduate Research Showcase

The powers of OpenAI's groundbreaking AI language model, ChatGPT, startled millions of users when it was released in November. But for many, the tool's ability to further accomplish the goals of evil actors swiftly replaced their initial excitement with significant concerns. ChatGPT gives malicious actors additional ways to possibly compromise sophisticated cybersecurity software. Leaders in a sector that is currently suffering from a 38% global spike in data breaches in 2022 must acknowledge the rising influence of AI and take appropriate action. Cybercriminals are writing more complex and focused business email compromise (BEC) and other phishing emails with the assistance …

Preparing Uk Students For The Workplace: The Acceptability Of A Gamified Cybersecurity Training, Oliver J. Mason, Siobhan Collman, Stella Kazamia, Ioana Boureanu

Journal of Cybersecurity Education, Research and Practice

This pilot study aims to assess the acceptability of Open University’s training platform called Gamified Intelligent Cyber Aptitude and Skills Training course (GICAST), as a means of improving cybersecurity knowledge, attitudes, and behaviours in undergraduate students using both quantitative and qualitative methods. A mixed-methods, pre-post experimental design was employed. 43 self-selected participants were recruited via an online register and posters at the university (excluding IT related courses). Participants completed the Human Aspects of Information Security Questionnaire (HAIS-Q) and Fear of Missing Out (FoMO) Scale. They then completed all games and quizzes in the GICAST course before repeating the HAIS-Q and …

Integrity, Confidentiality, And Equity: Using Inquiry-Based Labs To Help Students Understand Ai And Cybersecurity, Richard C. Alexander, Liran Ma, Ze-Li Dou, Zhipeng Cai, Yan Huang

Journal of Cybersecurity Education, Research and Practice

Recent advances in Artificial Intelligence (AI) have brought society closer to the long-held dream of creating machines to help with both common and complex tasks and functions. From recommending movies to detecting disease in its earliest stages, AI has become an aspect of daily life many people accept without scrutiny. Despite its functionality and promise, AI has inherent security risks that users should understand and programmers must be trained to address. The ICE (integrity, confidentiality, and equity) cybersecurity labs developed by a team of cybersecurity researchers addresses these vulnerabilities to AI models through a series of hands-on, inquiry-based labs. Through …

Building A Diverse Cybersecurity Workforce: A Study On Attracting Learners With Varied Educational Backgrounds, Mubashrah Saddiqa, Kristian Helmer Kjær Larsen1 Helmer Kjær Larsen, Robert Nedergaard Nielsen, Jens Myrup Pedersen

Journal of Cybersecurity Education, Research and Practice

Cybersecurity has traditionally been perceived as a highly technical field, centered around hacking, programming, and network defense. However, this article contends that the scope of cybersecurity must transcend its technical confines to embrace a more inclusive approach. By incorporating various concepts such as privacy, data sharing, and ethics, cybersecurity can foster diversity among audiences with varying educational backgrounds, thereby cultivating a richer and more resilient security landscape. A more diverse cybersecurity workforce can provide a broader range of perspectives, experiences, and skills to address the complex and ever-evolving threats of the digital age. The research focuses on enhancing cybersecurity education …