Business Commons^™

Cybersecurity Maturity Model Certification (Cmmc) Compliance For Dod Contractors, Sierra Burnett

Cybersecurity Undergraduate Research Showcase

The DoD is currently taking a supply-chain risk management strategy to foster cybersecurity. This unique strategy is often referred to as CMMC which stands for “Cybersecurity Maturity Model Certification”. The approach requires that all the 300,000 DoD contractors acquire third-party authentication that may attain the requirements for the CMMC maturity level suitable to the work they desire to do for the DoD. CMMC typically examines the organization's capability to safeguard Federal Contract Information as well as CUI. It integrates various cybersecurity standards already in place and plots the best practices alongside processes to five maturity levels that range from the …

Emotional Analysis Of Learning Cybersecurity With Games Using Iot, Maria Valero, Md Jobair Hossain, Shahriar Sobhan

KSU Proceedings on Cybersecurity Education, Research and Practice

The constant rise of cyber-attacks poses an increasing demand for more qualified people with cybersecurity knowledge. Games have emerged as a well-fitted technology to engage users in learning processes. In this paper, we analyze the emotional parameters of people while learning cybersecurity through computer games. The data are gathered using a non-invasive Brain-Computer Interface (BCI) to study the signals directly from the users’ brains. We analyze six performance metrics (engagement, focus, excitement, stress, relaxation, and interest) of 12 users while playing computer games to measure the effectiveness of the games to attract the attention of the participants. Results show participants …

Resilience Vs. Prevention. Which Is The Better Cybersecurity Practice?, Frank Katz

KSU Proceedings on Cybersecurity Education, Research and Practice

Students in multiple cohorts of our 3000 level Fundamentals of Information Systems Security course were given a discussion question where they had to either agree or disagree with the premise that given all the constant threats to our systems, we should dedicate more of our efforts to quickly repairing the damage of an attack rather than dedicate more of our time and energies to preventing such attacks. They were required to give their reasoning and provide sources to back up their analysis of his comment.

This paper will describe and explain the concept of cyber resiliency. It will then evaluate …

Warshipping: Hacking The Mailroom, Jackson Szwast, Bryson Payne

KSU Proceedings on Cybersecurity Education, Research and Practice

Everyone knows what package shipping is, but not everyone knows what warshipping is. Corporate mailrooms are rarely considered as part of the cybersecurity attack surface of most organizations, but they offer physical access to millions of uninspected packages daily. UPS shipped 5.5 billion items last year, with their daily average being 21.9 million items and operating through 1,800 locations in 2020. FedEx shipped 6.5 million packages daily and operates 2,150 locations. The United States Postal Service delivered 143 billion pieces of mail in 2019. Increasingly the world’s consumers are relying on e-commerce, and during the recent COVID-19 pandemic, package deliveries …

Towards Assessing Password Workarounds And Perceived Risk To Data Breaches For Organizational Cybersecurity Risk Management Taxonomy, Michael J. Rooney, Yair Levy, Wei Li, Ajoy Kumar

KSU Proceedings on Cybersecurity Education, Research and Practice

Cybersecurity involves a broad range of techniques, including cyber-physical, managerial, and technical, while authentication provides a layer of protection for Information Systems (IS) against data breaches. The recent COVID-19 pandemic brought a tsunami of data breach incidents worldwide. Authentication serves as a mechanism for IS against unauthorized access utilizing various defense techniques, with the most popular and frequently used technique being passwords. However, the dramatic increase of user accounts over the past few decades has exposed the realization that technological measures alone cannot ensure high level of IS security; this leaves the end-users holding a critical role in protecting their …

Analyzing Robotics Software Vulnerabilities, Hossain Shahriar, Md Jobair Hossain Faruk, Shahriar Sobhan, Mohammad Nazim

KSU Proceedings on Cybersecurity Education, Research and Practice

Robots are widely used in our day-to-day life in various domains. For example, eldercare robots, such as CareO-Bots [1]are used to perform household tasks and provide mobility assistance [2]. Amazon uses manufacturing robots to accomplish manufacturing labor activities, such as welding and assembling equipment [2]. According to the International Data Corporation, spending on robotics is expected to reach USD 241.4 billion by the end of 2023 [4].

However, malicious users can exploit security vulnerabilities in hardware and software components of robotics systems to conduct security attacks and cause malfunction, i.e., deviate robots from their expected behaviors. Security attacks on robots …

A Taxonomy Of Cyberattacks Against Critical Infrastructure, Miloslava Plachkinova, Ace Vo

KSU Proceedings on Cybersecurity Education, Research and Practice

The current study proposes a taxonomy to organize existing knowledge on cybercrimes against critical infrastructure such as power plants, water treatment facilities, dams, and nuclear facilities. Routine Activity Theory is used to inform a three-dimensional taxonomy with the following dimensions: hacker motivation (likely offender), cyber, physical, and cyber-physical components of any cyber-physical system (suitable target), and security (capable guardian). The focus of the study is to develop and evaluate the classification tool using Design Science Research (DSR) methodology. Publicly available data was used to evaluate the utility and usability of the proposed artifact by exploring three possible scenarios – Stuxnet, …

10th International Conference On Business, Technology And Innovation 2021, University For Business And Technology - Ubt

UBT International Conference

Welcome to IC – UBT 2021

UBT Annual International Conference is the 10th international interdisciplinary peer reviewed conference which publishes works of the scientists as well as practitioners in the area where UBT is active in Education, Research and Development. The UBT aims to implement an integrated strategy to establish itself as an internationally competitive, research-intensive university, committed to the transfer of knowledge and the provision of a world-class education to the most talented students from all background. The main perspective of the conference is to connect the scientists and practitioners from different disciplines in the same place and make …

Finding Similar Stocks By Detecting Cliques In Market Graphs, Sudhashree Sayenju

Symposium of Student Scholars

The stock market provides an abundant source of data. However, when the amount of raw data becomes overwhelming it grows increasingly difficult to know how the stocks interact with each other. Stock data visualization as a market graph serves as one of the most popular way of summarizing important information. When modelling the data as a graph, vertices correspond to stocks and edges correspond to strong correlation in their pricing in a certain period of time. This project presents a technique to find stocks that behave very similarly. Such information helps investors make decisions on which stocks to purchase next. …

Market Research: How To Keep And Gain Customers, Chris Mccall

Symposium of Student Scholars

Customer-centered market research is essential to the creation and management of successful marketing campaigns. A company that understands their customers will be able to provide those customers with products and services that fit their needs better than the competition, and ultimately increase profits. My research focuses on a database containing customer information for a telecommunications company called Telco. Within this research, I will focus on a number of customer attributes including demographics, services provided, payment methods, contract lengths, monthly charges, and tenure with the company. Considering how these attributes relate to one another will give me a better understanding of …

The Right To Repair: (Re)Building A Better Future, Jumana Labib

Undergraduate Student Research Internships Conference

The goal of this research project was to take a multi-faceted, interdisciplinary approach to research and examine the Right to Repair movement’s progress, current repair practices, impediments, and imperatives, and the various large-scale implications (environmental, economic, social, etc.) stemming from diminished consumer freedom as a result of increased corporate greed and lack of governmental regulations with regards to repair and the environment. This poster exhibits the highlights of my general research project on the Right to Repair movement over the course of this four month internship, and aims to disseminate information about the movement to the wider public in an …

Ronald E. Mcnair Scholars Program Profiles And Abstracts 2021, Mcnair Scholars Program

McNair Symposium

This is the complete event program and provides presentation abstracts and biographies of McNair scholars and their mentors.

Session 3: Access To Financial Services - The Promise (And Challenges) Of Fintech, Joseph M. Vincent, Chris Adams, Lucinda Fazio, Roberta Hollinshead, Sumit Mallick, Sands Mckinley, Jonice Gray Tucker, Tonita Webb

SITIE Symposiums

For many Americans, the American Dream is a dream deferred. Recently, there has been an explosion in demand for diversity, equity, and inclusion in financial services. This has coincided with an explosion of a different kind related to delivering financial services through innovations in technology, otherwise known as FinTech. We have seen a plethora of FinTech applications on our smartphones, ranging from online lending to remote deposit making. While these applications provide potential opportunities to level the playing field for those whose dream has been deferred, there remain challenges.

Session 1: Access To Legal Services - The Role Of Innovation And Technology, Steven Bender, Stacy Butler, Anna Carpenter, Michael Cherry, Sands Mckinley, Kimball Dean Parker, Miguel Willis

SITIE Symposiums

This expert panel is addressing access to justice problems. People without access to lawyers and legal services suffer in many ways not limited to divorce, domestic violence, and educational roadblocks. This panel will ask what lawyers can do to help, in what ways can technology help or replace lawyers in the delivery of legal and non-legal services. It will also explore different legal services being offered by individuals who do not have a JD, online firms, and developing technology in a law firm owed subsidiary. There are six panelists who are broken into two categories: (1) the innovation and delivery …

Opening Session, Annette Clark, Steven Bender

SITIE Symposiums

This year's conference focuses on the social good, highlighting three access barriers fundamental in law and society - access to legal services (and more generally, justice), access to health and health care during the COVID-19 pandemic, and access to financial services for the unbanked or underbanked.

"Inclusive Inquiry." 14th Annual Research Week: Event Proceedings, University Of The Incarnate Word

Research Week Archived Proceedings

Presentations of completed and ongoing research activity conducted by graduate and undergraduate students and faculty at University of the Incarnate Word. Coordinated and presented by the Office of Research and Graduate Studies.

Tourism And Sustainability: Tourism, Economics And Policy, Eshal Arooj, Hijab Bano

CBER Conference

The main purpose of this research was to examine the relationship between tourism and economic development in Pakistan. After using multiple secondary resources the conclusion to be drawn is that Tourism and Economic development are positively correlated meaning that if we work on our potential in tourism industry; Pakistan can witness huge change in its economic development and growth.

Creating An Organization To Support Sfa’S Women Employees, Heather K. Olson Beal, Sarah Sanchez, Lauren Brewer, Amanda Rudolph

Diversity Conference

The purpose of this session is two-fold. First, we wish to introduce the SFA OWLE (Organization for Women’s Leadership and Equity), the newly created professional women’s organization, to interested members of our campus community. Second, we wish to share experiences that we believe are relevant to others on our campus, in our community, and at other institutions, who might seek to create organizations through which to advocate for the unique needs of their marginalized or underrepresented group. To that end, this session will include a panel of female employees at SFA who have worked for more than a year to …

Leverage Psychological Factors Associated With Lapses In Cybersecurity In Organizational Management, Chad Holm

Cybersecurity Undergraduate Research Showcase

With computers being a standard part of life now with the evolution of the internet, many aspects of our lives have changed, and new ways of thinking must come. One of the biggest challenges in most cyber security problems is not related to the software or the hardware; it is the people that are using the computers to access the data and communicate with others, where the hackers could simply find a weak entry point that naturally exists and a weak link caused by human hands. The human factor as an “insider threat” will affect unauthorized access, credentials stealing, and …