Databases and Information Systems Commons^™

Employees Breaking Bad With Technology: An Exploratory Analysis Of Human Factors That Drive Cyberspace Insider Threats, Marcus L. Green

USF Tampa Graduate Theses and Dissertations

As implementation of computer systems has continued to grow in business contexts, employee-driven cyberspace infractions have also grown in number. Employee cyberspace behaviors have continued to have detrimental effects on company computer systems. Actions that violate company cybersecurity policies can be either malicious or unmalicious. Solutions, by and large, have been electronic and centered on hardware and software. Those proposing solutions have begun to shift their focus to human risk vulnerabilities.

This study was novel in that its focus was identification of individual, cultural, and technological risk factors that drive cyberspace insider threat activities. Identifying factors that reduce insider threat …

Design And Development Of Techniques To Ensure Integrity In Fog Computing Based Databases, Abdulwahab Fahad S. Alazeb

Graduate Theses and Dissertations

The advancement of information technology in coming years will bring significant changes to the way sensitive data is processed. But the volume of generated data is rapidly growing worldwide. Technologies such as cloud computing, fog computing, and the Internet of things (IoT) will offer business service providers and consumers opportunities to obtain effective and efficient services as well as enhance their experiences and services; increased availability and higher-quality services via real-time data processing augment the potential for technology to add value to everyday experiences. This improves human life quality and easiness. As promising as these technological innovations, they are prone …

Network-Based Detection And Prevention System Against Dns-Based Attacks, Yasir Faraj Mohammed

Graduate Theses and Dissertations

Individuals and organizations rely on the Internet as an essential environment for personal or business transactions. However, individuals and organizations have been primary targets for attacks that steal sensitive data. Adversaries can use different approaches to hide their activities inside the compromised network and communicate covertly between the malicious servers and the victims. The domain name system (DNS) protocol is one of these approaches that adversaries use to transfer stolen data outside the organization's network using various forms of DNS tunneling attacks. The main reason for targeting the DNS protocol is because DNS is available in almost every network, ignored, …

A Framework To Detect The Susceptibility Of Employees To Social Engineering Attacks, Hashim H. Alneami

Doctoral Dissertations and Master's Theses

Social engineering attacks (SE-attacks) in enterprises are hastily growing and are becoming increasingly sophisticated. Generally, SE-attacks involve the psychological manipulation of employees into revealing confidential and valuable company data to cybercriminals. The ramifications could bring devastating financial and irreparable reputation loss to the companies. Because SE-attacks involve a human element, preventing these attacks can be tricky and challenging and has become a topic of interest for many researchers and security experts. While methods exist for detecting SE-attacks, our literature review of existing methods identified many crucial factors such as the national cultural, organizational, and personality traits of employees that enable …

Pause For A Cybersecurity Cause: Assessing The Influence Of A Waiting Period On User Habituation In Mitigation Of Phishing Attacks, Amy Antonucci

CCE Theses and Dissertations

Social engineering costs organizations billions of dollars a year. Social engineering exploits the weakest link of information security systems, the people who are using them. Phishing is a form of social engineering in which the perpetrator depends on the victim’s instinctual thinking towards an email designed to create a fear or excitement response. It is well-documented in literature that users continue to click on phishing emails costing them and their employers significant monetary resources and data loss. Training does not appear to mitigate the effects of phishing much; other solutions are necessary to mitigate phishing.

Kahneman introduced the concepts of …

Cyberattacks Strategy For Nonprofit Organizations, Yawo Obimpe Kondo

Walden Dissertations and Doctoral Studies

Information system security managers (ISSM) in nonprofits face increased cyberattack cases because nonprofits often use basic technology to save on costs. Nonprofit owners and managers need solutions to secure their data from cyberattacks. Grounded in the general systems theory, the purpose of this qualitative multiple case study was to explore strategies ISSMs at nonprofit organizations employ to protect against cyberattacks. Participants included five IT managers and directors of information technology in charge of security management in nonprofit organizations in Maryland, the District of Columbia, and Virginia. Data was generated through interviews and reviews of archival documents. The data analysis technique …

User Awareness And Knowledge Of Cybersecurity And The Impact Of Training In The Commonwealth Of Dominica, Jermaine Jewel Jean-Pierre

Walden Dissertations and Doctoral Studies

The frequency of cyberattacks against governments has increased at an alarming rate and the lack of user awareness and knowledge of cybersecurity has been considered a contributing factor to the increase in cyberattacks and cyberthreats. The purpose of this quantitative experimental study was to explore the role and effectiveness of employee training focused on user awareness of cyberattacks and cybersecurity, with the intent to close the gap in understanding about the level of awareness of cybersecurity within the public sector of the Commonwealth of Dominica. The theoretical framework was Bandura’s social cognitive theory, following the idea that learning occurs in …

Strategies For Implementing Internet Of Things Devices In Manufacturing Environments, Todd Efrain Hernandez

Walden Dissertations and Doctoral Studies

The Internet of Things (IoT) has been exploited as a threat vector for cyberattacks in manufacturing environments. Manufacturing industry leaders are concerned with cyberattacks because of the associated costs of damages and lost production for their organizations. Grounded in the general systems theory, the purpose of this multiple case study was to explore strategies electrical controls engineers use to implement secure IoT devices in manufacturing environments. The study participants were eight electrical controls engineers working in three separate manufacturing facilities located in the Midwest region of the United States. The data were collected by semistructured interviews and 15 organizational documents. …