Understanding Sociotechnical Factors Impacting Cybersecurity Controls on Mobile Devices and Smartphones at the Individual Level

Gadi, Abdullah Mohamed Y.

05 1900

Technological advances such as mobile technology, big data, and machine learning allow businesses to associate advertisements with consumer behaviors to maximize sales. Thus, information about consumer behavior became the central resource of businesses. Recent discussions and concerns about the emerging economic order centered around capturing consumers' data suggest that more research efforts be allocated to address new challenges in different domains, such as health, education, smart cities, and communication. Research on individual cybersecurity behavior is relatively new and requires more attention in academic research. This study has proposed and validated a cybersecurity behavioral model to enrich our understanding of users' behavioral intention (BI) to use cybersecurity controls. An online survey was used to collect information from University of North Texas (UNT) students to explore various technology usage determinants and specific computer security practices. The instrument measured the actual cybersecurity controls behaviors (ACB) by incorporating technical and social factors. Accordingly, the construct of ACB was created and validated to test how it relates to the participants' behavioral intentions. The findings confirm a large number of the proposed relationships. Additionally, the results show that the model explained a significant amount of variance in the proposed dependent variables BI and ACB. Within the context of information control behavior, the relationships between the study's constructs suggest adequate generalizability and robustness of the study's theoretical framework.

Cybersecurity awareness

Information behavior

mobile information systems

Information Science

Towards an aligned South African National Cybersecurity Policy Framework

Chigada, Joel

22 August 2023

This thesis measured and aligned factors that contribute to the misalignment of the South African National Cybersecurity Policy Framework (SA-NCPF). The exponential growth rate of cyber-attacks and threats has caused more headaches for cybersecurity experts, law enforcement agents, organisations and the global business economy. The emergence of the global Corona Virus Disease-2019 has also contributed to the growth of cyber-attacks and threats thus, requiring concerted efforts from everyone in society to devise appropriate interventions that mitigate unacceptable user behaviour in the reality of cyberspace. In this study, various theories were identified and pooled together into an integrative theoretical framework to provide a better understanding of various aspects of the law-making process more comprehensively. The study identified nine influencing factors that contributed to misalignment of the South African National Cybersecurity Policy Framework. These influencing factors interact with each other continuously producing complex relationships, therefore, it is difficult to measure the degree of influence of each factor, hence the need to look at and measure the relationships as Gestalts. Gestalts view individual interactions between pairs of constructs only as a part of the overall pattern. Therefore, the integrative theoretical framework and Gestalts approach were used to develop a conceptual framework to measure the degree of alignment of influencing factors. This study proposed that the stronger the coherence among the influencing factors, the more aligned the South African National Security Policy Framework. The more coherent the SA-NCPF is perceived, the greater would be the degree of alignment of the country's cybersecurity framework to national, regional and global cyberlaws. Respondents that perceived a strong coherence among the elements also perceived an effective SA-NCPF. Empirically, this proposition was tested using nine constructs. Quantitative data was gathered from respondents using a survey. A major contribution of this study was that it was the first attempt in South Africa to measure the alignment of the SA-NCPF using the Gestalts approach as an effective approach for measuring complex relationships. The study developed the integrative theoretical framework which integrates various theories that helped to understand and explain the South African law making process. The study also made a significant methodological contribution by adopting the Cluster-based perspective to distinguish, describe and predict the degree of alignment of the SA-NCPF. There is a dearth of information that suggests that past studies have adopted or attempted to address the challenge of alignment of the SA-NCPF using the cluster-based and Gestalts perspectives. Practical implications from the study include a review of the law-making process, skills development strategy, a paradigm shift to address the global Covid-19 pandemic and sophisticated cybercrimes simultaneously. The study asserted the importance of establishing an independent cybersecurity board comprising courts, legal, cybersecurity experts, academics and law-makers to provide cybersecurity expertise and advice. From the research findings, government and practitioners can draw lessons to review the NCPF to ensure the country develops an effective national cybersecurity strategy. Limitations and recommendations for future research conclude the discussions of this study.

Alignment

Cybercrime

Cyberlaws

Cybersecurity

Information Systems Security

National Cybersecurity Policy Framework

CYBERSECURITY LEADERSHIP COMPETENCIES IN RESPONSE MODE

Zaniewski, Michael

January 2023

Due to the sophistication of cyber threats, organizations need to be defended on a strategic level, leading to the emergence of the cybersecurity leader role. However, the necessary competencies required for successful response are not fully understood due to the unique demands of the role. To bridge this gap, it is crucial to explore how these competencies manifest in practice. Data were collected through interviews and open ended surveys of cybersecurity leaders, which were analyzed using the method of thematic analysis. Four key themes related to necessary competencies were identified: one on knowledge, two on skills, and one on attitudes. The study found that cybersecurity leaders emphasize the importance of having knowledge about the organizational architecture, skills to simplify incident handling procedures, and the ability to convince management to invest in better incident preparedness. They also highlighted the need for a supportive and approachable environment to facilitate optimal cybersecurity incident handling.

Cybersecurity Leadership

Competencies

Response Mode

Cybersecurity

Information Systems

Ranking Social Engineering Attack Vectors in The Healthcare and Public Health Sector

Gaurav Sachdev (14563787)

06 February 2023

<p>The National Institute of Standards and Technology defines social engineering as an attack vector that deceives an individual into divulging confidential information or performing unwanted actions. Different methods of social engineering include phishing, pretexting, tailgating, baiting, vishing, SMSishing, and quid pro quo. These attacks can have devastating effects, especially in the healthcare sector, where there are budgetary and time constraints. To address these issues, this study aimed to use cybersecurity experts to identify the most important social engineering attacks to the healthcare sector and rank the underlying factors in terms of cost, success rate, and data breach. By creating a ranking that can be updated constantly, organizations can provide more effective training to users and reduce the overall risk of a successful attack. This study identified phishing attacks via email, voice and SMS to be the most important to defend against primarily due to the number of attacks. Baiting and quid pro quo consistently ranked as lower in priority and ranking.</p>

Social Engineering

Phishing attacks

Healthcare and Public Health

cybersecurity

A Behavioural Compliance Framework for Effective Cybersecurity Governance and Practice

Onumo, Aristotle O.

January 2020

Although behavioural security constructs have received extensive scholarly attention, the unpredictability of human behaviour has continued to add to the complexity of deploying effective countermeasures. Cross-cultural behavioural approach aimed at improving security compliance and practice have equally remained under-researched, a gap in literature this thesis addresses. This thesis argues that in order to establish a sound and efficient organisational security practice, it is necessary to integrate the various interdisciplinary component in a socio-cultural context. The goal of the thesis, therefore, is to examine the role of culture in cybersecurity development and organisational security practice. The study first used a group comparism approach, classification and examination of archival data from International Telecommunication Union (ITU), International Organisation of Standards (ISO), and Hofstede cultural score and further deployed structural equation modelling (SEM) to analyse data from a case study of 122 employees from three public sector information technology organisation in Nigeria. Drawing evidence from the case studies, an emergent conceptual model was developed from the traditional human behaviour and organisational security practice. The model contribute to information security management by by identifying organisational triggers related to cultural and cognitive dynamics in information security practice. The model was developed by combining three theoretical frameworks. The out- come of the case studies demonstrates that accountability to specific security practice is a product of integrated management of employee cognitive and cultural dynamics and by dimensionalising organisational culture, the individual capacity to respond to emerging security threats also evolved, while targeted security programs to enhance the efficiency of organisational security practice is achieved. This research, by exposing the underlying institutional drivers and ideational dynamics on individual security behaviour contribute to theory building of behavioural security research within organisational context. The research reports on the theory of integration as a demonstration of explanatory flexibility not normally associated with behaviour security models thereby providing a sound theoretical and ideational support for incorporating different theoretical frameworks into a single model. This is an original endeavour and s such makes a number of contribution to the scholarship. The findings in this research have implications for policymakers and practitioners by elevating the importance of cultural and cognitive dynamics by enhancing operational clarity in organisational security practice and presenting opportunity to develop a creative and robust solution to the challenge of organisational security in line with cultural peculiarities.

Organisational security practice

Structural equation modeling

Cybersecurity

Organisational culture

Cybersecurity compliance

Developing a modified total interpretive structural model (M-TISM) for organizational strategic cybersecurity management

Rajan, R., Rana, Nripendra P., Parameswar, N., Dhir, S., Sushil, Dwivedi, Y.K.

06 May 2021

yes / Cybersecurity is a serious issue that many organizations face these days. Therefore, cybersecurity management is very important for any organization. Organizations should learn to deal with these cyber threats through effective management across all business functions. The main purpose of this study is to identify the factors that affect cybersecurity within an organization and analyze relationships among these factors. The modified total interpretive structural modeling (M-TISM) technique is used to build a hierarchical model and define the common interactions between the factors. This study presents the impact of collaboration, training, resources and capabilities, information flow, technology awareness, and technological infrastructure on effective cybersecurity management. In addition, the study also explains the interrelationships among the identified factors in the M-TISM model.

Cybersecurity

Strategy

M-TISM

Organizations

Strategic cybersecurity management

Exploring Cyber Ranges in Cybersecurity Education

Beauchamp, Cheryl Lynn

01 April 2022

According to a report from McAfee, the global cost of cybercrime for 2020 was over one trillion dollars (Smith, Z. et al., 2020). Cybersecurity breaches and attacks have not only cost businesses and organizations millions of dollars but have also threatened national security and critical infrastructure. Examples include the Ransomware attack in May of 2021 on the largest fuel pipeline in the United States and the February 2021 remote access system breach of a Florida water treatment facility which raised sodium hydroxide to a lethal level. Improving cybersecurity requires a skilled workforce with relevant knowledge and skills. Academic degree programs, boot camps, and various certification programs provide education and training to assist this need. Cyber ranges are a more recent development to provide hands-on skill training. These ranges, often virtual, provide a safe and accessible environment to improve practical skills and experience through hands-on application. They provide a training environment to identify threats, apply countermeasures, and secure data from risks separately from the organization's actual network. More and more academic programs utilize cyber ranges due to the perceived benefit of integrating them into their cybersecurity-related programs. Academic cyber ranges offer virtualized environments that support cybersecurity educators' needs to provide students with a safe, separated, and engaging environment. The purpose of my research has two components: 1) to understand who the educators are using academic-facing cyber ranges and how they are using them to support their cybersecurity education efforts, and 2) to understand how cybersecurity educators and students are motivated by using them. Specifically, my research is comprised of three manuscripts: (1) a mixed-method exploratory study of who are the educators using cyber ranges for cybersecurity education and how they are using them to create significant cybersecurity learning experiences, (2) a mixed-method study exploring the motivation of educators using a cyber range for cybersecurity education, and (3) a mixed-method study exploring student motivation participating in cybersecurity CTF competitions. The three manuscripts contribute to understanding cyber ranges in cybersecurity education. The results from my research provided insight from the users of these cyber ranges, cybersecurity educators and students. Results from my first manuscript suggested that high school cybersecurity educators are the primary users. These educators have less formal cybersecurity education and experience compared to cybersecurity educators in higher education. The data also showed that cybersecurity educators primarily used cyber ranges for teaching and learning to meet learning goals and objectives. Results from my second manuscript suggested that educators were motivated mainly by the importance of using a cyber range for cybersecurity education and for the interest-enjoyment their students experience from cyber range usage. Educators found using the cyber range made their class more engaging and relevant to their students.These educators were also confident they could use a cyber range and learn how to use it. However, those without prior experience in cybersecurity or previous experience using a cyber range shared they needed instructor-facing resources, professional development opportunities, and time to learn. Results from my third manuscript suggested that students were motivated by the importance of participating in a cybersecurity CTF competition. Many reported that participating was useful for developing professional skills and readiness. Although CTF competitions were considered difficult and stressful, students did not consider the difficulty pejorative. Many shared that challenging CTFs contributed towards the enjoyment of participating, making them a rewarding and worthwhile experience. However, students also shared that academic and team support contributed towards their confidence in competing. In contrast, those who did not report confidence, stated they lacked a team strategy or support from their academic institution. Additionally, they did not know what to expect to prepare before the competition event. Overall, the results of this dissertation highlight the importance of prior preparation for educators and student CTF participants. For educators, this prior preparation includes curriculum supporting resources such as content mapping to learning objectives and professional development opportunities that do not assume any prior knowledge or experience. For students, prior preparation includes understanding what to expect and recommendations for academic and team support. / Doctor of Philosophy / The technology era has enabled a global connectedness to attend conferences and meetings via our laptop computers while working from home. The proliferation of smart devices has also provided a means to view and communicate with visitors who ring our smart doorbells while we are not home. This interconnected network, i.e., the Internet, has altered how we pay our bills, buy our groceries, and attend classes virtually. It has also enabled cyber attacks and breaches that have contributed to identity thefts, increasing financial costs, business collapses, job losses, and even threatened national security. A cybersecurity workforce has become increasingly vital to address the need for improving cybersecurity. Thus, there is a need for academic cybersecurity programs to prepare future professionals to fill this national workforce shortfall. Consequently, more and more organizations have integrated cyber ranges as the means to provide a simulated environment for applying and developing cybersecurity-related knowledge and skills. Similar to a driving range for a golfer to practice their golf swing or a shooting range for those in law enforcement to earn their firearms qualifications, a cyber range supports efforts to provide cybersecurity training with hands-on exercises and labs to practice skills in a safe, virtual environment. My research contributes to understanding who uses cyber ranges and how they are motivated to use them for cybersecurity education. The first purpose of my research was to understand the educators who were using cyber ranges and how they were using them for cybersecurity education. More specifically, I examined their usage for alignment with a learning taxonomy to verify the usage contributed to successful and significant student learning. This understanding contributed to my research's second purpose, which explored how educators were motivated using cyber ranges. The third purpose of my study explored student motivation using a cyber range. Due to varying cyber range resources and activities, my research focused on the cybersecurity competition activity, Capture the Flag (CTF). This study provided an understanding of how students who participated in a cybersecurity CTF competition were motivated. My research demonstrates that educators and students are interested in using cyber ranges and believe using them for cybersecurity education and professional readiness is important. However, both educators and students who lack prior knowledge or experience using a cyber range or participating in a CTF shared the concern of not knowing what they do not know. PD time and instructor-facing resources that do not assume any prior cybersecurity knowledge were recommended to support educators who did not have a background or experience in cybersecurity. Students shared that although not knowing was stressful and made participating difficult, the difficulty and stress were good attributes because if the CTF were easy, it wouldn't be worth their time and would be less rewarding. Students also reported that team strategies and academic support were motivational aspects of CTF participation. Overall, educators and students were motivated using cyber ranges for cybersecurity education, but professional development and preparation resources would contribute positively to their usage.

cybersecurity education

cyber ranges

significant learning experiences

cybersecurity CTF competition

Securing Cyberspace: Analyzing Cybercriminal Communities through Web and Text Mining Perspectives

Benjamin, Victor

January 2016

Cybersecurity has become one of the most pressing issues facing society today. In particular, cybercriminals often congregate within online communities to exchange knowledge and assets. As a result, there has been a strong interest in recent years in developing a deeper understanding on cybercriminal behaviors, the global cybercriminal supply chain, emerging threats, and various other cybersecurity-related activities. However, few works in recent years have focused on identifying, collecting, and analyzing cybercriminal contents. Despite the high societal impact of cybercriminal community research, only a few studies have leveraged these rich data sources in their totality, and those that do often resort to manual data collection and analysis techniques. In this dissertation, I address two broad research questions: 1) In what ways can I advance cybersecurity as a science by scrutinizing the contents of online cybercriminal communities? and 2) How can I make use of computational methodologies to identify, collect, and analyze cybercriminal communities in an automated and scalable manner? To these ends, the dissertation comprises four essays. The first essay introduces a set of computational methodologies and research guidelines for conducting cybercriminal community research. To this point, there has been no literature establishing a clear route for non-technical and non-security researchers to begin studying such communities. The second essay examines possible motives for prolonged participation by individuals within cybercriminal communities. The third essay develops new neural network language model (NNLM) capabilities and applies them to cybercriminal community data in order to understand hacker-specific language evolution and to identify emerging threats. The last essay focuses on developing a NNLM-based framework for identifying information dissemination among varying international cybercriminal populations by examining multilingual cybercriminal forums. These essays help further establish cybersecurity as a science.

Cybersecurity

Forums

Text mining

Web mining

Management

Cybercriminal

Low overhead methods for improving education capacity and outcomes in computer science

Bell, Richard Scott

January 1900

Doctor of Philosophy / Department of Computing and Information Sciences / Eugene Vasserman / Computer science departments face numerous challenges. Enrollment over the past 15 years reached an all-time high, endured a rapid decline and is now experiencing a just as rapid rebound. Meanwhile, demand for graduates continues to grow at an incredible rate. This is especially true in specialized sub-fields such as cybersecurity, where employers are constantly working to keep up with changing technology and new threats emerging on a daily basis. My research consists of two main objectives. The rst is gauging the ability of pre-service teachers from non-STEM areas of study to introduce and utilize computing concepts in a classroom setting. The second goal is to develop an assessment tool that enables improvements in quality of education for students within cybersecurity courses. Currently, few K-12 school districts in the United States o er stand-alone courses in computer science. My work shows that pre-service teachers in non-STEM areas are capable of effectively introducing basic concepts to students using modern software development tools while exploring content within their own areas of expertise. Survey results indicate that student interest and self-efficacy increased when they were taught by these pre-service teachers. I also found that with only 2 hours of experience, pre-service teachers enrolled in an education technology course showed dramatic increases in interest and confidence related to using this technology. These two findings demonstrate that there are potential ways to increase interest in computing among a broad student population at the K-12 level without changing core curriculum requirements. Even when students choose to enter computer science departments, a large number do not remain within the program. The second portion of my research focuses on developing an assessment tool for measuring student interest and self-efficacy in cybersecurity courses. Using information gleaned from a series of interviews with cybersecurity students, I developed, and performed the initial testing of, a survey instrument which measures these 2 values. Initial results show that the survey responses were very different between a group of introductory programming students and those enrolled in a cybersecurity course and that general trends in both self-efficacy and interest among theses differing student populations can be observed

Computer science

K-12 education

Cybersecurity

Assessment

Computer Science (0984)

Assessing the Role of User Computer Self-Efficacy, Cybersecurity Countermeasures Awareness, and Cybersecurity Skills toward Computer Misuse Intention at Government Agencies

Choi, Min Suk

01 January 2013

Cybersecurity threats and vulnerabilities are causing substantial financial losses for governments and organizations all over the world. Cybersecurity criminals are stealing more than one billion dollars from banks every year by exploiting vulnerabilities caused by bank users' computer misuse. Cybersecurity breaches are threatening the common welfare of citizens since more and more terrorists are using cyberterrorism to target critical infrastructures (e.g., transportation, telecommunications, power, nuclear plants, water supply, banking) to coerce the targeted government and its people to accomplish their political objectives. Cyberwar is another major concern that nations around the world are struggling to get ready to fight. It has been found that intentional and unintentional users' misuse of information systems (IS) resources represents about 50% to 75% of cybersecurity threats and vulnerabilities to organizations. Computer Crime and Security Survey revealed that nearly 60% of security breaches occurred from inside the organization by users. Computer users are one of the weakest links in the information systems security chain, because users seem to have very limited or no knowledge of user computer self-efficacy (CSE), cybersecurity countermeasures awareness (CCA), and cybersecurity skills (CS). Users' CSE, CCA, and CS play an important role in users' computer misuse intention (CMI). CMI can be categorized as unauthorized access, use, disruption, modification, disclosure, inspection, recording, or destruction of information system data. This dissertation used a survey to empirically assess users' CSE, CCA, CS, and computer misuse intention (CMI) at government agencies. This study used Partial Least Square (PLS) technique to measure the fit of a theoretical model that includes seven independent latent variables (CSE, UAS-P, UAS-T, UAC-M, CCS, CIS, & CAS) and their influences on the dependent variable CMI. Also, PLS was used to examine if the six control variables (age, gender, job function, education level, length of working in the organization, & military status such as veteran) had any significant impact on CMI. This study included data collected from 185 employees of a local and state transportation agency from a large metropolitan in the northeastern United States. Participants received an email invitation to take the Web-based survey. PLS was used to test the four research hypotheses. The results of the PLS model showed that UAC-M and CIS were significant contributors (p

Awareness

Cybersecurity

Security

Self-Efficacy

Skill

User

Computer Sciences