An Analysis of the Impact of Information Security Policies on Computer Security Breach Incidents in Law Firms

Heikkila, Faith M.

01 January 2009

Law firms maintain and store voluminous amounts of highly confidential and proprietary data, such as attorney-client privileged information, intellectual properties, financials, trade secrets, personal, and other sensitive information. There is an ethical obligation to protect law firm client data from unauthorized access. Security breaches jeopardize the reputation of the law firm and could have a substantial financial impact if these confidential data are compromised. Information security policies describe the security goals of a law firm and the acceptable actions and uses of law firm information resources. In this dissertation investigation, the author examined the problem of whether information security policies assist with preventing unauthorized parties from accessing law firm confidential and sensitive information. In 2005, Doherty and Fulford performed an exploratory analysis of security policies and security breach incidents that highlighted the need for research with different target populations. This investigation advanced Doherty and Fulford's research by targeting information security policies and security breach incidents in law firms. The purpose of this dissertation investigation was to determine whether there is a correlation between the timing of security policy development (proactive versus reactive policy development) and the frequency and severity of security breach incidents in law firms of varying sizes. Outcomes of this investigation correlated with Doherty and Fulford's general findings of no evidence of statistically significant relationships between the existence of a written information security policy and the frequency and severity of security breach incidents within law firms. There was also a weak relationship between infrequency of information security policy updates and increase of theft resources. Results demonstrated that, generally, written information security policies in law firms were not created in response to a security breach incident. These findings suggest that information security policies generally are proactively developed by law firms. Important contributions to the body of knowledge from this analysis included the effectiveness of information security policies in reducing the number of computer security breach incidents of law firms, an under represented population, in the information assurance field. Also, the analysis showed the necessity for law firms to become more immersed in state security breach notification law requirements.

computer security breach

data breach incidents

information security policy

law firms

personally identifiable information

state security breach notification laws

Computer Sciences

Bureaucrats: The Exploration and Development of Profiles of Their Communicator Styles and Predispositions

González Alcalá, Cristina

07 July 2020

No description available.

Public Administration

Communication

Bureaucracy

Bureaucrats

Public Service

Public Servants

Communication Traits

Verbal Aggressiveness

Argumentativeness

Taking Conflict Personally

Direct Personalization

Communicator Style

Affirming Style

Survey

Research Design

Psychology

A tangible programming environment model informed by principles of perception and meaning

Smith, Andrew Cyrus

09 1900

It is a fundamental Human-Computer Interaction problem to design a tangible programming environment for use by multiple persons that can also be individualised. This problem has its origin in the phenomenon that the meaning an object holds can vary across individuals. The Semiotics Research Domain studies the meaning objects hold. This research investigated a solution based on the user designing aspects of the environment at a time after it has been made operational and when the development team is no longer available to implement the user’s design requirements. Also considered is how objects can be positioned so that the collection of objects is interpreted as a program. I therefore explored how some of the principles of relative positioning of objects, as researched in the domains of Psychology and Art, could be applied to tangible programming environments. This study applied the Gestalt principle of perceptual grouping by proximity to the design of tangible programming environments to determine if a tangible programming environment is possible in which the relative positions of personally meaningful objects define the program. I did this by applying the Design Science Research methodology with five iterations and evaluations involving children. The outcome is a model of a Tangible Programming Environment that includes Gestalt principles and Semiotic theory; Semiotic theory explains that the user can choose a physical representation of the program element that carries personal meaning whereas the Gestalt principle of grouping by proximity predicts that objects can be arranged to appear as if linked to each other. / School of Computing / Ph. D. (Computer Science)

Gestalt principles

Grouping by proximity

Perception

Personally meaningful

Programming

Programming languages

Semiotic theory

Signs

Tangible program

Tangible user interface

005.1

Programming (Computers)

Programming languages (Computers)

User interfaces (Computer systems)

Human-computer interaction

Attityd och beteende bland internetanvändare gällande personliginformationsdelning och personligt riktadeannonser : Hur ser skillnaden ut och vad påverkar detta?

Uhr, Aksel, Holdar, Vilgot

January 2021

Mängden datainsamling växer snabbt i dagens informationssamhälle. I takt med attwebbinnehavare samlar in allt mer personlig information om internetanvändare, harkontroverser om integritet och negativa attityder uppkommit. Trots dessa kontroverser hartidigare forskning visat att internetanvändare tenderar att ignorera försiktighetsåtgärder för attskydda deras integritet. Denna skillnad mellan attityd och beteende beskrivs som "the privacyparadox". Syftet med denna studie är att undersöka “the privacy paradox” och de faktorersom påverkar fenomenen med avseende på personligt riktad annonsering. En konceptuellmodell med olika relationer konstruerades, baserat på tidigare forskning. Komponenterna imodellen inkluderade följande faktorer: tillit, upplevd risk, generell integritetsoro, upplevdfördel, avsett beteende och faktiskt beteende. För att utvärdera modellen genomfördes enenkätstudie (N = 107). Den insamlade datans resultat analyserades med hjälp av univariatstatistik, bivariat statistik och i slutändan användes PLS-SEM-metoder för multivariatstatistik. Resultaten bevisade att det finns en påtaglig skillnad mellan internetanvändareuttryckta attityd och beteende, vilket inte kunde förklaras av demografiska variabler.Dessutom visade resultaten att påverkansfaktorerna hade en positiv effekt på attityd ochbeteende. Genom att tolka dessa resultat drog vi slutsatsen att upplevd risk och tillit har enpositiv effekt på generell integritetsoro. Följaktligen har integritetsoro och upplevd fördel enpositiv effekt på avsett beteende, vilket i sin tur har en positiv effekt på faktiskt beteende. / The amount of data collection is growing rapidly in today’s information society. As thecollection of personal information by web holders increases, controversies about privacy andnegative attitudes have occurred among web users. Despite this, previous research has shownthat web users tend to ignore precautions in order to protect their privacy. This differencebetween attitude and behavior is described as “the privacy paradox”. The aim of this study isto investigate the privacy paradox and the influencing factors of the phenomena, with regardsto personally targeted advertisement. A conceptual model with various relationships wasconstructed, based on previous research. Components of the model included the followingfactors: trust, perceived risk, privacy concerns, perceived benefits, behavioral intention andactual behavior. In order to evaluate the model, a survey was conducted (N = 107). Thesurvey’s results were analyzed by using univariate statistics, bivariate statistics and ultimatelyPLS-SEM methods were applied for the multivariate statistics. The results proved that thereis indeed a difference between web user’s expressed attitude and behavior, which could notbe explained by demographic variables. Furthermore, the results indicated that theinfluencing factors had a positive effect on attitude and behavior. By interpreting theseresults, we concluded that perceived risk and trust have a positive effect on privacy concerns.Furthermore, privacy concerns and perceived benefits have a positive effect on behavioralintention, which in turn has a positive effect on actual behavior.

Personal information

Personally Targeted Advertisements

The Privacy Paradox

Privacy Concerns and Behavior.

Personlig Information

Personligt Riktade Annonser

The Privacy Paradox

Integritetsoro och Beteende.

Information Systems, Social aspects

SEX AND GENDER IDENTITY: A NEW PERSPECTIVE FOR COLLEGE STUDENT DEVELOPMENT

Wise, Steven Ray

01 January 2014

One of the goals of college student development professionals is to help undergraduate students develop a meaningful sense of personal identity. Early in the history of the profession, practitioners borrowed freely from related fields such as sociology and psychology to guide their practice, but beginning around the 1960s, scholars began in earnest to develop their own unique body of literature. In this work I examine the development of that scholarly work as it relates to identity development—specifically the evolution of understanding around the issues of sex and gender identity development. Beginning with William Perry, whose work has impacted so many theories that followed his, I review the work of Nancy Chodorow, who was among the first to note that student development theory based on male samples disadvantaged women, Marcia Baxter-Magolda, Carol Gilligan, Ruthellen Josselson, Mary Field Belenkey, Blythe McVicker Clinchy, Nancy Rule Goldberger, and Jill Mattuck Tarule…and…. I discovered that each of these scholars approached sex and gender from a binary, essentialist, deterministic position which served to limit the understanding of sex and gender issues in the field of college student development. During the same period, work in the fields of anthropology, gender studies, psychology, sociology, and women’s studies were greatly expanding their understanding of sex and gender as components of identity. In this work I identify the deficiencies and limitations in the research in the field of college student development related to sex and gender identity development; note the challenges to our work with college students because of those deficiencies and limitations, and make practical recommendations to three groups of professionals who operate in the field of college student development—theorists and scholars, practitioners, and educators and provide a model for efficiently effecting change in the field.

Gender Identity Development

Sex Identity Development

Androgyny

Personally Meaningful Sense of Identity

College Students

Counseling

Curriculum and Instruction

Curriculum and Social Inquiry

Educational Leadership

Gender and Sexuality

Higher Education

Higher Education Administration

Psychology

Social and Behavioral Sciences

Sociology