disertation

Principal Investigator:

Study:

Adult and Continuing Education and Teaching

a. Full name:

b. University department, program, and position:

Education/Student

c. Email address:

d. Phone number:

a. Full name:

b. University department, program, and position:

c. Email address:

d. Phone number:

a. Full name:

b. Email address:

c. Phone number:

a. Full name:

b. Email address:

c. Phone number:

f.

Yes

X

No

Exempt – no human subjects involved

X

Expedite – minimal risk to human subjects

Full Review – moderate to high risk to human subjects

Internal - research intended for teaching purposes only within courses at Judson University.

X

Public - research may be published outside of Judson University.

Cyber Security

The success of the majority if not all institutions and firms is significantly dependent on the security measures employed by firms. Regardless of the industry that an institution may operate, it must have reliable security measures to ensure that its operations as well as the information that it relies on, is not compromised. Security is divided into mainly cyber security and network security. Bearing the above in mind, there are three types of security controls and they include; responsive controls, preventive controls, and detective controls. In order for firms to make the claim that they have reliable security, they have to have a solid security architecture. The architecture details the infrastructure in use to enforce security measures as well as the actions in place to ensure that security prevails. By going through a typical learning institution security architecture it will be possible for security to be defined as well as explained considering that schools are one of the institutions that emphasize both physical and network security.

The research team responsible for carrying out the below study believes that if insider threat is dealt with that most of the issues if not all the issues that affect cyber security will be dealt with. The above belief forms the foundation of the below research as the research team will seek to confirm or dispel the notion that if the insider threat is dealt with that most security concerns as regards cyber security will be dealt with.

The research will take on a qualitative approach and this is because it helps researchers gather information on their research topic by analysing information which is passed through behaviour and language in the study subject’s natural environment. Unlike the quantitative methodology, the qualitative methodology allows the research time to gather data about the feelings, the values, the beliefs and the motivations that lead to certain behaviours. The above methodology will be crucial for understanding why insiders might consider abusing a privilege or right which might expose the company or organization that they work for to cyber security risks.

Data collection will be done through the reviewing of previous research on insider threats and cyber security and case study. The review and case study will enable the research team to gather as much information as possible from previous researches.

The qualitative research methodology will be handy for the study as the research team will be able to gather information as relates to the views and beliefs of the people unlike the quantitative approach. The quantitative approach does not allow the views and beliefs of people to be incorporated into a study. The approach is also important in supporting and explaining previously done research that followed a quantitative approach.

Participants

The research will involve having 12 participants interviewed and observed during a five-month research period. The participants will include one IT security expert, six students of higher learning institutions, and five junior employees. The focus of the study is on junior employees as they are the most likely people to aid in the breaking of security protocols. Junior employees are as well as the target of security protocols and policies and it is for that reason are best to explain which security policies might curtail the insider threats. IT security experts are part of the participants as they can share on their experiences as regards insider threats and cyber security in general. Individuals incarcerated due to fraud and cyber-crime on learning institutions will shed light on why insiders are the biggest threat to physical security

Two methods will be used in the collection of research data. The first method is the interview method. All participants will be interviewed as regards to insider threats and how to mitigate insider threats. The second data collection method is the observation method. All the junior employee participants will be observed with the aim of establishing how insiders can lead to security breaches.

Analysis:

It is an iterative procedure to analyze qualitative data. Data must first be coded in order to determine which major categories belong in which categories. Interpreting qualitative data is very subjective, therefore mechanisms for establishing inter dependability must be created. The data will be coded by two coders. They will agree on various categories and acquire an understanding of how the data will be categorized. Their solutions, as well as the facts on which they will be based, will be offered to another researcher when they have reached an agreement. Changes to how the data fits into the key categories will be made based on the feedback of the other researchers. The same procedure will be followed, but only once the researchers have reached an agreement on the topic.

Participation requirement:

For the survey, subjects will be requested to submit accurate information. Participants will respond to questions and share insight into various topics. Before the survey begins, all participants will communicate in English and sign consent documents.

This research will be conducted between June and October of 2022.

General logistics; survey distribution, identifying participants will take place between July and August 2022.

Transcription and coding will be done between September and October 2022.

The data to be collected will be collected from the following geographical areas:

· Illinois

IT security professionals, students of higher learning institutions, junior workers of learning institutions, and persons who have been convicted owing to fraud and insider transactions leading to cybercrime in the state will be among the participants in this study.

The selection of participants will be dependent on their availability and desire to participate.

People who are accessible and willing to engage in the study will be contacted for a follow-up survey.

Participants for this study will come from the above-mentioned geographical location. Expert participants will be given priority because they can contribute valuable information to the research topic. Participants will be able to talk in English for ease of communication. There will be a total of 12 participants.

All adults, with the exception of those with mental disorders, will be eligible to participate in the study. The study is open to those with physical limitations. Short attention spans, poor reading, writing, and communication abilities, disorganization, and other sensory challenges, eye-hand coordination problems and poor coordination overall, difficulty with sequencing, and finally poor memory will be screened out using a test.

When questioning the participants, I'll make sure they're in a physically and mentally comfortable environment to discuss how cyber security breaches have impacted them.

Any information provided by participants is kept private, and he or she will not be identified. Anonymity will be crucial and ensured both before and after the research. Data will be stored in both hard copies and electronic formats. The researcher will transcribe the audios and store the hard copies in the cabinet. Only the research team will have access to the information.

Before a survey can begin, each participating adult will be requested to sign a consent form.

No-Risk: 2 Minimum Risk: 3 Moderate Risk: 2 High Risk: 0