Cyber Security Week 7
MrTooGood
HypothisisResearchDesign.docxCyber Security 1
RESEARCH PAPER 4
Hypothesis & Research Design
American Military University
ITCC 500
HYPOTHESIS AND RESEARCH DESIGN
Introduction/background
Software systems are never secure, and there are always chances of faults happening that may be very costly to an organization. Faults give the attackers a good chance of invading the systems, causing a lot of harm by stealing data (Sukhram, & Hayajneh, 2017). Data is one of the most critical aspects of any institution. Therefore, it is critical to put up measures that will help an organization be safe from data theft. Putting in place proper preventative measures is the only way an organization can be secure and ensure that the consumers' data are protected.
HYPOTHESIS
This research study aims to look at the various techniques used by hackers and the various protective measures applied in helping protect organization data from landing in the hands of unauthorized users. Cyber-attacks occur due to Poor security measures taken by corporations. One of the best ways of protecting information is ensuring that it is only then authorized people who can access the information.
RESEARCH DESIGN
The kind of research typically dictates the research methodology that one will use. It entails budding queries and measures, where data is naturally gathered in the settings of the contestants, and data analysis is done by interpreting data. Selecting the right method of research is very important for the overall success of the research. It is the type o research that dictates the right type of research methodology to adopt.
In this study, the primary source of data will include conduction questionnaires and interviews with the participants. Various methodological approaches are used for individuals who are fascinated by performing research. The choice of the research methods depends on several aspects, such as the research purpose, the type of questions to be responded to, and resource availability. Survey research is one of the approaches used in researching so that readers can critically assess the aptness study’s conclusions by utilizing survey research.
Qualitative survey research is a less structured research method used in gaining comprehensive information regarding people’s basic reasoning and motivations (Emerald Group Publishing., 2017).
This research method is very effective for studies where individual inhabitants are the element of study. It may, however, be used in other analysis units like groups and organizations. A questionnaire is used in collecting the most comprehensive and precise data in a rational flow. This is done so as reliable conclusions are reached from the observations that are anticipated. This involves developing a well-made questionnaire capable of meeting the goals and objectives of the research while minimizing questions that are not answered. The researchers then define the target, study population from where the data and information are collected (Knoke, Marsden, & Kalleberg, 2017). The respondents are reached through personal contact, interviews, internet-based questionnaires, and telephone interviews.
For instance, if one is planning to survey to measure the preparedness of the workers and the organization against data theft in a company, it is essential conducting interviews in gaining some context about the company’s culture, the structures as well as other issues that are precise to the corporation to be investigated. The interviews will give an opportunity of taking notes, reading body language, and picking up on other restrained cues.
In my research, the use of multiple-choice or closed-ended questions will help in motivating the participant to fill all the questions. To elaborate on these findings, the participants should be subjected to some questions that will help shed light on the state of affairs. For instance, it would be crucial to ask questions such as:
1. Have your organization ever experienced data theft?
2. Did the cyber-attacks occur due to Poor security measures taken by corporations?
3. Does the organization have a proper system in place to mitigate data theft?
4. Do you have in place a proper database disaster recovery?
5. Does the organization back up critical computing systems such as databases, file servers, web servers, and so on?
6. Are all wireless devices and network servers scheduled to backup once every 24hrs?
7. Does the company have email and internet use policies to prevent data theft?
8. Does your organization apply the principle of least privilege?
9. Does your organization has the international standardized practice that puts specifications for the information security management in an organization (ISO 27001 certification)?
PARTICIPANTS
One of the essential sampling methods for this study is stratified random sampling. The sample will be selected from various organizations, choosing various random elements from each group in proportion to the size versus the population in question.
MEASURES
Variables are a very significant part of research and development. This is because the variables signify the information in a research project. The dependent variable represents the experimental and produces the research result, while the result is the independent variable. In this case, the independent variable is cyber-attacks, and the dependent variable is security measures.
The next step will involve exploring prior research studies that have been conducted regarding cyberattacks and cybersecurity. I will review prior studies done in five years between 2017 and 2021. It is essential to note that there is the biggest threat of data theft.
I will look at the various measures that organizations have put in place to protect data. Database security, therefore, includes the measures put forward to protect the underlying infrastructure that houses the database like networks and servers, configuring the Database management system, and data access. Network’s managers must have secure methods that will help the users and applications perform vital roles on their network efficiently. This is where the “principle of least privilege” comes in. this is an essential aspect of computer security. This principle allows access to performing the job that is required. This helps the IT department to be able to reduce the risks of attackers been able to get access to sensitive data through reducing the user privileges. This helps contain compromises to the area where they originate from, thus stopping them before they can spread to the entire system. This principle impacts data security in various ways. The first way is that this principle helps in reducing liabilities. This is done by reducing the number of users who have excessive permissions. Cutting down the number of users with excessive permission drastically reduces the overall occurrence of privileged operations, reducing the probability of high-risk errors. This policy is also very important in that it helps in promoting a healthy network performance.
The second way is that this policy at a very high margin helps narrow the scope of harm that results from unauthorized users of the network privileges (Farash,et al., 2016). This is the reason why managers are advised to deny high-level powers to many users. Say, for instance, an account with limited permission is compromised; it means that the impact of harm will be confined as compared to when the account is not.
References
Emerald Group Publishing.Converse, J. M. (2017). Survey research in the United States: Roots and emergence 1890-1960. Routledge.
Farash, M. S., Turkanović, M., Kumari, S., & Hölbl, M. (2016). An efficient user authentication and key agreement scheme for heterogeneous wireless sensor network tailored for the Internet of Things environment. Ad Hoc Networks, 36, 152-176. Retrieved from: https://www.sciencedirect.com/science/article/abs/pii/S1570870515001195
Knoke, D., Marsden, P. V., & Kalleberg, A. L. (2017). Survey research methods. The Blackwell companion to organizations, 781-804.
Sukhram, D., & Hayajneh, T. (2017, October). KeyStroke logs: Are strong passwords enough?. In 2017 IEEE 8th Annual Ubiquitous Computing, Electronics and Mobile Communication Conference (UEMCON) (pp. 619-625). IEEE. retrieved from: KeyStroke logs: Are strong passwords enough? | IEEE Conference Publication | IEEE Xplore
