The first step to improving an organization's security posture is to define the organization's security goals. At a technical level, these goals are expressed as security policies. Security policies are predicates over programs, that return true or false if the program adheres to the policy. Defining these policies correctly is thus essential to…

The study investigated the use of formalized cybersecurity apprenticeships as a means of workforce development to meet the needs of employers seeking to fill cybersecurity positions. The study employed a quantitative analysis using a constructivist grounded theory approach utilizing a survey with questions based on the findings of apprenticeships…

Software vulnerabilities in commercial products are an issue of national importance. The most prevalent breaches are input validation vulnerabilities, and these are easily avoidable. This dissertation contributes to cybersecurity education with a set of hands-on interventions tailored for three CS courses, a set of reflection prompts to encourage…

The rise of Artificial Intelligence technology has raised concerns about the potential compromise of privacy due to the handling of personal data. Private AI prevents cybercrimes and falsehoods and protects human freedom and trust. While Federated Learning offers a solution by model training across decentralized devices or servers, thereby…

The problem addressed in this research study is that multinational organizations that often disregard adopting cybersecurity threat awareness training in the workplace to protect their cyberinfrastructure assets cannot efficiently detect and respond to malicious advance persistent threat (APT) cyberattacks. There is a disconnect between security…

Curriculum development is currently being done in a variety of ways: individually, with peers, through an academic committee that may or may not have an industry representative, or through workshops. But the current ways of developing curriculum have challenges and inefficiencies, specifically when using groups and committee (logistical…

The meteoric rise in software and technology has altered the paradigm of information security and privacy. Classified information, stored earlier behind locked doors, is now stored on the internet on servers that can be accessed from anywhere on the globe. As a result of these advancements, we are now vulnerable to cyber-attacks. Cyber-attacks are…

The study helped investigate Peruvian Higher Education Institutions' (PHEI) security posture and how the adoption of modern technology enhanced the operational processes to reduce cyber threats. The purpose of the research was based on research questions to assess access controls effectiveness, infrastructure security gaps, emerging technology…

Modern Information Technology (IT) infrastructure and open-source software (OSS) have revolutionized our ability to access and process data, enabling us to tackle increasingly complex problems and challenges. While these technologies provide substantial benefits, they often expose users to vulnerabilities that can severely damage individuals and…

The cybersecurity talent gap has been a hot topic for most of the 2000s, yet only one aspect or viewpoint of the gap has been investigated: that of the employers. Governmental and private organizations suggest what they think led to or is a contributing factor to the cybersecurity talent gap. This study detailed aspects that could contribute…

Private higher educational institutions are at a high risk of cyber-attacks based on the amount of data they consume about students, their families, donors, faculty, and employees. I determined that there was a gap in the body of knowledge concerning how IT leaders in private higher education secure their information assets. The purpose of this…

Organizations are looking for a well-qualified workforce with the requisite skills, knowledge, and abilities to implement an effective cyber strategy. Academic institutions are facing challenges in meeting the demand for employees with hands-on experience. This exploratory study investigated how academic institutions can use internships to equip…

Public school districts are frequently targeted by cybercriminals to gain access to a wealth of under-protected sensitive data. As a result, information technology (IT) leaders in public school districts must implement measures to maintain the security and confidentiality of sensitive data collected and stored by their schools. This qualitative…

This proposal is to develop a framework for designing a cybersecurity program. The goal of the program is to prepare students graduating from an accredited two-year college for success in cybersecurity careers. Several challenges such as program accreditation, workforce development, and Department of Homeland Security/National Security Agency…

This dissertation addresses the problem of practice of the high rate of employees in financial organizations clicking on phishing links, positioning their companies at risk of a data incident or breach. The financial sector was the most breached industry in 2022 (Schwartz, 2022) and was impacted the most by malicious phishing emails (Trellix…