The first step to improving an organization's security posture is to define the organization's security goals. At a technical level, these goals are expressed as security policies. Security policies are predicates over programs, that return true or false if the program adheres to the policy. Defining these policies correctly is thus essential to…

Remotely proctored online examinations proliferate in academic and corporate learning environments (Grajek, 2020). Remote (virtual) proctoring allows organizations to efficiently offer tests globally while reducing the costs of proctored testing generally associated with traditional paper-and-pencil and computer-based testing center examinations.…

While the introduction of memory-safe programming languages into embedded, Cyber-Physical Systems (CPS) offers an opportunity to eliminate many system vulnerabilities, a pragmatic adoption of memory-safe programming languages often necessitates incremental deployment due to practical development constraints, such as the size of many legacy code…

Secure Code Education (SCE) is the compliance requirement for many organizations in the U.S. Consequently, many U.S. companies spend large sums on programs and tooling to meet this requirement and to upskill their developers. This tooling is largely underutilized. Classes beyond the bare required minimum are often not taken advantage of, leaving…

This study investigated the relationship between information security training and awareness and employees' compliance with information security policy in the U.S. retail industry. Using a quantitative non-experimental research design, this study examined and quantified the significance of the relationship between information security training and…

Curriculum development is currently being done in a variety of ways: individually, with peers, through an academic committee that may or may not have an industry representative, or through workshops. But the current ways of developing curriculum have challenges and inefficiencies, specifically when using groups and committee (logistical…

K-12 schools in Louisiana face unique cybersecurity challenges due to the state's high poverty rate, resource constraints, infrastructure weaknesses, and vulnerability to natural disasters. Public school systems in Louisiana have been particularly vulnerable to these attacks, with incidents of cyberattacks tripling in 2020 alone. The Louisiana…

Organizations must ensure that employees maintain information security policy (ISP) compliance intentions with respect to published policies to improve their information security (IS) posture. Employees' noncompliance behaviors make them the weakest link in organizations' IS. Although IS researchers exert enormous amounts of effort on finding…

Effective management of digital identities and personal data is essential in modern society. Personal information management systems (PIMS) empower people to control their digital identities and personal data. Using the reasoned action approach (RAA) developed by Fishbein and Ajzen (2010), I derived the RAA-Trust Model for PIMS Adoption and…

The study helped investigate Peruvian Higher Education Institutions' (PHEI) security posture and how the adoption of modern technology enhanced the operational processes to reduce cyber threats. The purpose of the research was based on research questions to assess access controls effectiveness, infrastructure security gaps, emerging technology…

This study sought to understand how cybersecurity professionals in technical U.S. Federal Government (USFG) positions transition into first-time cybersecurity leader roles. The study also sought to explore which leadership competencies were used/developed in this transition and how those leaders gained the knowledge and skills to perform their…

Organizations need help keeping their infrastructure and data secure because cybercrimes and cyberattacks are rising. It is known that the highest risk to any organization is the risk that end users present (Aljeaid, 2020; Yuan, 2021). The problem to be addressed in this study is that end-user employees' behavior remains the biggest reason for…

The cybersecurity talent gap has been a hot topic for most of the 2000s, yet only one aspect or viewpoint of the gap has been investigated: that of the employers. Governmental and private organizations suggest what they think led to or is a contributing factor to the cybersecurity talent gap. This study detailed aspects that could contribute…

Private higher educational institutions are at a high risk of cyber-attacks based on the amount of data they consume about students, their families, donors, faculty, and employees. I determined that there was a gap in the body of knowledge concerning how IT leaders in private higher education secure their information assets. The purpose of this…

Public school districts are frequently targeted by cybercriminals to gain access to a wealth of under-protected sensitive data. As a result, information technology (IT) leaders in public school districts must implement measures to maintain the security and confidentiality of sensitive data collected and stored by their schools. This qualitative…