Modern Information Technology (IT) infrastructure and open-source software (OSS) have revolutionized our ability to access and process data, enabling us to tackle increasingly complex problems and challenges. While these technologies provide substantial benefits, they often expose users to vulnerabilities that can severely damage individuals and…

The need to protect confidential data stored in university enterprise information systems and to prevent infiltration through phishing cyber attacks by malicious individuals and organizations has emerged. The unfortunate target of phishing attacks is university employees and students with access to confidential information. This research specifies…

The human component of information systems represents a critical and high-impact target for cyberattacks. Firms address these threats through various means, including security awareness training, security policy monitoring, security controls, and enforcement. Even the most robust technical controls have limits. Consequently, elevating user…

This qualitative case study discussed the security training and awareness for iMiTs Art's cloud and information systems due to the digital transition to cloud computing capabilities and usage. The study was based on the technology acceptance of the TAM (Technology Acceptance Model) model, security training concepts of SETA (Security Education and…

The increasing complexity of modern power systems, coupled with the integration of diverse rapidly evolving technologies involving physical systems requiring cybersecurity, has presented significant challenges for engineers in the field and researchers in laboratory facilities. This research and dissertation presents the development of a…

In the critical infrastructure world, many critical infrastructure sectors use a Supervisory Control and Data Acquisition (SCADA) system. The sectors that use SCADA systems are the electric power, nuclear power and water. These systems are used to control, monitor and extract data from the systems that give us all the ability to light our homes…

Current cybersecurity measures have become a major concern for commercial organizations in the United States. As the cyber-attack landscape expands and the skills and knowledge of the cyber-attacker become broader, the current measures that are taken and the laws structured around them are making it increasingly difficult for commercial…

Organizational information system users (OISU) that are victimized by cyber threats are contributing to major financial and information losses for individuals, businesses, and governments. Moreover, it has been argued that cybersecurity competency is critical for advancing economic prosperity and maintaining national security. The fact remains…

Use of the Patch Vulnerability Management (PVM) process should be seriously considered for any networked computing system. The PVM process prevents the operating system (OS) and software applications from being attacked due to security vulnerabilities, which lead to system failures and critical data leakage. The purpose of this research is to…

Organizations in all sectors of business have become highly dependent upon information systems for the conduct of business operations. Of necessity, these information systems are designed with many points of ingress, points of exposure that can be leveraged by a motivated attacker seeking to compromise the confidentiality, integrity or…

Subchapter III of Chapter 35 of Title 44, United States Code, Federal Information Security Management Act of 2002; Department of Defense (DoD) Directive 8500.01E, Information Assurance, October 24, 2002; DoD Directive 8100.1, Global Information Grid Overarching Policy, September 19, 2002; and DoD Instruction 8500.2, Information Assurance…

In today's modern business world, most organizations use information as a critical business asset to gain competitive advantage and create market value. Increasingly, an organization's ability to protect information assets plays a critical role in its ability to meet regulatory compliance requirements, increase customer trust, preserve brand…

The information leakage of electronic devices, especially those used in cryptographic or other vital applications, represents a serious practical threat to secure systems. While physical implementation attacks have evolved rapidly over the last decade, relatively little work has been done to allow system designers to effectively counter the…

Recently, malicious computer users have been compromising computers en masse and combining them to form coordinated botnets. The rise of botnets has brought the problem of home computers to the forefront of security. Home computer users commonly have insecure systems; these users do not have the knowledge, experience, and skills necessary to…

Network security is a large and complex problem being addressed by multiple communities. Nevertheless, current theories in networking security appear to overestimate network administrators' ability to understand network access control lists (NACLs), providing few context specific user analyses. Consequently, the current research generally seems to…