Research into cybersecurity risks and various methods of evaluating those threats has become an increasingly important area of academic and practitioner investigations. Of particular interest in this field is enhancing the designs and informing capabilities of cybersecurity risk management solutions for users who desire to understand how organizations are impacted when such risks are exploited. Many of the cybersecurity risk management solutions are extremely technical and require their users to have a commensurate level of technical acumen. In the situation evaluated during this research project, the founders of the company being researched had created a highly technical risk management solution composed of sophisticated networking and cryptography components. The company’s management team, on the other hand, had very little cybersecurity industry background but needed to effectively communicate the specialized capabilities of the solution to potential customers and business partners in an understandable way. In this case, improving the company’s solution design to better convey its technical foundation both inside and outside the company was required. Design Science Research (DSR) offers a methodology that was created to help analyze, create, and evaluate design artifacts that can identify useful ways to work through technical challenges such as those faced by the company. The Elaborated Action Design Research (eADR) methodology can be used to further improve design artifacts through an iterative process that is easily understood by practitioners and academics and grounded in theory. When DSR and eADR methodologies are used together, the result is the creation and demonstration of informing artifacts which will address technical cybersecurity risk evaluation and communication issues. This research project contains a case study, an accompanying technical note, and two research papers which will address research questions informed by the DSR methodology process in response to related communication and compliance issues noted in the cybersecurity risk management problem space.
|Advisor:||Hevner, Alan R., DeSerranno, Allen R.|
|Commitee:||Berndt, Donald, Mullarkey, Matthew|
|School:||University of South Florida|
|School Location:||United States -- Florida|
|Source:||DAI-B 80/05(E), Dissertation Abstracts International|
|Subjects:||Business administration, Information Technology|
|Keywords:||Compliance, Conceptual model, Design science research, Elaborated action design research, Fitness-utility model, Nist csf|
Copyright in each Dissertation and Thesis is retained by the author. All Rights Reserved
The supplemental file or files you are about to download were provided to ProQuest by the author as part of a
dissertation or thesis. The supplemental files are provided "AS IS" without warranty. ProQuest is not responsible for the
content, format or impact on the supplemental file(s) on our system. in some cases, the file type may be unknown or
may be a .exe file. We recommend caution as you open such files.
Copyright of the original materials contained in the supplemental file is retained by the author and your access to the
supplemental files is subject to the ProQuest Terms and Conditions of use.
Depending on the size of the file(s) you are downloading, the system may take some time to download them. Please be