Abstract
Today, computing and computing devices cannot be delineated from humans as their need is evident in every aspect of life. Computers and computing systems have been embraced by all sectors of the nation’s economy; from business, education, healthcare, government to even recreation and leisure. Despite the huge adoption of digital technology world over as a way of improving business efficiency and delivering value, numerous loopholes occur within the computing and information system infrastructure that result in losses of greater magnitude. Security of information held in a digital platform is increasingly becoming a challenge for both small and large enterprises. From cyber attacks using malicious software to bullying to identity theft insider attacks, information security has become a broader menace that advances as technology improves. This paper details the processes of stating a research problem and synthesizing it until a manageable problem is achieved which can be put in a research proposal. The paper research focuses on formulating a question relating to computer security.
Introduction: Finding a legitimate problem
Information attack is categorically classified as those affecting the users, lines of communication, servers and information systems. The kinds of attacks at the user end are usually complex and hard to manage. Those occurring at the communication channel involve sniffing, tapping, message alteration, theft and fraud and radiation. Servers suffer from viruses and worms, vandalisms and denial-of-service while systems such as databases are afflicted with data alteration, software failure, and hardware failure and data theft.
Measures were undertaken to correct these inefficiencies and attacks range from technological such as the use of anti-malwares to logical such as application of security policies, to physical and finally behavioral.
Research Problem
Over time, attempts have been made to secure computer networks and systems as much as possible. It has been done through a series of measures that integrate technological solutions, logical and physical controls. Though effective, a recent incidence such as that involving Target where 70 million customer credit and debit card information was stolen underpins the magnitude of the attacks and serves as a wakeup call to many organizations. Data from investigating agencies reveal that a number of these attacks are facilitated by insider elements within the organization. Thus, an insider attack is a worrying trend in the field of computer security. This brings us to the research problem: To what extent does insider hacking promote the breach of security and loss of revenue and loyalty for businesses and organizations.
Dividing the research problem into subsections
The research question is synthesized into subsections to allow further detailed analysis and achievement of specific, measurable, attainable, realistic and timely objectives. The specific subsections of the problem statement include:
Determine the extent of employee involvement in insider attacks in an organization
Determine the approaches that organizations are putting in place to reduce insider attacks
Test the effectiveness of awareness programs in an organization in combating insider attacks
Explore ways in which organizations fill the existing gap between applicable security controls and human characteristics
Delineating the problem
This research will focus on insider attacks in multinationals and the effect of employee education programs. Many organizations have run into financial losses and trust issues, as a result, of collaboration between employees and external parties. The research is useful to scholars, policy makers, governments, educators and other researchers who have interests in the areas of computer security. This research will be conducted with the full knowledge that multinationals and other organizations are likely to be adamant and uncooperative in respect to offering data relating to their security. As such, research processes that will allow collection of relevant will be employed.
References
C., F. (2008). Researching and Writing a dissertation, A guild Book For Business Student, . Prentice Hall.
Shaw, E. R. (1998). The insider threat to information systems. Security Awareness Bulletin , 27-46.
