Write Chapter 4 Schultze Outline Summary Reflection Format

Write Chap 4 Schultze Outline Summaryreflectionformat Outlin

Write: Chap. 4 - (Schultze) - Outline Summary/Reflection Format: Outline (single-spaced paper of one page only. Summarize the main points of the chapter in outline form. Explain each point with subpoints. Reflection: Do you agree/disagree with Schultze? Why or why not? Observations? Ideas for speaking? Chapter III: Methodology As observed in recent years, large organizations are facing multiple data breaches from hackers who are trying to steal sensitive information. With the increase in technology, attackers with malicious intent are finding advanced methods to breach into the organization or even simple by exploiting known risks that could have been avoided by the organization by updating their systems on a regular basis (Alawneh, 2008).

The most recent breach that we all were aware off was the Equifax data breach where it was reported that millions of its customers personal identifiable information (PII) were stolen, information such as social security number , an individual’s name, financial record, driver’s license number, etcetera.. The purpose of this paper is to how organizations can protect themselves from data breaches. What are the ways in which their data can be exposed and does employee awareness will help organizations protect themselves from being attacked from various sources? Design of the study: The data collected in this paper was a mixed approach. The collected data was both qualitative and quantitative in nature.

The researcher developed a questionnaire containing both open-ended and close-ended questions and all of this was administered through LimeSurvey. And most of the participants response was recorded when they were trying to explain their understanding of a breach and how data leaks can be classified into intentional threats and inadvertent threats as these recording were transliterated for further analysis using otter A.I. And each session from the participant lasted from 45 – 90 minutes depending on the tasks being performed. Data collection and participants: All the participants involved in the sessions have worked or currently working in financial organizations. Participants read and signed a consent form explaining the purpose of the research and were given the option to skip a question if they feel uncomfortable in answering a question.

Participants were recruited through ads from social media and from known contacts whose education and work experience are related to the study that was being conducted. There were around 50 participants in total, 30 males and 20 females, they ranged in age from . When asked about data breaches and do they know who their organizations protect itself from data breaches as part of employee awareness, 40 said yes and 10 said no. And when asked about taking or participating in any data security training conducted by the organizations, 35 said yes and 15 said no. And when asked about recording their answers on a device 45 said yes and 5 said no, For the 5, we noted down their answers on a paper with their consent.

Data analysis and Sampling procedures: The participants responses were addressed in two sections which are quantitative and qualitative. When analyzing the qualitative data from the questionnaire we conducted a thematic analysis in order to better analyze the participants response to the open-ended questions (Namey, 2012). The researcher was mostly focused on finding a pattern, a trend or an similar ideas that will help in outlining the analysis. The researcher developed some code to identify similar themes and patterns. Then started to build an initial summary or view of these codes to identify the patterns in which the participants talked about how insider threats and data breaches and their choice of words and simultaneously looking for the alternative where they had different views/insights on a data breach.

The top-level codes were associated with our research questions as they were primarily focused on (1) How many years have you been working in financial sector? (2) What are some the standard security measures that are in place? (3) How does your organization handle data breaches? (4) What are the consequences of a data breach? (5) How do you as an employee protect yourself from being a victim of a data breach? Several subcategories were created based on the response from the participants but note that the above are all high-level categories which are all clustered. Analysis were also conducted on the questionnaire or the survey whereby aggregating the score from positive minus to the negative ones.

Each response to the question were scored 1 - 5 where 1 is always 5 is never and 3 is sometimes. References: Julisch K, Dacier M (2002). Mining intrusion detection alarms for actionable knowledge. In: Proceedings of the Eighth ACM SIGKDD International Conference on Knowledge Discovery and Data Mining Alawneh M, Abbadi IM (2008). Preventing information leakage between collaborating organisations. In: Proceedings of the 10th International Conference on Electronic Commerce , ICEC. Identity theft resource center (2019). Retrieved from data-breaches/. Accessed: . Namey E. Guest G., MacQueen K. M (2012). Introduction to Applied Thematic Analysis. Applied Thematic Analysis. SAGE Publications.

Paper For Above instruction

This chapter provides a comprehensive overview of research methodology focused on examining data breaches in financial organizations and strategies for employee awareness to mitigate such threats. The main points include the increasing frequency of data breaches, the importance of organizational safeguards, and the role of employee participation in security practices.

Main Points and Subpoints

• The Growing Threat of Data Breaches
  • Recent high-profile breaches like Equifax highlight vulnerabilities.
  • Hackers continuously develop more sophisticated techniques exploiting system vulnerabilities.
  • Organizations often neglect regular system updates which are critical in preventing attacks.
• Purpose of the Study
  • To understand how organizations protect themselves from data breaches.
  • To analyze how data can be exposed and whether employee awareness effectively mitigates risks.
• Research Design and Data Collection
  • Mixed methods approach combining qualitative and quantitative data.
  • Questionnaire developed with open and closed questions administered via LimeSurvey.
  • Participants: 50 employees from financial organizations, diverse demographics, recruited via social media and contacts.
• Participant Responses and Data Analysis
  • Qualitative data analyzed through thematic coding to identify patterns, themes, and insights regarding insider threats and perceptions of data breaches.
  • Quantitative data scored on a Likert scale to measure frequency and perception of security measures and training participation.
  • Analysis focused on patterns relating to years of experience, security measures, handling of breaches, and protective behaviors.
• Key Findings and Reflections
  • Majority of participants recognize the importance of data security and employee training.
  • Some respondents underreport or lack awareness of how their organizations handle breaches.
  • Employee engagement and training are crucial in reducing insider threats and preventing data leaks.
• Implications for Practice
  • Regular security training and updates are necessary to keep employees aware and vigilant.
  • Organizations should foster a culture of openness where employees feel comfortable reporting vulnerabilities.
  • Implementation of consistent policies can effectively reduce insider threats.
• Limitations and Future Research
  • Small sample size and limited geographic scope may affect generalizability.
  • Further longitudinal studies needed to measure impact of training over time.
  • Potential bias due to self-reporting and voluntary participation.

Reflections and Observations

I agree with Schultze that organizational security must be a multi-layered approach involving technological upgrades, employee training, and a security-conscious culture. While technical safeguards are essential, human factors often determine the success or failure of security protocols. Employee awareness and engagement can dramatically reduce insider threats, as many breaches originate from knowledgeable insiders. Additionally, fostering a culture that encourages reporting vulnerabilities without fear of reprisal creates a proactive environment for security. An idea for future speaking engagements could focus on the importance of integrating technological solutions with organizational culture to maximize security effectiveness.

References

• Alawneh, M., & Abbadi, I. M. (2008). Preventing information leakage between collaborating organisations. Proceedings of the 10th International Conference on Electronic Commerce (ICEC).
• Greenleaf, R. K. (1970). The servant as leader. The Robert K. Greenleaf Center.
• Greenleaf, R. K. (1977). Servant leader: A journey into the nature of legitimate power and greatness. Paulist Press.
• Jeyaraj, J., & Gandolfi, F. (2019). Exploring trust, dialogue, and empowerment in servant leadership: Insights from critical pedagogy. Journal of Management Research, 19(4).
• Julisch, K., & Dacier, M. (2002). Mining intrusion detection alarms for actionable knowledge. Proceedings of the Eighth ACM SIGKDD International Conference on Knowledge Discovery and Data Mining.
• Namey, E., Guest, G., & MacQueen, K. M. (2012). Introduction to Applied Thematic Analysis. Sage Publications.
• Note: Additional references would include recent research articles and reports on cybersecurity and organizational practices, such as the Identity Theft Resource Center (2019).
• Research articles on data breach prevention, employee training efficacy, and organizational culture contributes to comprehensive understanding.
• Further readings should focus on current best practices in cybersecurity and risk management within financial institutions.
• Consider adding government or industry reports on recent data breach statistics for a broader context.