Degree Granting Department
Alan R. Hevner, Ph.D.
Allen R. DeSerranno, DBA
Donald Berndt, Ph.D.
Matthew Mullarkey, Ph.D.
compliance, conceptual model, Design Science Research, Elaborated Action Design Research, Fitness-Utility Model, NIST CSF
Research into cybersecurity risks and various methods of evaluating those threats has become an increasingly important area of academic and practitioner investigations. Of particular interest in this field is enhancing the designs and informing capabilities of cybersecurity risk management solutions for users who desire to understand how organizations are impacted when such risks are exploited. Many of the cybersecurity risk management solutions are extremely technical and require their users to have a commensurate level of technical acumen. In the situation evaluated during this research project, the founders of the company being researched had created a highly technical risk management solution composed of sophisticated networking and cryptography components. The company’s management team, on the other hand, had very little cybersecurity industry background but needed to effectively communicate the specialized capabilities of the solution to potential customers and business partners in an understandable way. In this case, improving the company’s solution design to better convey its technical foundation both inside and outside the company was required. Design Science Research (DSR) offers a methodology that was created to help analyze, create, and evaluate design artifacts that can identify useful ways to work through technical challenges such as those faced by the company. The Elaborated Action Design Research (eADR) methodology can be used to further improve design artifacts through an iterative process that is easily understood by practitioners and academics and grounded in theory. When DSR and eADR methodologies are used together, the result is the creation and demonstration of informing artifacts which will address technical cybersecurity risk evaluation and communication issues. This research project contains a case study, an accompanying technical note, and two research papers which will address research questions informed by the DSR methodology process in response to related communication and compliance issues noted in the cybersecurity risk management problem space.
Scholar Commons Citation
Fulford, James E. Jr., "Enhancing the Design of a Cybersecurity Risk Management Solution for Communities of Trust" (2018). Graduate Theses and Dissertations.