Date Approved

2024

Degree Type

Open Access Dissertation

Degree Name

Doctor of Philosophy (PhD)

Department or School

College of Engineering and Technology

Committee Member

Suleiman A. Ashur, PhD, Chair

Committee Member

Munther Abualkibash, PhD

Committee Member

Ola Karajeh, PhD

Committee Member

Omar Darwish, PhD

Committee Member

Huei Lee, PhD

Abstract

The data breach phenomenon is not new. People have valued information, its protection, and its security for centuries. A data breach is the loss of control over one’s information. In contemporary society (circa 2024), a data breach can occur in several ways: through accidental disclosure, negligence, or malicious action. Likewise, the study of the data breach phenomenon is not new. As with other studies, this research effort seeks to expand the current body of knowledge concerning data breaches. However, unlike previous research, we adopt a novel approach to further our understanding of the phenomenon. By employing topological and phenomenological thinking, we have created a prototype allowing continuous, sustained, and scalable measurement of data breach intensity. Our data is derived from open sources, while the prototype application integrates both open and commercial applications. The goals of this study are to establish a process for collecting and storing data breach information using open sources; measure the intensity of data breaches based on stored open-source information; conduct statistical analysis of the data; present a novel instrument for measuring data breach intensity; and develop a prototype application that enables the storage, analysis, and measurement of data breaches. The research has successfully achieved its stated goals, demonstrating a thorough and comprehensive approach. First, a robust method of gathering and storing data breach event information was created. Second, an instrument to measure individual data breach event intensity was meticulously developed. Lastly, a prototype application was completed to store and analyze data breach events, ensuring a complete and detailed understanding of the data. Future research anchored to this manuscript is possible. The development of a new instrument allows for recursive study as well as forward-looking research efforts. For example, we can now recursively examine customer sentiment after a data breach event by examining the relationship between sentiment and intensity. Moreover, future research can discuss the cousins of data breach intensity (e.g., severity, density, and magnitude). However, there were some limitations to the research. The most glaring limitation was the inclusion of modifiers in the instrument. As discussed in more detail, these modifiers may have served better as modifiers or as a part of other equations (e.g., a severity equation).

Download

Share

COinS