Google Pay Now Accepting Google Pay. Check out is even easier with Google Pay. Easy, Fast and Confidential!

Computer Sciences Technology Capstone Thesis

Formal Thesis Proposal


It is becoming increasingly difficult to ignore the fact that all organizations mainly pay attention to the security of their information systems in regard to external attacks of hackers and intrusion of malicious software. Such initiatives are an important consideration, but little attention is focused on insider threats. Intentional, as well as unintentional exposure of sensitive data, is a result of insider intrusion. Workers, who operate with information systems on different levels, may use their right to access for malicious purposes (Bayuk, 2010).

MiniCalc with vip services

Sometimes, insider exposure of data occurs owing to the negligence of personnel or poor physical/cyber protection of an information system. Therefore, insider threat is a much more dangerous phenomenon than traditional cyber terrorism, once insider threat emerges within the system, where a certain individual operates with sensitive data due to his/her workplace duties (Contos, 2006). Nonetheless, insider threat is a big problem for contemporary cybersecurity as it involves additional factors.

In order to be more specific, these factors are behavioral. Meanwhile, motivations of hackers and cyber terrorism are apparent and easily classifiable, reasons for insider exposure of data or any other malicious actions involve different reasons and hence various patterns of behavior (Tyagi, 2013). The main constraint for such behaviors is the presence of a purposeful decision. In case an individual harms information system without any intention and due to lack of knowledge, experience, or awareness of particular policies, such insider threat is explained by a respective behavioral pattern (Dawson, 2015).

At the same time, insider exposure of data made on purpose is explained by the entirely different behavioral approaches. As a result, contemporary cybersecurity discipline is expected to address both scenarios, as they present a danger to organizational information systems to a similar extent. This evidence is a key motivating factor for launching a respective investigation on that issue.

Background of The Problem

In spite of differences in the definition of insider threat, this type of cybersecurity breach is the most difficult to address because employees, who pose an insider threat, are present at their workplace, and their intentions cannot be predicted. At the same time, a human error cannot be predicted in case a worker exposed sensible data without even being aware of consequences. As a result, a need for a distinct vision of insider threat categorization is explicit, as a basic act of negligence can also become a reason for insider threat (Dykstra, 2011).

To the greatest extent, practitioners are currently unable to draw a distinct line between unintentional insider threat and the act of negligence. In addition, purposeful insider threats are also persistent and they origin from organizational problems, even though the security of an information system satisfies the requirements. Such cases are may pose a great danger to Capstone, as its information system contains large volumes of data.

As a consequence, an issue of policy-making also arises. First of all, the majority of organizational cybersecurity policies do not provide comprehensive guidelines regarding insider threat and even do not suggest any strategies of mitigation, prevention, and punishment of committers. The absence of a clear and complex-focused policy on a large scale does not provide organizations with minimal knowledge of best practice so that each company deals with insider threats on its own (Green, 2016). The same tendency can be observed within the Capstone.

However, a need for a drastic change is apparent to the company’s leaders and average workers, but this issue is a profound gap in the practice of cybersecurity, which makes policy-making require the initial theoretical foundation of guidelines and best practices. In general, the future study is expected to address the given issue throughout the development of a concept model, which will contain all best practice within this field.

Addressing The Problem

As long as the problem is complicated and relates to a large organizational context, a strictly managerial approach is suggested for addressing the issue. Capstone, as well as any other organization, is an open system, which involves numerous processes and perspectives. Insider threat creates an adverse environment for the normal performance of the organization so that a probability of risk materialization dramatically grows (Kenneth, 2011).

Hence, risks and factors that trigger the creation of adverse environments need a complex approach. Such an approach is possible throughout management due to the fact that solving a problem within a system implies interaction with its multiple aspects. The managerial approach is the most relevant solution in such a case, once it deals with causes of the problem and changes the organizational environment towards less risky configurations (Naval Study Board, 2010). Thus, risk management is applicable to the goal of Capstone. Insider threat, despite biases in definition, is a great risk to the organization's information security, which makes risk management the most appropriate reaction.

Nevertheless, a general guideline for risk management of insider threat is present. It consists of the following components. First of all, the identification and valuation of information system resources take place. Then, the identification and estimation of a threat space is another requirement. Consequently, assessment of vulnerability is an important consideration, as well as estimation of risk probability (Newsome, 2014). The latter aspect is especially pivotal, once it determines the readiness of the organization for a response to a threat (LeClair & Keeley, 2015).

Assessment of risk impacts is also considered as an estimation of risks themselves does not necessarily measure effects potentially produced on the entire information system. Eventually, implementation of control and preventive measures for risk mitigation is conducted. The given steps determine a general framework for risk management of insider threats, but they do not provide any grounding for the creation of related cybersecurity policy (Nance & Marty, 2011). This aspect is crucial for each organization so that Capstone will need to develop such a policy according to its security conditions and peculiarities of organizational structure.

Therefore, the incorporation of behavioral perspective is apparent to the case of Capstone. Insider threats are closely attached to behavioral issues of the workforce, so that appliance of various behavioral disciplines will leverage ethically inappropriate behaviors of employees. It is difficult to argue that intentional insider threat is a matter of personal resentments of workers or result of conflict with leaders and other employees (Probst et al., 2010).

As for unintentional insider threats, they are still largely determined with personnel behaviors, since the absence of care, attention, and feeling of commitment also have a behavioral basis. The behavioral aspect of insider threat addresses ethical and psychosocial outcomes of cybersecurity, and a related framework will be suggested in the future research. Such a perspective will be addressed throughout the design of policies and policy-making initiatives, which embed behavioral discipline in the information system environment of Capstone. Henceforth, risk management of insider threats in Capstone will be supplemented with initiatives regarding the policy of working discipline.

One more argument in this regard is the fact that behaviors of employees determine not only information security but the overall ethical environment. As a result, the related policy should address insider threats not only in behavioral but also in an ethical sense (Warkentin & Williamson, 2009). The policy is expected to create a high moral standard, which will be a model for behavioral patterns in relation to working with insider sensible data. In general, the policy should not confuse workers in regards to operating with the Capstone information system. The policy has to promote a positive attitude towards the information system, as well as security standards of Capstone, instead of threatening with penalties for each worker, who neglect some operations with the system.

Thesis Introduction

Background of the Topic

As it has already become apparent, the background of the research topic is based on the evidence that insider threat is difficult to detect in the organizational environment. This phenomenon can be explained by the fact that insider threat is posed by workers within an organization. Personnel has direct access to the information system, as long as working with IT is their primary responsibility (Hunker & Probst, 2011). As a result, such workers obtain some degree of power and potentially can expose sensitive data (Bulgurcu, Cavusoglu, & Benbasat, 2010).

Reasons can be intentional, as well as unintentional, but the organizational information system suffers increased risk probability in both scenarios. Many organizations fail to consider insider threats, which is why low standards of practice can be observed. At any rate, the absence of clarity regarding mitigation of insider threat underpins a need for future research.

Our Benefits
  • 300 words/page
  • Papers written from scratch
  • Relevant and up-to-date sources
  • Fully referenced materials
  • Attractive discount system
  • Strict confidentiality
  • 24/7 customer support
We Offer for Free
  • Free Title page
  • Free Bibliography list
  • Free Revision (within two days)
  • Free Prompt delivery
  • Free Plagiarism report (on request)
Order now

Statement of the Problem

Since insider threat is difficult to identify, a problem of its mitigation, risk management, and deployment of a specific cybersecurity policy is present for Capstone and the entire field of information technologies as a whole. The problem directly reflects its background and empirical evidence. A lack of comprehensive strategies, as well as policies, which prevent not only a technical but also behavioral possibility of insider threat, makes the problem a strong concern for Capstone (Tryfonas & Asckoxylakis, 2015).

A perspective of personnel behaviors is especially pivotal for Capstone, as its technological base is sufficient for the prevention and reduction of insider malicious intrusions (Johnson, 2015). Nevertheless, the organizations do not have policies that determine ethical behavior of human resources in relation to the organizational information system. Consequently, the given aspect requires independent attention.

Statement of Purpose

As a consequence, the purpose of the future research is to suggest a comprehensive conceptual model for risk management of insider threat and implementation of policy, which will determine ethically appropriate attitude towards working with internal sensitive data. Moreover, the purpose correlates with the background and problem of the study, so that investigation towards such complex findings is explicit (Dark, 2011).

Capstone needs a sophisticated approach, which can be applied to the whole organization. As a result, the purpose of the future study complies with the largest context of Capstone’s concerns regarding insider threats. Future research will seek the best practice in this field, as the current state of knowledge requires improvement, especially in regards to the behavioral perspective of ethics and related policy-making (Crossler et al., 2013). Therefore, the research questions are primarily related to the purpose of the study.

Research Questions

In regard to the statement of purpose, the questions for future research are the following:

  1. What is the most accurate categorization/definition of an insider threat? What evidence should be recognized as an insider threat? This aspect is vague, which is why Capstone will need to clearly define what characteristics are typical for insider threats within the organization.
  2. What is the best way to manage risks associated with insider threats? It is the primary concern of Capstone, as long as the current state of knowledge does not suggest any distinct methodology for mitigating risks. The overall framework is commonly apparent, but the specifics of implementing each step still vary.
  3. How behavioral aspect can be embedded in a cybersecurity policy? As it has already been discussed, a particular emphasis should be placed on ethical behavior of the human resource. This issue can be potentially addressed throughout the implementing of policies, which will determine a standard of ethical behavior concerning working with internal sensitive data.

Significance of the Study

A significance of the current study can be explained by the fact that the current state of practice in regard to mitigation of insider threat is insufficient from the perspective of complexity. Independent strategies and interventions are present, but they are not universally applicable and cannot render the desired efficacy. The following study will give an account of a complex approach to risk management of insider threats (Wilshusen, 2009).

Furthermore, future research will focus independently on the behavioral perspective, which is merely embedded in the current risk mitigation practices and related policies of cybersecurity (Johnson, 2012). Thus, further study will also be significant in that regard. It is informative to note that a concept model applicable to the Capstone information system can become a practical foundation for other complex models so that future study is contemplating to contribute to the field of cybersecurity as a whole.

Definition of Unclear Terms

Without a doubt, the most unclear term is the primary subject of future study. Each practitioner, as well as theoretician, describes a term of insider threat from a particular perspective. As a result, Capstone will need its own definition in order to provide a valid scope of information for further study. In such a way, a traditional definition of insider threat should be selected. Insider threat is evidence of internal data leakage or any malicious activity caused by a person having internal access to information systems, usually, employees and outsourced workers hired for the system’s maintenance (Rouse, 2016). Reasons for insider threat can be intentional and unintentional (Rouse, 2016). The main danger presented by insider threat is a secret exposure of data, as a person, who committed data leakage, usually has authorized access to the information system.


Even though the future study is expected to make a drastic impact on insider threat mitigation practices in Capstone, it faces numerous limitations, which are natural for any research. Hence, the limitations of further study are the following:

  1. Probability of deviation. The deviation can be caused by multiple factors, such as inadequate choice of sample, the inconsistency of sample data, errors in data analysis, etc. As a result, the study will consider outcomes as approximate, so that Capstone may need to adjust the findings according to its organizational peculiarities.
  2. A presence of monitoring techniques in a concept model may weaken the entire complex approach. Monitoring of insider threat is a passive technique of risk mitigation, as it does not present any action for risk prevention (Stavrou et al, 2014). Capstone needs a proactive solution, meanwhile much of empirical literature focuses on monitoring methods of insider threat mitigation.
  3. The psychometric (behavioral) perspective is hardly measurable, so that certain methodological obstacles may be potentially present in relation to the feasibility of the study.


Therefore, future study will outline the following assumptions:

  1. The traditional definition of insider threat is the most applicable to Capstone's objectives.
  2. Risk management is the best way to address insider threat mitigation within Capstone.
  3. Behavioral perspective and related policies can be revealed through the appliance of cognitive and behavioral disciplines.

Theoretical Framework

A theoretical framework for the study is underpinned with the presence of a general methodology of insider threat risk management described in the previous section. Insider threat can be regarded as one of the potential risks for any company so that a specific emphasis on this risk is unnecessary. At the same time, addressing insider threats in the process of risk management is the most appropriate solution, once Capstone is the organization with a complicated information system. As for the behavioral perspective, its theoretical foundation should be based on existing practices and findings, as well as the appliance of psychology, sociology, and cognitive studies (Pfleger & Caputo, 2012). In general, future research will help conduct a meaningful analysis of relevant literature, so that its theoretical underpinning could be guaranteed on a large scale.

Thesis Research Design


Future research will focus on the analysis of 118 articles related to insider threats in cybersecurity. This number of articles is determined with a common academic sense, which is based on a calculation of optimal sample size for a minimal deviation and biases of results. The inclusion criteria for these articles are publications from 2008 to 2016. Accordingly, exclusion criteria are the articles that were published before 2008. It is becoming increasingly apparent that the future study will focus on recent trends, as long as the purpose of the study seeks practical appliance of findings.

The current state of knowledge may be unsatisfactory in the theoretical sense, but the practical appliance of findings determines a type of the selected sample. In addition, articles will be taken from different sources in order to diversify data and retrieve the best practice within the given field. Similarly, ethnic diversity also matters in that regard, so that articles from international journals will be the prevailing option.

Client's Review

"The quality of the writings is really good. Guys who work there are friendly and help a lot. I ordered papers and got them on time as we arranged. As for me, this service does the job properly without any problems."

reviewed on May 20, 2020, via TrustpilotClick to see the original review on an external website.

Additionally, it is appropriate to make a general comment on the fact that the articles will also be sampled by their content in relation to the presence of relevant studies. The articles that describe the subject in business and organizational settings will also form the most preferred sample. This aspect can be justified with the fact that deployment of insider threat mitigation strategies depends heavily on the organizational form of the information system and ethical environments related to working with human resources. Hence, cases that describe organizational setting are especially important to the future study, since they give an account to a systematic approach used for it. A large volume of literature on a subject of insider threat mitigation has been published, so that the sample will provide valid, accurate, and comprehensive data.

Data Collection and Analysis

As long as the future study is contemplating to find the most reasonable strategy for addressing insider threat strategy, it is becoming obvious that a mixed methodology will be applied. First of all, the analysis of the presented sample will be based on the retrieval of practices described in this volume of literature. Such an aspect is qualitative, as it has a descriptive nature. It is informative to note that interventions and strategies, which are similar, will be classified according to the most prominent aspect of their appliance to cases described in the articles.

In such a way, the study will develop its custom classification for a more accurate division of the sample. As for the quantitative aspect, a number of similar interventions and strategies will be considered. Therefore, the correlation between quality and quantity will be direct. The analysis of data will generally depict the persistence of a particular strategy in relation to its quantitative presence within the sample of articles.

Such a methodology will be applied in regard to each research question. Without a doubt, addressing such questions as a single entity is hardly possible considering the fact that each question is specified according to the most prominent aspects of the research problem (Harkins, 2012). One may argue that such a methodology is not feasible within a framework of a single study. In fact, retrieval of all necessary data is quite available for retrieving. The future study will seek empirical solutions to the research problem, once an issue of insider threat to cybersecurity is one of the central concerns for Capstone. Organizations of such size require a complex and multi-perspective approach, which is why analysis of all present data within a single study is a reasonable solution. A large presence of diverse data will enable the study to develop a conceptual model on the basis of interpreted findings.

Interpretation of Results

The data retrieved from the sample and subsequently analyzed throughout using methodology is expected to represent the following outcomes. Three interventions (or strategies) for each research question will be indicated. Their selection will consider quantitative presence so that strategies with the most frequent presence within the sample will be chosen. It has to be noted that only cases with successful outcomes will be counted. Quantitative results will be presented in percentages for simplicity and better comparability.

In case the presence of all strategies is relatively equal within the sample, the study will outline this evidence and potentially require additional research for clarification. Nevertheless, the study will use findings as a designator of a particular trend and best practice. It means the use of all strategies for the development of a concept model applicable to Capstone environments. As a result, the prominence of a certain intervention or its absence does not result in any changes in the interpretation of results.

A possibility of different results for different research questions is natural but it can be addressed within the future study. Since future research will develop a conceptual model for insider threat mitigation and policy, the involvement of multiple strategies is especially desired. Thus, the results of data analysis will just provide a framework for the further design of a concept model. However, such circumstances imply the fact that each strategy can be detected several times within the sample.

The quantitative aspect of the sample still serves a function of a concept model determinant, but it does not necessarily mean that all strategies will be selected. In the case of multiple strategies presence with low frequency within the sample, it will be required to involve more articles for clarifying a trend. In such a way, the results will be interpreted in the following research.

Get 24/7 Free consulting
Order now

Potential Biases and Limitations

In spite of the future study’s complexity, distinct limitations and biases can potentially arise. The first limitation is the presence of articles, which do not address one of the research questions. It is difficult to argue that academic articles usually give an account of some specific issues related to a general subject, which makes it possible that some articles may be focused on one research question among outlined by the proposal. The presence of such articles will be recognized as data deviation but in case some of such articles provide valuable information for the development of a concept model, the future study will utilize strategies suggested by such articles.

At the same time, some articles may suggest mixed interventions, which are separately described in other articles. Such evidence will not influence the quality of a concept model but will pose an obstacle to data interpretation. Consequently, the following study will consider such strategies as a separate category, provided that mixed interventions are sufficiently present within the sample. Under circumstances of their little presence within the sample, the future study will count each strategy as an independent intervention, as it will not make a drastic change to the final results.

Eventually, some articles can be potentially exclusionary for theoretical advising of a future concept model. As it has already been mentioned, future research will take into account only articles that depict a positive outcome of insider threat mitigation. Nevertheless, specific circumstances of some cases can be irrelevant to the purposes of Capstone. Therefore, the presence of such articles will be regarded as a deviation in data. A number of such articles should not exceed 26 articles out of the entire sample. Otherwise, the sample should be selected again in order to provide more relevant cases of insider threat mitigation.

Chat with Support
scroll to top call us