Research Paper: Justifying Research Methods and Design

Pages: 7 (2243 words)  ·  Bibliography Sources: 7  ·  Level: Doctorate  ·  Topic: Education - Computers  ·  Buy This Paper


[. . .] The approaches in this mixed methods research are as follows: (a) The qualitative component of the proposed research will use a Delphi survey to obtain deep and broad information about the potential for cyberattacks occurrence; and (b) the quantitative component of the proposed research will employ systems dynamics computer modeling to create an interactive learning environment (ILE) to provide opportunities for decision making about cost-risk ratios and eventually for cost-benefit analysis, as the field approaches greater maturity. The model is based on the CERT MERIT (2011) program work and, as such, provides opportunity to develop a foundation for the identification, development, fine-tuning of technical controls inherent to the modeling and simulation research.

The proposed research is intended to provide information about insider threats in cloud computing services and provide a resource for evaluating the cost-risk ration when making decisions about what mitigating strategies to adopts. The current literature points to future research on cloud-related insider threats that points to and provides solutions for the cloud computing services vulnerabilities. Specifically, future research is needed to detect and prevent insider threats in the cloud environment. The literature indicates that the earlier solutions and solutions to other problems are not applicable to the cloud environment. What is needed in research related to insider threats in the cloud environment is real solutions to real threats. The general consensus of experts on insider threat is that the risk can be mitigated but it is a complex problem. In order to prevent or reduce insider attacks, it is important to adopt a layered defense strategy that includes technical controls, procedures, and policies. The mixed methods approach suggested in the research proposal is based on best practices in cybersecurity research, and it necessarily entails close attention be paid to all the various organizational elements of an enterprise, including its organizational culture, technical environment, and the relevant procedures and policies. An effective research strategy for examining the risks and costs of insider threats in the cloud environment requires a greater reach that moves beyond information technology to the overall enterprise processes and to the interactions between the technologies that are used, the people who contribute, and the processes that are relied upon. A mixed methods approach based on best practices literature in cybersecurity can accomplish these objectives.


Burstein, A.J. (2008, April). Conducting cybersecurity research legally and ethically. Berkeley School of Law, 18, 42. [Post]. University of California, Berkeley, CA. Retreived

Cappelli, D.M., Desai, A.G., Moore, A.P., Shimeall, T.J., Weaver, E.A., and Willke, B.J. (2004). Management and Education of the Risk of Insider Threat (MERIT): System dynamics modeling of computer system sabotage. CERT3 Program, Software Engineering Institute and CyLab, ?Pittsburgh, PA: Carnegie Mellon University.

Catrantzos, N. (2009, September). No dark corners: Defending against insider threats to critical infrastructure. [Master's thesis, Center for Homeland Defense and Security, Naval Postgraduate School, Monterey, California]. Retreived

Creswell, J.W. And Clark, V.L.P. (2011). Designing and conducting mixed methods research (2nd ed). Thousand Oaks, CA: Sage Publications.

Desai, A.G. (2006, May 3). Insider threat dynamics. Project Report for Master of Science in Information Networking, Information Networking Institute. Pittsburgh, PA: Carnegie Mellon University.

Eysenck, M.W. (2004). Psychology: An international perspective. Florence, KY: Psychology Press Ltd.

Groessler, A. (2004). Don't let history repeat itself -- methodological issues concerning the use of simulators in teaching and experimentation. System Dynamics Review 20(3), 263-274.

Moore, A.P., McIntire, D., Mundie, D., and Zubrow, D. (2012, April). Effectiveness of a pattern for detecting intellectual property theft by departing insiders. Software Engineering Institute Special Report. Technical Report: CMU/SEI-2012-TR-008 ESC-TR-2012-008. Retreived

Moore, A.P.; Hanley, M.; & Mundie, D. (2011). A pattern for increased monitoring for intellectual property theft by departing insiders. Proceedings of the 2011 Conference on Pattern Languages for Programs, 18th Conference on Pattern Languages of Programs (PLoP 11) on October 21-23, 2011.

Mundie, D.A. & Moore, A.P. (2012). Multi-dimensional pattern languages: Growing a pattern language for insider threat." Proceedings of the 2011 Conference on Pattern Languages for Programs, submitted to the 19th Conference on Pattern Languages of Programs (PLoP ?12).

Skulmoski, G.J., Harman, F.T., and Krahn, J. (2007). The delphi method for graduate research. Journal of Information Technology Education, 6. Retreived 021Skulmoski212.pdf

____. (2011, January). 2011 CyberSecurity Watch Survey: How bad is the insider threat? PowerPoint presentation. CSO Magazine, U.S. Secret Service, Software Engineering Institute CERT Program at Carnegie Mellon… [END OF PREVIEW]

Action Research Approaches to Analysis of Reading Research Paper

International Management Research Methods the Literature Review Thesis

Social Welfare State and Juvenile Research Proposal

Sociological Research and Undocumented Labor Research Paper

Business Research Purpose Research Proposal

View 1,000+ other related papers  >>

Cite This Research Paper:

APA Format

Justifying Research Methods and Design.  (2012, November 24).  Retrieved October 21, 2019, from

MLA Format

"Justifying Research Methods and Design."  24 November 2012.  Web.  21 October 2019. <>.

Chicago Format

"Justifying Research Methods and Design."  November 24, 2012.  Accessed October 21, 2019.