RUcore: Rutgers University Community Repository
Information theft within different organizational types
Descriptive
TitleInfo
Title
Information theft within different organizational types
SubTitle
a rational choice analysis
Name
(type = personal)
NamePart
(type = family)
Kim
NamePart
(type = given)
Jeong Hyun
NamePart
(type = date)
1960-
DisplayForm
Jeong Hyun Kim
Role
RoleTerm
(authority = RULIB)
author
Name
(type = personal)
NamePart
(type = family)
Clarke
NamePart
(type = given)
Ronald V.
DisplayForm
Ronald V. Clarke
Affiliation
Advisory Committee
Role
RoleTerm
(authority = RULIB)
chair
Name
(type = personal)
NamePart
(type = family)
Samuels
NamePart
(type = given)
Norman
DisplayForm
Norman Samuels
Affiliation
Advisory Committee
Role
RoleTerm
(authority = RULIB)
internal member
Name
(type = personal)
NamePart
(type = family)
Rengifo
NamePart
(type = given)
Andres F.
DisplayForm
Andres F. Rengifo
Affiliation
Advisory Committee
Role
RoleTerm
(authority = RULIB)
internal member
Name
(type = personal)
NamePart
(type = family)
Newman
NamePart
(type = given)
Graeme R.
DisplayForm
Graeme R. Newman
Affiliation
Advisory Committee
Role
RoleTerm
(authority = RULIB)
outside member
Name
(type = corporate)
NamePart
Rutgers University
Role
RoleTerm
(authority = RULIB)
degree grantor
Name
(type = corporate)
NamePart
Graduate School - Newark
Role
RoleTerm
(authority = RULIB)
school
TypeOfResource
Text
Genre
(authority = marcgt)
theses
OriginInfo
DateCreated
(qualifier = exact)
2015
DateOther
(qualifier = exact);
(type = degree)
2015-05
CopyrightDate
(encoding = w3cdtf);
(qualifier = exact)
2015
Place
PlaceTerm
(type = code)
xx
Language
LanguageTerm
(authority = ISO639-2b);
(type = code)
eng
Abstract
(type = abstract)
As the world becomes more connected through technology and the internet, words “identity theft” and “data breach” become part of everyday conversation, signaling the rise of those incidents. Major sources of identity theft and data breach from organizations include hacking, insider theft, stolen or lost IT devices, data exposure from websites, information exposure from mailing errors, and dumped documents. The most direct of these sources are hacking and insider theft. The increasing availability of information unfortunately comes with an increased risk of its exploitation. The goals of this dissertation are to determine which organizations are vulnerable to outside hacking and insider theft, to examine how the nature of a theft and the type of an organization influence the time needed to detect the crime, and to investigate whether or not these incidents experience seasonal variation. Guided by Rational Choice theory, this dissertation focuses on incidents of hacking and insider theft that occur within four types of organizations: business, education, healthcare/medical and government. This dissertation consists of two parts: analyses of information thefts at four types of organizations and IT security incidents at 24 U.S. federal agencies. An analysis of data collected from non-profit organizations, the Open Security Foundation and the Identity Theft Resource Center from 2007 to 2013 shows that the total number of reported information theft incidents is 1,895, among which hacking incidents make up 1,114 cases, and insider thefts comprise 781 cases. Additionally, U.S. federal agencies’ IT security incidents were analyzed using the White House reports of 2012 and 2013. These cases are analyzed by the method of theft, type and size of the organization in question, and the detection period of each incident. The “SCAREM” model are used to analyze the characteristics of those incidents. Incidents of seasonal time variances are examined as well. Findings indicate that the theft rates of hacking and insider incidents are likely to be higher in larger organizations. Insider theft typically goes unnoticed longer than any other instance of cyber infiltration within the majority of organizations. U.S. federal agencies show a positive correlation between organization size and the occurrences of IT security incidents. Occurrences of IT security incidents are unequally distributed among federal agencies. Incidents of mis-handled information show seasonal variations. Analyses with the concepts of “Risky organizations” indicate that larger federal agencies except NASA show more vulnerabilities to IT security incidents. This dissertation applies situational crime prevention strategies that may reduce the opportunities for offenders. Maintaining constant IT monitoring practices and trainings for protecting valuable assets, information and data are recommended. A more comprehensive database logging incidents of information theft and data breaches is necessary.
Subject
(authority = RUETD)
Topic
Criminal Justice
Subject
(authority = ETD-LCSH)
Topic
Data protection
Subject
(authority = ETD-LCSH)
Topic
Computer security
Subject
(authority = ETD-LCSH)
Topic
Identity theft
RelatedItem
(type = host)
TitleInfo
Title
Rutgers University Electronic Theses and Dissertations
Identifier
(type = RULIB)
ETD
Identifier
ETD_6519
PhysicalDescription
Form
(authority = gmd)
electronic resource
InternetMediaType
application/pdf
InternetMediaType
text/xml
Extent
1 online resource (xxii, 166 p. : ill.)
Note
(type = degree)
Ph.D.
Note
(type = bibliography)
Includes bibliographical references
Note
(type = statement of responsibility)
by Jeong Hyun Kim
RelatedItem
(type = host)
TitleInfo
Title
Graduate School - Newark Electronic Theses and Dissertations
Identifier
(type = local)
rucore10002600001
Location
PhysicalLocation
(authority = marcorg);
(displayLabel = Rutgers, The State University of New Jersey)
NjNbRU
Identifier
(type = doi)
doi:10.7282/T3HD7XHF
Genre
(authority = ExL-Esploro)
ETD doctoral
Back to the top
Rights
RightsDeclaration
(ID = rulibRdec0006)
The author owns the copyright to this work.
RightsHolder
(type = personal)
Name
FamilyName
Kim
GivenName
Jeong Hyun
Role
Copyright Holder
RightsEvent
Type
Permission or license
DateTime
(encoding = w3cdtf);
(qualifier = exact);
(point = start)
2015-05-04 13:05:49
AssociatedEntity
Name
Jeong Hyun Kim
Role
Copyright holder
Affiliation
Rutgers University. Graduate School - Newark
AssociatedObject
Type
License
Name
Author Agreement License
Detail
I hereby grant to the Rutgers University Libraries and to my school the non-exclusive right to archive, reproduce and distribute my thesis or dissertation, in whole or in part, and/or my abstract, in whole or in part, in and from an electronic format, subject to the release date subsequently stipulated in this submittal form and approved by my school. I represent and stipulate that the thesis or dissertation and its abstract are my original work, that they do not infringe or violate any rights of others, and that I make these grants as the sole owner of the rights to my thesis or dissertation and its abstract. I represent that I have obtained written permissions, when necessary, from the owner(s) of each third party copyrighted matter to be included in my thesis or dissertation and will supply copies of such upon request by my school. I acknowledge that RU ETD and my school will not distribute my thesis or dissertation or its abstract if, in their reasonable judgment, they believe all such rights have not been secured. I acknowledge that I retain ownership rights to the copyright of my work. I also retain the right to use all or part of this thesis or dissertation in future works, such as articles or books.
RightsEvent
DateTime
(encoding = w3cdtf);
(qualifier = exact);
(point = start)
2015-05-31
DateTime
(encoding = w3cdtf);
(qualifier = exact);
(point = end)
2015-11-30
Type
Embargo
Detail
Access to this PDF has been restricted at the author's request. It will be publicly available after November 30th, 2015.
Copyright
Status
Copyright protected
Availability
Status
Open
Reason
Permission or license
Back to the top
Technical
RULTechMD
(ID = TECHNICAL1)
ContentModel
ETD
OperatingSystem
(VERSION = 5.1)
windows xp
Back to the top
Statistical Profile