Show simple item record

dc.contributor.advisorHicks, David
dc.contributor.advisorHenry, Phil
dc.contributor.advisorHodgson, Philip
dc.contributor.authorCollis, Raichel
dc.date.accessioned2021-09-23T10:11:46Z
dc.date.available2021-09-23T10:11:46Z
dc.date.issued2021-09-01
dc.identifier.citationCollis, R. (2021) (Mis)Use of personal technology by employees in financial services organisations. PhD thesis. University of Derbyen_US
dc.identifier.urihttp://hdl.handle.net/10545/626008
dc.description.abstractThis work presents a single methodology design across three different groups to chart the challenges and potential of digital investigation and to offer an original contribution to researchers seeking purposive samples specific to topical research questions. Open-source online intelligence theorised from an attacker's perspective is underpinned by a novel cyber-orientated framework of routine activity theory (RAT) (Cohen and Felson, 1979) to highlight digital footprint as a vector for targeted social engineering. Seventy-six (N=76) demographically diverse financial services employees from occupations throughout the sector provide empirical data via a mixed methods online survey. Cyber-specific RAT evaluates the ‘average user’ (with no specialist training) as a potential contributor to human assisted cybercrime threatening corporate networks through use of personal technologies and internet-based activities. Robust discussion debates routine digital activity using smartphones, tablets, and consumer Internet of Things (IoT) devices as an unmitigated factor for workplace risk. Personal internet use, devices accessing corporate networks, self-promotion on social media, physical and virtual IoT, executive personnel practicing ‘unsafe’ behaviours and assumed device security as licence for unrestricted online activity are key findings of this study which offers original contributions to critical assessment of insider threat. Despite employee (mis)use of personal technology as a potential vector financial organisations are seemingly unprepared for small-scale and dynamic risk. Results recommend bespoke training at all levels to associate personal use and online behaviour with known cyber risks and capacity for loss or harm. Cyber-RAT as a framework to identify suitable targets and potential for guardianship will contribute value added and assist in a more holistic response to cybercrime where the human element complements technological solutions as a positive enhancement to enterprise security.en_US
dc.description.sponsorshipN/Aen_US
dc.language.isoenen_US
dc.publisherUniversity of Derbyen_US
dc.subjectpersonal internet activity, Smartphone users, average users, personal digital activity in the workplace, risk of malware, social media, mobile applications, routine activity theory, cyberspace, cybercrime, insider threat, open source intelligence, OSINT, SOCMINT, digital investigation, unsafe online activity, digital footprint, employees, routine digital activity, Internet of Things, IoT, cyber risk.en_US
dc.title(Mis)Use of Personal Technology by Employees in Financial Services Organisationsen_US
dc.typeThesis or dissertationen_US
dc.publisher.departmentBusiness, Law and Social Sciencesen_US
dc.rights.embargodate2023-09-01
dc.type.qualificationnamePhDen_US
dc.rights.embargoreasonto allow opportunity to publish from thesisen_US
dc.type.qualificationlevelDoctoralen_US


Files in this item

Thumbnail
Name:
(Mis)Use of Personal Technology ...
Embargo:
2023-09-01
Size:
4.006Mb
Format:
PDF

This item appears in the following Collection(s)

Show simple item record