Research should include methods used by
- individuals
- using a password manager
- using strong passwords (i.e., uppercase, lowercase, number, symbol, fourteen characters, passphrases)
- looking for https (or the lock icon) for online transactions
- activating two-factor authentication for important accounts (e.g., email, financial accounts)
- using biometric authentication
- using hardware tokens (e.g., YubiKey)
- using push authentications
- using authenticator apps
- organizations
- using network security devices (e.g., firewalls, intrusion detection systems [IDS], intrusion prevention systems [IPS], network proxy)
- conducting vulnerability analysis
- applying defense-in-depth measures (e.g., perimeter security, end-point security)
- conducting penetration testing (i.e., looking for network vulnerabilities from the outside)
- using encryption at rest, encryption in transit.
Process/Skill Questions:
Thinking
- Why must people and organizations employ security measures to safeguard data?
- How is the knowledge of possible breaches in security beneficial in safeguarding data?
Communication
- What communication methods may be used to communicate research findings?
- How can a person or organization communicate the importance of research findings to stakeholders?
Leadership
- What role does a leader have in synthesizing research results to determine the data’s relevance to a particular situation?
- Why is the timeliness of research results relevant to certain situations?
Management
- What goals can be set for using research to determine possible solutions to information breaches?
- What methods can be used to manage past, current, and future information breaches?