ADOPTION AND IMPLEMENTATION
In the computing world, the terms adoption and implementation could bring quite a
controversy. Some IT personnel would use them interchangeably to mean the same thing.
However, these two terms are primarily different concepts. Adoption simply refers to the transfer
between a system that is being used and the system that is intended to be used in an organization.
In an event where an organization is using an outdated system, then it may be necessary to
introduce a new system that works more effectively and efficiently. In this case, the new system
will have to be adopted into the organization for it to be fit for usage. On the other hand,
implementation refers to the after-sale activities that are conducted so as to make a software or
hardware function properly in its new environment (Jeffries et al. 2017). Implementation
activities include evaluation of the requirements, configuring the system, personalization of the
settings, integration etc.
There are a number of strategies that can be put into practice to ensure the adoption
of a system in an organization is successful. The most known strategies include the big bang
adoption, parallel adoption and the phased adoption. According to the big bang approach, the
new system that is being brought into the organization is supposed to be adopted wholesomely at
the same time. According to the parallel adoption, the old system and the new system are run
simultaneously at the initial stages. The reason behind this is to ensure that the users become
familiar with the new system before it is completed adopted and the old one discarded. This does
not however prevent them from using the old system whenever they need to. According to the
phased adoption, the process of adoption of the new system will take a number of stages before it
is fully adopted into the organization. Each stage of the phase adoption is a step closer to fully
accepting the use of the new system in the organization.
When it comes to implementation, for it to be a success, then the different departments
that are involved need to conduct a number of tasks. Organizations must bring onboard
professionals who have the ability to successfully implement a system because in an event where
the persons that are involved mess up or are not accurate enough then the system will have a lot
of errors and weaknesses. A system implementation normally starts by having a team of
professionals get into an agreement with the system seller, this process ensures that all the
guidelines that are necessary are put into consideration, these guidelines include the deadlines
and the payments (Erturk & Arora, 2017). Having a comprehensive and written agreement gives
the organization and easy time to deal with the vendors especially when the vendors need to be
held accountable for the shortcomings of the of the system.
However, there are some organizations that have resorted to not adopting the new
technologies for reasons such as trying to avoid the threats that are linked with the new system
etc. failure to adopt and implement new stems into organizations could be a risky step because
with the advancement in technology, then the organization will be at a risk of being hacked and
its information may be corrupted or used for other personal gains (Popescu, 2018).
RESEARCH PAPER ON CYBERSECURITY
THE IMPLEMENTATION OF CYBERSECURITY.
The implementation of cybersecurity is not only useful in the academic sector or in a
district school somewhere, it is similarly very useful in the other sectors of the economy.
Cybersecurity is a very important aspect because it cuts across everything that concerns the
protection of our sensitive information either at the organization level or at the individual level.
Personal information, the intellectual property government and company information is a very
important asset that should always be protected from persons that are not authorized to access it.
Besides the education sector where the system could be hacked into and the data erased or grades
changed, the implementation of cybersecurity in the health sector is also very critical (Jacobs et
al. 2019).
In the health sector, the most crucial information that is stored involves the patient
treatments and their personal illnesses. In the hospital institutions, due to the advancement in
technology, one doctor can conduct a diagnosis from one point and send it to another point. If the
hospital system is weak, then it would be easy for the malicious attackers to send malicious files
into the system and the process of sending information from one point to another would spread
the virus. It is therefore very critical for the hospital systems to be implement the cybersecurity
measures. Cybersecurity cases are on the rise, the connection to the cloud storages for sensitive
and confidential information if not done properly, then it would be an easy target for the
attackers to get access to the information and use it for their personal gains.
The society at large is now part of the ever-dynamic technology and the only way to
ensure things run smoothly and safely is be ensuring the implementation of the cybersecurity
guidelines. The personal information that is supposed to be kept confidential is now being posted
on the social media. The introduction of cloud storages such as Dropbox and Google Drive has
attracted people into storing their information there. Whether an individual or a business,
reliance on the computers is undeniable (Jacobs et al. 2019). This makes every sector prone to
the cybersecurity threats. In the banking industry, if the cyber security implementation is not
taken into consideration, then there would be no money safety, the attackers would hack the
accounts and transfer the money to their accounts. This will lead to loses in the banking industry
and eventually affect the whole economy (Kido et al. 2020).
The transport sector is also not left behind in the cybersecurity war. The system that is
being used to control traffic could be hacked into and the whole traffic control becomes a mess,
the order on the roads will be disrupted and accidents may even occur. It is therefore important to
ensure the implementation of cybersecurity. One of best way of ensuring the implementation of
the cybersecurity is by creating awareness (Lee et al. 2018). If the masses are aware of how this
threats and attacks occur, then they will be in a position to control them before they even occur.
For example, ransomware, in most cases, takes place through sending links, if the computer use
is aware of this, he or she is likely to avoid clicking on the link.
APPLICABILITY OF THE GENERAL DETERRENCE THEORY
The General deterrence theory is a theory whose origin can be tracked back to the
ancient philosophers. These philosophers included Cesare Beccaria and Jeremy Bentham. These
RESEARCH PAPER ON CYBERSECURITY
philosophers had a believe that almost every is attracted towards achieving pleasure an all the
pleasant things that life has to offer, on the other side, they also had a believe that whenever there
is pain involved, the human mind always tends to avoid the process that yields the pain. The
human mind would therefore be attracted to the activities that generate pleasure and avoid the
activities that bring pain. They therefore put down this theory, the deterrence theory. The
deterrence theory is a legal theory. The intention of the theory is to send a message to all persons
about committing crimes (Taddeo, 2018).
This theory was meant to send a message that the law is against people committing
certain kinds of acts in the society. Deterring means discouraging. Preventing the general public
from committing illegal activities through attraction of certain types of penalties is the intention
of the general deterrence theory (Taddeo, 2018). This theory comprises of three components that
are thought to curb crime; the first component is that of certainty, it involves increasing the
likelihood of being punished. The second component is that of increasing the swiftness to which
a person who commits a crime is punished and lastly increasing the amount of punishment that
the offender gets.
Putting this theory into practice, it is likely to be very crucial when it comes to the
cybersecurity sector. If the three components of the general deterrence theory are put into
practice, then the number of cybercrimes would reduce significantly. Increasing the amount of
punishment, the rate at which the punishment is offered and the chances of being punished would
act as a very critical tool to reducing the number of cyber threat issues. It is common knowledge
that almost every human being fear punishment, this is because cause pain. The imposition of
strict punishments to the attackers of the systems and the actual punishment of some of them
would create fear amongst the potential hackers. The actual punishing of the attackers would be a
way of sending the message to the potential hackers that if at all they also try the same thing, the
same fate will befall them, they will have fear and retreat.
COMPARISON OF THE RESEARCH FINDINGS.
Security of the systems is a major concern to the systems in almost all the sectors.
Majority of the IT personnel in the institutions encounter challenges that relates to the security of
the sensitive information or data of their systems. Because of the technological advancements,
the information technology has been put on a high alert. The most sophisticated cyber attacks
such as the malware, phishing and even the artificial intelligence on a high risk of attack by the
hackers (Randall & Kroll, 2016). The education sector has not been left out, the attackers have
found this sector very vulnerable and they have managed to access the systems and change the
grades of erase some data.
1. Comparisons in the implementation and adoption.
Adoption simply means the conversion between a system that is being used to the
system that is intended to be used in an organization. In an event where an organization is using
an outdated system, then it may be necessary to introduce a new system that works more
perfectly and efficiently. In this case, the new system will have to be adopted into the
organization for it to be fit for usage. On the other hand, implementation refers to the after-sale
RESEARCH PAPER ON CYBERSECURITY
activities that are conducted so as to make a software or hardware function properly in its new
environment (Jeffries et al. 2017). Implementation activities include evaluation of the
requirements, configuring the system, personalization of the settings, integration etc. This
findings are similar to the other researchers who have also confirmed that the adoption of a
system occurs when an organization is using an outdated system, and because of the
technological advancement, a need arises to bring a new system that could cater for the current
operations that are more demanding than the old system can handle. This could be in terms of the
load of tasks or even in terms of security features (Jeffries et al. 2017).
The other researchers have also come into conclusion that when it comes to
implementation, for it to be successful, then the different departments that are involved need to
conduct a number of tasks. Organizations must bring onboard professionals who have the ability
to successfully implement a system because in an event where the persons that are involved mess
up or are not accurate enough then the system will have a lot of errors and weaknesses. If a
system starts having vulnerabilities at its initial stages, then the system will not survive at all.
However, the other researchers have been very particular about the strategy of adoption which
according to them should be decided upon before the adoption itself starts. According to them,
the adoption strategy should be founded on what is supposed to be achieved by the system upon
implementation (Erturk & Arora, 2017).
They are also in agreement that the major types of adoption include the big bang
adoption, parallel adoption and the phased adoption, in which in the big bang approach, the new
system that is being brought into the organization is supposed to be adopted wholesomely at the
same time, in the parallel adoption, the old system and the new system are run simultaneously at
the initial stages and in the phased approach, the system takes stages until it is fully adopted in
the organization. The IT professionals in the education sector could take advantage of the new
security features to protect their data. However, according to these other researchers, the priority
in the adoption of the new system should based on the long-term goals to be achieved by the
system. They outline the following goals as the priority goals;
Potential requirements that are very critical in making the system work efficiently- In an
event where there are some critical requirements that are need so that the system is able
to function properly and effectively, then the big bang adoption strategy is the best option
that the IT professionals could go for (Mwinuka et al. 2017).
There is need for controlling the risks that may be involves- According to the researchers,
in the choice of the type of approach to use, the need to reduce the possible risks must be
considered before the selection of the adoption strategy. For this case, the professionals
could go for the phased and parallel approach which are very important in the
minimization of the involved risks (Mwinuka et al. 2017).
The nee to bring change- The organization must be very ready to accept the changes that
will be brought by the new system. It would be very difficult for the adoption to take
place where the organization itself is not ready for the changes.
The rate of change- The other researchers had it that the new system is tailored to meet
up to the expectations of the new changes in the operations of the organization, there
RESEARCH PAPER ON CYBERSECURITY
must be a pace set at which the organization will change so that it meets its new changes
and needs.
2. Comparisons in the implementation of the cybersecurity
From my research, the society at large is now part of the ever-dynamic technology and
the only way to ensure things run smoothly and safely is be ensuring the implementation of the
cybersecurity guidelines. The personal information that is supposed to be kept confidential is
now being posted on the social media. In the health sector, the most crucial information that is
stored involves the patient treatments and their personal illnesses (Jacobs et al. 2019). In the
hospital institutions, due to the advancement in technology, one doctor can conduct a diagnosis
from one point and send it to another point. If the hospital system is weak, then it would be easy
for the malicious attackers to send malicious files into the system and the process of sending
information from one point to another would spread the virus. The transport sector is also not left
behind in the cybersecurity war. The system that is being used to control traffic could be hacked
into and the whole traffic control becomes a mess, the order on the roads will be disrupted and
accidents may even occur. This research is in agreement with the findings of the other
researchers who support the fact that without the implementation of the cybersecurity measures,
then all the industries starting from the education sector to the health sector to the transport
sector would adversely be affected.
However, according to the other researchers, in as much as the cybersecurity is a
threat to all the industries, they describe it as a wakeup call for the industries to be responsible
for their own actions. They attribute this reasoning to the fact that there are some organizations
that have completely ignored the cybersecurity measures and when they are attacked, they start
playing the blame games (Lee et al. 2018). Some refuse to adopt the new security measures
because of the security risks that are associated with the new technology forgetting that it is even
riskier not to advance their systems. According to the there are other organization that would
ignore the cybersecurity measures because they fear the fee that is involved. Failure to
implement the cybersecurity measures could lead to the complete downfall of the whole
organization. Some attackers would take advantage to ask for ransom through the ransomware.
3. Applicability of the deterrence theory.
The findings from the other researchers about the general deterrence theory is quite
similar. It was coined by philosophers. These philosophers had a believe that almost every is
attracted towards achieving pleasure an all the pleasant things that life has to offer, on the other
side, they also had a believe that whenever there is pain involved, the human mind always tends
to avoid the process that yields the pain (Taddeo, 2018). The human mind would therefore be
attracted to the activities that generate pleasure and avoid the activities that bring pain. This
theory was meant to send a message that the law is against people committing certain kinds of
acts in the society. Preventing the general public from committing illegal activities through
attraction of certain types of penalties is the intention of the general deterrence theory.
RESEARCH PAPER ON CYBERSECURITY
My findings being similar to those of the other researchers, this theory could be
brought into actual implementation in scaring the attackers from conducting their malicious acts.
This could be by way of punishing any hacker that interferes with any system or even by
bringing rules that obligate the system managers to implement the security measure lest they also
het punished for failure to do so. This legal tool could be very useful in reducing the number of
cases. However, some researchers indicated that the act of scaring people not to do some things
does not apply to all the persons. Since the theory also talks about people being attracted to
things that bring pleasure, there are some people who find pleasure in harming others. The theory
could not therefore be very much applicable as to some extend it has not taken into
considerations on what to do concerning such kind of persons. It is up to the organizations to
organize themselves and embrace the implementation of cybersecurity measures. In an event
where the system is outdated, then they must adopt and implement a current one.
RESEARCH PAPER ON CYBERSECURITY
REFERENCES
Randall, K. P., & Kroll, S. A. (2016). Getting Serious about Law Firm Cybersecurity. NEW
JERSEY LAWYER, 55.
Jeffries, M., Phipps, D. L., Howard, R. L., Avery, A. J., Rodgers, S., & Ashcroft, D. M. (2017).
Understanding the implementation and adoption of a technological intervention to improve
medication safety in primary care: a realist evaluation. BMC health services research, 17(1),
196.
Erturk, E., & Arora, J. K. (2017). An exploratory study on the implementation and adoption of
ERP solutions for businesses. arXiv preprint arXiv:1701.08329.
Lee, S., Lee, S., Yoo, H., Kwon, S., & Shon, T. (2018). Design and implementation of
cybersecurity testbed for industrial IoT systems. The Journal of Supercomputing, 74(9), 4506-
4520.
Jacobs, P., von Solms, S., Grobler, M., & van Niekerk, B. (2019, July). Towards a Framework
for the Selection and Prioritisation of National Cybersecurity Functions. In ECCWS 2019 18th
European Conference on Cyber Warfare and Security (p. 229). Academic Conferences and
publishing limited.
Taddeo, M. (2018). The limits of deterrence theory in cyberspace. Philosophy & Technology,
31(3), 339-355.
Mwinuka, L., Mutabazi, K. D., Graef, F., Sieber, S., Makindara, J., Kimaro, A., & Uckert, G.
(2017). Simulated willingness of farmers to adopt fertilizer micro-dosing and rainwater
harvesting technologies in semi-arid and sub-humid farming systems in Tanzania. Food security,
9(6), 1237-1253.
Popescu, S. (2018). REFERENCES FOR A COMPREHENSIVE AND PERMANENT NAVAL
CYBER SECURITY STRATEGY. In International Scientific Conference Strategies XXI-
Volume 1 (pp. 192-197). ” Carol I” National Defence University Publishing House.
Kido, Y., Tou, N. P., Yanai, N., & Shimojo, S. (2020, March). sD&D: Design and
Implementation of Cybersecurity Educational Game with Highly Extensible Functionality. In
Future of Information and Communication Conference (pp. 857-873). Springer, Cham.