What is the incident response cycle? Compare and contrast its various phases? Do you think any one of the phases is more important than the others? Why or why not?
design and website security/privacy as the 4 main factors influencing online purchasing perception. Bhatt and Bhatt (2013) (from khan) in their most recent study noted website attractiveness, website quality and security as one important factor affecting perception of online buyers.
Nayyar and Gupta (2011) noted differences in online buying behaviour amongst various age and gender groups. Panwar and Chahal (2013) discussed variations in online buying behaviours amongst various buyers like the differences in age, gender, education level and income.
Chien-Wen and Chian-Yu (2009) (from second sample proposal) investigated consumer motivation, and proposed a model which breaks the ‘use’ construct into ‘intention to use’ and ‘actual use’ so as to test how user intentions determine their online shopping behaviour. Pinto (2013) in his study amongst Indian consumers discovered that there were specific categories of goods that consumers would prefer to buy online while having reservations about buying other products online. Pinto (2013) classified the barriers to online shopping into 3 main categories, namely: touch and feel, price related and service related factors.
1.1 Research Design and Methodology
1.1.1 Research Methodology
The main objective of the study is to explore consumer’s attitudes towards making online purchases. Four groups of consumers will be examined, and included in these groups are non-web users, the web visitors (those who have intent to buy online), the browsers (individuals with intentions to purchase online but has never bought) and online buyers. The research will explore the attitudes and purchase behaviour of each group based on the level of shopping involvements. The respondents’ attitudes and demographics will then be used to as a means of predicting future intentions to buy online.
1.1.2 Research Design
This study will follow three important stages of survey like collection of information, analysis of information and presentation of the research finding. The 16 to 53 questions presented during data collection will have a five point Likert scale of measurement ranging from A to E (A-strongly disagree, B-disagree, C-neutral, D-agree, while E-Strongly agree). The questions will be coded to reflect each respondent’s attitude, and therefore a higher score will mean a more positive attitude towards online buying.
1.1.3 Population and Study Sample
The study will focus on college students who often use technology (internet) and are more likely to purchase products online. Following the notion that online consumers only represent a small portion of online users, and because college students currently take a bigger proportion of online buying as well as offering a long-term potential market, the study will focus on college students and other institutions of higher learning.
220.127.116.11 Sampling Method
A purposive sample of Nigerian College students will be used as the study population. A purposive sample will be more appropriate in this case because it offers the opportunity to meet the research criteria defined by a population targeted by e-commerce companies. The objective is to search among internet users some of the factors influencing their purchase attitude, and therefore working with a known sample group become necessary. As at current, Nigerian college students include about fifty billion dollars in their purchasing budget, a figure that keeps growing higher with more college students’ enrolment. An estimated number of between 70 to 80 percent of college students are credit card holders, which one of the critical tools a person can use to conduct online purchase.
1.1.4 Research tools
The instruments used will be developed based on literatures reviewed and the objectives of the study. This means that the questionnaires will be structured to correspond to the study objectives and also in a way that they highlight some of the crucial areas mentioned in the literature review. On the same note, the questionnaires were developed to address important concepts that other studies have never addressed. Demographic surveys will also be conducted for the purposes of profiling.
1.1.5 Data Collection Procedure
The data collection procedure will follow the basic concepts of a study survey, which will be divided into four important sections. The first section of the study will examine the respondents’ demographic information, which must be related to online purchase behaviours. Specific variable to be include during data collection are age, gender and ethnicity, personal income and monthly savings, marital status as well as financial dependence or independence. Section two of the study will give an overview of personal experience with computer and online purchase procedures. The thirds section will have questions related to respondent’s purchase attitudes, intentions and internet shopping behaviour.
1.1.6 Data Analysis Strategies
Data analysis will follow five phases relevant to testing online buying attitude among the various respondents.
Phase 1: testing of theoretical model and analysis of the internal validity of the items used to measure the various theoretical concepts by using the Cronbach’s alpha coefficient.
Phase 2: testing for the differences between online buyers and non-buyers, analysing their internet attitudes and varying intentions to buy goods online.
Phase 3: predicting online buying behaviour based on consumer and marketing attitudes, demographic traits and experiences with technology.
Phase 4: performing a regression analysis predicting the intent of consumers to purchase online based on the identified traits in phase 3.
Phase 5: conducting analysis on the comparison of internet buyers, which will depend on the most common purchase such as highly searched goods, demographic characteristics, experience with technology and intention to repeat the purchase of a particular product.
1.1.7 Limitations of Study
The study is limited to online buying among internet users, and only remains relevant to those who understand technology in line of purchase and also have regular internet connections. The study also represents a small purposive sample, which requires higher consideration and a detailed selection process.
1.1.8 Ethics and Human Subjects Issues
The research procedures will require that the identity of the respondents be kept secret, and where possible arbitrary letters or numbers be used to represent individual respondent. The researcher’s access to information will be limited to issues presented in questionnaire and demographic surveys. At the end of the questionnaire and surveys, it will be prudent that the research thanks his or her respondents as a show of appreciation and active involvement on the part of the respondents
The research will proceed for a period of four weeks excluding weekends and any other important holidays since college students are only accessible during weekdays. Within the four weeks, the researcher will have a private session with the selected participants every Monday before going to the field.
Monday – Friday
Monday – Friday
Monday – Friday
Monday – Friday
8.30 am – 4.00pm
8.30 am – 4.00pm
8.30 – 4.00pm
8.30 – 4.00pm
Analysis of the research methodology and research design in light of the research question and literature review.
Selection of study population, sample, sampling procedures, research instruments and assembling necessary equipment.
Actual collection of information from the field
Analysis and presentation of information
Gupta, N. P., & Nayyar, R. (2011). Outcomes of onine‐assisted buying in a restricted market. BJU international, 108(9), 1501-1505.
Kim, S., & Park, I. (2005). Trade Facilitation and a Northeast Asian Free Trade Arrangement*. International Area Studies Review, 8(1), 45-63.
Panwar, D. A., & Chahal, N. (2013). On-line Shopping Trends in Faridabad City. Asia Pacific Journal of Marketing & Management Review ISSN, 2319, 2836.
Shergill, G. S., & Chen, Z. (2005). Web-based shopping: consumers’ attitudes towards online shopping in New Zealand. Journal of Electronic Commerce Research, 6(2), 79-94.
cycle refers to a series of stages undergone by a security event starting from the point of its identification as a security incident or compromise, up to the point at which it is reported and resolved (Andreasson, 2012).
Incident Response Cycle Phases:
- Identification: Here, the information security office identifies potential information security issues from diverse sources such as contact from system owners, impacted or affected parties, or external parties.
- Assessment and classification: the situation is assessed by the information security office (ISO) to determine if it should be categorized as an incident or event (Andreasson, 2012).
- Determining the severity of incident: ISO assesses the potential and scope from each incident. The severity of an incident depends on the likely threat that it poses to other services and resources (Appel, 2014).
- Containment and Eradication: Following the successful identification of an incident, the relevant security personnel endeavors to isolate the equipment affected as a way of overcoming secondary attacks or threats
- System Restoration: this entails taking the appropriate steps to ensure that the secured system has been reconnected to the network
While all these steps are crucial, I feel that the identification phase carries more weight because failure to make the correct diagnosis may mean that the problem will not be solved.
The second key finding detailed in the 2013 US State of Cybercrime Survey was, “Many leaders underestimate their cyber-adversaries’ capabilities and the strategic financial, reputational, and regulatory risks they pose.” How can this possibly still be the case in this day and age, where the information resources available to leaders are so varied and thorough?
While leaders have access to thorough and varied information resources, majority of them underestimate the capabilities of cyber-adversaries and the resultant reputational, regulatory, and strategic financial risks that they pose. This is because most of the leaders do not fully understand the ecosystem-wide risks posed by cybercrime (PWC, 2013). In addition, most leaders are not acquainted with how to integrate information-sharing and threat intelligence into elaborate and proactive defense programs against cyber attacks. Also, leaders have limited knowledge to enable them to identify and mitigate cyber attacks effectively, while their effectiveness in understanding and application of cybersecurity technology is also wanting.
What do you think is the cause of this unfortunate underestimation?
Majority of the leaders have no idea that the environment is getting increasingly hostile. Consequently, they only tend to take action when it is already too late, after counter-attacks have occurred. This is partly due to the fact that most companies rarely appreciate the importance of assessing risks before a disaster has struck. In addition, we also have a number of leaders who may not be in a position to have access to the company’s cyber-security strategy. In addition, such leaders may also have limited access to the response information to cyber-security that the company has put in place (Appel, 2014). Alternatively, these leaders could lack a direct connection with the law enforcement liaison process that the company has put in place.
And, more importantly, what types of things would you recommend to a leader in your organization to help correct this deficiency, and why?
To correct the above deficiency, the following recommendations have been made to organizations when dealing with issues of cyber-security. There is need for leaders of an organization to play a leading role in ensuring that they receive fundamental cyber-security education. They get acquainted with the risks that cyber-security attacks pose for the organization, and this will motivate them to seek remedial actions to deal with such threats, including effective monitoring of potential security threats to the organization. In addition, this will also inculcate the need for such leaders to collaborate with various government agencies in various nation-wide cyber-security strategies, as a way of protecting the organization from potential external threats.
Andreasson, K.J. (2012). Cybersecurity: Public Sector Threats and Responses. Roca Baton, FL.: CRC Press.
Appel, E.J. (2014). Cybervetting: Internet Searches for Vetting Investigations, and Open-Source
Intelligence, Second Edition. Roca Baton, FL.: CRC Press.
PWC (2013). Key findings from the 2013 US State of Cybercrime Survey.