Linda Kostic, who is a doctoral learner at Capella University in the School of Business and Technology is seeking information security subject matter experts to participate in a research study. The purpose of this research study is to aggregate information security awareness techniques, obtained from the research participants, which will reduce data breaches caused by social engineering attacks. Participants will be contributing to the information security profession by customizing existing frameworks, NIST 800-50 as an example, with actionable techniques that will be compiled into an information security awareness technique model that will be shared with all participants.
Research participants will be asked to fully complete a SurveyMonkey open-ended questionnaire that may result in up to three participation rounds. It is anticipated that the first round of questions will take approximately thirty (30) minutes to complete, depending on the extent of information security awareness techniques employed within your organization. If necessary, it is anticipated that the time commitment for each additional survey will be about fifteen (15) minutes each, depending on the number of follow up questions.
All participants who actively participate through all questionnaire rounds will receive one (1) CPE certificate and a copy of the research study results. The research results will contain an information security awareness model that may provide new techniques for the participant to implement at their firm, agency, or client environment.
Participants must meet the following professional background criteria in order to participate in this research:
Participants who meet the professional background and opt to participate, will answer the following four research questions within a Survey Monkey survey.
If you are interested in participating in this research study, please send the following information to Linda Kostic at email@example.com:
Participant Email Address
Years of Information Security Experience
Years of Information Security Awareness Experience
Just a note:
Requesting this kind of information on a gmail account instead of an educational or business domain account seems a bit strange considering the kind of data you are requesting.
Might I suggest you use a university email account. Speaking for myself I would not respond to this kind of request from an anonymous account.
For example, would anyone respond to the query below?
Does your Firm or Agency Secures Personally Identifiable Information, Non-Public Information, or Other Sensitive Data (Yes/No)?
Oh no we don't "secures" PII or any other data. We leave it in a public database like they did in Ecuador 🙂
I checked my calendar and it aint April 1st.
Thanks for your kind response. I can't speak for the rest of the CISSP bunch but I thought your question was a cleverly structured phishing attack in which you had an avenue to harvest a wealth of information for targeted attacks. I'm glad to hear that's not the case 😉