This is a paper on a company my group came up with:
mPowerTech: Helping with Digital Literacy
Jason Sandifer
Old Dominion University
CYSE 494 : Entrepreneurship in Cybersecurity
Professor Porcher
June 21,2023
mPowerTech: Helping with Digital Literacy
Overview:
The rate at which technology is changing is leaving some people behind. The people who are being left behind need help. They are a wide range of people, people who just do not work with technology enough to keep up with trends let alone security. They are people who may not know what to do and are not secure enough to ask the right questions to keep up. They are people who do not care about the security of the internet of things. They may even be people who are struggling with technology and need help to surf the web and email friends and family. These are some of the people that mPowerTech has in mind when it comes to the product and services the company is going to offer. These people who struggle with technology are causing businesses and families to struggle with the day to day of running companies or families while worrying about these people. The day-to-day running of businesses is job enough but now with the way technology has changed how businesses do business, the need is there to have a secure network to which to run the business. The United States Intelligence community consider cyber security threats a bigger problem than international crime groups, terrorism, and WMD’s(weapons of mass destruction) since 2013(Heinl, 131). This need is paramount to the future of most companies. Whether it is the company trying to grow from a small or mid-size company or trying to compete with other large global companies’ cyber security is a new major component to businesses. People tend to be a major contributor to breakdowns with cyber security.
Families face major challenges in the field of cyber security and may not know it until it is too late. The onslaught of cyber security scams that are out there now is a major problem for people especially people who have older or younger family members who surf the web and use email on a regular basis. People hear story after story about scams and how the criminals take advantage of unsuspecting people. These criminals who prey on unsuspecting people are tricking them into doing things that will and could harm the people. The unsuspecting victims are being asked to give the criminals access to the victims’ computers or worse bank accounts. The victims are even being asked to send financial support for causes or things that do not exist. The scams are costing victims millions and millions of dollars each year or more. The victims have little or no recourse to get any of the money back from the criminals, since most of these scams originate in foreign countries that have little or no law enforcement to do an investigation or no care to do an investigation into the crimes. These countries may not even have laws that make these scams an illegal act or worse the authorities might turn a blind eye to it and getting a kick back from the scam itself. The victims may not even report the scam or the crime because the victims may feel embarrassed that they feel victim to the scam. The families might never find out that a family member had fallen victim to the criminals’ scams until it is too late and the damage has been done.
This is where mPowerTech comes into the picture. mPowerTech is a new company that is going to offer services to help small companies, midsize companies, families, and individuals with learning the importance of cyber security. The importance of the need to do what is needed to keep criminals out of your internet of things. The company is going to be offering multiple products and services to meet the needs of companies and individuals. The products that the company will be offering to purchase include but are not limited to (the company will always be adding to our inventory) brochures that can be purchased to hand out to employees and to people in different areas. The areas can include the main gathering area in a retirement community, the main lobby area of a business, and breakrooms throughout a company both small and midsize. These brochures can be placed there to help inform the employees and anyone that comes through the areas they are in. They will be straightforward and easily understood so that anyone from beginner to experienced web user can learn from them. These brochures will cover many topics and can be related to many things like email use, virtual private network use, surfing the web, and many other topics. These brochures will also be differentiated for business and individual. Businesses will need brochures to be more about the use of company equipment and rules that need to be followed.
mPowerTech will offer classes or in person meetings to help teach either or both employees or individuals. The in-person meetings that the company offer to businesses will be in conjunction with the rules which the employees need to follow. mPowerTech will also offer companies services to help create rules or programs for the employees to follow. This service will help the IT departments of the small and midsize businesses concentrate on the servicing or creation of and running the network. The service is designed to help companies with smaller IT departments to let mPowerTech teach and cover the training needed to keep the employees up to date with security changes and rules.
For individuals the company can set up in person or personal zoom calls to go over what the individual needs or is requesting of the company. At this level the company can set up multiple individuals to form groups to help out with cost and still offer great service and information. The individual level service will be designed to help with the need to surf and use the web securely. The company can serve to inform the individual how to set settings on different machines mobile devices, laptops, desktops, and setting up virtual private networks. The company can help individuals understand what current and past scams and phishing emails scams are out there and what to look out for to make the individual experience of being on the web and email safer.
Literature Review
The need for both the business world and personal world to have effective and sufficient training in the world of security is paramount. The amount of money, time, and productivity lost due to malicious or accidental data breaches is getting greater and greater. A data breach is the intentional or inadvertent exposure of information to outside and not authorized people(Cheng, 2017).
A business that fails to properly secure its information can and will fall victim to a data breach. These data breaches can lead to significant reputational damage and financial loses(Cheng 2017). Schools of higher education and universities also in need to improve their cyber security standards as more learning and courses go online especially after the pandemic(Liluashxili, 2021).
Companies need to make cyber security an important part of a business plan and budget. Businesses are now more than ever collecting information about customers, business partners and employees. The information the companies are collecting is also easily stored and kept in databases. The databases that companies are maintaining are vaults of important personal data. This data in turn needs to be kept safe and secure. Companies now face multiple ways of being attacked. Businesses are facing attacks from both outside the company’s walls and from the inside. With businesses facing so many attack vectors a business processes must be designed and configured to reduce and protect against exposure(Dolezel, 2019). The companies are now more than ever having to protect this data.
The data the companies are holding onto is personal and can lead to problems if it is released. Breaches can lead to personal information being auctioned on the black market(Dolezel, 2019). The importance of the data being collected has lead to countries passing laws to protect it. Countries have put into place laws to make companies better protect against data breaches because the countries are starting to consider the data part of the critical infrastructure(Dolezel, 2019). An example of sets of laws put into place to protect data and personal information is the HIPAA laws created by the United States government. These laws set certain guidelines for medical businesses and hospitals to follow. The laws are designed to make sure that basic care for the data is taken. The reasons are that medical records contain a lot of personal information about the patients. Blue cross and blue shield allowed 16,000 patient files to o be a publicly accessible server for months(Dolezel, 2019). These lapses are not always from a malicious source, it can be from an accidental click of a link or placing files into a wrong folder. Looking through the DHHS database on breaches have led many consumers and politicians to bring into question if businesses are doing enough to stop or slow down breaches(Dolezel, 2019).
Companies need to use a combination of hardware and software to reduce accidental or malicious disclosure, modification, or destruction of people’s personal data(Dolezel, 2019). The need to add training for employees is paramount as well, because of accidental release of the data. Typical ransomware operationalized is most of the time when an employee clicks on the link in an email(Dolezel, 2019). Employees that are not properly trained or at least trained to a sufficient level can lead to inadvertent threats. These inadvertent threats include but are not limited to accidental publication of personal information, configuration errors when setting up software, improper use of encryption within the network, people abusing access privileges, and physical loss of computers or phones(Cheng, 2017). Setting up proper software and hardware can help detect a potential leak or breach. The detection of a leak or breach may help all involved to keep the breach or leak to a minimum. In 2016, the average cost of a data breach was 4 million us dollars for the responsible company(Cheng, 2017).
Those amounts as stated prior are in 2016 dollars, in today’s dollars when figuring out with inflation would equal about 5.1 million us dollars. The businesses and companies have a financial need and responsibility to safeguard all data that they collect and save. The monetary cost for data breaches is growing each year. Therefore, information security and data breaches are perhaps one of the biggest challenges businesses face today(Madan, 2022). The numbers reflect how technology is making it a priority to protect data by companies. In 2020 alone there were 3932 reported breaches by companies(Madan, 2022). The numbers that are out there on how much it is going to cost companies that do not make cyber security a priority are astonishing. A study states that by 2024 it will cost businesses somewhere near 4 trillion dollars(Madan, 2022).
Research has found that it is insufficient to rely on IT investment a lone to address security issues(Li, 2023). The need is to make sure that companies are focused on cyber security along with IT. Companies need to make sure that cyber security and the policies are a focus of the C level personnel. Making security awareness of threats and countermeasures is vital to helping companies maintain security(li, 2023). Moreover, the higher the awareness of these threats and counter measures greatly decrease the amount of data breaches(Li, 2023). The higher awareness of threats and countermeasures can lead to a more holistic understanding and help explore more and better practical solutions to cyber security(Li, 2023).
Companies of the world are facing major challenges to keep up with the cyber security needs to protect the data that is being collected and stored. Companies are not the only ones involved with the constant threat of loss of data, but also the individual web surfer or emailer. Individuals are in need of training and education on cyber security threats and counter measures. Modern technology has given the less scrupulous parts fur society the tools and power to take advantage of others(Dubaffa, 2009). The general public as a whole and anyone who uses technology in their everyday lives is at risk. People need to have education and or training on how to protect themselves from online scams. Nigerian money scams are arriving in email boxes on a regular basis(Dubaffe, 2009). This scam has been around and has changed over the years, but yet people fall for it all the time. This scam is the promise of a bigger payday if the individual sends a smaller sum of money to help them out. The exact amount of money lost is not known but it is estimated that individuals have lost billions in the last decade from this scam. This is not the only scam. There are scams actively going after trademark owners to send money to protect the trademark the person owns(Dualo, 2009). The older generations of countries are being affected in larger numbers by scams and scammers that lead to compromised and misuse of their personal information(Watson, 2019). This identity comprises and misuse cause individuals not only financial harm, but also non-financial harm and problems(Watson, 2019). The non-financial harm can be psychological, physical, and socially and can lead to the corroding of faith and allowing fear to enter(Watson, 2019). The scammers are taking advantage of people who are new to the internet of things or not up to date on the dark side of web use. Internet scams aim to defraud victims with scammers applying different methods to steal identification or money(Chen, 2017). The older generation need help to prepare them and help them protect themselves from the harm that can come from being taken advantage of. The older generation might be alone or with family not nearby to help them with learning even the simple steps to protect themselves. Older age normal adults may be at a particular risk of phishing emails(Grilli, 2021). The older generation need to learn as much as possible to again protect themselves from the scammers who are interested in taking information or money from them.
How Problem and Innovation Relate to Material Outside Major
The problem and how it relates to material outside cybersecurity. First, the problem relates to the finances of both companies and individuals. Companies face financial problems from a multiple effect from data or information leaks. The company must pay either an internal security group or pay a company like the one we want to start to help them meet all the regulatory requirements they need to function. The companies face financial loss if a data or information breach happens. These is true whether they have insurance to cover the cost of the breach to make it right, they will face higher premiums or cancellation of the policy. The cancellation of the policy will make the company have to self-insure. As stated before in the literature review the cost of a breach can climb as high as 5 million dollars(Cheng, 2017). The financial impact on individuals is also a problem. The scammers out there are taken money from people through phishing scams, Nigerian prince scams just to name a couple. These scams are taken advantage of people with little to no knowledge of how to surf the web. These scams are costing people millions and millions of dollars a year. The victims both business or individuals have little to no chance to recover the money lost. The problem is also affecting public relations of businesses that fall pry to a breach or ransomware. The public finds out about the breach usually from the media or from receiving an email that provides identity theft coverage for 2 years. The customer then has a less than favorable outlook about the company in question. The company not only can lose money repairing or fixing the breach, but in the eye of public opinion. Losing in the court of public opinion can lead to the loss of customers or loss of market share. Loss of either of these can lead to loss of revenue.
The problem also relates to the field of psychology when you look at the possible effects of the victims in these scams. The older generations of any country may not be technologically savvy and not know the pitfalls they may encounter on the web or even through email. The victims of these scams can face anxiety, embarrassment, and fear after finding out they have been taken advantage of. Any of these feelings that may have afterwards can harm the quality of life they may have. The victims of the scams may pull away from the technology and contact family or friends less which can add loneliness to the growing list of problems that the scams have caused victims.
If the victims do start to have anxiety the problem relates to personal health. Anxiety can cause a multitude of health problems. These health problems circle back to add to the financial problems scams can cause. Added health problems raise the number of times the victims have to go to the doctor, and the possible addition of medications to help at an added cost.
The problem relates to law enforcement and political fields. The problem can lead to an increase in call volume to police stations. The increase in call volume will lead to an increase in the need to investigate some or most of all the calls. These investigations, even though important to the victims are usually done by people outside of the country and this ties the hands of law enforcement. The increase into these crimes that tie law enforcement’s limited man hours, keeps them from crimes that they can actually solve.
The political aspect that the problem creates is the need to make laws. With victims will come calls for laws to change to protect them as citizens. The problem here lies in the fact that scams are always changing and usually coming from another country. Technology is always changing and the political world is hard pressed to keep up with laws and foreign treaties to get control and a handle on these issues.
The need to better train both companies and individuals about cyber security can help many fields of study. The training will help companies with keeping accidental data breach numbers down. This added and continual training companies can keep actual cost down and keep them in their current standing from a public relations standpoint.
Training individuals to help themselves when it comes to cyber security will also help a great many fields of study. The training would help keep the numbers of people who fall for the scams out there down. Keeping these numbers down can have a two-fold positive outcome, first keeping the numbers of victims down will lower the dollars that the scammers can get. This in turn will lower the number of scammers because the low hanging fruit is not there.
Both the problem and the solution has an effect on many fields outside just my major. The solution looks like it can have a positive effect on many aspects and fields out there.
An Overview of How to Determine if the Idea Works
One way to determine if the idea, innovation, or company works is money. The money aspect is determined in how much the company makes. The bottom line is the first and easiest one to look at. Is the company profitable? The answer to this question helps determine if the idea works.
Another way to help determine is the idea, innovation, or company is working is growth. Unlike, profitability(making positive money right away) growth can help show investors or us if it is working. Are we growing week over week or month over month in number of customers, hits to the websites, sales of services or products? If the company is growing in some or all of the areas, then this can lead to the fact that it might be working. Showing that the company is drawing in customers can lead to financial growth with continual work or maybe a change here or there in aspects to continue to have growth.
Investors is a way to show that the idea is working. If as a company we continue to have investors either interested in providing capital or trying to purchase the business can show that the company is on the correct path.
What is Needed to Turn Idea into Reality
What is needed to turn the innovation or company idea into reality? The first step will be to finish a truly comprehensive budget. This budget will need to cover all the aspects of the business that the five of us idea makers can think of, then turn it over to a financial expert or someone who has started a business before to see what we missed. The budget will need to show what kind of expenses the company will be looking at to start out. The budget will need to show what kind of salary or what kind of money each partner will be making. This will help us understand where we can trim or add to as needed. Along with the budget will be how we want to set up the company. Will the company be a partnership or a limited liability company?
The idea makers will need to create the idea. By that I mean we will have to create a website that the customers will be able to come to and purchase products and services from. The website will have to be set up to show with easy navigation the categories of products and services that are offered. The website will also have to have payment services attached to it to run credit and debit cards. The website will also need to be set up to create invoices for companies or individuals who purchase our services. We will have to create the step-by-step brochures which will be an item available. These brochures will need to be printable from the customers’ home printers in the form of a pdf or printed in bulk by an outside printer or ours and mailed to the customer. The idea makers will have to create the classroom outline of all the different classes or one on one meetings the company will provide. Example, we will come up with the outline for the person doing the meeting for security when on the web or email. We will have to create the videos that we will have on the website for step-by- step instructions for customers.
Another step in making this idea into a reality is capital. The company will need capital to start everything. The company will need to find capital for the cost of doing business. Will the company seek out business loans from banks. Will the company seek out partial or full funding from programs from the state or federal government if available. Will the company seek out investors who are willing to fund the company for a share of the company.
References
Chen, H., Beaudoin, C., & Hong, T. (2017). Securing online privacy: An empirical test on Internet scam victimization, online privacy concerns, and privacy protection behaviors. Computers in Human Behavior, 70, 291-302.
Cheng, L., Liu, F., & Yao, D. (2017). Enterprise data breach: Causes, challenges, prevention, and future directions. Wiley Interdisciplinary Reviews. Data Mining and Knowledge Discovery, 7(5), E1211.
Dolezel, D., & McLeod, A. (2019). Managing Security Risk: Modeling the Root Causes of Data Breaches. The Health Care Manager, 38(4), 322-330.
DuBoff, L., & King, C. (2009). Educators Beware: Avoiding the Scams. TechTrends, 53(2), 11-13.
George B. Liluashvili. (2021). Cyber Risk Mitigation in Higher Education. Law and World, 7(2), 15-27.
Grilli, M., McVeigh, K., Hakim, Z., Wank, A., Getz, S., Levin, B., . . . Wilson, R. (2021). Is This Phishing? Older Age Is Associated With Greater Difficulty Discriminating Between Safe and Malicious Emails. The Journals of Gerontology. Series B, Psychological Sciences and Social Sciences, 76(9), 1711-1715.
Heinl, C. (2014). Regional Cybersecurity. Asia Policy, (18), 131-160.
Li, W., Leung, A., & Yue, W. (2023). Where is IT in Information Security? The Interrelationship among IT Investment, Security Awareness, and Data Breaches. MIS Quarterly, 47(1), 317-342.
Madan, S., Savani, K., & Katsikeas, C. (2022). Privacy please: Power distance and people’s responses to data breaches across countries. Journal of International Business Studies, 54(4), 731-754.
Watson, J., Lacey, D., Kerr, D., Salmon, P., & Goode, N. (2019). Understanding the effects of compromise and misuse of personal details on older people. AJIS. Australasian Journal of Information Systems, 23, AJIS. Australasian journal of information systems, 2019, Vol.23.