Date of Conferral

12-3-2024

Degree

Doctor of Information Technology (D.I.T.)

School

Information Systems and Technology

Advisor

Bob Duhainy

Abstract

Public school districts are frequently targeted by cybercriminals to gain access to a wealth of under-protected sensitive data. As a result, information technology (IT) leaders in public school districts must implement measures to maintain the security and confidentiality of sensitive data collected and stored by their schools. This qualitative multiple case study, grounded in the technology threat avoidance theory, explored the strategies used by K-12 IT leaders to implement secure IT infrastructure in New Jersey public school districts. The research population includes K-12 public school IT leaders in New Jersey who have experience implementing security controls to protect the data stored by their schools. Data were collected through semistructured interviews with those IT leaders and a review of publicly available documentation of security practices utilized in New Jersey public schools. The data were analyzed using thematic analysis to identify potential themes related to strategies for implementing secure IT infrastructures. Four major themes emerged from the data analysis: IT security challenges, IT security threats, protective measures, and IT security resources. A key recommendation is for IT leaders in New Jersey public schools to implement a layered approach to security, practicing a defense-in-depth strategy to realize the maximum benefit from multiple individual security measures. The implications for positive social change include the potential to protect the sensitive information of a large subset of the population from loss to those who could cause long-lasting harm. K-12 students may realize the most significant contribution to social change by protecting their personal information against those who seek to steal their data for personal or financial gain.

Download

Share

 
COinS