Date of Conferral



Doctor of Business Administration (D.B.A.)




Diane Dusick


Cloud computing has changed the information technology (IT) infrastructure of U. S. organizations, generating new threats and breaches in data security. Organization leaders estimated the costs from data breaches at approximately $8.5 billion annually, so reducing data breaches can potentially save organizations billions annually. Grounded in the integrated enterprise risk management framework, the purpose of this qualitative multiple case study was to explore strategies 4 IT administrators in central North Carolina use to mitigate data security threats and breaches. Data collection included archival documents (e.g., data security plans and organization newsletters), journal notes, and semistructured face-to-face interviews. Using thematic analysis and Yin’s 5 phases of analysis led to three core themes: reliance on third-party risk management services, employee education, and best practices. A key recommendation is that IT administrators and organization leaders collaborate to align IT functions with organizational objectives to sustain competitive advantage. Applying the findings in this study may help IT administrators develop best practices to mitigate data security threats and breaches in cloud computing environments. The implications for positive social change include the potential to reduce occurrences of data and identity theft, the financial risk for organizations, and financial loss for individuals and community members.

Included in

Business Commons