Culminating Project Title
Date of Award
Culminating Project Type
Information Assurance: M.S.
Information Assurance and Information Systems
Herberger School of Business
Abu Hussein, Abdullah
Creative Commons License
This work is licensed under a Creative Commons Attribution-Noncommercial-No Derivative Works 4.0 License.
Keywords and Subject Headings
Insufficient due diligence, lack of due diligence
Organizations face the rapid and constant evolution of technology and must adapt quickly to that fast pace changing environment. It is in that perspective that companies dive into adopting a new technology without a proper investigation on how the technology works or without knowing if they have the adequate resources to use it; thus, underestimating possible security threats. One of the most common threats related to organization rushing into acquiring a new technology is insufficient due diligence. Insufficient due diligence is the lack of proper measures taken to ensure the credibility of the technology provider. Insufficient due diligence happens when organizations try to move too quickly to the adopt technology without thoroughly understanding it. Organizations rushing in the decision making of which technology to choose, skip some important steps such as conducting a proper evaluation of the technology they want to adopt, which cause security threats. This is a problem mainly because of lack of research on the subject, ignorance and lack of attention to details. This starred paper will present the state of art of insufficient due diligence when adopting technology, its root causes, and the different aspect of the problem and propose recommendation to improve security in organizations. This work aims to raise the security bar for organizations adopting technology and improve security.
Konan, Cynthia, "Insufficient Due Diligence as a Security and Privacy Issue" (2019). Culminating Projects in Information Assurance. 111.