It is important to note that the TAM/CIA Model can be applied to other realms of Cybersecurity alone not just from the standpoint of information transmission and processing. One such area is that is for the Cloud, especially for threat monitoring.
Both of the AWS and Microsoft Azure have tools called Security Incident & Event Management systems, which allows for the IT Security team to analyze threats on a real time basis, from one central dashboard.
In Azure, this is called “Sentinel”, and in AWS, this is called the “AWS Control Tower”, and can be combined with the Splunk Cloud to get an even richer insight into all of the data that is being collected.
The intended target audience is the IT Security team in any company. They will be asked the following questions:
The respondents will be asked to fill out a survey, which is as follows:
For the Perceived Ease of Use Azure or Control Tower
1) I often become confused with all of the Cyber information and data I am receiving on a daily basis.
2) Because of the lack of clarity of the information and data that I am receiving, I overlook the alerts and warnings I receive on a daily basis.
3) Trying to understand the Cyber information and data that I am receiving is quite difficult.
4) I need to consult with others on my team to discern this Cyber information and data.
5) It takes a lot of mental effort to break down the Cyber alerts and warnings that I am receiving.
6) It is easy to recover from any mistakes that I make from the Cyber information and data that I am receiving.
7) The Cyber information and data that I am receiving is hard to apply to the Cyber Threat Landscape.
8) The Cyber information and data that I receive produces results that I am not expecting.
9) I find it very tiresome and cumbersome to try to triage the Cyber information and data that I am receiving.
10) My daily interaction with the Cyber information and data that I am receiving is easy to deal with.
11) The Cyber information and data that I am receiving produces a more secure environment for my employer.
12) The Cyber information and data that I am receiving guides me in helping to predict the future Cyber Threat Landscape.
13) Overall, I find that Azure or the Control Tower easy to use.
For the Perceived Usefulness of Azure Control Tower
1) It would be difficult to perform my everyday job tasks, without the Cyber information and data that I am receiving.
2) Having access to Cyber information and data gives me a greater control in helping to secure my environment.
3) Using effective Cyber information and data helps me to improve the overall Cyber Hygiene when I conduct my daily job tasks for my company.
4) The Cyber information and data I am receiving addresses the needs for the job that I am doing.
5) Having Cyber information and data allows me to accomplish my work-related tasks, which is protecting my company from any Cyber threats.
6) Having Cyber information and data supports the mission critical aspects of my daily job functions.
7) Having Cyber information and data makes me spend less time on other activities which may require higher levels of security.
8) Having Cyber information and data improves the overall level of effectiveness that I doss on my job.
9) Having Cyber information and data improves the quality of the work that I do on my job.
10) Having Cyber information and data increases the productivity levels of my job.
11) Having Cyber information and data makes it easier for me to do my job.
12) Overall, I find that having Sentinel or Control Tower is useful for my job.
Each question will have a rating scale just below it, ranging from 1 – 5, where 1 “Highly Disagree” and 5 is “Highly Agree”. This survey will be hosted first on Qualtrics, then on an individual hosting plan for permanent usage http://cybersurvey.solutions/
Multiple Regression Analysis will be ultimately used, but to analyze the first few rounds of data, Microsoft Excel will be initially used.
To view a graphic and statistical version of the model, click here.
In terms if using the TAM model, there are not a lot of studies that have been done in Cybersecurity, thus giving scientific merit to what we are proposing here. Here is a sampling of the current research using TAM in Information Security::