Enhancing Organizational Level Privacy Programs Based on Ethical Reasoning. Information privacy is one of the important information security management issues that continue to pose significant challenges to organizations. In this project, you will undertake literature review on how ethics can enhance organizational privacy. Based on your literature review of the prior work in information ethics, you will develop a framework for enhancing organizational level privacy programs based on ethical reasoning. You will argue that organizations can enhance their privacy programs by moving beyond merely complying with laws and other regulations and creating a culture of integrity that combines a concern for the law with an emphasis on managerial responsibility for the organization's privacy behaviors. You will use two real-life high-profile data breaches experienced by organizations to illustrate your arguments for enhancing organizational level privacy programs based on ethical reasoning. You will conclude with recommendations for ways organizations can improve their privacy programs by incorporating moral responsibility. Topic 2: Harnessing social media applications in raising information security awareness Studies show that as much as 85% of information security breaches are due to the actions of a benevolent intentions yet uninformed users. The aim of this project is to investigate the utility of social media (SM) for its potential as an effective information security awareness delivery method. You will analyze the potential issues and concerns when leveraging social media tools and technologies for information security awareness program and propose ways to mitigate the issues and concerns. You will provide a sample case study to demonstrate the potential of SM by using one or more current social media technologies to develop and deploy SM‐based security awareness about phishing attacks (or any others). You will compare the SM‐based information security awareness delivery method with the standard security awareness delivery methods in terms of participant engagement, effectiveness in imparting basic understanding of security practices, potential change of behavior and investment required in terms of participant time and development cost. Topic 3: Security implications of social networking in the corporate environment The rise of social networking websites (e.g., MySpace, Facebook and Twitter) has enabled ordinary people to have instant messenger accounts, contact old friends or long‐lost 2 schoolmates. Anecdotal data shows that social network use at workplaces can have far reaching security implications for the organizations network security. The data also shows that as more companies allow employees to access social networking sites, fears about possible negative ramifications are also growing. This suggests that an understanding of the security implications and ramifications of social networking in the corporate environment is very important. This project will investigate security implications, identify the root causes and where possible, suggest steps to safeguard organizational assets and information. Note that the focus is on security implications for the organizations and not individuals. The project involves comprehensive literature review, survey and analysis of the results and writing a complete report. Topic 4: Leveraging Web 2.0 technology for information security disaster management The aim of this project is to survey, analyze and develop an international best practice grade information security disaster management (i.e., crises preparedness, response, and recovery) practices using Web 2.0 technology. At the time of emergency, concise, timely and reliable communication amongst the disaster preparedness and disaster recovery teams is critical for success. Web 2.0 technology such as social media techniques can prove valuable and vital for a successful disaster management practices. You will survey and analysis literature on information security disaster management and the current use of Web 2.0 technologies for disaster management approaches. Based on the results, you will synthesis an approach that harnesses the power of Web 2.0 technology for information security disaster management. You will also analyze the potential issues and concerns when leveraging Web 2.0 tools and technologies in information security disaster management and propose ways to mitigate the issues and concerns. You will use one or more current Web 2.0 tools and technologies to analyze the possible impact/benefits of deploying Web 2.0 technology for information security disaster management in one or more business sectors, and provide a simple case study and discuss the cost benefit analysis. Your investigation and analysis must be executed to the proper technical department