A Tool to Streamline Bidding for Government Contracts; Exploring how Cybersecurity Knowledge can Affect the Chances of a Data Breach
Brockway, Michael, School of Engineering and Applied Science, University of Virginia
Graham, Daniel, EN-Comp Science Dept, University of Virginia
Seabrook, Bryn, EN-Engineering and Society, University of Virginia
Businesses that are heavily involved with software face numerous challenges that extend beyond the technical aspect of software development. This portfolio attempts to provide improvements to two difficult, non-technical parts of the software development process. The capstone project focuses on simplifying and clarifying the requirements a piece of software must meet in order to perform its function properly. The final deliverable of this project was a prototype piece of software designed to be used by government contracting companies. The piece of software scans a contract proposal document provided by the U.S. government and outputs a list of requirements that the contracting company can use to more easily bid on the contract in question. In contrast, the STS research project focuses on the human aspects of data security. Specifically, it discusses methods by which to educate people on how to protect themselves and the businesses they interact with from data breaches. The deliverable for this project is a paper that discusses steps organizations and individuals can take themselves in order to better secure their data and prevent data loss or theft.
Government contractors face a long and tedious process bidding for contracts. Part of this process includes understanding requirements for a specific contract to be bid on. This process of bidding for government contracts includes understanding the many different requirements that a specific contract lays out. The final deliverable of this project utilizes a regular expression scraper that was integrated into a Python script to scan government proposal documents for contract requirements. The project then uses a graphical user interface to present those requirements in an organized, concise manner in order to assist contractors in preparing bids. This solution will ultimately allow contractors to both quickly understand what kind of work a specific contract requires and to more easily generate documents to bid on those contracts. Future steps include implementing machine learning algorithms into the project to provide flexibility in detecting requirements and to expand the file formats that are able to be scanned.
Over the last decade, businesses have become more susceptible to data breaches as a result of an increased presence on the Internet. Not only are data breaches occurring more often, but the costs of one have been rising as well. Consistent among data breaches and hacking events is an exploitation of the human element within an organization. This paper seeks to determine the best methods for improving the human element of data security so as to reduce the chances of a data breach occurring and the impact an organization faces when one does occur. Documentary Research Methods and Discourse Analysis are the primary frameworks used to determine these methods. Both methods rely on the analysis of already existing information. This information was obtained from the results of studies on data breaches already conducted, previous methods used to cause data breaches, as well as previous methods of educating organizations on cybersecurity are used to determine recommended methods for improving the human element of data security. The results of this paper could be used as a base for educating members of an organization on how to detect and help prevent data breaches from occurring, which would save organizations and regular individuals time and money.
A big takeaway from working on both of these projects simultaneously was the importance of understanding and combining both technical and non-technical aspects of software development. Both aspects have major contributions to the success or failure of a piece of software even in a field like computer science where technical skills tend to be valued more than non-technical ones. Working on both projects together provided great insight into some of the challenges of software development and software management that are often left undiscussed in a university classroom. The technical project provides a basis for a technical solution to the challenge of attempting to understand and concretely define software requirements while the STS research project lays out a non-technical set of improvements and recommendations for both individuals and businesses to take in order to improve data security. These are challenges that individuals and businesses that create and manage software face every day, and this portfolio will hopefully provide a basis for the design of future solutions to these problems.
BS (Bachelor of Science)
cybersecurity, computer science, data breach, School of Engineering and Applied Science, Bachelor of Science in Computer Science, Technical Advisor: Daniel Graham, STS Advisor: Bryn Seabrook