Skip to main content Skip to navigation
Washington State University
Dividend - Fall 2022 Graduate Education

Cybercrime and Fear: Researching Better Ways to Improve Security Compliance

By Eric Hollenbeck

Photo by WSU Photo Services

Cybersecurity incidents cost organizations trillions of dollars a year, and firms spend billions annually to defend their systems from security attacks and data breaches. But no matter the level in which firms invest in system tools to protect their data assets, there is one area of cybersecurity which remains the most vulnerable: security breaches caused by human error.

“About 90 percent of the problems we have in security are caused by people. Unintended human error,” says Carlos Torres, a recent management and information systems graduate.

Torres’s doctorate in management information systems (MIS) focused on security policy compliance and messaging that persuades and motivates employees to make wiser decisions about cybersecurity without the use of fear-based tactics, such as the consequences of the cybersecurity threat or a possible disciplinary action for noncompliance.

The cost of cybersecurity incidents is expected to reach $10.5 trillion annually by 2025—developing cybersecurity communications and compliance programs is vital for firms to reduce their risks of attacks, shore up vulnerabilities, and even retrain employees.

“It’s a preventative measure with potential for significant cost savings for organizations,” says Torres.

Torres has over 20 years of industry experience in information technology management and sales. He worked in the Americas and Europe leading projects for Latin America and telecommunications companies switching from 3G to 4G wireless networks or designing value-added services and new products successfully launched into markets.

As both a successful IS manager in the field and now an assistant professor, Torres understands the value of motivating employees to make decisions in ways that have lasting effects.

A change of course

At first glance, it seems like Torres’s career from industry to academia was straightforward; however, the path to his PhD wasn’t always clear. In fact, Torres says he thought about earning a doctorate several times but ultimately felt he was too far along in his career to give it a shot. “I felt like my time had passed,” he says.

But, an opportunity presented itself at an unlikely moment.

“I’m lying in bed, chatting with my wife and she asks, ‘What is one thing that you’ve wanted to do? Something that if you don’t do it, you’ll look back and wish you had done it?’ So, I told her ‘get my PhD,’” he says.

With that, the course was set. Torres applied for and received a Fulbright Scholarship to study in the United States. He was one of a handful of PhD students to receive the award for information technology-related studies.

“It felt like a miracle to receive that award,” he says.

An environment for success

Torres says two things drew him to the Carson College PhD program: the strength of the program and the faculty.

“We have great people in the Carson College of Business,” Torres says. “Professors are all very renowned in their fields.”

In August, Torres joined the faculty at Baylor University’s Hankamer School of Business as an assistant professor in information systems.

“Doing research is the thing that motivates me the most, but helping develop people is also great,” he says. “I benefited from that at WSU and look forward to continuing that in my own career.”

About 90 percent of the problems we have in security are caused by people. Unintended human error.
– Carlos Torres