Hello,  I am researcher from University of Phoenix. I have received permission from this site to post about permission to recruit subjects for participation in a study entitled Cyber Threats to Online Gaming and Education: A Delphi Study. The purpose of the study is to find out what current and future measures might be taken to eliminate or reduce organizational risks when using MMORPGs while still allowing organizations to use this powerful tool.

 I need a minimum of  10, maximum of 20 participants/game developers to contribute to my study. I need the expert opinion of game developers on what they think needs to be done to make MMORPG's secure. The game developers do not need to be MMORPG game developers, just game developers. The study will be completely anonymous, no identifying information will be used in the study. The participants will have to sign a permission slip and an informed consent slip which I will be the only one that will have access to. If anyone is interested in this PLEASE send me a message ASAP as time is of the essence. The study should not take up much of your time each day (maybe 10 15 mins max depending on you) and should not last too long ( maybe a week or two depending on how long it takes all participants to send me their data). As stated above the study will be a Delphi study, which means that all participants will answer a series of questions on a questionnaire for three rounds, those answers will then be sent to me, I will analyze the answers/data and send out the next round of questions and repeat the process until round three is finished.  I will start out with 5 of the 20 participants to conduct a pilot study, this will be used to construct the questionnaire that all of the participants will answer. once the Pilot study is finished the actual study will start. all communication for the study will be via email of SurveyMonkey website.

Thank you for your time

I see that this has over 300 plus views. Any reasons as to why anyone does not wish to participate?

15 minutes ago, wildturkey said:

Any reasons as to why anyone does not wish to participate?

Yes, it's not clear what you want.

On 11/2/2017 at 10:53 PM, wildturkey said:

measures might be taken to eliminate or reduce organizational risks

This is broad to a fault. Do you mean loss to profit? Loss related to theft? Risk related to fire? Risk of things not arranged properly?

Any type of risk is a organizational risk.

On 11/2/2017 at 10:53 PM, wildturkey said:

when using MMORPGs

There is maybe a handful of developers who can claim to have developed and published a MMORPG. It's the most difficult game there is to make. There has been roughly 250 MMORPG and more than 50% are no longer running and a lot of them where sequels made by the same developers.

Meaning that 10-20 developers would be around 20% of the developes who ever worked on a MMORPG. Now if you meant Multiplayer-Online-Role-Playing-Games instead of Massive-MORPG then you have a better chance of finding developers.

Even then the developers would be too busy to help you.

On 11/2/2017 at 10:53 PM, wildturkey said:

As stated above the study will be a Delphi study, which means that all participants will answer a series of questions on a questionnaire for three rounds

No one likes surveys and often only fill them out if it's about something that concerns them. MORPG developers would not waste there time as they gain nothing from the survey.

Have you considered that googling "Cyber Threats to Online Gaming and Education" would yield better results. It would provide you with opinions of developers collected over years and studies into cyber threats.

Scouting Ninja, when you asked " Do you mean loss to profit? Loss related to theft? " yes, and more. What would the game developer think needs to be done to make using an MMORPG for an organizations company more secure? For example IBM uses the MMORPG Second life, companies like Google, Nike, Toyota, and other use MMORPGs for various reasons. There exists a education program called "CLASSCRAFT" where the MMORPG style game is used to teach people from children to adults. Organizations and educational institutions use MMORPGs and are not aware of the possible cyber threats that go along with them. I also stated that the developer does not need to be a MMORPG developer but just a game developer.

You also said " No one likes surveys and often only fill them out if it's about something that concerns them. MMORPG developers would not waste there time as they gain nothing from the survey ". With the Delphi method YOU the game developers will create the questions on the survey and then answer them, so it would be what you the developer thinks needs to be done, what is important.. ect, which I would think that something could be gained from taking the survey/questionnaire that you the developers create.

You also stated " Have you considered that googling "Cyber Threats to Online Gaming and Education" would yield better results. It would provide you with opinions of developers collected over years and studies into cyber threats. "  The type of study I am doing requires the current opinions of participants collected and analyzed over several rounds, not opinions that have already been published.

I thank you for responding and giving me your opinion, but I must ask the site if your opinion and views are similar with theirs. and if it is I hope that I have given enough of an answer to think about participating, if not please feel free to comment below and ask whatever questions, and give whatever opinions you want.

1 hour ago, wildturkey said:

developers will create the questions on the survey and then answer them, so it would be what you the developer thinks needs to be done, what is important.. ect,

But do the developers get to see the answers and questions of other developers? You said you had a deadline so chances are that you won't have the time to setup some kind of website where developers would be able to host and read questions. Instead you will collect data and use it for your study. It's like a game with input but no output.

Think of the developers as investors. What reason do they have to invest there time and data into your study, what do they get in return?

1 hour ago, wildturkey said:

For example IBM uses the MMORPG Second life, companies like Google, Nike, Toyota, and other use MMORPGs for various reasons.

What possible harm could be done to Google, Nike, Toyota and others if Second life fell in the hands of hackers?

If I hacked Second life right now and had a agenda against Nike, what damage could I possibly do to them that would have required hacking Second life? 

1 hour ago, wildturkey said:

Organizations and educational institutions use MMORPGs and are not aware of the possible cyber threats that go along with them.

Consider me one of them. What would your study do to improve my awareness?

The most harm I could see would be a terrorist attack, even that would be only temporary. Considering the skill that is needed to hack a game on that level, a terrorist could just have made his own game to push his agenda.

16 hours ago, wildturkey said:

but I must ask the site if your opinion and views are similar with theirs.

My take:

• "ASAP as time is of the essence." I translate this that your emergency is not our emergency.  For many of these student projects, that type of urgency means the student delayed their project and is now out of time.
• For expert opinion on what makes MMOs secure you are asking the wrong group.  Although MMOs are big business, MMOs make a tiny sliver of the game industry.  Within that tiny sliver of developers, you are asking for a sub-sliver, those dealing with security of those games.
• The developers securing MMOs, games with budgets more easily measured in billions of dollars rather than millions, are almost never the game developers.  They're the business side that work with authentication services, accounting services, auth tokens, and actual threat assessment. 
• You are asking for opinions and subjective views on something that can be readily qualified with objective measures.

And most critically for my view:

• You don't have a link, we need to contact you, then you provide a signed form to be returned.  Far too much effort on our part.
• A self-selected pool of experts taken from on online game developer discussion board has almost no validity.

Although many students us that for their class research papers because it is easier to find participants, you get self-selection bias, you get a non-representative sample, you get results that are distorted based on the community you happened to ask.  All that, plus we must contact you, get you a signed form, and do other work which further distorts your samples.

7 hours ago, frob said:

"ASAP as time is of the essence." I translate this that your emergency is not our emergency.  For many of these student projects, that type of urgency means the student delayed their project and is now out of time.

Actually this is my dissertation, I have been researching for several years on this topic, the reason that time is of the essence is that as time advances so does technology, so the longer the study takes, the more research I have to continually do to keep it updated and current. 

7 hours ago, frob said:

• For expert opinion on what makes MMOs secure you are asking the wrong group.  Although MMOs are big business, MMOs make a tiny sliver of the game industry.  Within that tiny sliver of developers, you are asking for a sub-sliver, those dealing with security of those games.
• The developers securing MMOs, games with budgets more easily measured in billions of dollars rather than millions, are almost never the game developers.  They're the business side that work with authentication services, accounting services, auth tokens, and actual threat assessment. 
• You are asking for opinions and subjective views on something that can be readily qualified with objective measures.

I am actually asking the game developers opinions on what they think will make a game (in the MMORPG genre) more secure for business and schools to use for teaching, training ect from their point of view. everyone has a point of view or opinion on something, I am simply asking that opinion/point of view

7 hours ago, frob said:

And most critically for my view:

• You don't have a link, we need to contact you, then you provide a signed form to be returned.  Far too much effort on our part.
• A self-selected pool of experts taken from on online game developer discussion board has almost no validity.

you can contact me via message from this site if you are interested, just like anyone from this site can send a message to anyone else on here. once that is established then other methods of communication will be given out.
I am not selecting the pool of experts, the pool of experts on this site are the ones who choose to participate in my study or or not, it is up to them.

7 hours ago, frob said:

Although many students us that for their class research papers because it is easier to find participants, you get self-selection bias, you get a non-representative sample, you get results that are distorted based on the community you happened to ask.  All that, plus we must contact you, get you a signed form, and do other work which further distorts your samples.

Once again I am not selecting anyone, therefore there is no self-selection Bias, if the results are distorted it does not matter as I am merely seeking to report the results, and if distorted they will be reported as such.
You can contact me via message from this site, The signed form is an informed consent form, which is standard protocol for anyone to have to sign if they are choosing to participate in any academic Dissertation/study on the Doctoral level, which I am pretty sure that all others asking for people to participate on this site are not doing.

There are ethics rules that I must follow to conduct my study, that is why I ask for a signed informed consent form to be signed if you wish to participate in my study. None of what a participant does will distort my samples. 

If anyone wants more info in this issue they are free to send me a message via this site so that a channel of communication can be established.

22 hours ago, Scouting Ninja said:

But do the developers get to see the answers and questions of other developers? You said you had a deadline so chances are that you won't have the time to setup some kind of website where developers would be able to host and read questions. Instead you will collect data and use it for your study. It's like a game with input but no output.

Yes, they do. I am conducting a Delphi Method study. here is more info on that Delphi Method . All of the info will be posted, but the person who posted it will be kept anonymous, so all of the answers to the questions will be posted, but no names. The participants will either be doing this Via the SurveyMonkey website, or via email communication. 

22 hours ago, Scouting Ninja said:

Think of the developers as investors. What reason do they have to invest there time and data into your study, what do they get in return?

At the very least contributing to the knowledge to the topic, and at the very best it might institute some of the suggestions that may come from the results of the study.

22 hours ago, Scouting Ninja said:

What possible harm could be done to Google, Nike, Toyota and others if Second life fell in the hands of hackers?

If I hacked Second life right now and had a agenda against Nike, what damage could I possibly do to them that would have required hacking Second life? 

Anything and everything from corporate espionage, identity theft, shutting down crucial (and possibly all ) of a companies systems, and more. once a system is compromised because it got hacked via second life or any MMORPG to the right person they can do whatever they want to that company or institution.  

22 hours ago, Scouting Ninja said:

Consider me one of them. What would your study do to improve my awareness?

You are a game developer, AKA one of the experts, YOUR knowledge and contribution to the topic will do a lot to improve the awareness of this topic to others.

22 hours ago, Scouting Ninja said:

The most harm I could see would be a terrorist attack, even that would be only temporary. Considering the skill that is needed to hack a game on that level, a terrorist could just have made his own game to push his agenda.

Companies, corporations, and schools would not use a non-known game that a terrorist would make to use for whatever their needs may be.

I would like to clear something up. I am not a person working on a "paper for school, AA Degree, Bachelors degree, or even Masters thesis." I am a Doctoral candidate working on my Dissertation on my last year of my term for my doctorate. I have received permission from this this site to post on here to ask for participants for my study, actually this site came highly recommended from my committee chair as a great source to find experts in the game development field.

I can see from past posts and responses that you have had other people here in a frantic rush trying to do last minute assignments. I can assure you that this is NOT what I am doing. I have been researching this topic for several years, have had to go through three residencies, many revisions and classes with my committee chair to get my dissertation approved by both internal and the governing body for academic bodies of work to be submitted, approved, and allowed to come to this point.

I am looking to contribute to the knowledge on the topic of my research for the awareness of cyber threats to MMORPGs, and to have others use it in their research to also contribute further knowledge. When it is finished it will be submitted to scholarly and peer reviewed databases for students and people to use and view. I intend to follow all ethical and academic procedures for my study, hence the informed consent/permission forms. I take my work very seriously as I see do all of you. If anyone has any questions please feel free to send me a message via this site.

2 hours ago, wildturkey said:

corporate espionage, identity theft, shutting down crucial (and possibly all ) of a companies systems, and more. once a system is compromised because it got hacked via second life or any MMORPG to the right person they can do whatever they want to that company or institution.  

You seem to misunderstand. The Second life server isn't sitting in the Nike CEO's office, plugged in to the Nike mainframe. There is no connection between the game computers and the computers of the organizations invested in the game.

Even if you hacked into Second life, it is a very difficult, you would not have access to any other companies data. At best you would have user data and the Second life data.

Not to mention that data send to the server is limited. At best a average hacker could cheat some ingame items and gold. The skilled Hackers could steal user data and try to use it.

Often the only damage that can be done to a investing company, is damage to there reputation and very little else. It's also extremely difficult and only a temporary thing. Most of the damage would be done to the game and the developers behind the game.

2 hours ago, wildturkey said:

Companies, corporations, and schools would not use a non-known game that a terrorist would make to use for whatever their needs may be.

And a know game would be monitoring all there data constantly. 

2 hours ago, wildturkey said:

so all of the answers to the questions will be posted

This is good to know you should have started with this. So how would they contact you if they have info to share?