Scaffolding Case Analysis Writing: A Collaboration between Information Systems and Writing Faculty

In this paper, we present a collaboration between writing professors and an information systems (IS) professor to scaffold case analysis writing at an American English-medium branch campus in the Middle East. We describe our process for revising the professor’s writing assignment to make his expectations more explicit and for creating scaffolding materials that we delivered in classroom workshops to assist students’ pre-writing. We provide insights about the positive impact of the writing workshops on students’ writing from an end-of-semester interview with the professor and from interviews with students about their perceptions of the workshops and the personalized feedback they received

Concern for information privacy:a cross-nation study of the United Kingdom and South Africa

Individuals have differing levels of information privacy concern, formed by their expectations and the confidence they have that organisations meet this in practice. Variance in privacy laws and national factors may also play a role. This study analyses individuals’ information privacy expectation and confidence across two nations, the United Kingdom and South Africa, through a survey of 1463 respondents. The findings indicate that the expectation for privacy in both countries are very high. However, numerous significant differences exist between expectations and confidence when examining privacy principles. The overall results for both countries show that there is a gap in terms of the privacy expectations of respondents compared to the confidence they have in whether organisations are meeting their expectations. Governments, regulators, and organisations with an online presence need to consider individuals’ expectations and ensure that controls that meet regulatory requirements, as well as expectations, are in place

A Socio-Technical and Co-Evolutionary Framework for Reducing Human-Related Risks in Cyber Security and Cybercrime Ecosystems

The focus on cyber security as an interaction between technical elements and humans has typically confined consideration of the latter to practical issues of implementation, conventionally those of `human performance factors' of vigilance etc., 'raising awareness' and/or 'incentivization' of people and organizations to participate and adapt their behavior. But this is far too narrow a view that seriously constrains the ability of cyber security as a whole to adapt and evolve to keep up with adaptive, innovative attackers in a rapidly-changing technological, business and social landscape, in which personal preferences of users are also dynamically evolving. While there is isolated research across different research areas, we noticed the lack of a \emph{holistic} framework combining a range of applicable theoretical concepts (e.g., cultural co-evolution such as technological arms races, opportunity management, behavioral and business models) and technological solutions on reducing human-related risks in the cyber security and cybercrime ecosystems, which involve multiple groups of human actors including offenders, victims, preventers and promoters. This paper reports our ongoing work in developing such a socio-technical framework 1) to allow a more comprehensive understanding of human-related risks within cyber security and cybercrime ecosystems and 2) to support the design of more effective approaches to engaging individuals and organizations in the reduction of such risks. We are in the process of instantiating this framework to encourage behavioral changes in two use cases that capture diverse and complicated socio-technical interactions in cyber-physical systems

The use of data protection regulatory actions as a data source for privacy economics

It is well understood that security informatics is constrained by the availability of reliable data sources, which limits the development of robust methods for measuring the impact of data breaches. To date, empirical data breach analysis has largely relied upon the use of economic and financial data associated with an organisation as a measure of impact. To provide an alternative, complementary approach, we explore monetary fines resulting from data protection regulatory actions to understand how the data can inform the evaluation of data breaches. The results indicate where context matters and also provide information on the wider challenges faced by organisations managing personal data

A decade of application of the Choquet and Sugeno integrals in multi-criteria decision aid

International audienceThe main advances regarding the use of the Choquet and Sugeno integrals in multi-criteria decision aid over the last decade are reviewed. They concern mainly a bipolar extension of both the Choquet integral and the Sugeno integral, interesting particular submodels, new learning techniques, a better interpretation of the models and a better use of the Choquet integral in multi-criteria decision aid. Parallel to these theoretical works, the Choquet integral has been applied to many new fields, and several softwares and libraries dedicated to this model have been developed