Paper and Awards at the Pre-ICIS Workshop on Information Security and Privacy (WISP 2020)
Malte Greulich from the cii research group presented a paper at the Pre-ICIS Annual Workshop on Information Security and Privacy (WISP), which was held virtually as a pre-ICIS event on December 12, 2020. The paper “Toward Conceptualizing Perplexity in Cybersecurity: An Exploratory Study” was co-authored by Sebastian Lins, Daniel Pienta, Jason Thatcher, and Ali Sunyaev. The Special Interest Group on Information Security and Privacy (SIGSEC) of the Association of Information Systems (AIS) also awarded Malte Greulich with a doctoral student award for the quality of the paper. Additionally, Manuel Schmidt-Kraepelin and Mikael Beyene both won best reviewer awards.
“Toward Conceptualizing Perplexity in Cybersecurity: An Exploratory Study”
by Malte Greulich, Sebastian Lins, Daniel Pienta, Jason Thatcher, and Ali Sunyaev
Abstract: As cybersecurity threats evolve and cybersecurity teams update digital security infrastructures, employees often get perplexed by the threats and corresponding countermeasures. Drawing insight from a literature review and a qualitative exploratory study with 85 participants, this paper defines cybersecurity perplexity, a paradoxical psychological state that individuals experience when facing adverse cybersecurity conditions in the workplace (e.g., ambiguous or surprising security policies or awareness of cybersecurity threats). Cybersecurity perplexity has three interrelated dimensions: cybersecurity confusion, cybersecurity pressure, and cybersecurity response uncertainty. Central to cybersecurity perplexity is that individuals are confused and uncertain about how to respond, yet feel pressure to act, to adverse cybersecurity conditions. Our data suggests that perplexity merits researchers’ attention because it can arise from myriad cybersecurity conditions that individuals frequently encounter in the workplace. We contribute to the cybersecurity literature by providing a conceptualization of cybersecurity perplexity and initiating a discussion about this novel phenomenon encouraging future research.
From the research group Critical Information Infrastructures