[HTML][HTML] Learning from cyber security incidents: A systematic review and future research agenda
Cyber security incidents are now prevalent in many organisations. Arguably, those who can
learn from security incidents and address the underlying causes will reduce the prevalence …
learn from security incidents and address the underlying causes will reduce the prevalence …
Where to recruit for security development studies: Comparing six software developer samples
Studying developers is an important aspect of usable security and privacy research. In
particular, studying security development challenges such as the usability of security APIs …
particular, studying security development challenges such as the usability of security APIs …
Security at the End of the Tunnel: The Anatomy of {VPN} Mental Models Among Experts and {Non-Experts} in a Corporate Context
With the worldwide COVID-19 pandemic in 2020 and 2021 necessitating working from
home, corporate Virtual Private Networks (VPNs) have become an important item securing …
home, corporate Virtual Private Networks (VPNs) have become an important item securing …
SoK: Access Control Policy Generation from High-level Natural Language Requirements
SH Jayasundara… - ACM Computing …, 2023 - dl.acm.org
Administrator-centered access control failures can cause data breaches, putting
organizations at risk of financial loss and reputation damage. Existing graphical policy …
organizations at risk of financial loss and reputation damage. Existing graphical policy …
“Those things are written by lawyers, and programmers are reading that.” Mapping the Communication Gap Between Software Developers and Privacy Experts
SA Horstmann, S Domiks, M Gutfleisch… - Proceedings on …, 2024 - petsymposium.org
To ensure data-privacy compliance, it is common for companies to consult privacy experts
for the identification and communication of privacy requirements to software developers …
for the identification and communication of privacy requirements to software developers …
" Oh yes! over-preparing for meetings is my jam:)": The Gendered Experiences of System Administrators
In the system and network administration domain, gender diversity remains a distant target.
The experiences and perspectives of sysadmins who belong to marginalized genders (non …
The experiences and perspectives of sysadmins who belong to marginalized genders (non …
" I needed to solve their overwhelmness": How System Administration Work was Affected by COVID-19
The ongoing global COVID-19 pandemic made working from home--wherever working
remotely is possible--the norm for what had previously been office-based jobs across the …
remotely is possible--the norm for what had previously been office-based jobs across the …
[PDF][PDF] How WEIRD is Usable Privacy and Security Research?
AA Hasegawa, D Inoue, M Akiyama - 33rd USENIX Security Symposium, 2024 - usenix.org
In human factor fields such as human-computer interaction (HCI) and psychology,
researchers have been concerned that participants mostly come from WEIRD (Western …
researchers have been concerned that participants mostly come from WEIRD (Western …
Digital Security—A Question of Perspective A Large-Scale Telephone Survey with Four At-Risk User Groups
This paper investigates the digital security experiences of four at-risk user groups in
Germany, including older adults (70+), teenagers (14-17), people with migration …
Germany, including older adults (70+), teenagers (14-17), people with migration …
Analyzing cyber security research practices through a meta-research framework
V Le Pochat, W Joosen - Proceedings of the 16th Cyber Security …, 2023 - dl.acm.org
Sound research practices are the foundation of valid, reliable, and trustworthy research
results. The discipline of meta-research critically evaluates research practices and proposes …
results. The discipline of meta-research critically evaluates research practices and proposes …