Security and privacy have become a grand challenge as information systems become increasingly complex. AIS SIGSEC provides networking opportunities for people who conduct research, develop and/or teach about information security, assurance, digital forensics, privacy, and information system risk management and auditing. SIGSEC members discuss issues related to the theory, practice, methods, and applications of technologies to better understand and promote sound information security and privacy activities by individuals and organizations alike.

Track Chairs:
- Philip Menard, University of Texas at San Antonio
- Gregory Bott, The University of Alabama
- Shuyuan Mary Ho, Florida State University
- Andrew William Green, Kennesaw State University
- Bryan Hammer, University of Montana

Schedule
2025
Friday, August 15th
12:00 AM

A Comparative Analysis of the UN Cybercrime Treaty and GDPR: Balancing Global Security and Data Sovereignty

Angelica Marotta, Massachusetts Institute of Technology
Stuart Madnick, CAMS

12:00 AM

Advancing Cyber Risk by Reducing Strategic Control Gaps

sander zeijlemaker, Massachusetts Institute of Technology
Ranjan Pal, MIT
Jeffrey Proudfoot, Bentley University
Michael Siegel, Massachusetts Institute of Technology

12:00 AM

“Am I Secure by Design ?” Evaluating the Security and Transparency of GenAI: An End User-Centric Approach

Christian Chung, Paris Dauphine University
Francois Acquatella, University

12:00 AM

An Affordance Perspective on Artificial Intelligence’s Role in Data Protection

Guy Alain Sylvanus Kouyo, Université Laval
Rohit Nishant, Queen's University Belfast
Hager Khechine, Laval University

12:00 AM

An AI-Driven Framework for Autonomous Network Vulnerability Management

Shadi Esnaashari, Johns Hokins University
Mansoure Jabalameli, Deloitte

12:00 AM

An Analysis of Executive Managers Acceptance of Cyber Security Risk Management – A Systematic Review

Lordt Becklines, Dakota State University
Omar El-Gayar, Dakota State University

12:00 AM

An Integrative Model of Phishing Susceptibility

Yuxiao Luo, Appalachian State University
Adel Yazdanmehr, Baruch College, City University of New York
Nanda Kumar, City University of New York

12:00 AM

An Organizational Field Experiment on Phishing and Cybersecurity Risk Homeostasis Theory

Katharina Hobbensiefken, Carl von Osietzky University of Oldenburg
Bryan Balk, Carl von Osietzky University of Oldenburg
Andreas Peter, Carl von Osietzky University of Oldenburg
Philipp Staudt, Carl-von-Ossietzky University

12:00 AM

Antecedents of Trust in Deepfakes: Insights from the Elaboration Likelihood Model

Steven Gal, Toronto Metropolitan University
Burcu Bulgurcu, Toronto Metropolitan University

12:00 AM

Balancing Risk and Reward in Cybersecurity Investment Decisions

Goeun Kim, Massachusetts Institute of Technology
sander zeijlemaker, Massachusetts Institute of Technology
Jeffrey Proudfoot, Bentley University
Ranjan Pal, MIT
Michael Siegel, Massachusetts Institute of Technology

12:00 AM

Beyond Expectations: Relative Deprivation in Post-Breach Compensation

Jacob Chun Cheng, Department of Operations Management & Information Systems
Jack Hsu, NSYSU

12:00 AM

Big Data and Personal Information Privacy in Developing Countries: A Case of Kenya

JOHNSON MASINDE, Kenyatta University

12:00 AM

Bridging Research and Standards: A Mapping of Social Engineering Countermeasures

Anita Neumannova, WU Vienna University of Economics and Business
Edward W.N. Bernroider, WU Vienna University of Economics and Business

12:00 AM

But I Trusted You: An Experiment on Digital Piracy and Platform Trust

Andy Bowman, East Carolina University
Bryan Hammer, University of Montana
John R. Drake, East Carolina University

12:00 AM

Cognitive Dissonance and Persuasion for Smishing (CDP-S): A Conceptual Framework

Wei Xie, Appalachian state university
Lakshmi Iyer, university of North Carolina Greensboro
Debalina Bera, University of North Carolina Greensboro

12:00 AM

Cognitive Load and Its Influence on Fake and Real News Perception

Sakshi Singh, State University of New York, University at Albany
Sanjay Goel, University at Albany, SUNY

12:00 AM

Cyber Risk Challenges in UPI and CBDC

Anuj S.S Mishra, Indian Institute of Management Lucknow
Arunabha Mukhopadhyay, Indian Institute of Management Lucknow

12:00 AM

Cybersecurity Disclosure Index: Reflecting Risk Management Strategy and Predicting Future Risk in US Firms

Samiran Das, The University of Texas Rio Grande Valley
Francis Kofi Andoh-Baidoo, University of Texas Rio Grande Valley

12:00 AM

Cybersecurity Knowledge Resources and Capabilities: Strategic Determinants of Data Breach

Mohammad Mohsin, The University of North Carolina at Greensboro
A. F. Salam, UNC Greensboro
Moez Farokhnia Hamedani, University of North Carolina at Greensboro
Lakshmi Iyer, university of North Carolina Greensboro

12:00 AM

CYBERSECURITY SHOW-AND-TELL: AN ANALYSIS OF FIRM DISCLOSURE BEHAVIOR AND THE RELEVANCE OF PRIOR DATA BREACHES

Biju Varghese, Rochester Institute of Technology
Ali Tosyali, Rochester Institute of Technology
Sean William Hansen, Rochester Institute of Technology

12:00 AM

Deepfakes Threats and the Deterrence of Aspiring Content Creators

Ghazal Abdolhossein Khani, Oklahoma State University
Corey Baham, Oklahoma State University

12:00 AM

Does cybercrime indicate serious offending behavior? A cross-national comparative analysis of cybercrime severity

Janne Joonas Vepsäläinen, Tampere University
Markus Kaakinen, University of Helsinki
Atte Oksanen, Tampere University
Iina Savolainen, Tampere University
Anna Markina, University of Tartu
Camilla Løvschall Langeland, University of Oslo
Gorazd Meško, University of Maribor
Iza Kokoravec Povh, University of Maribor
Margrét Valdimarsdóttir, University of Iceland

12:00 AM

Enhancing Cloud Security Assessment Frameworks for the Generative AI Era: An Action Design Research Approach

Motahareh Pourbehzadi, University of North Carolina Greensboro
Tra Le Nguyen Huong, University of South Florida
Giti Javidi, University of South Florida
Anita Luthra, University of North Carolina Greensboro

12:00 AM

Exploring Self-Sovereign Identity Solutions for Improved Identity and Access Management in the European Union

Halima Maghraoui, Institut MinesTélecom Business School
Anuragini Shirish, Université Paris-Saclay, Univ Evry, IMT-BS, LITEM, 91025, Evry-Courcouronnes, France

12:00 AM

Factors Influencing Individual’s Privacy-Protective Behavior in the Age of Surveillance Capitalism

Jurgen Geitner, University of Cape Town
Zainab Ruhwanya, University of Cape Town
Irwin Brown, University of Cape Town

12:00 AM

FairPrivacy: A Robust Q&A System for Enhancing Transparency in IoT

Turquoise H. Richardson, University of Texas at San Antonio
Đorđe Klisura, University of Texas at San Antonio
Hilal Pataci, Alvarez College of Business
Anthony Rios, University of Texas at San Antonio

12:00 AM

Far Enough to Share: Impact of Psychological Distance on GenAI Disclosure

Muriel Frank, Interdisciplinary Centre for Security, Reliability and Trust (SnT)
Ayah Tharwat, University of Luxembourg
Nadia Pocher, University of Luxembourg

12:00 AM

Fear Appeal and Psychological Distance in InfoSec Advice

Marvin Adjei Kojo Lomo, UNC Greensboro

12:00 AM

From Familiarity to Vulnerability: The Role of Social Distance and Information Processing in Spear Phishing

Tiancong Fu, Queen's University
Kathryn Brohman, Queen's University

12:00 AM

GAMIFICATION-BASED SPEAR PHISHING AWARENESS TRAINING SYSTEM: FOUR NOVEL DESIGN ARTIFACTS

Lina Zhou, UNC Charlotte
Abdulrahman Aldkheel, King Saud University

12:00 AM

Generative AI Privacy Concerns. What does Generation Z think?

Simran Dhillon, Virginia State University

12:00 AM

Guidelines for Longitudinal Information Security Policy Compliance Research

Fredrik Karlsson, Örebro University
Shang Gao, Orebro University

12:00 AM

Idiographic Approach to Fatigue in Cybersecurity Behavior: The Role of Security Communication

Mohammad Mohsin, The University of North Carolina at Greensboro
Moez Farokhnia Hamedani, University of North Carolina at Greensboro
Lakshmi Iyer, university of North Carolina Greensboro

12:00 AM

Information Security Compliance Intentions: Role of Contingent Employees

Joseph Kwame ADJEI, Ashesi University
Solomon Odei-Appiah, Ghana Institute of Management and Public Administration

12:00 AM

Investigating User Inaction in Post-Breach Situations

Arman Falahati, University at Buffalo
Liette Lapointe, McGill University
Suzanne Rivard, HEC Montreal

12:00 AM

Is the Data Breach News Dissemination on the Company's Social Media Always Bad? Perspective from User Engagement

Niaz Mohammed, Florida Atlantic University
Chul Woo Yoo, FAU

12:00 AM

Misinformation Detection on Social Media: A Theory-Driven Feature Generation Approach

Hui Rao, The University of Melbourne
Avijit Sengupta, University of Queensland
Morteza Namvar, The University of Queensland

12:00 AM

Navigating the Aftermath: An Empirical Investigation of Response Timeliness and Strategy for Data Breach

Arindam Majumder, University of North Texas
Dan J. Kim, University of North Texas

12:00 AM

Norms as Shields: A Global Analysis of Cultural Tightness’ Impact on DDoS Attacks

Xinzhe Niu, University of Memphis
Huigang Liang, University of Memphis

12:00 AM

Phishing Attacks in Context: Organizational Factors Shaping Phishing Susceptibility

Fabian Hable, Vrije Universiteit Amsterdam
Nina-Birte Schirrmacher, University of Sydney
Bart van den Hooff, Vrije Universiteit Amsterdam

12:00 AM

Privacy Compliance in Small-sized Enterprises: An Investigation in the German E-commerce Sector

Alexandra Klymenko, Technical University of Munich
Stephen Meisenbacher, Technical University of Munich
Maximilian Jahr, Technical University of Munich
Florian Matthes, Technical University of Munich

12:00 AM

Risk Classification and Compliance of AI Systems under the EU AI Act

Thomas Schuster, Pforzheim University
Lukas Falk Waidelich, Pforzheim University
Andreas Schneider, Pforzheim University
Marian Lambert, XPACE

12:00 AM

Securing the New Normal: Evaluating how Organizational Culture and Remote Work Adoption shapes Information Security Policy Compliance

FREDERICK AKWESI ADRAH, UNIVERSITY OF NORTH CAROLINA GREENSBORO
Rahul Singh, UNC Greensboro

12:00 AM

Security Operations Centers and the Battle between Mindfulness and Mindlessness: Toward a Model of Mindful Balancing

Wael Soliman, University of Agder
Adrian Mikkelesen, Guard Automation
Terje Heum Seljåsen, Vygruppen AS

12:00 AM

Security Risk Factors of Blockchain-based Applications and Propositions for Future Research

Wilfried Nzabandora Bazomanza, Université Laval
Sehl Mellouli, Université Laval
Rohit Nishant, Queen's University Belfast

12:00 AM

Shaping Secure Behavior through Social Support Structures: An Empirical Examination

Joshua M. Davis, Missouri State University
Obi Ogbanufe, University of North Texas
Xiang Guo, Missouri State University
Deepti Agrawal, California State Polytechnic University Pomona

12:00 AM

The Cyber-Storm: NLP Adoption and the Escalating Risk of Cyberattacks

Issack Shama Guyo, University of Texas Rio Grande Valley
Md Rafiqul Islam, University of Texas Rio Grande Valley
Xuan Wang, The University of Texas Rio Grande Valley
Jinghao Yang, The University of Texas Rio Grande Valley

12:00 AM

The Emergence Process of Collective Perceptions of Digital Privacy in Organizations

Maryam B. Farahani, McGill Desautels Faculty of Management
Liette Lapointe, McGill University
Bogdan Negoita, HEC Montréal

12:00 AM

The Impact of Cognitive Load on Responses to Security Alerts: Investigating Human Errors

Lakshika Vaishnav, University at Albany, SUNY
Sanjay Goel, University at Albany, SUNY

12:00 AM

The Impact of Phishing Susceptibility on Different Individual Outcomes

Oluwatosin Esther Adeleke, Queen's University
Kathryn Brohman, Queen's University

12:00 AM

The Influence of Moral Values on Information Security Policy Compliance in AI-Monitored Environments

Junyi Yang, McMaster University
Xuecong Lu, SUNY, University at Albany
Milena Head, McMaster University

12:00 AM

Toward a Theory of Passive Sanctions in Cybersecurity

Mikko Siponen, University of Alabama

12:00 AM

Towards a Rights-Based Approach to AI Chatbot Usage: Navigating Ethical Considerations in ChatGPT Interactions

Buddhi Pathak, University of the West of England, Bristol
Shina Zdravcheva, University of Sunderland
Michael Dzigbordi Dzandu, University of Westminster: London, GB

12:00 AM

Trust Dynamics in Inter-Organizational Cybersecurity Governance

Ana-Maria Florescu, CERGAM, FEG
Claudio Vitari, CNRS, LEST, CERGAM, FEG
Serge Amabile, CERGAM, FEG

12:00 AM

Understanding Gen Z's Vulnerability to Romance Scams

Deepti Agrawal, California State Polytechnic University Pomona
Kulraj Singh, California State University Fullerton
Dhruv Sharma, Guru Jambheshwar University of Science & Technology

12:00 AM

Understanding the antecedents of repeat data breach incidents for firms

Joseph Nwankpa, Miami University
Jon Schooley, Miami University

12:00 AM

Unraveling The Link Between Sociodemographics and Cybersecurity

Giacomo Gori, Università di Bologna
Giordana Martucci, Università di Bologna
Alessia Ganzaroli, Independent research
Marco Prandini, Università Di Bologna

12:00 AM

What Does the Google Play Store Tell Us About Information Privacy? An Examination of EdTech Apps

Mark Keith, Brigham Young Universify
Justin Giboney, BYU
Lisa LeVasseur, Internet Safety Labs
Suhyun Baik, Brigham Young University
Rebekah Kinghorn, Brigham Young University
Connor Elder, Brigham Young University
Asante Laryea-Akrong, Brigham Young University
Ethan Kasunick, Brigham Young University
Cristian Cruz, Brigham Young University

12:00 AM