On research, the strategic vision of Kogod Cybersecurity Governance Center is to focus on two aspects of cybersecurity and privacy: behavioral research and data analytics. We argue that past efforts on cybersecurity and privacy research are heavily skewed towards system security issues, leaving as research gaps the two aspects we plan to study. Behavioral research aims to understand how the complex interplays between automated systems and human users, especially human behavior patterns and economic drivers, affect cybersecurity and privacy. Data analytics, on the other hand, considers both the security and privacy threats posed by data analytics techniques and the security and privacy challenges threatening the utility and robustness of data analytics.
The Stafford Beer Medal for 2018
Dr. Heng Xu, Kogod Cybersecurity Governance Center Director, was recently awarded The Operational Research Society’s Stafford Beer Medal for 2018 for her paper "Examining the intended and unintended consequences of organisational privacy safeguards". The Stafford Beer Medal was established in memory of Stafford Beer, a British theorist and professor who was a world leader in operational research and management cybernetics.
National Science Foundation Project: Privacy regrets in smartphone usage
Dr. Heng Xu and Dr. Nan Zhang of Kogod Cybersecurity Governance Center gratefully acknowledge the National Science Foundation for the foundation's generous support of their research project "SaTC: CORE: Medium: Situation-Aware Identification and Rectification of Regrettable Privacy Decisions", which is rooted in integrating substantive bodies of multidisciplinary knowledge to address the acute challenges of mobile privacy.
How your friends affect your privacy on Twitter
Yaqoub Alsarkal, Nan Zhang, and Heng Xu
This paper addresses a novel yet important question of whether privacy self-management, a popular solution to privacy protection in social media and other websites, are indeed effective in practice. Specifically, it presents an observational study on the effect of the most prominent privacy setting on Twitter, the protected mode. The results show that, even after setting an account to protected, most real-world account owners still have substantial private information continuously disclosed, mostly through tweets posted by the owner’s connections. This paper won a best paper nomination at HICSS 52.
Privacy disparity? Addressing privacy concerns in health disparity research
Nan Zhang and Heng Xu
Most research on identifying and understanding health disparities focused on measurement strategies and analytics design over administrative and survey data. What has received less attention, however, is the complex interplay between privacy concerns and the needs of health disparity research. Recently accepted for publication on the Medical Care Journal. This paper illustrates the fundamental challenges facing the reconciliation of privacy needs and health disparity research.
Sharing Insider Threat Indicators: Examining the Potential Use of SWIFT's Messaging Platform to Combat Cyber Fraud
Elizabeth Petrie and Casey Evans
Written by Elizabeth Petrie, Director of Cyber Threat Risk Management at Citibank, and Casey Evans, KCGC Faculty Fellow, this paper focuses on identifying the patterns of behavior typically indicative of efforts by criminals to use insiders to cash out on fraudulent activity. The research explores the potential for organizations to use an existing telecommunication platform, such as SWIFT, to communicate cyber fraud threat information by establishing indicators of cashout behavior, which could warn of cyber fraud activity. An example of what this might look like using an MT998 message is included in the paper.