Track 15: IS Security Management and Privacy

Protecting Data, Knowledge (& Decisions) remains a pressing concern for organisations, governments and individuals alike.  Security attacks in terms of frequency, scale, diversity and seriousness are unprecedented.  Attacks come from outside as well as within organisational boundaries, can be malicious, or may be accidental.  Additionally, as knowledge is being collected and analysed more frequently by organisations, unauthorized access and leakage become a serious problem.  The use of the Internet of Things, mobile devices and the like further exacerbates these issues.  A number of controls are used to attempt to mitigate these issues including policies, strategies, training and technological controls.

This track welcomes empirical and rich theoretical papers that provide interesting insights on these and other issues in the IS sphere from a security and privacy perspective. In particular, we welcome papers that furnish new and creative approaches to understanding the modern threat landscape, via new theoretical lenses, innovative practical contexts, and novel data analysis techniques. The track welcomes design science, empirical, economic, managerial, behavioural, and theoretical submissions across a diverse range of topics—from technical management aspects to broader social and managerial issues at the individual, organizational, or societal levels. We invite theoretical perspectives from behavioural, organizational, cognitive, cultural, socio-technical, or other lenses for analysis of these issues.

Topics of interest include, but are not limited to, the following aspects of IS security and privacy:

  • Adoption, use, and continuance of information security technologies and policies
  • Costs and benefits of information security and privacy
  • Cross-cultural issues in IS security and privacy
  • Cyberwarfare and cybersecurity
  • Design and development of information security and privacy enhancing technologies
  • Digital forensics, testing and incident investigations;
  • Identity management for individuals and organisations;
  • Incident response and investigations of security violations
  • Information security policy development and impact
  • Information security strategy and governance
  • Intrusion detection/prevention
  • IT audit and controls
  • Knowledge Leakage
  • Legal, societal, and ethical issues in IS security and privacy
  • Risk analysis and management, risk and fraud assessment
  • Security and privacy concerning social media, social networking, big data, the IOT or mobile devices
  • Security and privacy metrics
  • Security, Education, Training, and Awareness (SETA) programs and campaigns
  • Social engineering and human risks, including the role of employees and customers;
  • Theoretical and empirical analyses of information security behaviours and on information, user and customer privacy;

Track Chairs

Sean Maynard
The University of Melbourne, Australia
EMLogo WebLogo Linklogo

Atif Ahmad
The University of Melbourne, Australia
EMLogo WebLogo Linklogo

Dragana Calic
Defence Science & Technology Group, Australia
EMLogo WebLogo

Robert Willison
University of Newcastle, UK
EMLogo WebLogo