Content Description
Companies today face the tension between realizing the possibilities of advanced digitalization, complying with legal regulations, and securing information assets in the context of the growing connectivity of people, data, and things [1]. However, an effective compliance, risk, and security strategy and the appropriate implementation of corresponding measures have become indispensable not only in business environments, but also in other types of organizations as well as in academia [2].
Due to current developments in the field of artificial intelligence (AI) (see, e.g., [3]) and the rapid spread of large language models such as ChatGPT, voices are increasingly being raised that see a need to regulate the use of AI and focus more strongly on security aspects. One example is a draft for a new EU regulation, the so-called AI Act [4], which proposes „harmonized regulations for artificial intelligence“ and thus, once again, gives new impetus to the topics of compliance and (information) security in information systems research (ISR). Consequently, in addition to traditional research streams, such as information security management and business process compliance, there are also new streams dealing with information security and compliance, such as data-driven initiatives at the interface with ISR.
The 4th International Workshop on Current Information Security and Compliance Issues in Information Systems Research (CIISR 2024) provides a platform for all topics related to information security and compliance that are part of the ISR discipline or have interfaces with it. The workshop will take place on September 16, 2024 in conjunction with the 19th International Conference on Wirtschaftsinformatik (WI 2024). Based on the main theme of the conference – Automating the World: Information Systems in the Age of AI – we will discuss current issues on information security and compliance in the context of increasing automation through and with AI, which is of particular importance for ISR.
We cordially invite authors to submit and present full papers, short papers, or extended abstracts relevant to the workshop topic. We welcome practical contributions, empirical studies, systematic literature analyses, as well as research papers following the design science research paradigm. The topics of interest include, but are not limited to:
- Information security policy compliance (ISPC)
- Effectiveness of information security management standards
- Security education training and awareness (SETA)
- Handling of data breaches
- Information security and compliance related to data-driven approaches at the interface with ISR
- Regulatory, moral, and ethical aspects of using AI in ISR
- The role of compliance and information security in data science applications and projects
- Ensuring business process compliance/security
- Business process compliance/security in the context of outsourcing or in consideration of economic/social factors
- Information security and compliance issues related to process mining
- Current issues of IT compliance
- Impact of current IT-related legal regulations (e.g., the Digital Operational Resilience Act (DORA), the General Data Protection Regulation (GDPR), the draft of the AI Act, and other) on the operations of companies and/or (governmental) institutions.
- Information security and compliance issues related to current crises (e.g., the climate crisis)
Contributions addressing other workshop-relevant topics are also welcome.
For further questions concerning the workshop or submissions, please contact Stephan Kühnel (stephan.kuehnel@wiwi.uni-halle.de). We look forward to your submissions and your participation!
Target Group
The target group of the CIISR workshop includes academics whose research focus is on current information security and compliance issues, practitioners working in the fields of information security and/or compliance, and all other interested parties. This workshop provides the opportunity for (senior) researchers and practitioners to present their latest research, but also serves as a forum for young scientists and doctoral students to present early or ongoing research results. Interested participants can also register for participation in the workshop without submitting a contribution.
Submission Types, Submission Instructions, and Formalities
We welcome submissions to the CIISR workshop on the above-mentioned topics written in English. For this purpose, we invite three submission types:
(1) Full papers (research papers/practical reports)
This submission type includes both advanced research with at least partial evaluation and comprehensive practical contributions.
(2) Short papers (research in progress papers/short practical reports)
Short papers represent ongoing research or ongoing practical projects. In addition to presenting initial results, these papers should also contain an outlook on further research or further project progress, including planned future work steps
(3) Extended abstracts
Extended abstracts present and discuss high-quality results of already published journal contributions (or dissertations/postdoctoral theses) with relevance to the workshop topic. The republication of conference papers is not permitted.
In terms of length requirements, we follow the official WI 2024 guidelines for full (submission type 1) and short papers (submission types 2 and 3).
When formatting your submissions, please use the official WI 2024 template.
Except for extended abstracts, the submission of contributions must be made in anonymized form, i.e., all information that would allow the authors to be identified must be removed or blinded (e.g., author names, project names). Each submission will be reviewed double-blind. The authors‘ information will be added after the acceptance notification.
All accepted contributions will be published in an workshop volume or in the WI Workshop Proceedings and must be presented and discussed by at least one author during the CIISR workshop.
Deadlines
Deadline for submissions: | May 24, 2024 (midnight CEST) |
Notification of (conditional) acceptance: | June 14, 2024 |
Submission of final papers: | June 28, 2024 |
Workshop date: | September 16, 2024 |
Submissions should be made via the conference’s submission system ConfTool. If you encounter any problems with the submission, please contact us. If problems arise shortly before the deadline, you may also submit your paper(s) via email to ciisr@wiwi.uni-halle.de (as a very last option).
Workshop Schedule (tentative)
14:55 – 15:00 | Opening |
15:00 – 15:40 | Full Paper 1: Bauer, Laura: A Literature-Driven Design Theory for Multiple-Criteria Assessment Tools for Information Security Investments |
15:40 – 15:45 | Switching Time |
15:45 – 16:25 | Full Paper 2: Niemann, Laura; Wellßow, Arlena; Kuchenbuch, René; Werth, Oliver; Uslar, Mathias: Cyber Security in the Smart Grid: Mapping Standards |
16:25 – 17:00 | Short Break / Getting Coffee |
17:00 – 17:40 | Full Paper 3: Meister, Robin; Guhr, Nadine: Recent Insights in Information Security Awareness Training: A Systematic Literature Review |
17:40 – 18:00 | Closing & (Voluntary) Networking |
Workshop Organizers
Dr. Stephan Kühnel
Chair of Information Systems, esp. Business Information Management
Martin Luther University Halle-Wittenberg
Universitaetsring 3, 06108 Halle (Saale), Germany
E-mail: stephan.kuehnel@wiwi.uni-halle.de
Dr. Ilja Nastjuk
Chair for Information Security and Compliance
Georg August University of Goettingen
Platz der Goettinger Sieben 5
37073 Goettingen, Germany
E-mail: ilja.nastjuk@wiwi.uni-goettingen.de
Prof. Dr. Stefan Sackmann
Chair of Information Systems, esp. Business Information Management
Martin Luther University Halle-Wittenberg
Universitaetsring 3, 06108 Halle (Saale), Germany
E-mail: stefan.sackmann@wiwi.uni-halle.de
Prof. Dr. Simon Trang
Chair for Information Systems, esp. Sustainability
Paderborn University
Warburger Straße 100
33098 Paderborn, Germany
E-mail: simon.trang@uni-paderborn.de
and
Chair for Information Security and Compliance
Georg August University of Goettingen
Platz der Goettinger Sieben 5
37073 Goettingen, Germany
E-mail: simon.trang@wiwi.uni-goettingen.de
Program Committee
- Prof. Dr. Alfred Benedikt Brendel (Indiana University – Kelley School of Business, USA)
- Dr. Johannes Damarowsky (Martin Luther University Halle-Wittenberg)
- Prof. Dr. Nadine Guhr (OWL University of Applied Sciences and Arts, Germany)
- Ass. Prof. Dr. Simon Hacks (Stockholm University, Sweden)
- Mohammed Mubarkoot, Ph.D. (Seoul National University, South Korea)
- Prof. Dr. Michael Seifert (GISA GmbH, Germany)
- Dr. Tobias Seyffarth (Federal Office for Information Security, Germany)
Web Chair
- Dr. Stephan Kühnel
References
- Trang, S., Brendel, B.: A Meta-Analysis of Deterrence Theory in Information Security Policy Compliance Research. Information Systems Frontiers 21, pp. 1265–1284 (2019).
- Dhillon, G., Smith, K., Dissanayaka, I.: Information systems security research agenda: Exploring the gap between research and practice. The Journal of Strategic Information Systems 30, 101693 (2021).
- Janiesch, C., Zschech, P., Heinrich, K.: Machine learning and deep learning. Electron Markets 31, 685–695 (2021)
- European Commission: Proposal for a Regulation of the European Parliament and of the Council Laying Down Harmonized Rules on Artificial Intelligence (Artificial Intelligence Act) and Amending Certain Union Legislative Acts. COM(2021) 206 final (2021)