Articles on Privacy

• Incident Response Asymmetry of People's Time When Handling Major Security Incidents
  Organizations without mature incident response programs overreact to breaches—calling all-hands meetings, micromanaging tasks, demanding night-and-day work—spending disproportionate time compared to...
• Risk Management The Role of Rituals in Information Security
  Security practices often function as rituals—painstaking steps we follow out of habit that provide a sense of control. Rituals reduce stress by overloading working memory, blocking intrusive...
• Malware Fear vs. Anxiety in Cybersecurity: What We Can Do
  Fear involves specific threats that can be addressed through threat modeling, while anxiety is a diffuse reaction to abstract concerns that's harder to resolve. Much security FUD induces anxiety...
• Privacy Learn the Future of Privacy and Social Interactions from Teens
  Adults see privacy as controlling what's made public—private by default. Teens think about what to exclude from being public—public by default. Understanding these emerging norms and teenagers'...
• Risk Management Could Regulatory Compliance Encourage Weaker Security?
  Compliance replaces social norms with market exchanges—companies see fines as a "price" rather than feeling obligated to protect data. Like day care parents who arrived late more often after fines...
• Privacy Teens on Formspring Are Redefining Privacy Norms
  Sites like Formspring encourage teens to answer personal questions that mirror password-reset security questions—favorite colors, restaurants, and pet names. As privacy norms change and more personal...