[AISWorld] CFP HICSS-58: Innovative Behavioral IS Security and Privacy Research

[Warkentin, Merrill]

CALL FOR PAPERS: Innovative Behavioral IS Security and Privacy Research
Hawaii International Conference on System Sciences (HICSS-58)
Hilton Waikoloa Village, Big Island | January 7-10, 2025
http://www.hicss.org/
https://hicss.hawaii.edu/tracks-58/internet-and-the-digital-economy/#innovative-behavioral-is-security-and-privacy-research-minitrack
Fast-track submission opportunity (at the discretion of minitrack chairs) in the Journal of Intellectual Capital: https://www.emeraldgrouppublishing.com/journal/jic
===============================================

== Minitrack Description: ==
Innovative Behavioral IS Security and Privacy Research

This minitrack provides a venue for innovative research that rigorously addresses the risks to information system security and privacy, with a specific focus on individual behaviors within this nomological net. Domains include work related to detecting, mitigating, and preventing both internal and external human threats to organizational security. Papers may include theory development, empirical studies (both quantitative and qualitative), case studies, and other high-quality research manuscripts.

Topics include, but are not limited to:
*	Creative investigations of actual user security behavior, both positive and negative
*	Detecting and mitigating insider threats
*	Security policy compliance research - motivations, antecedents, levers of influence
*	Research contrasting policy compliance with actual secure behaviors
*	Analysis of known and unknown modes and vectors of internal and external attack
*	Explorations of the impact of generative AI and ML/LLM on security outcomes
*	SETA (security education, training, and awareness) programs
*	Cyber security professionals harnessing AI to enhance defense
*	Modeling of security and privacy behavioral phenomena and relationships
*	Studies examining privacy-related behaviors from a "privacy paradox" perspective
*	Merging methodological topics related to addressing research strategies in IS security
*	Translational science perspectives and strategies for IS security/privacy research
*	Theory development, theory building, and theory testing in information security
*	Neurosecurity (NeuroIS) investigations of information security behavior
*	Explorations of emerging issues related to the security of the "Internet of Things" (ioT)

This mintrack will provide IS/IT researchers a collaborative forum to share their research approaches. We hope to attract the skills and insights of scholars from a wide set of disciplines, presenting a mix of theoretical and applied papers on threats and mitigation. Areas of research may include the following.

1. Research related to insider threats to information security and privacy represent the first and most important thread for the minitrack. Insider threats include activities ranging from non-malicious and non-volitional behaviors (accidents and oversights) to volitional, but not malicious, actions to malicious actions such as theft, fraud, blackmail, sabotage, and embezzlement.

2. External vectors of attack by individuals and organizations outside the security perimeter represent the second thread for this minitrack. Specific topics of interest include hacker behaviors, cyber-warfare, identity theft (and electronic deception), and cyber-espionage, including most offensive and defensive methods of prevention, detection, and remediation. Other external parties are motivated to use IT to damage or steal trade secrets, national security information, sensitive account information, or other valuable assets.

3. A third thread revolves around security policy compliance, both at the individual and organizational level of analysis. Compliance is not merely a binary concept - it is a continuum. Individuals may minimally comply with formal security and privacy policies and procedures, or they may exhibit extra-role or stewardship behaviors that go above and beyond official compliance. Similarly, individuals may carelessly violate organizational security policies and procedures without malicious intent or they may attempt to cause maximum damage or loss. In some cases, compliant behavior may not be secure and truly secure behavior may constitute policy violation behavior, so more nuanced research designs are needed.

4. Modeling and theory building in the context of IS security and privacy represents yet another interesting area. Theoretical development in information systems security and privacy research is immature relative to other areas of study in the information systems discipline. This sub-discipline of information systems continues to suffer from a limited theoretical base, restricting our collective ability to properly interpret reality, to apply appropriate methodological approaches, and to substantiate conclusions. Adaptation of theories from applied social psychology and criminology are particularly fertile areas for expanding our knowledge base in this domain. Theories from the disciplines of management, education, and others may also inform our understanding of the phenomena of interest.

5. Finally, we have a particular interest in emerging, rigorous research methods for investigating these phenomena. Organizational-level research can be improved, but studies conducted at the individual level, in particular, can benefit from new experimental designs and new data collection methods. Examples include neurophysiological (NeuroIS) methods such as EEG or fMRI, the factorial survey method, and simulations.

Important: each coauthor of a paper submitted to our mini-track is obligated to review at least one other paper for the mini-track. Failure of any one coauthor to review for the mini-track may result in the rejection of the coauthor's paper from the mini-track.

== Important Dates: ==
- June 15, 2024, 11:59 pm (HST): Manuscript submission deadline
- August 17, 2024, 11:59 pm (HST): Notification of acceptance/rejection
- September 22, 2024, 11:59 pm (HST): Submission of final manuscript for proceeding publication
- October 1, 2024, 11:59 pm (HST): Registration deadline (at least one author must register)
- January 7-10, 2025: HICSS-58 conference dates

Please see the HICSS website for more information: https://hicss.hawaii.edu/ 
Submit full manuscripts for review: http://hicss.hawaii.edu/tracks-and-minitracks/authors/ 

== Minitrack Co-chairs: ==
- Merrill Warkentin, Mississippi State University, mailto:m.warkentin at msstate.edu (primary contact)
- Allen C. Johnston, University of Alabama, mailto:ajohnston at cba.ua.edu
- Anthony Vance, Virginia Tech, mailto:Anthony at Vance.name
- Karen Renaud, Strathclyde University, mailto:karen.renaud at strath.ac.uk