2nd Workshop on Security, Privacy, Organizations, and Systems Engineering (SPOSE)
Event submitted on Thursday, August 13th 2020, approved by Charles Villanueva ✓
This event has been tagged as follows:
An event that is focused on Security, Privacy, Organizations, and Systems Engineering: if these are subject matters of interest then we’d highly encourage you to get to know more about this conference in Surrey, UK. Of interest, we also have a round-up of some of our best privacy conferences.
The following description was either submitted by the Conference Organizer on Thursday, August 13th 2020, or created by us.
Over the past decades, a multitude of security and privacy-enhancing technologies has been developed and brought to considerable maturity. However, the design and engineering of such technologies often ignore the organizational context that respective technologies are to be applied in.
A large and hierarchical organization, for example, calls for significantly different security and privacy practices and respective technologies than an agile, small startup. Similarly, whenever employees’ behavior plays a significant role in the ultimate level of security and privacy provided, their individual interests and incentives as well as typical behavioral patterns must be taken into account and materialized in concrete technical solutions and practices. Even though research on security- and privacy-related technologies increasingly considers questions of practical applicability in realistic scenarios, implementation decisions are still mostly technology-driven, and existing technical limitations and notions of “this is how we’ve always done it” hamper innovation.
On the other hand, a substantial body of organization-related security and privacy research already exists, incorporating aspects like decision and governance structures, individual interests and incentives of employees, organizational roles and procedures, organizational as well as national culture, or business models and organizational goals. However, there is still a large gap between the generation of respective insights and their actual incorporation in concrete technical mechanisms, frameworks, and systems.
This disconnection between rather technical and rather organization-related security and privacy research leaves substantial room for improving the fit between organizational practices on the one and the engineering of concrete technologies on the other hand. Achieving a better fit between these two sides through security and privacy technologies that soundly incorporate organizational and behavioral theories and practices promises substantial benefits for organizations and data subjects, engineers, policymakers, and society as a whole.
The aim of this workshop is, therefore, to discuss, exchange, and develop ideas and questions regarding the design and engineering of technical security and privacy mechanisms with particular reference to organizational contexts. We invite papers from researchers and practitioners working in security- and privacy-related systems engineering as well as in the field of organizational science to submit their original papers to this workshop.