Reframing Organizational Cybersecurity to Design for “Cyber Health”Cori Faklaris
Presented July 15, 2018 to the 2018 Organizational Science and Cybersecurity Workshop, George Mason University, Fairfax, VA, USA. In this talk, I present the Transtheoretical Model (TTM) of Behavior Change for use in an organizational context as part of a larger reframing of end-user cybersecurity as a problem of organization health and wellness. I explain a visual diagram of six TTM Stages of Change and associated intervention strategies, as adapted from medical and wellness literature, and relate these to examples of security interventions currently in use, such as password strength indicators and Facebook Trusted Contacts. I conclude with my view that this framing can help researchers and practitioners approach “wicked problems” of organizational security that are not “tame” or one-and-done engineering problems but socio-cultural conditions that call for sustained, empowered action.
How can we boost 'cyber health' ? Psychometrics, social appeals and tools for...Cori Faklaris
This document discusses research being conducted at Carnegie Mellon University on improving "cyber health". The researcher is studying which individual differences affect a person's level of cyber health and is creating tools to leverage social factors. The research aims to understand cybersecurity behaviors by drawing analogies to health and wellness. Surveys are used to measure security attitudes and behaviors. The goal is to apply findings to design effective security interventions and awareness campaigns.
Components of a Model of Cybersecurity Behavior AdoptionCori Faklaris
Cori Faklaris presented a model for understanding the process of adopting or not adopting cybersecurity behaviors. Existing models focus on concepts like expectancy and value but do not account for time or how thinking evolves. Stage models break the process into chunks like stages of change. Faklaris proposes exploring whether there are two trajectories for adoption - mandatory behaviors imposed by authorities versus voluntary behaviors influenced more by peers. The goal is to specify stages to target security interventions more effectively and improve adoption of behaviors.
Designing Schneier’s Five Step Risk Analysis Process into an Online Role Play...Nicola Marae Allain, PhD
Risk analysis and security policy development are essential components of an educated approach to security.
The author discusses an online security role play scenario and policy development exercise designed to include Schneier’s five step risk assessment methodology, while developing higher level cognitive, consensus building, communication, and decision-making skills.
A Poster Presentation for the Educause Conference, October 24th 2007
This document summarizes key issues around student privacy and data collection in learning analytics. It discusses how students may not know what data is being collected about them, how it will be used, and for how long. Terms and conditions documents from Coursera, edX, and FutureLearn were analyzed and found to be lengthy without clearly explaining data practices. Implications for learning analytics include ensuring transparency about data collection and use, giving students access and control over their personal data, and moving beyond just opt-in/opt-out models to empower student privacy self-management. Addressing these challenges is important for developing trust and reciprocal care between institutions and students.
This document discusses ethics and human participants in practice-based research. It provides an overview of key considerations for designing research, collecting data, and ensuring ethical conduct. Specific methods and challenges are explored, including issues around informed consent, privacy, risk management, and balancing open-ended creative work with participant well-being. Contemporary issues like privacy in a surveillance society and engaging public bystanders are also examined.
This document discusses the ethical considerations of using social media for research participant recruitment and engagement. It notes that while social media can help with challenges like low enrollment, it also poses privacy risks given how platforms collect and share user data. When using social media, researchers should educate participants about these risks and avoid amplifying them, such as by directing interested individuals to private message rather than publicly post on a platform. The document also addresses risks of using social media for ongoing communication between research teams and participants, such as unblinding or spreading misinformation, and ways to mitigate these risks through agreements, technical measures, monitoring or education.
Reframing Organizational Cybersecurity to Design for “Cyber Health”Cori Faklaris
Presented July 15, 2018 to the 2018 Organizational Science and Cybersecurity Workshop, George Mason University, Fairfax, VA, USA. In this talk, I present the Transtheoretical Model (TTM) of Behavior Change for use in an organizational context as part of a larger reframing of end-user cybersecurity as a problem of organization health and wellness. I explain a visual diagram of six TTM Stages of Change and associated intervention strategies, as adapted from medical and wellness literature, and relate these to examples of security interventions currently in use, such as password strength indicators and Facebook Trusted Contacts. I conclude with my view that this framing can help researchers and practitioners approach “wicked problems” of organizational security that are not “tame” or one-and-done engineering problems but socio-cultural conditions that call for sustained, empowered action.
How can we boost 'cyber health' ? Psychometrics, social appeals and tools for...Cori Faklaris
This document discusses research being conducted at Carnegie Mellon University on improving "cyber health". The researcher is studying which individual differences affect a person's level of cyber health and is creating tools to leverage social factors. The research aims to understand cybersecurity behaviors by drawing analogies to health and wellness. Surveys are used to measure security attitudes and behaviors. The goal is to apply findings to design effective security interventions and awareness campaigns.
Components of a Model of Cybersecurity Behavior AdoptionCori Faklaris
Cori Faklaris presented a model for understanding the process of adopting or not adopting cybersecurity behaviors. Existing models focus on concepts like expectancy and value but do not account for time or how thinking evolves. Stage models break the process into chunks like stages of change. Faklaris proposes exploring whether there are two trajectories for adoption - mandatory behaviors imposed by authorities versus voluntary behaviors influenced more by peers. The goal is to specify stages to target security interventions more effectively and improve adoption of behaviors.
Designing Schneier’s Five Step Risk Analysis Process into an Online Role Play...Nicola Marae Allain, PhD
Risk analysis and security policy development are essential components of an educated approach to security.
The author discusses an online security role play scenario and policy development exercise designed to include Schneier’s five step risk assessment methodology, while developing higher level cognitive, consensus building, communication, and decision-making skills.
A Poster Presentation for the Educause Conference, October 24th 2007
This document summarizes key issues around student privacy and data collection in learning analytics. It discusses how students may not know what data is being collected about them, how it will be used, and for how long. Terms and conditions documents from Coursera, edX, and FutureLearn were analyzed and found to be lengthy without clearly explaining data practices. Implications for learning analytics include ensuring transparency about data collection and use, giving students access and control over their personal data, and moving beyond just opt-in/opt-out models to empower student privacy self-management. Addressing these challenges is important for developing trust and reciprocal care between institutions and students.
This document discusses ethics and human participants in practice-based research. It provides an overview of key considerations for designing research, collecting data, and ensuring ethical conduct. Specific methods and challenges are explored, including issues around informed consent, privacy, risk management, and balancing open-ended creative work with participant well-being. Contemporary issues like privacy in a surveillance society and engaging public bystanders are also examined.
This document discusses the ethical considerations of using social media for research participant recruitment and engagement. It notes that while social media can help with challenges like low enrollment, it also poses privacy risks given how platforms collect and share user data. When using social media, researchers should educate participants about these risks and avoid amplifying them, such as by directing interested individuals to private message rather than publicly post on a platform. The document also addresses risks of using social media for ongoing communication between research teams and participants, such as unblinding or spreading misinformation, and ways to mitigate these risks through agreements, technical measures, monitoring or education.
Here is a draft 10-minute PowerPoint presentation outlining the market research needs for a hypothetical company:
Slide 1:
Title: Planning Market Research
Slide 2:
What is market research?
- Systematic gathering and analysis of information about customers, competitors, and the market
- Helps companies make better business decisions and understand customer needs
Slide 3:
Company overview
- [Company name] is a small retailer specializing in outdoor equipment
- Currently operates 3 stores in regional areas
- Seeking to expand into the city market
Slide 4:
Market trends in outdoor equipment retail
- Growing interest in outdoor activities like hiking and camping
- Shift to online shopping for certain
Dual Approaches for Integrating Ethics into the Information Systems CurriculumACBSP Global Accreditation
Participants will experience and compare two approaches to introducing ethics into the MIS curriculum. Organizers, experienced in teaching ethics, will help participants evaluate different pedagogical options in terms of the needs and challenges of specific academic programs.
Addressing vaccine misinformation beyond clinical settings.pdfMélodie YunJu Song
This document summarizes a presentation on addressing vaccine misinformation beyond clinical settings. It discusses key concepts in network science like homophily, complex contagion, and information cascades that relate to the spread of misinformation online. It also outlines potential network interventions on social media, including examining misinformation flow networks, monitoring sentiment, and collaborating with platforms to correct recommender systems. Future research directions are proposed, such as evaluating the effectiveness of different content types and monitoring misinformation promulgators' online communities.
This document outlines a research project conducted by a group of students at the university. The research project examines the impact of social media on consumer buying behavior. It includes an introduction that provides background on the topic and outlines the problem statement, research objectives, questions, limitations and significance of the study. It also includes a review of related literature and methodology section that describes the research design, data collection process, sampling technique, hypotheses and research model.
Tackling issues earlier through smarter use of dataPredictX
Objectives
To share the ambition and work of The Essex Data Programme
To bring to life with a working model – predicting school readiness in Basildon
What we are doing
The results
To highlight future opportunities and learning to date
Q&A and group discussion
This document provides an overview of behavior-based safety (BBS). It discusses the history and origins of BBS in the 1930s. The document outlines key elements of successful BBS programs, including employee involvement, defining expected behaviors, observational data collection, and feedback. It also describes how BBS works through observation, feedback without penalties, data analysis, and recommendations. Some criticisms of BBS are mentioned, and future directions and available technology are briefly outlined.
The document summarizes a study that examined perceived risk and self-efficacy regarding internet security in a marginalized community. 44 participants were interviewed about their perceptions of risk and self-efficacy when using the internet. They were shown examples of safe and malicious websites. While participants were aware of security risks, they had low self-efficacy and saw themselves as vulnerable. They were introduced to PopJART security software but low self-efficacy and perceived barriers prevented adoption, even though they had confidence in its accuracy. The study found that increasing self-efficacy may be more important than communicating risk when designing security services for low-proficiency users.
A Hypothesis is Placed to Justify the Extendibility of Recommender System/ Re...Dr. Amarjeet Singh
Researchers still believe that the information filtering system/ collaborating system is a recommender system or a recommendation system. It is used to predict the "rating" or "preference" of a user to an item. In other words, both predict rating or preference for an item or product on a specific platform. The aim of the paper is to extend the areas of the recommender system/recommendation systems. The basic task of the recommender system mainly is to predict or analyze items/product. If it is possible to include more products in the system, then obviously the system may be extended for other areas also. For example, Medicine is a product and doctors filter the particular medicine for the particular disease. In the medical diagnosis doctors prescribed a medicine and it a product. It depends on the disease of the user/patient so here doctor predicts a medicine or product just like an item is recommended in a recommender system. The main objective of the paper is to extend the Recommender System/Recommendation system in other fields so that the research works can be extended Social Science, Bio-medical Science and many other areas.
Discussion 1 Affinity Group Checkpoint #4This week, you will onVinaOconner450
Discussion 1: Affinity Group Checkpoint #4
This week, you will once again have the help and support of your peers by engaging in a discussion of your coursework with your Affinity Group. Just as you would like to receive meaningful comments on your work, allow others the same privilege and try to provide meaningful feedback.
To prepare for this Discussion:
Review this week’s Learning Resources, especially:
Wiseman, L. (2017). Multipliers: How the best leaders make everyone smarter (Rev. ed.). New York, NY: HarperCollins.
· Chapter 9, “Becoming a Multiplier”
Assignment:
Respond to two of your colleagues’ postings that contain a perspective other than yours.
· Share an insight about what you learned from having read your colleagues’ postings and discuss how and why your colleague’s posting resonated with you professionally and personally. (Note: This may be a great opportunity to help you think about passions you share with your colleagues who could become part of your Walden network.)
· Offer an example from your experience or observation that validates what your colleague discussed.
· Offer specific suggestions that will help your colleague build upon his or her perceptions as a leader.
· Offer further assessment from having read your colleague’s post that could impact a leader’s effectiveness.
· Share how something your colleague discussed changed the way you consider your own leadership qualities.
· 4–5 paragraphs in length
· No Plagiarism
· Cite References
1st Colleague - Natasha Mills
Research Paper Track – Research Methods
Top of Form
My research study seeks to investigate the types of support leaders can provide Gen Z in the workplace to help them grow in their careers, as well as for the realization of organizational goals. Therefore, the participants of the study will comprise of Gen Z employees and organizational leaders, mostly managers. The participants will be selected using a convenience sample that will include Gen Z in my workplace, whose help I will use to recruit their friends who are also Gen Z in various workplaces. According to Dudovskiy (2022), convenience sampling is a non-probabilistic method that involves getting participants from wherever is convenient, and wherever one can find them. At the same time, convenience sampling has no inclusion criteria and is used for issues about perceptions. Therefore, convenience sampling will be an appropriate sampling method for this study because it involves investigating the perceptions of particular groups about an issue affecting them.
The confidentiality and anonymity of participants is a critical issue to pay attention to when gathering data. Adhering to these tenets informs the ethical side of research. Anonymity is mostly associated with qualitative studies and involves collecting data without identifying or personal information of the participants (Coffelt, 2017). Whereas anonymity is important in any research study, it will be more critical for my researc ...
The document outlines different research paradigms including positivism, which uses scientific methods and quantitative data, interpretivism/constructivism, which relies on participants' views and qualitative data, and pragmatism, which
Communication For Change: A Short Guide to Social and Behavior Change (SBCC) ...CChangeProgram
Many theories and models have been used to guide health and development communication work . This PowerPoint presentation provides more detailed background on the theories and models leading to Social and Behavior Change Communication (SBCC).
A Guide to AI for Smarter Nonprofits - Dr. Cori Faklaris, UNC CharlotteCori Faklaris
Working with data is a challenge for many organizations. Nonprofits in particular may need to collect and analyze sensitive, incomplete, and/or biased historical data about people. In this talk, Dr. Cori Faklaris of UNC Charlotte provides an overview of current AI capabilities and weaknesses to consider when integrating current AI technologies into the data workflow. The talk is organized around three takeaways: (1) For better or sometimes worse, AI provides you with “infinite interns.” (2) Give people permission & guardrails to learn what works with these “interns” and what doesn’t. (3) Create a roadmap for adding in more AI to assist nonprofit work, along with strategies for bias mitigation.
The document discusses human factors engineering approaches to optimize human performance and minimize failures when interacting with distributed energy resources (DERs) such as home solar and electric vehicles. It describes studying how people interact with technologies, processes, environments, and other people. The goal is to narrow "gulfs of evaluation and execution" by understanding cognitive limitations and biases, and designing intuitive interfaces. It also stresses expecting human errors and designing to prevent or mitigate them, for example through redundancy, checklists, and training. The key is changing the conditions people operate in, not changing human nature itself.
For this plenary talk at the Charlotte AI Institute for Smarter Learning, Dr. Cori Faklaris introduces her fellow college educators to the exciting world of generative AI tools. She gives a high-level overview of the generative AI landscape and how these tools use machine learning algorithms to generate creative content such as music, art, and text. She then shares some examples of generative AI tools and demonstrate how she has used some of these tools to enhance teaching and learning in the classroom and to boost her productivity in other areas of academic life.
Behavior Change Using Social InfluencesCori Faklaris
Talk for the Cylab Partners Conference on Sept. 23, 2020. (1) Unintentional insider threat (UIT) can arise because security tools or infrastructure does not account for social needs.
(2) Social influences can be used to motivate security behaviors.
Designing for Usable Security and PrivacyCori Faklaris
Cori Faklaris gives a lecture on designing for usable security and privacy. They discuss the differences between security and privacy, noting that security focuses on confidentiality, integrity and availability while privacy relates to appropriate use of sensitive data. They also present a three-pronged approach to usable security and privacy that includes making protections invisible where possible, offering better user interfaces, and training users where necessary. Finally, they discuss the importance of threat modeling in security design.
A Self-Report Measure of End-User Security Attitudes (SA-6)Cori Faklaris
We present SA-6, a six-item psychometric scale for assessing people’s security attitudes that we developed by following best practices. We identify six scale items based on theoretical and empirical research with sufficient response variance, reliability, and validity in a combined sample (N = 478) from Amazon Mechanical Turk and a university-based study pool. We validate the resulting measure with a U.S. Census-tailored Qualtrics panel (N = 209). SA-6 significantly associates with self-report measures of behavior intention and recent secure behaviors. Our work contributes a lightweight method for (1) quantifying and comparing people’s attitudes toward using recommended security tools and practices, and (2) improving predictive modeling of who will adopt security behaviors. Presentation to the Usenix Symposium on Usable Privacy and Security (SOUPS 2019), Aug. 12, 2019, Santa Clara, CA, USA.
Social Cybersecurity: Ideas for Nudging Secure Behaviors Through Social Influ...Cori Faklaris
Presentation to the Three Rivers Information Security Symposium (TRISS 2018) on Oct. 19, 2018, in Monroeville, Pennsylvania. Based on ideas developed at Carnegie Mellon University.
Share & Share Alike? An Exploration of Secure Behaviors in Romantic Relations...Cori Faklaris
1. The study explored account sharing behaviors in romantic relationships and found that the "1 user - 1 account" security model poses challenges for couples.
2. Participants reported sharing accounts for reasons of convenience, household maintenance, trust, and relationship maintenance. As relationships progressed, sharing of financial accounts increased.
3. The researchers propose alternative security architectures, such as multiple profiles per account or group password managers, to better accommodate the needs and goals of romantic partners in sharing accounts.
Social Media Best Practices - CMU Fall 2017Cori Faklaris
Slides for a presentation on what works in social media for academics, given Oct. 24, 2017 to the CHIMPS Lab at Carnegie Mellon University's Human Computer Interaction Institute in the School of Computer Science.
If You Are Going To Skydive, You Need a Parachute: Navigating the World of H...Cori Faklaris
The document discusses the challenges and opportunities for adult students pursuing higher education. It summarizes the experiences of Sara Anne Hook and Cori Faklaris, who took different paths to earn advanced degrees as adult students. Sara Anne pursued degrees part-time while working full-time, while Cori enrolled full-time. They provide advice on navigating financial aid, scholarships, health insurance, and tax benefits. Their presentation aimed to help other adult students develop plans to fund and succeed in higher education.
More Related Content
Similar to Reframing Usable Privacy + Security to Design for 'Cyber Health'
Here is a draft 10-minute PowerPoint presentation outlining the market research needs for a hypothetical company:
Slide 1:
Title: Planning Market Research
Slide 2:
What is market research?
- Systematic gathering and analysis of information about customers, competitors, and the market
- Helps companies make better business decisions and understand customer needs
Slide 3:
Company overview
- [Company name] is a small retailer specializing in outdoor equipment
- Currently operates 3 stores in regional areas
- Seeking to expand into the city market
Slide 4:
Market trends in outdoor equipment retail
- Growing interest in outdoor activities like hiking and camping
- Shift to online shopping for certain
Dual Approaches for Integrating Ethics into the Information Systems CurriculumACBSP Global Accreditation
Participants will experience and compare two approaches to introducing ethics into the MIS curriculum. Organizers, experienced in teaching ethics, will help participants evaluate different pedagogical options in terms of the needs and challenges of specific academic programs.
Addressing vaccine misinformation beyond clinical settings.pdfMélodie YunJu Song
This document summarizes a presentation on addressing vaccine misinformation beyond clinical settings. It discusses key concepts in network science like homophily, complex contagion, and information cascades that relate to the spread of misinformation online. It also outlines potential network interventions on social media, including examining misinformation flow networks, monitoring sentiment, and collaborating with platforms to correct recommender systems. Future research directions are proposed, such as evaluating the effectiveness of different content types and monitoring misinformation promulgators' online communities.
This document outlines a research project conducted by a group of students at the university. The research project examines the impact of social media on consumer buying behavior. It includes an introduction that provides background on the topic and outlines the problem statement, research objectives, questions, limitations and significance of the study. It also includes a review of related literature and methodology section that describes the research design, data collection process, sampling technique, hypotheses and research model.
Tackling issues earlier through smarter use of dataPredictX
Objectives
To share the ambition and work of The Essex Data Programme
To bring to life with a working model – predicting school readiness in Basildon
What we are doing
The results
To highlight future opportunities and learning to date
Q&A and group discussion
This document provides an overview of behavior-based safety (BBS). It discusses the history and origins of BBS in the 1930s. The document outlines key elements of successful BBS programs, including employee involvement, defining expected behaviors, observational data collection, and feedback. It also describes how BBS works through observation, feedback without penalties, data analysis, and recommendations. Some criticisms of BBS are mentioned, and future directions and available technology are briefly outlined.
The document summarizes a study that examined perceived risk and self-efficacy regarding internet security in a marginalized community. 44 participants were interviewed about their perceptions of risk and self-efficacy when using the internet. They were shown examples of safe and malicious websites. While participants were aware of security risks, they had low self-efficacy and saw themselves as vulnerable. They were introduced to PopJART security software but low self-efficacy and perceived barriers prevented adoption, even though they had confidence in its accuracy. The study found that increasing self-efficacy may be more important than communicating risk when designing security services for low-proficiency users.
A Hypothesis is Placed to Justify the Extendibility of Recommender System/ Re...Dr. Amarjeet Singh
Researchers still believe that the information filtering system/ collaborating system is a recommender system or a recommendation system. It is used to predict the "rating" or "preference" of a user to an item. In other words, both predict rating or preference for an item or product on a specific platform. The aim of the paper is to extend the areas of the recommender system/recommendation systems. The basic task of the recommender system mainly is to predict or analyze items/product. If it is possible to include more products in the system, then obviously the system may be extended for other areas also. For example, Medicine is a product and doctors filter the particular medicine for the particular disease. In the medical diagnosis doctors prescribed a medicine and it a product. It depends on the disease of the user/patient so here doctor predicts a medicine or product just like an item is recommended in a recommender system. The main objective of the paper is to extend the Recommender System/Recommendation system in other fields so that the research works can be extended Social Science, Bio-medical Science and many other areas.
Discussion 1 Affinity Group Checkpoint #4This week, you will onVinaOconner450
Discussion 1: Affinity Group Checkpoint #4
This week, you will once again have the help and support of your peers by engaging in a discussion of your coursework with your Affinity Group. Just as you would like to receive meaningful comments on your work, allow others the same privilege and try to provide meaningful feedback.
To prepare for this Discussion:
Review this week’s Learning Resources, especially:
Wiseman, L. (2017). Multipliers: How the best leaders make everyone smarter (Rev. ed.). New York, NY: HarperCollins.
· Chapter 9, “Becoming a Multiplier”
Assignment:
Respond to two of your colleagues’ postings that contain a perspective other than yours.
· Share an insight about what you learned from having read your colleagues’ postings and discuss how and why your colleague’s posting resonated with you professionally and personally. (Note: This may be a great opportunity to help you think about passions you share with your colleagues who could become part of your Walden network.)
· Offer an example from your experience or observation that validates what your colleague discussed.
· Offer specific suggestions that will help your colleague build upon his or her perceptions as a leader.
· Offer further assessment from having read your colleague’s post that could impact a leader’s effectiveness.
· Share how something your colleague discussed changed the way you consider your own leadership qualities.
· 4–5 paragraphs in length
· No Plagiarism
· Cite References
1st Colleague - Natasha Mills
Research Paper Track – Research Methods
Top of Form
My research study seeks to investigate the types of support leaders can provide Gen Z in the workplace to help them grow in their careers, as well as for the realization of organizational goals. Therefore, the participants of the study will comprise of Gen Z employees and organizational leaders, mostly managers. The participants will be selected using a convenience sample that will include Gen Z in my workplace, whose help I will use to recruit their friends who are also Gen Z in various workplaces. According to Dudovskiy (2022), convenience sampling is a non-probabilistic method that involves getting participants from wherever is convenient, and wherever one can find them. At the same time, convenience sampling has no inclusion criteria and is used for issues about perceptions. Therefore, convenience sampling will be an appropriate sampling method for this study because it involves investigating the perceptions of particular groups about an issue affecting them.
The confidentiality and anonymity of participants is a critical issue to pay attention to when gathering data. Adhering to these tenets informs the ethical side of research. Anonymity is mostly associated with qualitative studies and involves collecting data without identifying or personal information of the participants (Coffelt, 2017). Whereas anonymity is important in any research study, it will be more critical for my researc ...
The document outlines different research paradigms including positivism, which uses scientific methods and quantitative data, interpretivism/constructivism, which relies on participants' views and qualitative data, and pragmatism, which
Communication For Change: A Short Guide to Social and Behavior Change (SBCC) ...CChangeProgram
Many theories and models have been used to guide health and development communication work . This PowerPoint presentation provides more detailed background on the theories and models leading to Social and Behavior Change Communication (SBCC).
Similar to Reframing Usable Privacy + Security to Design for 'Cyber Health' (12)
A Guide to AI for Smarter Nonprofits - Dr. Cori Faklaris, UNC CharlotteCori Faklaris
Working with data is a challenge for many organizations. Nonprofits in particular may need to collect and analyze sensitive, incomplete, and/or biased historical data about people. In this talk, Dr. Cori Faklaris of UNC Charlotte provides an overview of current AI capabilities and weaknesses to consider when integrating current AI technologies into the data workflow. The talk is organized around three takeaways: (1) For better or sometimes worse, AI provides you with “infinite interns.” (2) Give people permission & guardrails to learn what works with these “interns” and what doesn’t. (3) Create a roadmap for adding in more AI to assist nonprofit work, along with strategies for bias mitigation.
The document discusses human factors engineering approaches to optimize human performance and minimize failures when interacting with distributed energy resources (DERs) such as home solar and electric vehicles. It describes studying how people interact with technologies, processes, environments, and other people. The goal is to narrow "gulfs of evaluation and execution" by understanding cognitive limitations and biases, and designing intuitive interfaces. It also stresses expecting human errors and designing to prevent or mitigate them, for example through redundancy, checklists, and training. The key is changing the conditions people operate in, not changing human nature itself.
For this plenary talk at the Charlotte AI Institute for Smarter Learning, Dr. Cori Faklaris introduces her fellow college educators to the exciting world of generative AI tools. She gives a high-level overview of the generative AI landscape and how these tools use machine learning algorithms to generate creative content such as music, art, and text. She then shares some examples of generative AI tools and demonstrate how she has used some of these tools to enhance teaching and learning in the classroom and to boost her productivity in other areas of academic life.
Behavior Change Using Social InfluencesCori Faklaris
Talk for the Cylab Partners Conference on Sept. 23, 2020. (1) Unintentional insider threat (UIT) can arise because security tools or infrastructure does not account for social needs.
(2) Social influences can be used to motivate security behaviors.
Designing for Usable Security and PrivacyCori Faklaris
Cori Faklaris gives a lecture on designing for usable security and privacy. They discuss the differences between security and privacy, noting that security focuses on confidentiality, integrity and availability while privacy relates to appropriate use of sensitive data. They also present a three-pronged approach to usable security and privacy that includes making protections invisible where possible, offering better user interfaces, and training users where necessary. Finally, they discuss the importance of threat modeling in security design.
A Self-Report Measure of End-User Security Attitudes (SA-6)Cori Faklaris
We present SA-6, a six-item psychometric scale for assessing people’s security attitudes that we developed by following best practices. We identify six scale items based on theoretical and empirical research with sufficient response variance, reliability, and validity in a combined sample (N = 478) from Amazon Mechanical Turk and a university-based study pool. We validate the resulting measure with a U.S. Census-tailored Qualtrics panel (N = 209). SA-6 significantly associates with self-report measures of behavior intention and recent secure behaviors. Our work contributes a lightweight method for (1) quantifying and comparing people’s attitudes toward using recommended security tools and practices, and (2) improving predictive modeling of who will adopt security behaviors. Presentation to the Usenix Symposium on Usable Privacy and Security (SOUPS 2019), Aug. 12, 2019, Santa Clara, CA, USA.
Social Cybersecurity: Ideas for Nudging Secure Behaviors Through Social Influ...Cori Faklaris
Presentation to the Three Rivers Information Security Symposium (TRISS 2018) on Oct. 19, 2018, in Monroeville, Pennsylvania. Based on ideas developed at Carnegie Mellon University.
Share & Share Alike? An Exploration of Secure Behaviors in Romantic Relations...Cori Faklaris
1. The study explored account sharing behaviors in romantic relationships and found that the "1 user - 1 account" security model poses challenges for couples.
2. Participants reported sharing accounts for reasons of convenience, household maintenance, trust, and relationship maintenance. As relationships progressed, sharing of financial accounts increased.
3. The researchers propose alternative security architectures, such as multiple profiles per account or group password managers, to better accommodate the needs and goals of romantic partners in sharing accounts.
Social Media Best Practices - CMU Fall 2017Cori Faklaris
Slides for a presentation on what works in social media for academics, given Oct. 24, 2017 to the CHIMPS Lab at Carnegie Mellon University's Human Computer Interaction Institute in the School of Computer Science.
If You Are Going To Skydive, You Need a Parachute: Navigating the World of H...Cori Faklaris
The document discusses the challenges and opportunities for adult students pursuing higher education. It summarizes the experiences of Sara Anne Hook and Cori Faklaris, who took different paths to earn advanced degrees as adult students. Sara Anne pursued degrees part-time while working full-time, while Cori enrolled full-time. They provide advice on navigating financial aid, scholarships, health insurance, and tax benefits. Their presentation aimed to help other adult students develop plans to fund and succeed in higher education.
Presentation prepared by Cori Faklaris of the Viégas et al. 2006 paper on the "Themail" email visualization tool for H565 Collaborative and Social Computing, Fall 2015, in the Department of Human-Centered Computing at IUPUI's School of Informatics and Computing.
Together: An app to foster community for young urbanitesCori Faklaris
Presentation for a UX design and development project authored by myself, Melissa Dryer and Joe Dara for H541 Interaction Design Practice, Fall 2015, in the graduate program in Human-Computer Interaction at Indiana University-Purdue University Indianapolis.
The State of E-Discovery as Social Media Goes Mobile Cori Faklaris
Presentation by Cori Faklaris and Sara Anne Hook on Sept. 18, 2015. An overview of case law, articles and key findings as to how electronic discovery in U.S. legal system is affected by the rise of Snapchat, WhatsApp and other mobile messaging apps in the face of the pending update to the Federal Rules of Civil Procedure. This presentation was originally prepared for the ATINER 2015 International Conference on Law in Athens, Greece. These revised slides were used during a Brown Bag talk to the Department of Human-Centered Computing, School of Informatics and Computing, Indiana University-Purdue University Indianapolis.
5 ideas for paying for college as an adult returning studentCori Faklaris
The document discusses 5 ideas for paying for college as an adult returning student:
1) Seek scholarships, assistantships, and grants which can help fund tuition costs.
2) Tap into 401k and IRA accounts by taking qualified withdrawals to pay for education expenses.
3) Contribute to a Indiana 529 college savings plan which provides a state tax credit.
4) Maximize income tax advantages like deductions and credits to reduce taxes and generate refunds.
5) Consider lower-cost health insurance options like plans from the health insurance marketplace.
Social media boot camp: "HeyCori"'s tips for successful engagement onlineCori Faklaris
Cori Faklaris, known as @heycori on Twitter and on Facebook, LinkedIn, Pinterest, Instagram and other social media platforms, offers her lessons from years curating a her online brand as a news personality and in managing social media accounts for the IndyStar.com news website.
Monitoring and Managing Anomaly Detection on OpenShift.pdfTosin Akinosho
Monitoring and Managing Anomaly Detection on OpenShift
Overview
Dive into the world of anomaly detection on edge devices with our comprehensive hands-on tutorial. This SlideShare presentation will guide you through the entire process, from data collection and model training to edge deployment and real-time monitoring. Perfect for those looking to implement robust anomaly detection systems on resource-constrained IoT/edge devices.
Key Topics Covered
1. Introduction to Anomaly Detection
- Understand the fundamentals of anomaly detection and its importance in identifying unusual behavior or failures in systems.
2. Understanding Edge (IoT)
- Learn about edge computing and IoT, and how they enable real-time data processing and decision-making at the source.
3. What is ArgoCD?
- Discover ArgoCD, a declarative, GitOps continuous delivery tool for Kubernetes, and its role in deploying applications on edge devices.
4. Deployment Using ArgoCD for Edge Devices
- Step-by-step guide on deploying anomaly detection models on edge devices using ArgoCD.
5. Introduction to Apache Kafka and S3
- Explore Apache Kafka for real-time data streaming and Amazon S3 for scalable storage solutions.
6. Viewing Kafka Messages in the Data Lake
- Learn how to view and analyze Kafka messages stored in a data lake for better insights.
7. What is Prometheus?
- Get to know Prometheus, an open-source monitoring and alerting toolkit, and its application in monitoring edge devices.
8. Monitoring Application Metrics with Prometheus
- Detailed instructions on setting up Prometheus to monitor the performance and health of your anomaly detection system.
9. What is Camel K?
- Introduction to Camel K, a lightweight integration framework built on Apache Camel, designed for Kubernetes.
10. Configuring Camel K Integrations for Data Pipelines
- Learn how to configure Camel K for seamless data pipeline integrations in your anomaly detection workflow.
11. What is a Jupyter Notebook?
- Overview of Jupyter Notebooks, an open-source web application for creating and sharing documents with live code, equations, visualizations, and narrative text.
12. Jupyter Notebooks with Code Examples
- Hands-on examples and code snippets in Jupyter Notebooks to help you implement and test anomaly detection models.
Letter and Document Automation for Bonterra Impact Management (fka Social Sol...Jeffrey Haguewood
Sidekick Solutions uses Bonterra Impact Management (fka Social Solutions Apricot) and automation solutions to integrate data for business workflows.
We believe integration and automation are essential to user experience and the promise of efficient work through technology. Automation is the critical ingredient to realizing that full vision. We develop integration products and services for Bonterra Case Management software to support the deployment of automations for a variety of use cases.
This video focuses on automated letter generation for Bonterra Impact Management using Google Workspace or Microsoft 365.
Interested in deploying letter generation automations for Bonterra Impact Management? Contact us at sales@sidekicksolutionsllc.com to discuss next steps.
A Comprehensive Guide to DeFi Development Services in 2024Intelisync
DeFi represents a paradigm shift in the financial industry. Instead of relying on traditional, centralized institutions like banks, DeFi leverages blockchain technology to create a decentralized network of financial services. This means that financial transactions can occur directly between parties, without intermediaries, using smart contracts on platforms like Ethereum.
In 2024, we are witnessing an explosion of new DeFi projects and protocols, each pushing the boundaries of what’s possible in finance.
In summary, DeFi in 2024 is not just a trend; it’s a revolution that democratizes finance, enhances security and transparency, and fosters continuous innovation. As we proceed through this presentation, we'll explore the various components and services of DeFi in detail, shedding light on how they are transforming the financial landscape.
At Intelisync, we specialize in providing comprehensive DeFi development services tailored to meet the unique needs of our clients. From smart contract development to dApp creation and security audits, we ensure that your DeFi project is built with innovation, security, and scalability in mind. Trust Intelisync to guide you through the intricate landscape of decentralized finance and unlock the full potential of blockchain technology.
Ready to take your DeFi project to the next level? Partner with Intelisync for expert DeFi development services today!
Skybuffer SAM4U tool for SAP license adoptionTatiana Kojar
Manage and optimize your license adoption and consumption with SAM4U, an SAP free customer software asset management tool.
SAM4U, an SAP complimentary software asset management tool for customers, delivers a detailed and well-structured overview of license inventory and usage with a user-friendly interface. We offer a hosted, cost-effective, and performance-optimized SAM4U setup in the Skybuffer Cloud environment. You retain ownership of the system and data, while we manage the ABAP 7.58 infrastructure, ensuring fixed Total Cost of Ownership (TCO) and exceptional services through the SAP Fiori interface.
Fueling AI with Great Data with Airbyte WebinarZilliz
This talk will focus on how to collect data from a variety of sources, leveraging this data for RAG and other GenAI use cases, and finally charting your course to productionalization.
5th LF Energy Power Grid Model Meet-up SlidesDanBrown980551
5th Power Grid Model Meet-up
It is with great pleasure that we extend to you an invitation to the 5th Power Grid Model Meet-up, scheduled for 6th June 2024. This event will adopt a hybrid format, allowing participants to join us either through an online Mircosoft Teams session or in person at TU/e located at Den Dolech 2, Eindhoven, Netherlands. The meet-up will be hosted by Eindhoven University of Technology (TU/e), a research university specializing in engineering science & technology.
Power Grid Model
The global energy transition is placing new and unprecedented demands on Distribution System Operators (DSOs). Alongside upgrades to grid capacity, processes such as digitization, capacity optimization, and congestion management are becoming vital for delivering reliable services.
Power Grid Model is an open source project from Linux Foundation Energy and provides a calculation engine that is increasingly essential for DSOs. It offers a standards-based foundation enabling real-time power systems analysis, simulations of electrical power grids, and sophisticated what-if analysis. In addition, it enables in-depth studies and analysis of the electrical power grid’s behavior and performance. This comprehensive model incorporates essential factors such as power generation capacity, electrical losses, voltage levels, power flows, and system stability.
Power Grid Model is currently being applied in a wide variety of use cases, including grid planning, expansion, reliability, and congestion studies. It can also help in analyzing the impact of renewable energy integration, assessing the effects of disturbances or faults, and developing strategies for grid control and optimization.
What to expect
For the upcoming meetup we are organizing, we have an exciting lineup of activities planned:
-Insightful presentations covering two practical applications of the Power Grid Model.
-An update on the latest advancements in Power Grid -Model technology during the first and second quarters of 2024.
-An interactive brainstorming session to discuss and propose new feature requests.
-An opportunity to connect with fellow Power Grid Model enthusiasts and users.
TrustArc Webinar - 2024 Global Privacy SurveyTrustArc
How does your privacy program stack up against your peers? What challenges are privacy teams tackling and prioritizing in 2024?
In the fifth annual Global Privacy Benchmarks Survey, we asked over 1,800 global privacy professionals and business executives to share their perspectives on the current state of privacy inside and outside of their organizations. This year’s report focused on emerging areas of importance for privacy and compliance professionals, including considerations and implications of Artificial Intelligence (AI) technologies, building brand trust, and different approaches for achieving higher privacy competence scores.
See how organizational priorities and strategic approaches to data security and privacy are evolving around the globe.
This webinar will review:
- The top 10 privacy insights from the fifth annual Global Privacy Benchmarks Survey
- The top challenges for privacy leaders, practitioners, and organizations in 2024
- Key themes to consider in developing and maintaining your privacy program
HCL Notes und Domino Lizenzkostenreduzierung in der Welt von DLAUpanagenda
Webinar Recording: https://www.panagenda.com/webinars/hcl-notes-und-domino-lizenzkostenreduzierung-in-der-welt-von-dlau/
DLAU und die Lizenzen nach dem CCB- und CCX-Modell sind für viele in der HCL-Community seit letztem Jahr ein heißes Thema. Als Notes- oder Domino-Kunde haben Sie vielleicht mit unerwartet hohen Benutzerzahlen und Lizenzgebühren zu kämpfen. Sie fragen sich vielleicht, wie diese neue Art der Lizenzierung funktioniert und welchen Nutzen sie Ihnen bringt. Vor allem wollen Sie sicherlich Ihr Budget einhalten und Kosten sparen, wo immer möglich. Das verstehen wir und wir möchten Ihnen dabei helfen!
Wir erklären Ihnen, wie Sie häufige Konfigurationsprobleme lösen können, die dazu führen können, dass mehr Benutzer gezählt werden als nötig, und wie Sie überflüssige oder ungenutzte Konten identifizieren und entfernen können, um Geld zu sparen. Es gibt auch einige Ansätze, die zu unnötigen Ausgaben führen können, z. B. wenn ein Personendokument anstelle eines Mail-Ins für geteilte Mailboxen verwendet wird. Wir zeigen Ihnen solche Fälle und deren Lösungen. Und natürlich erklären wir Ihnen das neue Lizenzmodell.
Nehmen Sie an diesem Webinar teil, bei dem HCL-Ambassador Marc Thomas und Gastredner Franz Walder Ihnen diese neue Welt näherbringen. Es vermittelt Ihnen die Tools und das Know-how, um den Überblick zu bewahren. Sie werden in der Lage sein, Ihre Kosten durch eine optimierte Domino-Konfiguration zu reduzieren und auch in Zukunft gering zu halten.
Diese Themen werden behandelt
- Reduzierung der Lizenzkosten durch Auffinden und Beheben von Fehlkonfigurationen und überflüssigen Konten
- Wie funktionieren CCB- und CCX-Lizenzen wirklich?
- Verstehen des DLAU-Tools und wie man es am besten nutzt
- Tipps für häufige Problembereiche, wie z. B. Team-Postfächer, Funktions-/Testbenutzer usw.
- Praxisbeispiele und Best Practices zum sofortigen Umsetzen
This presentation provides valuable insights into effective cost-saving techniques on AWS. Learn how to optimize your AWS resources by rightsizing, increasing elasticity, picking the right storage class, and choosing the best pricing model. Additionally, discover essential governance mechanisms to ensure continuous cost efficiency. Whether you are new to AWS or an experienced user, this presentation provides clear and practical tips to help you reduce your cloud costs and get the most out of your budget.
How to Interpret Trends in the Kalyan Rajdhani Mix Chart.pdfChart Kalyan
A Mix Chart displays historical data of numbers in a graphical or tabular form. The Kalyan Rajdhani Mix Chart specifically shows the results of a sequence of numbers over different periods.
Salesforce Integration for Bonterra Impact Management (fka Social Solutions A...Jeffrey Haguewood
Sidekick Solutions uses Bonterra Impact Management (fka Social Solutions Apricot) and automation solutions to integrate data for business workflows.
We believe integration and automation are essential to user experience and the promise of efficient work through technology. Automation is the critical ingredient to realizing that full vision. We develop integration products and services for Bonterra Case Management software to support the deployment of automations for a variety of use cases.
This video focuses on integration of Salesforce with Bonterra Impact Management.
Interested in deploying an integration with Salesforce for Bonterra Impact Management? Contact us at sales@sidekicksolutionsllc.com to discuss next steps.
Introduction of Cybersecurity with OSS at Code Europe 2024Hiroshi SHIBATA
I develop the Ruby programming language, RubyGems, and Bundler, which are package managers for Ruby. Today, I will introduce how to enhance the security of your application using open-source software (OSS) examples from Ruby and RubyGems.
The first topic is CVE (Common Vulnerabilities and Exposures). I have published CVEs many times. But what exactly is a CVE? I'll provide a basic understanding of CVEs and explain how to detect and handle vulnerabilities in OSS.
Next, let's discuss package managers. Package managers play a critical role in the OSS ecosystem. I'll explain how to manage library dependencies in your application.
I'll share insights into how the Ruby and RubyGems core team works to keep our ecosystem safe. By the end of this talk, you'll have a better understanding of how to safeguard your code.
Your One-Stop Shop for Python Success: Top 10 US Python Development Providersakankshawande
Simplify your search for a reliable Python development partner! This list presents the top 10 trusted US providers offering comprehensive Python development services, ensuring your project's success from conception to completion.
Let's Integrate MuleSoft RPA, COMPOSER, APM with AWS IDP along with Slackshyamraj55
Discover the seamless integration of RPA (Robotic Process Automation), COMPOSER, and APM with AWS IDP enhanced with Slack notifications. Explore how these technologies converge to streamline workflows, optimize performance, and ensure secure access, all while leveraging the power of AWS IDP and real-time communication via Slack notifications.
Have you ever been confused by the myriad of choices offered by AWS for hosting a website or an API?
Lambda, Elastic Beanstalk, Lightsail, Amplify, S3 (and more!) can each host websites + APIs. But which one should we choose?
Which one is cheapest? Which one is fastest? Which one will scale to meet our needs?
Join me in this session as we dive into each AWS hosting service to determine which one is best for your scenario and explain why!
Choosing The Best AWS Service For Your Website + API.pptx
Reframing Usable Privacy + Security to Design for 'Cyber Health'
1. Reframing
Usable Privacy + Security
to Design for ‘Cyber Health’
Cori Faklaris | March 29, 2019
Lightning talk for the 2019 Women in Cybersecurity conference (WiCyS 2019), Pittsburgh, Penn., USA
Human-Computer Interaction Institute
2. Takeaways:
● Health as a lens for security design
● Design model adapts the
Transtheoretical Model of (Health)
Behavior Change
● How to use this model in practice
2
5. Source: “The Transtheoretical Model ( Stages of Change)”. 2016. Boston University School of Public Health. Last visited Feb. 7, 2018
at http://sphweb.bumc.bu.edu/otlt/MPH-Modules/SB/BehavioralChangeTheories/BehavioralChangeTheories6.html
(Awareness)
(Motivation)
(Knowledge)
(Resistance)
(Reinforcement)
(Denial)
5
7. 7
Get from this …
“I don’t need to
use/have time to
use/ these privacy
and security
practices.”
Stage 1: Precontemplation (or “Resistance to Change”)
… To this ...
“It may be a good
idea to use these
privacy and
security
practices.”
Create Awareness
… Using these:
● Feedback
● Education
● Reading materials
● Storytelling
● Media campaigns
● Empathy training
8. 8
Get from this …
“I worry that I don’t
use these privacy
and security
practices.”
… To this ...
“I will regret it if I
do not start using
these privacy and
security practices.”
Create Motivation
… Using these:
● “Family interventions”
● Role playing
● Documentaries
● Imagery
● Value reflection and
clarification
Stages 2-3: Contemplation/Preparation (“Receptiveness”)
9. 9
Stages 2-3: Contemplation/Preparation (“Receptiveness”)
Get from this …
“I want to
change/need to
change my privacy
and security
practices.”
… To this ...
“I feel better for
commiting to my
chosen privacy
and security
practices.”
Agency/Knowledge
… Using these:
● Empowerment
procedures + policies
● Public testimonials
● Providing choices among
2-3 alternatives
● Advocacy at the margins
10. 10
Stages 4-5: Action + Maintenance (“Engagement”)
Get from this …
“I intend to
use/am actively
using/am
committed to
these privacy and
security
practices.”
… To this ...
“I ask for help with
using/am
successful with
using/keep
improving my use
of privacy and
security practices.”
Reinforce Behavior
… Using these:
● Rewards and
punishments
● Controlling stimuli to
nudge behaviors
● Environmental changes
● Groups and coaching
11. ● Lens: Security as health
● Design model adapts TTM
● How to use the model
Any questions?
You can find me at
○ Twitter: @heycori | Email: heycori @cmu.edu
○ Website: http://corifaklaris.com
11