Asmita Dalela (IT University of Copenhagen), Saverio Giallorenzo (Department of Computer Science and Engineering - University of Bologna), Oksana Kulyk (ITU Copenhagen), Jacopo Mauro (University of Southern Denmark), Elda Paja (IT University of Copenhagen)

Increased levels of digitalization in society expose companies to new security threats, requiring them to establish adequate security and privacy measures. Additionally, the presence of exogenous forces like new regulations, e.g., GDPR and the global COVID-19 pandemic, pose new challenges for companies that should preserve an adequate level of security while having to adapt to change. In this paper, we investigate such challenges through a two-phase study in companies located in Denmark—a country characterized by a high level of digitalization—focusing on software development and tech-related companies. Our results show a number of issues, most notably i) a misalignment between software developers and management when it comes to the implementation of security and privacy measures, ii) difficulties in adapting company practices in light of implementing GDPR compliance, and iii) different views on the need to adapt security measures to cope with the COVID-19 pandemic.

View More Papers

Reflections on Artifact Evaluation

Dr. Eric Eide (University of Utah)

Read More

A Phish Scale: Rating Human Phishing Message Detection Difficulty

Michelle P. Steves, Kristen K. Greene, Mary F. Theofanos (National Institute of Standards and Technology)

Read More

What Storage? An Empirical Analysis of Web Storage in...

Zubair Ahmad (Università Ca’ Foscari Venezia), Samuele Casarin (Università Ca’ Foscari Venezia), and Stefano Calzavara (Università Ca’ Foscari Venezia)

Read More

Stop to Unlock: Improving the Security of Android Unlock...

Alexander Suchan (SBA Research); Emanuel von Zezschwitz (Usable Security Methods Group, University of Bonn, Bonn, Germany); Katharina Krombholz (CISPA Helmholtz Center for Information Security)

Read More