Rishika Thorat (Purdue University), Tatiana Ringenberg (Purdue University)

AI-assisted cybersecurity policy development has the potential to reduce organizational burdens while improving compliance. This study examines how cybersecurity students and professionals develop ISO29147-aligned vulnerability disclosure policies (VDPs) with and without AI. Through this project, we will evaluate compliance, ethical accountability, and transparency of the policies through the lens of Kaspersky’s ethical principles.

Both students and professionals will produce policies manually and with AI, reflecting on utility and reliability. We will analyze resulting policies, prompts, and reflections through regulatory mapping, rubric-based evaluations, and thematic analysis. This project aims to inform educational strategies and industry best practices for integrating AI in cybersecurity policy development, focusing on expertise, collaboration, and ethical considerations.

We invite feedback from the Usable Security and Privacy community on participant recruitment, evaluation criteria, ethical frameworks, and ways to maximize the study’s impact on academia and industry.

View More Papers

SNITCH: Leveraging IP Geolocation for Active VPN Detection

Tomer Schwartz (Data and Security Laboratory Fujitsu Research of Europe Ltd), Ofir Manor (Data and Security Laboratory Fujitsu Research of Europe Ltd), Andikan Otung (Data and Security Laboratory Fujitsu Research of Europe Ltd)

Read More

Under Pressure: Effectiveness and Usability of the Apple Pencil...

Elina van Kempen, Zane Karl, Richard Deamicis, Qi Alfred Chen (UC Irivine)

Read More

The Kids Are All Right: Investigating the Susceptibility of...

Elijah Bouma-Sims (Carnegie Mellon University), Lily Klucinec (Carnegie Mellon University), Mandy Lanyon (Carnegie Mellon University), Julie Downs (Carnegie Mellon University), Lorrie Faith Cranor (Carnegie Mellon University)

Read More

Throwaway Accounts and Moderation on Reddit

Cheng Guo (Clemson University), Kelly Caine (Clemson University)

Read More