Program


The detailed program will be made available in the late Summer/early Fall. In the meantime, here is the list of accepted papers (along with links to the corresponding working papers) that will appear in the workshop:

The Commodification of Consent
Daniel Woods, Rainer Böhme (University of Innsbruck)

Cyber incidents, security measures and financial returns: Empirical evidence for Dutch firms
Milena Dinkova, Ramy El-Dardiry, Bastiaan Overvest (CPB Netherlands Bureau for Economic Policy Analysis)

Prioritizing Vulnerability Response: a Stakeholder-Specific Vulnerability Categorization
Jonathan Spring, Allen Householder, Art Manion, Eric Hatleback (CERT/CC, Software Engineering Institute, Carnegie Mellon University), Deana Shick (Rockwell)

Cybercrime is (often) boring: maintaining the infrastructure of cybercrime economies
Ben Collier, Richard Clayton, Alice Hutchings (University of Cambridge), Daniel Thomas (University of Strathclyde)

The Use of Autonomous Decision Systems
Robin Dillon-Merrill (Georgetown), Peter Madsen (BYU), Bart Roets (INFRABEL), Taylan Topcu, Kostas Triantis (Virginia Tech)

Underlying and Consequential Costs of Cyber Security Breaches: Changes in Systematic Risk
Dennis D. Malliouris, Andrew Simpson (University of Oxford)

Cybersecurity Investments and the Cost of Capital
Taha Havakhor (Temple University), Mohammad Rahman (Purdue University), Tianjian Zhang (Oklahoma State University)

Provider Output and Downstream Firms’ Service Tier Choice
Hooman Hidaji (University of Calgary), Lisa Yeo (University of California, Merced)

Understanding the Knowledge Gap: How Security Awareness Influences the Adoption of Industrial IoT
Verena Schrama, Carlos H. Gañán, Doris Aschenbrenner, Mark de Reuver (TU Delft), Kevin Borgolte (Princeton University), Tobias Fiebig (TU Delft)

SAVing the Internet: Explaining the Adoption of Source Address Validation by Internet Service Providers
Qasim Lone (TU Delft), Maciej Korczyński (Univ. Grenoble Alpes), Carlos H. Gañán (TU Delft), Michel van Eeten (TU Delft)

Can Insider Trades Reliably Predict Cybersecurity Hazards in Public Firms?
Taha Havakhor (Temple University), Obi Ogbanufe (Oklahoma State University), Anthony Vance (Temple University)

An Economic Model for Quantum Key-Recovery Attacks
Ben Harsha, Jeremiah Blocki (Purdue University)

Security-Induced Lock-In in the Cloud
Daniel Arce (UT Dallas)

A Qualitative Model of Older Adults’ Contextual Decision-Making About Information Sharing
Alisa Frik, Julia Bernd (International Computer Science Institute, UC Berkeley), Serge Egelman (International Computer Science Institute, UC Berkeley)

The Impact of the GDPR on Content Providers
Vincent Lefrere (Institut Mines-Télécom), Logan Warberg (Carnegie Mellon University), Cristobal Cheyre (Cornell University), Veronica Marotta (University of Minnesota Twin Cities), Alessandro Acquisti (Carnegie Mellon University)