Workshop

4th International Workshop on Current Information Security and Compliance Issues in Information Systems Research (CIISR 2024)

Companies today face the tension between realizing the possibilities of advanced digitalization, complying with legal regulations, and securing information assets in the context of the growing connectivity of people, data, and things. However, an effective compliance, risk, and security strategy, and the appropriate implementation of corresponding measures have become indispensable not only in business environments but also in other types of organizations as well as in academia.

Due to current developments in the field of artificial intelligence (AI) and the rapid spread of large language models such as ChatGPT, voices are increasingly being raised that see a need to regulate the use of AI and focus more strongly on security aspects. One example is a draft for a new EU regulation, the so-called AI Act, which proposes „harmonized regulations for artificial intelligence“ and thus once again gives new impetus to the topics of compliance and (information) security in information systems research (ISR). Consequently, in addition to traditional research streams such as information security management and business process compliance, there are also new streams dealing with information security and compliance, such as data-driven initiatives at the interface with ISR.

The 4th International Workshop on Current Information Security and Compliance Issues in Information Systems Research (CIISR 2024) provides a platform for all topics related to information security and compliance that are part of the ISR discipline or have interfaces with it. The workshop will take place on September 16, 2024, in conjunction with the 19th International Conference on Wirtschaftsinformatik (WI 2024). Based on the main theme of the conference, we will discuss current issues, which are of great importance for ISR in an ever-increasing digitalization.

This workshop provides the opportunity for (senior) researchers and practitioners to present and discuss their latest research, but also serves as a forum for young scientists and doctoral students to present early or ongoing research results.

We invite three specific types of papers (English only):

1. Full papers (research papers/practical reports): This submission type includes both advanced research with at least partial evaluation and comprehensive practical contributions.
2. Short papers (research in progress papers/short practical reports): Short papers represent ongoing research or ongoing practical projects. In addition to presenting initial results, these papers should also contain an outlook on further research or on further project progress, including planned future work steps.
3. Extended abstracts: Extended abstracts present and discuss high-quality results of already published journal contributions (or dissertations/postdoctoral theses) with relevance to the workshop topic. The republication of conference papers is not permitted.

In terms of length requirements, we follow the official WI 2024 guidelines for short and long papers.

We welcome practical contributions, empirical studies, systematic literature analyses, as well as research papers following the design science research paradigm. The topics of interest include, but are not limited to:

• Information security policy compliance (ISPC)
  • Effectiveness of information security management standards
  • Security education training and awareness (SETA)
  • Handling of data breaches
• Information security and compliance related to data-driven approaches at the interface with ISR
  • Regulatory, moral, and ethical aspects of using AI in information systems
  • The role of compliance and information security in data science applications and projects
• Ensuring business process compliance/security
  • Business process compliance/security in the context of outsourcing or in consideration of economic/social factors
  • Information security and compliance issues related to process mining
• Current issues of IT compliance
  • Impact of current IT-related legal regulations (e.g., the Digital Operational Resilience Act (DORA), the General Data Protection Regulation (GDPR), the draft of the AI Act, and other) on the operations of companies and/or (governmental) institutions.
• Information security and compliance issues related to current crises (e.g., the climate crisis)

Contributions addressing other workshop-relevant topics are also welcome. For the latest information on the CIISR workshop, please visit the official workshop website: CIISR Website

For further questions concerning the workshop or submissions, please contact Stephan Kühnel (stephan.kuehnel@wiwi.uni-halle.de).

Target Group

The target group of the CIISR workshop includes academics whose research focus is on current information security and compliance issues, practitioners working in the fields of information security and/or compliance, and all other interested parties.

Interested participants can also register for participation in the workshop without submitting a contribution.

Submission

Registrations

Workshop Organizers

• Dr. Stephan Kühnel, Martin Luther University Halle-Wittenberg (stephan.kuehnel@wiwi.uni-halle.de)
• Dr. Ilja Nastjuk, Georg August University of Goettingen (ilja.nastjuk@uni-goettingen.de)
• Prof. Dr. Stefan Sackmann, Martin Luther University Halle-Wittenberg (stefan.sackmann@wiwi.uni-halle.de)
• Prof. Dr. Simon Trang, Paderborn University (simon.trang@uni-paderborn.de)

Program Committee

• Prof. Dr. Alfred Benedikt Brendel, Dresden University of Technology
• Dr. Johannes Damarowsky, Martin Luther University Halle-Wittenberg
• Prof. Dr. Nadine Guhr, OWL University of Applied Sciences and Arts
• Ass. Prof. Dr. Simon Hacks, Stockholm University
• Mohammed Mubarkoot, Ph.D., Seoul National University
• Dr. Michael Seifert, GISA GmbH
• Dr. Tobias Seyffarth, Federal Office for Information Security