Time of start: anytime
Language: English preferred
Period: bachelor thesis: 12 weeks; master thesis 20 weeks
Application: Please send an E-Mail with your preference of the listed topics or an own suggestion with your résumé and summary of achievements to the e-mail address stated below.
Available topics (Master):
Changing information security behavior: the role of peers
Description: Information security policies play a central role in order to ensure information security. Employees' deviant behaviour from these policies is a major threat. While most research bases on deterrence and motivational aspects, the perspective of peer behaviour is limited. Security education and awareness measures aim at imparting security knowledge. However, rules, procedures, and deviant behaviour are mainly learned from colleagues in daily work live. The aim of this thesis is to derive a theoretical model that explains information security compliance behaviour through the lens of social learning theory. The model should be empirically validated.
Data: Primary data collection with a questionnaire
Method: Structural equation modelling (methods will be tought as part of the supervision)
Application of information security policies in the software development lifecycle
Description: Considering issues of information security in each step of the software development lifecycle is central for the software robustness against hacking. However, functional and timely constraints of software projects as well as aspects of usability for end users often lead to difficulties in the implementation of information security requirements. In this thesis, the software development cycle should be analysed for information security requirements. Reasons should be derived why projects and developers fail to implement information security requirements. An empirical analysis should be applied in order to validate this model. Depending on the statistical knowledge and Bachelor/Master level, this analysis can be descriptive, correlational, or causal.
Method: Depends (methods will be taught as part of the supervision)
The impact of data breaches on market value: A contingency perspective
Description: The media regularly reports on new data breaches of firms and usually discusses the severe consequences for customers. Studies accordingly find a significant effect of data breaches on the firms' market value. However, several questions remain unanswered in this regard. How should firms react on data breaches in order to diminish the negative consequences of customer trust? Can institutional variables such as industry type, organization structure, or customer dependence moderate the effect? Is the effect of data breaches on firm value equal across countries/cultures? The thesis aims at giving an answer to one or more of these questions. A study should be conducted that bases on secondary data collection and event study analysis.
Data: Secondary data collection (commercial and open databases)
Method: Event Study Methodology (methods will be taught as part of the supervision)
Unpuzzeling the privacy paradox: A meta analysis on the relationship between privacy concern and self disclosure
Description: Online users are generally concerned about their privacy in the online world. Interestingly, they usually behave as if they were not. This phenomenon is known as the "privacy paradox." While many empirical study find support for this effect, the results are quite different. This study aims at explaining the different findings between these studies. Possible explanations include differences between the kind of information disclosure, cultural differences, or even methodological differences. This study should use meta-analysis methodology to test these moderators.
Data: Literature search of quantiative studies
Method: Meta-analysis Methodology (methods will be taught as part of the supervision)
Available topics (Bachlor):
Please feel free to suggest your own topics.
Time of start: anytime