Publication records

Dieses Kapitels im Praxishandbuch "IT-Sicherheitsrecht" analysiert Verfahren zur Messung, Prüfung und dem Nachweis von IT-Sicherheit zur Erfüllung von rechtlichen Anforderungen. Zunächst gibt das Kapitel einen Überblick über Prüf-, Bewertungs- und Nachweisverfahren, sowie rechtliche Grundlagen und Zuständigkeiten im IT-Sicherheitsrecht. Anschließend unterscheidet es systematisch zwischen unterschiedlichen Prüf- und Bewertungsebenen bzw. -gegenständen im Sinne der Sicherheit von IT-Systemen in Institutionen und der IT-Sicherheit von Software und Hardware. Im zweiten Abschnitt erläutert es die Messung, Prüfung und den Nachweis von IT-Sicherheit in Institutionen, fasst die einschlägigen Standards für Systeme zum Management von Informationssicherheit zusammen, benennt Methoden zur Messung von IT-Sicherheit innerhalb von Risikoanalysen und erläutert Audits und Zertifizierungen und zeigt anschließend, in welchen Bereichen des IT-Sicherheitsrechts diese Methoden verlangt werden. Der dritte Teil widmet sich der Messung, Prüfung und dem Nachweis von IT-Sicherheit von Software und Hardware, einschließlich IT-Produkten, -Diensten und -Prozessen. Er bietet eine Übersicht über Kriterien zur Messung, Evaluation und Prüfung von Software und Hardware und über Zertifizierungsverfahren. Darauf aufbauend erläutert der Abschnitt, wie diese Verfahren bei der Prüfung und Zertifizierung von IT-Produkten, -Diensten und -Prozessen im allgemeinen und fachspezifischen IT-Sicherheitsrecht zum Einsatz kommen. Ein kurzer abschließender Abschnitt zeigt die Grenzen der bestehenden Ansätze und zukünftige Herausforderungen auf.

How are team dynamics affected by our evermore global and virtualized business context? An innovative game created at ESMT Berlin pits business leaders against fictional hackers to find out.

We examine how groups fall prey to the sequence effect when they make choices based on informed assessments of complex situations; for example, when evaluating research and development (R&D) projects. The core argument is that the temporal sequence of selection matters because projects that appear in a sequence following a funded project are themselves less likely to receive funding. Building on the idea that selecting R&D projects is a demanding process that drains participants’ mental and emotional resources, we further theorize the moderating effect of the influence of the timing of the panel meeting on the sequence effect. We test these conjectures using a randomization in sequence order from several rounds of R&D project selection at a leading professional service firm. We find robust support for the existence of a sequence effect in R&D as well as for the moderating effect. We further explore different explanations for the sequence effect and how it passes from the individual to the panel. These findings have broader implications for the literatures on innovation and search in general and on group decision-making for R&D, specifically, as they suggest that a previously overlooked dimension affects selection outcomes.

We explore how gamification can be used to help leaders to lead global virtual teams.

Scholarly work seeking to understand academics’ commercial activities often draws on abstract notions of the academic reward system and of the representative scientist. Few scholars have examined whether and how scientists’ motives to engage in commercial activities differ across fields. Similarly, efforts to understand academics’ choices have focused on three self-interested motives – recognition, challenge, and money – ignoring the potential role of the desire to have an impact on others. Using panel data for a national sample of over 2,000 academics employed at U.S. institutions, we examine how the four motives are related to commercial activity, measured by patenting. We find that all four motives are correlated with patenting, but these relationships differ systematically between the life sciences, physical sciences, and engineering. These field differences are consistent with differences across fields in the rewards from commercial activities, as well as in the degree of overlap between traditional and commercializable research, which affects the opportunity costs of time spent away from “traditional” work. We discuss potential implications for policy makers, administrators, and managers as well as for future research on the scientific enterprise.

© 2020, INFORMS

Recent work argued that researchers conceptualize ‘social ties’ in four fundamentally different ways –as socially constructed role relations such as friendship or co-authorship; sentiments such as liking or hatred; interactions such as communication or sex; and access to resources or opportunities. We consider where ties (and non-ties) are likely to correspond across these four concepts, and thus assess where we may apply theories based on one network concept (e.g., sentiment ties of liking and disliking) to data representing another (e.g., interaction as logs of phone calls). Then we discuss empirical lenses emerging from computational social science, such as location-aware devices, electronic calendars, wearable sensors, records of electronic messages, phone calls, or online transactions. We ask how these time-stamped event series correspond to the conventional network concepts above and call for a new analytical approach: Directly theorizing and analyzing the structural-temporal interdependencies of interaction events redirects our attention from structural patterns to social processes.

The article deals with necessity as one of the circumstances precluding wrongfulness under customary international law and how it will likely gain relevance in view of the difficulty to quickly attribute malicious cyber operations that threaten important assets of a state. While the necessity doctrine seems fit for purpose, it lacks granularity and is problematic from an international rule-of-law point of view. Taking these pitfalls into account, the article proposes some general principles for a possible special emergency regime for cyberspace.

Citizen Science (CS) projects involve members of the general public as active participants in research. While some advocates hope that CS can increase scientific knowledge production (“productivity view”), others emphasize that it may bridge a perceived gap between science and the broader society (“democratization view”). We discuss how an integration of both views can allow Citizen Science to support complex sustainability transitions in areas such as renewable energy, public health, or environmental conservation. We first identify three pathways through which such impacts can occur: (1) Problem identification and agenda setting; (2) Resource mobilization; and (3) Facilitating socio-technical co-evolution. To realize this potential, however, CS needs to address important challenges that emerge especially in the context of sustainability transitions: Increasing the diversity, level, and intensity of participation; addressing the social as well as technical nature of sustainability problems; and reducing tensions between CS and the traditional institution of academic science. Grounded in a review of academic literature and policy reports as well as a broad range of case examples, this article contributes to scholarship on science, innovation, and sustainability transitions. We also offer insights for actors involved in initiating or institutionalizing Citizen Science efforts, including project organizers, funding agencies, and policy makers.

With permission of the Academy of Management