Privacy and security issues remain front and center in this digital age. In the past year, Yahoo, Eddie Bauer, the Democratic National Committee, and even Fort Wayne, Indiana-based Vera Bradley have reported hacking of company information involving customers, clients, and in some cases emails, according to the Privacy Rights Clearinghouse.
This year’s Outstanding Researcher of the Year Award winner, Rui Chen, Ph.D., is currently focused on such breaches online and in social media.
“More computers pretty much are connected to the internet in some way. So it allows hackers the opportunity to steal information,” says Chen, associate professor of information systems and operations management.
Chen’s most recent research looks at how to fight cyber attacks in the behavioral sense. One way to do that, he explains, is to understand how and why some people are susceptible to
phishing emails.
“We are looking at individual consumers, company employees. We try to understand what goes through their minds, how they process information when dealing with security-related issues.”
That interest led to a $100,000 award from the National Science Foundation (NSF) to study what Chen called this interesting emerging topic.
Data breach fatigue
Part of Chen’s research also includes data breach fatigue—that consumers become resigned as they repeatedly hear about security incidents and are therefore less likely to protect themselves.
“We figure it’s important for us to understand: to what degree does this data breach fatigue exist? How badly does that affect consumers in terms of discouraging them from taking actions, and most importantly, what we can do to mitigate the negative effect of privacy breach fatigue?”
Following a data breach, many of those companies now offer a standard security monitoring package at no charge to the consumer. Chen has discovered not everyone takes advantage of the coverage.
“Indeed, many people don’t respond. We have industry reports to show that. A huge percentage of people, 40 percent, don’t do anything. If they don’t do anything, then it’s not much of an obstacle for the hacker to start capitalizing on those stolen identities.”
According to Chen, a consumer typically has zero liability in a data breach, so they’re not pushed to act or do more to protect their identity after a security breach. But Chen said identity protection services do fall short.
“For instance, one year’s protection, that’s totally not enough. After a year, there’s no protection, so consumers are very vulnerable. And the protection services can do only certain things. Currently the ID protection services are very limited. A lot of times, they’re reactive. They’re not really proactive, and consumers have only the illu,sion of control.”
Theoretical and practical research
Chen said research is part theoretical and part practical. The practical is the “so what” factor. He’s hopeful his research will make a difference.
“We can use these findings to inform the policy makers, inform the regulators, inform the managers, educate the customers, so all kinds of things can be done. We can create educational awareness campaigns. We can come up with white papers. We provide suggestions and practices to the managers.”
This research is just one of a dozen other research projects through which Chen tirelessly rotates on a daily basis.
“You need to keep an eye on the new papers being published, attend to the new things. That’s what makes research so difficult, because you have to find something new to report. You have to be very creative in finding things and reporting them, and that creativity is so hard.”
Pursuit of knowledge
It’s that creativity and relentless pursuit of knowledge that led his colleagues and others to write letters of recommendation for Outstanding Researcher of the Year.
Miller College of Business Dean Jennifer Bott, PhD, says Chen has a consistent and robust research agenda that elevates the status of his department, Miller College, and Ball State
University.
H. Raghav Rao, PhD, the AT&T Distinguished Chair in Infrastructure Assurance and Security at the University of Texas at San Antonio College of Business, has coauthored several scholarly articles with Chen.
Rao says Chen has achieved significant research accomplishments and is a fruitful scholar who contributes significantly to the professional community by exercising his outstanding research abilities.
Since 2009, Chen has had more than 20 articles published in his field’s top journals. He’s also made a similar amount of presentations at conferences and published a half dozen
book chapters.
In addition to security and privacy, Chen has also made significant and innovative contributions to emergency research. He has explored new ways to improve response management strategies with cutting-edge information systems. His findings led the U.S. Department of Homeland Security (DHS) and Federal Emergency Management Agency (FEMA) to call for new research in this area.
Due to his prolific writing, Chen also is an associate editor of two of the top journals in his field: Information & Management and Information Systems.
Encouraging others
While Chen never lets a moment go by without thinking about what he’s working on now or that next project, he also wants to encourage students to pursue the worthwhile endeavor of research.
“So we need people to do serious research. I would encourage more students to do the research. It’s a very rewarding experience in terms of you’re always going to find challenges.
And you keep challenging yourself in terms of how high you want to go, how much you want to accomplish.”
Having been given awards and honored for his work in the past, still, Chen is appreciative of this latest recognition.
“Every day, we are challenged to discover something new to stay innovative, keep an eye on the new things. And try to answer a question that’s not being answered. So when we have a publication and those types of recognitions and awards, it only belongs to the history. We get it. I’m very happy. I’m very proud. I’m really humbled to receive that. I take the pride back to my office and leave it. Every time I see it, that’s a driver to promote me to do more. It’s a driver for me to do more in the future.”
And that future includes creating, finishing, and publishing more research.