Charles Berret,Tamara Munzner

2024-10-01

Abstract:We offer a new model of the sensemaking process for data analysis and visualization. Whereas past sensemaking models have been grounded in positivist assumptions about the nature of knowledge, we reframe data sensemaking in critical, humanistic terms by approaching it through an interpretivist lens. Our three-phase process model uses the analogy of an iceberg, where data is the visible tip of underlying schemas. In the Add phase, the analyst acquires data, incorporates explicit schemas from the data, and absorbs the tacit schemas of both data and people. In the Check phase, the analyst interprets the data with respect to the current schemas and evaluates whether the schemas match the data. In the Refine phase, the analyst considers the role of power, articulates what was tacit into explicitly stated schemas, updates data, and formulates findings. Our model has four important distinguishing features: Tacit and Explicit Schemas, Schemas First and Always, Data as a Schematic Artifact, and Schematic Multiplicity. We compare the roles of schemas in past sensemaking models and draw conceptual distinctions based on a historical review of schemas in different academic traditions. We validate the descriptive and prescriptive power of our model through four analysis scenarios: noticing uncollected data, learning to wrangle data, downplaying inconvenient data, and measuring with sensors. We conclude by discussing the value of interpretivism, the virtue of epistemic humility, and the pluralism this sensemaking model can foster.

Human-Computer Interaction

Ruiqian Xu,Dongning Yang,Xin Chen,Insun Kim

DOI: https://doi.org/10.5465/ambpp.2017.15375abstract

2017-01-01

Academy of Management Proceedings

Abstract:Drawing on the theory of sensemaking process, we explore the inherent nature of CSR outcomes from observers perspective instead of simply focusing on the related activities. Previous researches associated trust with identity orientation and legitimacy (under cognitive sensemaking process), as well as posture (under conative sensemaking process). However, such findings were inconsistent and sometimes contradictory. In this article we employ a configuration approach. Firstly, we use scenario study to demonstrate how certain types of identity orientation and legitimacy are matched, and could be mutually reinforcing in audiences perception. Then based on these type-by-type links, we build isomorphic configurations and conduct another survey study. Our results indicate that trust is high when sensemaking attributes are perceived consistently in each configuration. Specifically, when individual identity orientation as configurated with pragmatic legitimacy and defense posture, or when relational identity orientation is configurated with moral legitimacy and tentative posture perceptions, can enhance observers trust.

DOI: https://doi.org/10.1007/s10606-022-09453-4

2023-04-05

Computer Supported Cooperative Work

Abstract:The negotiation of stakeholder values as a collaborative process throughout technology development has been studied extensively within the fields of Computer Supported Cooperative Work and Human-Computer Interaction. Despite their increasing significance for cybersecurity incident response, there is a gap in research on values of importance to the design of open-source intelligence (OSINT) technologies for this purpose. In this paper, we investigate which values and value conflicts emerge due to the application and development of machine learning (ML) based OSINT technologies to assist cyber security incident response operators. For this purpose, we employ a triangulation of methods, consisting of a systematic survey of the technical literature on the development of OSINT artefacts for cybersecurity (N = 73) and an empirical value sensitive design case study, comprising semi-structured interviews with stakeholders (N = 9) as well as a focus group (N = 7) with developers. Based on our results, we identify implications relevant to the research on and design of OSINT artefacts for cybersecurity incident response.

George Grispos,William Bradley Glisson,David Bourrie,Tim Storer,Stacy Miller

DOI: https://doi.org/10.48550/arXiv.1706.06818

2017-06-21

Cryptography and Security

Abstract:Reports and press releases highlight that security incidents continue to plague organizations. While researchers and practitioners' alike endeavor to identify and implement realistic security solutions to prevent incidents from occurring, the ability to initially identify a security incident is paramount when researching a security incident lifecycle. Hence, this research investigates the ability of employees in a Global Fortune 500 financial organization, through internal electronic surveys, to recognize and report security incidents to pursue a more holistic security posture. The research contribution is an initial insight into security incident perceptions by employees in the financial sector as well as serving as an initial guide for future security incident recognition and reporting initiatives.

Constantine Manolchev

DOI: https://doi.org/10.1177/1024529418822920

2019-01-24

Abstract:The plight of workers inhabiting the lowest strata of the occupational hierarchy, their scope for progressive resistance and collectivization is a topic of lasting significance, addressed in a number of seminal studies. Since the advent of neoliberalism and rise of precarious, that is, insecure, atypical, zero-hour, short-term and temporary employment, the matter has, once again captured public attention and led to debates between labour market theorists and policy makers. Researchers have, so far, considered the complex neoliberal causes behind the phenomenon of precarious work and mapped in detail the antagonistic relationship between labour and capital in a variety of organizational contexts. However, there is an ongoing need to study worker resistance at the micro and symbolic levels, exhibited not only through mundane, covert and everyday behaviours but through identity work in defending against subjugation of a worker’s ‘Self’. Applying Weick’s framework in 71 in-depth interviews with workers in low-pay and low-skill industries such as hospitality and care, I identify three types of narratives, retrospective, collective and appreciative, through which participants practice sensemaking as ‘Self’-defence. In doing so, I propose that sensemaking narratives enable participants to orient and interpret the atomized terrain of postmodern work, finding both enjoyment and fulfilment. Through this argument, I contribute to the subjectivity debate by showing that ‘soft’ forms of resistance should not be dismissed as harmless substitutes of the real deal but underscore precarious workers’ lasting ability to construct meaningful ‘Selves’ within postmodern working contexts.

geography,economics,business

Jonathan M. Spring,Phyllis Illari

DOI: https://doi.org/10.48550/arXiv.1903.10080

2019-03-25

Abstract:We review practical advice on decision-making during computer security incident response. Scope includes standards from the IETF, ISO, FIRST, and the US intelligence community. To focus on human decision-making, the scope is the evidence collection, analysis, and reporting phases of response. The results indicate both strengths and gaps. A strength is available advice on how to accomplish many specific tasks. However, there is little guidance on how to prioritize tasks in limited time or how to interpret, generalize, and convincingly report results. Future work should focus on these gaps in explication and specification of decision-making during incident analysis.

Computers and Society,Cryptography and Security

Pengyi Zhang,Dagobert Soergel

DOI: https://doi.org/10.1002/asi.23125

2014-01-01

Journal of the Association for Information Science and Technology

Abstract:This review introduces a comprehensive model of the cognitive process and mechanisms of individual sensemaking to provide a theoretical basis for: empirical studies that improve our understanding of the cognitive process and mechanisms of sensemaking and integration of results of such studies; education in critical thinking and sensemaking skills; the design of sensemaking assistant tools that support and guide users. The paper reviews and extends existing sensemaking models with ideas from learning and cognition. It reviews literature on sensemaking models in human‐computer interaction ( HCI ), cognitive system engineering, organizational communication, and library and information sciences ( LIS ), learning theories, cognitive psychology, and task‐based information seeking. The model resulting from this synthesis moves to a stronger basis for explaining sensemaking behaviors and conceptual changes. The model illustrates the iterative processes of sensemaking, extends existing models that focus on activities by integrating cognitive mechanisms and the creation of instantiated structure elements of knowledge, and different types of conceptual change to show a complete picture of the cognitive processes of sensemaking. The processes and cognitive mechanisms identified provide better foundations for knowledge creation, organization, and sharing practices and a stronger basis for design of sensemaking assistant systems and tools.

George Grispos,William Bradley Glisson,Tim Storer

DOI: https://doi.org/10.48550/arXiv.1408.2431

2014-08-11

Cryptography and Security

Abstract:In today's globally networked environment, information security incidents can inflict staggering financial losses on organizations. Industry reports indicate that fundamental problems exist with the application of current linear plan-driven security incident response approaches being applied in many organizations. Researchers argue that traditional approaches value containment and eradication over incident learning. While previous security incident response research focused on best practice development, linear plan-driven approaches and the technical aspects of security incident response, very little research investigates the integration of agile principles and practices into the security incident response process. This paper proposes that the integration of disciplined agile principles and practices into the security incident response process is a practical solution to strengthening an organization's security incident response posture.

Thea Riebe,Marc-André Kaufhold,Christian Reuter

DOI: https://doi.org/10.1145/3479865

2021-10-13

Abstract:Besides the merits of increasing digitization and interconnectedness in private and professional spaces, critical infrastructures and societies are more and more exposed to cyberattacks. In order to enhance the preventative and reactive capabilities against cyberattacks, Computer Emergency Response Teams (CERTs) are deployed in many countries and organizations. In Germany, CERTs in the public sector operate on federal and state level to provide information security services for authorities, citizens, and enterprises. Their tasks of monitoring, analyzing, and communicating threats and incidents is getting more complex due to the increasing amount of information disseminated into public channels. By adopting the perspectives of Computer-Supported Cooperative Work (CSCW) and Crisis Informatics, we contribute to the study of organizational structures, technology use, and the impact on collaborative practices in and between state CERTs with empirical research based on expert interviews with representatives of German state CERTs (N=15) and supplementary document analyses (N=25). We derive design and policy implications from our findings, including the need for interoperable and modular architecture, a shift towards service level agreements, cross-platform monitoring and analysis of incident data, use of deduplication techniques and standardized threat exchange formats, a reduction of resource costs through process automation, and transparent reporting and tool structures for information exchange.

Gary Eckstein,Anup Shrestha,Fiona Russo

DOI: https://doi.org/10.1007/s11301-024-00458-5

2024-08-16

Management Review Quarterly

Abstract:Abstract Sensemaking is widely acknowledged as providing valuable guidance on how individuals and groups organize to perceive issues at stake, thereby lessening the negative impacts of future unknowns. Sensemaking is not a new field, yet events surrounding the recent COVID-19 pandemic may benefit from a sensemaking perspective. While prior reviews have considered sensemaking research, this is arguably the first bibliometric review of sensemaking and its application across the entire business and management domain. From 2,838 articles, we used performance analysis and science mapping techniques to offer propositions and avenues for future research. We advance theory and offer practical implications by identifying and providing context about prominent theorists, authors, journals, articles, and environments where sensemaking has been studied. Thirty-five years after the first article on sensemaking was published, this paper offers an extensive review demonstrating the evolution, current interests, and future directions of sensemaking research in the business and management discipline.

Barney Tan,Shan L. Pan,Wenbo Chen,Lihua Huang

DOI: https://doi.org/10.25300/misq/2020/11872

IF: 7.3

2020-01-01

MIS Quarterly

Abstract:Organizational sensemaking is crucial to enterprise resource planning (ERP) implementation. This is because it enables the focal organization to gain an understanding of the unique contextual issues within and surrounding the organization, and continuously monitor and reinterpret these issues so that the approach to ERP implementation can be modified or realigned accordingly. Yet, little attention has been paid to studying the nature and implications of this process. Using a case study of the ERP implementation journey of Shanghai Tobacco Corporation, a Chinese state-owned enterprise, this paper explores the different ways in which organizational sensemaking can unfold in the context of ERP implementation. Analyses of our data suggest that the process of organizational sensemaking is influenced by a sensemaking structure, which consists of a technical structure (i.e., the technical foundation for sensemaking) and a social structure (i.e., the behavioral norms and relational ties surrounding sensemaking). The sensemaking structure, in turn, is influenced by the contextual conditions surrounding ERP implementation. With its findings, this study contributes a process model of ERP implementation from a sensemaking perspective to complement the existing research, and provides indications to practice on the effective implementation of ERP systems.

Mareike Möhlmannn,Carolina Alves de Lima Salge,Marco Marabelli,,,

DOI: https://doi.org/10.17705/1jais.00774

2023-01-01

Journal of the Association for Information Systems

Abstract:Algorithmic management can create work environment tensions that are detrimental to workplace well-being and productivity. One specific type of tension originates from the fact that algorithms often exhibit limited transparency and are perceived as highly opaque, which impedes workers’ understanding of their inner workings. While algorithmic transparency can facilitate sensemaking, the algorithm’s opaqueness may aggravate sensemaking. By conducting an empirical case study in the context of the Uber platform, we explore how platform workers make sense of the algorithms managing them. Drawing on Weick’s enactment theory, we theorize a new form of sensemaking— algorithm sensemaking—and unpack its three sub-elements: (1) focused enactment, (2) selection modes, and (3) retention sources. The sophisticated, multistep process of algorithm sensemaking allows platform workers to keep up with algorithmic instructions systematically. We add to previous literature by theorizing algorithm sensemaking as a mediator linking workers’ perceptions about tensions in their work environment and their behavioral responses.

information science & library science,computer science, information systems

Mena Rizk,Daniela Rosu,Mark Fox

2023-12-30

Abstract:A critical function of an organization is to foster the level of integration (coordination and cooperation) necessary to achieve its objectives. The need to coordinate and motivation to cooperate emerges from the myriad dependencies between an organization's members and their work. Therefore, to reason about solutions to coordination and cooperation problems requires a robust representation that includes the underlying dependencies. We find that such a representation remains missing from formal organizational models, and we leverage semantics to bridge this gap. Drawing on well-established organizational research and our extensive fieldwork with one of North America's largest municipalities, (1) we introduce an ontology, formalized in first-order logic, that operationalizes concepts like outcome, reward, and epistemic dependence, and their links to potential integration risks; and (2) present real-world applications of this ontology to analyze and support integration in complex government infrastructure projects. Our ontology is implemented and validated in both Z3 and OWL. Key features of our model include inferable dependencies, explainable coordination and cooperation risks, and actionable insights on how dependency structures within an organization can be altered to mitigate the risks. Conceptualizing real-world challenges like incentive misalignment, free-riding, and subgoal optimization in terms of dependency structures, our semantics-based approach represents a novel method for modelling and enhancing coordination and cooperation. Integrated within a decision-support system, our model may serve as an impactful aid for organizational design and effectiveness. More broadly, our approach underscores the transformative potential of semantics in deriving tangible, real-world value from existing organization theory.

Artificial Intelligence

Jos Hj Hoofs,Dorthe O Klein,Alan Bleakley,Roger Jmw Rennenberg,Jos HJ. Hoofs,Dorthe O. Klein,Roger JMW Rennenberg

DOI: https://doi.org/10.1097/pts.0000000000001229

2024-03-27

Journal of Patient Safety

Abstract:As medical error statistics have become more widely disseminated among healthcare organizations, patient safety initiatives have proliferated. These, however, tend to be ad hoc rather than systematic, and both poorly researched and theorized. A major issue with framing research-based interventions in the field of patient safety has in general been reliance upon linear, problem-solving methods (e.g., modeled as a jigsaw where missing components can be identified, and a solution can be engineered). Embedding patient safety initiatives, however, is not just about establishing linear protocols, but changing the habits of complex organizations, beginning at the level of the clinical team. For this, we need more knowledge on complexity theory. 1,2 With the introduction of Safety II, there is upcoming attention for the complexity in health care. Functional Resonance Analysis Method (FRAM) is a good start when adopting a Safety II approach, but we believe that "work as experienced" and the cultural-historical aspect is underexposed in this method. 3

health care sciences & services,health policy & services

Ninna Meier,Karen Ingerslev

DOI: https://doi.org/10.1080/14697017.2023.2216204

2023-05-29

Journal of Change Management

Abstract:Simulation can be a powerful vehicle for prospective sensemaking, especially in organizational change processes where actors' ability to engage with possible futures is essential. Yet, the way that actors enact different potential futures together via simulation has not been fully explored nor investigated across different contexts. We report on a qualitative study of how healthcare staff in an emergency department (ED) made sense of a planned change process via a simulation tool to explore how moving into a new building might impact their work. We observed simulation sessions and interviewed managers and staff. Using sensemaking theory, we analyse how actors engaged in iterations of different forms of prospective sensemaking together, both in the simulated organizational change and of the organizational change process itself. We found that the way actors used their bodies and the simulation tool to experience potential changes in work environment and work processes elicited emotions such as worry and excitement and deliberations about consequences and potential actions. Our study highlights the interwoven embodied, material and emotional elements of prospective sensemaking: through simulation, we experience and feel the possible futures that can arise from change. MAD statement This article demonstrates how simulation tools can facilitate sensemaking of organizational change in and between individuals. It shows how simulations of work in future physical surroundings can elicit strong emotions such as worry and hope for the imagined futures. The findings shed light on how people, who are trying to explore what organizational change might mean for them and their work, relate to desired and undesired futures through their bodies and physical surroundings. Such prospective sensemaking is a significant driver of organizational change. Therefore, understanding the embodied, material and emotional aspects underpinning such processes is important for both scholarship and practice.

Cyril Onwubiko

DOI: https://doi.org/10.22619/IJCSA.2020.100134

2022-02-08

Abstract:Cybersecurity operations, CyberOps, is the use and application of cybersecurity capabilities to a domain, department, organisation or nation. It is fundamentally to protect digital investments, contribute to national economic wellbeing by providing a safe, secure and conducive environment to conduct business and to protect national critical national infrastructures and citizens welfare. In this paper, we investigate operational factors that influence situational awareness of CyberOps, specifically, the features that deals with understanding and comprehension of operational and human factors aspects and that helps with insights on human operator decision making such as cognition, teamwork, knowledge, skills and abilities. The operational factors discussed in this paper range from tools, techniques, integration, architecture to automation, cognition, people, policy, process and procedures.

Cryptography and Security,Networking and Internet Architecture

Ahmed Abbasi,Yilu Zhou,Shasha Deng,Pengzhu Zhang

DOI: https://doi.org/10.25300/misq/2018/13239

IF: 7.3

2018-01-01

MIS Quarterly

Abstract:Social media and online communities provide organizations with new opportunities to support their business-related functions. Despite their various benefits, social media technologies present two important challenges for sense-making. First, online discourse is plagued by incoherent, intertwined conversations that are often difficult to comprehend. Moreover, organizations are increasingly interested in understanding social media participants’ actions and intentions; however, existing text analytics tools mostly focus on the semantic dimension of language. The language-action perspective (LAP) emphasizes pragmatics; not what people say but, rather, what they do with language. Adopting the design science paradigm, we propose a LAP-based text analytics framework to support sense-making in online discourse. The proposed framework is specifically intended to address the two aforementioned challenges associated with sense-making in online discourse: the need for greater coherence and better understanding of actions. We rigorously evaluate a system that is developed based on the framework in a series of experiments using a test bed encompassing social media data from multiple channels and industries. The results demonstrate the utility of each individual component of the system, and its underlying framework, in comparison with existing benchmark methods. Furthermore, the results of a user experiment involving hundreds of practitioners, and a four-month field experiment in a large organization, underscore the enhanced sense-making capabilities afforded by text analytics grounded in LAP principles. The results have important implications for online sense-making and social media analytics.

Amy Ertan,Georgia Crossland,Claude Heath,David Denny,Rikke Jensen

DOI: https://doi.org/10.48550/arXiv.2004.11768

2020-04-24

Abstract:This review explores the academic and policy literature in the context of everyday cyber security in organisations. In so doing, it identifies four behavioural sets that influences how people practice cyber security. These are compliance with security policy, intergroup coordination and communication, phishing/email behaviour, and password behaviour. However, it is important to note that these are not exhaustive and they do not exist in isolation. In addition, the review explores the notion of security culture as an overarching theme that overlaps and frames the four behavioural sets. The aim of this review is therefore to provide a summary of the existing literature in the area of everyday cyber security within the social sciences, with a particular focus on organisational contexts. In doing so, it develops a series of suggestions for future research directions based on existing gaps in the literature. The review also includes a theoretical lens that will aid the understanding of existing studies and wider literatures. Where possible, the review makes recommendations for organisations in relation to everyday cyber security.

Computers and Society

Harrison Stewart,Jan Jürjens

DOI: https://doi.org/10.1108/ics-07-2016-0054

2017-11-13

Information and Computer Security

Abstract:Purpose The aim of this study is to encourage management boards to recognize that employees play a major role in the management of information security. Thus, these issues need to be addressed efficiently, especially in organizations in which data are a valuable asset. Design/methodology/approach Before developing the instrument for the survey, first, effective measurement built upon existing literature review was identified and developed and the survey questionnaires were set according to past studies and the findings based on qualitative analyses. Data were collected by using cross-sectional questionnaire and a Likert scale, whereby each question was related to an item as in the work of Witherspoon et al. (2013). Data analysis was done using the SPSS.3B. Findings Based on the results from three surveys and findings, a principle of information security compliance practices was proposed based on the authors’ proposed nine-five-circle (NFC) principle that enhances information security management by identifying human conduct and IT security-related issues regarding the aspect of information security management. Furthermore, the authors’ principle has enabled closing the gap between technology and humans in this study by proving that the factors in the present study’s finding are interrelated and work together, rather than on their own. Research limitations/implications The main objective of this study was to address the lack of research evidence on what mobilizes and influences information security management development and implementation. This objective has been fulfilled by surveying, collecting and analyzing data and by giving an account of the attributes that hinder information security management. Accordingly, a major practical contribution of the present research is the empirical data it provides that enable obtaining a bigger picture and precise information about the real issues that cause information security management shortcomings. Practical implications In this sense, despite the fact that this study has limitations concerning the development of a diagnostic tool, it is obviously the main procedure for the measurements of a framework to assess information security compliance policies in the organizations surveyed. Social implications The present study’s discoveries recommend in actuality that using flexible tools that can be scoped to meet individual organizational needs have positive effects on the implementation of information security management policies within an organization. Accordingly, the research proposes that organizations should forsake the oversimplified generalized guidelines that neglect the verification of the difference in information security requirements in various organizations. Instead, they should focus on the issue of how to sustain and enhance their organization’s compliance through a dynamic compliance process that involves awareness of the compliance regulation, controlling integration and closing gaps. Originality/value The rapid growth of information technology (IT) has created numerous business opportunities. At the same time, this growth has increased information security risk. IT security risk is an important issue in industrial sectors, and in organizations that are innovating owing to globalization or changes in organizational culture. Previously, technology-associated risk assessments focused on various technology factors, but as of the early twenty-first century, the most important issue identified in technology risk studies is the human factor.

Muffy Calder,Simon Dobson,Michael Fisher,Julie McCann

DOI: https://doi.org/10.48550/arXiv.1803.10478

2019-02-06

Abstract:Sensor-driven systems are increasingly ubiquitous: they provide both data and information that can facilitate real-time decision-making and autonomous actuation, as well as enabling informed policy choices by service providers and regulators. But can we guarantee these system do what we expect, can their stake-holders ask deep questions and be confident of obtaining reliable answers? This is more than standard software engineering: uncertainty pervades not only sensors themselves, but the physical and digital environments in which these systems operate. While we cannot engineer this uncertainty away, through the use of models we can manage its impact in the design, development and deployment of sensor network software. Our contribution consists of two new concepts that improve the modelling process: frames of reference bringing together the different perspectives being modelled and their context; and the roles of different types of model in sensor-driven systems. In this position paper we develop these new concepts, illustrate their application to two example systems, and describe some of the new research challenges involved in modelling for assurance.

Software Engineering