kth.sePublications
Change search
Link to record
Permanent link

Direct link
Alternative names
Publications (10 of 80) Show all publications
Franke, U. (2024). Att utveckla och implementera cybersäkerhetspolicy: Lärdomar från den finansiella sektorn. Statsvetenskaplig Tidskrift, 126(2), 251-272
Open this publication in new window or tab >>Att utveckla och implementera cybersäkerhetspolicy: Lärdomar från den finansiella sektorn
2024 (Swedish)In: Statsvetenskaplig Tidskrift, ISSN 0039-0747, Vol. 126, no 2, p. 251-272Article in journal (Refereed) Published
Abstract [en]

Modern society is increasingly dependent on digital services, making their dependability a top priority. But while there is a consensus that cybersecurity is important, there is no corresponding agreement on the true extent of the problem, the most effective countermeasures, or the proper division of labor and responsibilities. This makes cybersecurity policy very difficult. This article addresses this issue based on observations and experiences from a period of guest research at the Swedish Financial Supervisory Authority (Finansinspektionen), which made it possible to study how cybersecurity policy is developed and implemented in the Swedish financial sector. Observations include policy implementation challenges related to squaring different roles and perspectives mandated by different laws, and to collaboration between independent government authorities, but also policy development challenges: How can the full range of perspectives and tools be included in cybersecurity policy development? As Sweden now revises its cybersecurity policy, this is a key issue.

National Category
Computer and Information Sciences Political Science
Identifiers
urn:nbn:se:kth:diva-351288 (URN)
Funder
Swedish Foundation for Strategic Research, SM22-0057
Note

Den aktuella studien är finansierad av Stiftelsen för Strategisk Forskning (avtalsnummer SM22-0057)

QC 20240807

Available from: 2024-08-06 Created: 2024-08-06 Last updated: 2024-08-07Bibliographically approved
Andreasson, A., Artman, H., Brynielsson, J. & Franke, U. (2024). Cybersecurity work at Swedish administrative authorities: taking action or waiting for approval. Cognition, Technology & Work
Open this publication in new window or tab >>Cybersecurity work at Swedish administrative authorities: taking action or waiting for approval
2024 (English)In: Cognition, Technology & Work, ISSN 1435-5558, E-ISSN 1435-5566Article in journal (Refereed) Epub ahead of print
Abstract [en]

In recent years, the Swedish public sector has undergone rapid digitalization, while cybersecurity efforts have not kept even steps. This study investigates conditions for cybersecurity work at Swedish administrative authorities by examining organizational conditions at the authorities, what cybersecurity staff do to acquire the cyber situation awareness required for their role, as well as what experience cybersecurity staff have with incidents. In this study, 17 semi-structured interviews were held with respondents from Swedish administrative authorities. The results showed the diverse conditions for cybersecurity work that exist at the authorities and that a variety of roles are involved in that work. It was found that national-level support for cybersecurity was perceived as somewhat lacking. There were also challenges in getting access to information elements required for sufficient cyber situation awareness.

National Category
Computer and Information Sciences
Research subject
Human-computer Interaction
Identifiers
urn:nbn:se:kth:diva-354123 (URN)10.1007/s10111-024-00779-1 (DOI)
Funder
Swedish Armed Forces
Note

QC 20240930

Available from: 2024-09-29 Created: 2024-09-29 Last updated: 2024-09-30Bibliographically approved
Franke, U. (2024). Livspusslet: Rilke och Nozick. In: Katarina O'Nils Franke (Ed.), Rilke och filosoferna: (pp. 79-86). Malmö: Ellerströms förlag
Open this publication in new window or tab >>Livspusslet: Rilke och Nozick
2024 (Swedish)In: Rilke och filosoferna / [ed] Katarina O'Nils Franke, Malmö: Ellerströms förlag, 2024, p. 79-86Chapter in book (Other (popular science, discussion, etc.))
Place, publisher, year, edition, pages
Malmö: Ellerströms förlag, 2024
Keywords
Rainer Maria Rilke, Robert Nozick
National Category
Philosophy
Identifiers
urn:nbn:se:kth:diva-351289 (URN)9789172477308 (ISBN)
Note

QC 20240815

Available from: 2024-08-06 Created: 2024-08-06 Last updated: 2024-08-15Bibliographically approved
Franke, U. (2024). Rawlsian Algorithmic Fairness and a Missing Aggregation Property of the Difference Principle. Philosophy & Technology, 37(3), Article ID 87.
Open this publication in new window or tab >>Rawlsian Algorithmic Fairness and a Missing Aggregation Property of the Difference Principle
2024 (English)In: Philosophy & Technology, ISSN 2210-5433, E-ISSN 2210-5441, Vol. 37, no 3, article id 87Article in journal (Refereed) Published
Abstract [en]

Modern society makes extensive use of automated algorithmic decisions, fueled by advances in artificial intelligence. However, since these systems are not perfect, questions about fairness are increasingly investigated in the literature. In particular, many authors take a Rawlsian approach to algorithmic fairness. Based on complications with this approach identified in the literature, this article discusses how Rawls’s theory in general, and especially the difference principle, should reasonably be applied to algorithmic fairness decisions. It is observed that proposals to achieve Rawlsian algorithmic fairness often aim to uphold the difference principle in the individual situations where automated decision-making occurs. However, the Rawlsian difference principle applies to society at large and does not aggregate in such a way that upholding it in constituent situations also upholds it in the aggregate. But such aggregation is a hidden premise of many proposals in the literature and its falsity explains many complications encountered.

Place, publisher, year, edition, pages
Springer Nature, 2024
Keywords
Algorithmic fairness, Difference principle
National Category
Ethics Philosophy Information Systems
Identifiers
urn:nbn:se:kth:diva-350973 (URN)10.1007/s13347-024-00779-z (DOI)2-s2.0-85198326990 (Scopus ID)
Note

QC 20240724

Available from: 2024-07-24 Created: 2024-07-24 Last updated: 2024-07-24Bibliographically approved
Franke, U. (2023). Algorithmic Fairness, Risk, and the Dominant Protective Agency. Philosophy & Technology, 36(4), Article ID 76.
Open this publication in new window or tab >>Algorithmic Fairness, Risk, and the Dominant Protective Agency
2023 (English)In: Philosophy & Technology, ISSN 2210-5433, E-ISSN 2210-5441, Vol. 36, no 4, article id 76Article in journal, Editorial material (Refereed) Published
Abstract [en]

With increasing use of automated algorithmic decision-making, issues of algorithmic fairness have attracted much attention lately. In this growing literature, existing concepts from ethics and political philosophy are often applied to new contexts. The reverse—that novel insights from the algorithmic fairness literature are fed back into ethics and political philosophy—is far less established. However, this short commentary on Baumann and Loi (Philosophy & Technology, 36(3), 45 2023) aims to do precisely this. Baumann and Loi argue that among algorithmic group fairness measures proposed, one—sufficiency (well-calibration) is morally defensible for insurers to use, whereas independence (statistical parity or demographic parity) and separation (equalized odds) are not normatively appropriate in the insurance context. Such a result may seem to be of relatively narrow interest to insurers and insurance scholars only. We argue, however, that arguments such as that offered by Baumann and Loi have an important but so far overlooked connection to the derivation of the minimal state offered by Nozick (1974) and thus to political philosophy at large.

Place, publisher, year, edition, pages
Springer Science and Business Media B.V., 2023
Keywords
Algorithmic fairness, Anarchy, state, and utopia, Insurance, Risk
National Category
Philosophy Ethics
Identifiers
urn:nbn:se:kth:diva-341515 (URN)10.1007/s13347-023-00684-x (DOI)2-s2.0-85179339774 (Scopus ID)
Note

QC 20231221

Available from: 2023-12-21 Created: 2023-12-21 Last updated: 2023-12-21Bibliographically approved
Barreto, C., Reinert, O., Wiesinger, T. & Franke, U. (2023). Duopoly insurers’ incentives for data quality under a mandatory cyber data sharing regime. Computers & security (Print), 131, 1-16, Article ID 103292.
Open this publication in new window or tab >>Duopoly insurers’ incentives for data quality under a mandatory cyber data sharing regime
2023 (English)In: Computers & security (Print), ISSN 0167-4048, E-ISSN 1872-6208, Vol. 131, p. 1-16, article id 103292Article in journal (Refereed) Published
Abstract [en]

We study the impact of data sharing policies on cyber insurance markets. These policies have been proposed to address the scarcity of data about cyber threats, which is essential to manage cyber risks. We propose a Cournot duopoly competition model in which two insurers choose the number of policies they offer (i.e., their production level) and also the resources they invest to ensure the quality of data regarding the cost of claims (i.e., the data quality of their production cost). We find that enacting mandatory data sharing sometimes creates situations in which at most one of the two insurers invests in data quality, whereas both insurers would invest when information sharing is not mandatory. This raises concerns about the merits of making data sharing mandatory.

Place, publisher, year, edition, pages
Elsevier, 2023
Keywords
Cyber risk, Data sharing, Data quality, Cyber insurance, Cournot model
National Category
Computer and Information Sciences Economics
Identifiers
urn:nbn:se:kth:diva-330423 (URN)10.1016/j.cose.2023.103292 (DOI)001010638900001 ()2-s2.0-85160592819 (Scopus ID)
Note

QC 20230630

Available from: 2023-06-30 Created: 2023-06-30 Last updated: 2023-07-06Bibliographically approved
Franke, U. (2023). En oavslutad dikt om ett oavslutat uppror. Slovo: Journal of Slavic Languages, Literatures and Cultures, 63, 64-73
Open this publication in new window or tab >>En oavslutad dikt om ett oavslutat uppror
2023 (Swedish)In: Slovo: Journal of Slavic Languages, Literatures and Cultures, E-ISSN 2001-7359, Vol. 63, p. 64-73Article in journal (Other (popular science, discussion, etc.)) Published
Abstract [en]

The legendary Russian literary critic Belinsky famously described Pushkin’s novel in verse Eugene Onegin as an encyclopedia of Russian life. However, this encyclopedia seems seriously incomplete in that it largely leaves out elements of oppression, war, and insurrection. There are many valid explanations for this, but one, very blunt and prosaic, is that oppression and censorship actually worked – that it is absent in the fiction because it was present in reality. As a case in point, this article presents a novel translation into Swedish, with rhymes and meter preserved, of the fragments remaining of the unfinished tenth chapter of Eugene Onegin. This tenth chapter deals with the failed Decembrist uprising of 1825, and the misrule precipitating it, and it is not surprising that it could not be published at the time it was written. Though well known in the academic community, this fragment is rarely published in foreign translations, and as far as known, this is the first translation into a Scandinavian language. The article offers some commentary on the translation and concludes with a few remarks on the value of reading the classics even in times of turmoil.

Place, publisher, year, edition, pages
Uppsala universitet, 2023
National Category
Languages and Literature
Identifiers
urn:nbn:se:kth:diva-342313 (URN)
Note

QC 20240115

Available from: 2024-01-15 Created: 2024-01-15 Last updated: 2024-07-04Bibliographically approved
Besker, T., Franke, U. & Axelsson, J. (2023). Navigating the Cyber-Security Risks and Economics of System-of-Systems. In: 2023 18th Annual System of Systems Engineering Conference, SoSe 2023: . Paper presented at 18th Annual System of Systems Engineering Conference, SoSe 2023, Lille, France, Jun 14 2023 - Jun 16 2023. Institute of Electrical and Electronics Engineers (IEEE)
Open this publication in new window or tab >>Navigating the Cyber-Security Risks and Economics of System-of-Systems
2023 (English)In: 2023 18th Annual System of Systems Engineering Conference, SoSe 2023, Institute of Electrical and Electronics Engineers (IEEE) , 2023Conference paper, Published paper (Refereed)
Abstract [en]

Cybersecurity is an important concern in systems-of-systems (SoS), where the effects of cyber incidents, whether deliberate attacks or unintentional mistakes, can propagate from an individual constituent system (CS) throughout the entire SoS. Unfortunately, the security of an SoS cannot be guaranteed by separately addressing the security of each CS. Security must also be addressed at the SoS level. This paper reviews some of the most prominent cybersecurity risks within the SoS research field and combines this with the cyber and information security economics perspective. This sets the scene for a structured assessment of how various cyber risks can be addressed in different SoS architectures. More precisely, the paper discusses the effectiveness and appropriateness of five cybersecurity policy options in each of the four assessed SoS archetypes and concludes that cybersecurity risks should be addressed using both traditional design-focused and more novel policy-oriented tools.

Place, publisher, year, edition, pages
Institute of Electrical and Electronics Engineers (IEEE), 2023
Keywords
Cyber Security Investment, Cybersecurity, Economics, Incentives, System-of-Systems
National Category
Computer Systems
Identifiers
urn:nbn:se:kth:diva-335059 (URN)10.1109/SoSE59841.2023.10178677 (DOI)2-s2.0-85166741236 (Scopus ID)
Conference
18th Annual System of Systems Engineering Conference, SoSe 2023, Lille, France, Jun 14 2023 - Jun 16 2023
Note

Part of ISBN 9798350327236

QC 20230831

Available from: 2023-08-31 Created: 2023-08-31 Last updated: 2023-08-31Bibliographically approved
Franke, U. (2022). Algorithmic Political Bias—an Entrenchment Concern. Philosophy & Technology, 35(3), Article ID 75.
Open this publication in new window or tab >>Algorithmic Political Bias—an Entrenchment Concern
2022 (English)In: Philosophy & Technology, ISSN 2210-5433, E-ISSN 2210-5441, Vol. 35, no 3, article id 75Article in journal (Refereed) Published
Abstract [en]

This short commentary on Peters (Philosophy & Technology 35, 2022) identifies the entrenchment of political positions as one additional concern related to algorithmic political bias, beyond those identified by Peters. First, it is observed that the political positions detected and predicted by algorithms are typically contingent and largely explained by “political tribalism”, as argued by Brennan (2016). Second, following Hacking (1999), the social construction of political identities is analyzed and it is concluded that algorithmic political bias can contribute to such identities. Third, following Nozick (1989), it is argued that purist political positions may stand in the way of the pursuit of all worthy values and goals to be pursued in the political realm and that to the extent that algorithmic political bias entrenches political positions, it also hinders this healthy “zigzag of politics”. 

Place, publisher, year, edition, pages
Springer Nature, 2022
National Category
Political Science
Identifiers
urn:nbn:se:kth:diva-326184 (URN)10.1007/s13347-022-00562-y (DOI)2-s2.0-85135247844 (Scopus ID)
Note

QC 20230502

Available from: 2023-05-02 Created: 2023-05-02 Last updated: 2023-05-02Bibliographically approved
Franke, U., Andreasson, A., Artman, H., Brynielsson, J., Varga, S. & Vilhelm, N. (2022). Cyber situational awareness issues and challenges. In: Ahmed A. Moustafa (Ed.), Cybersecurity and Cognitive Science: (pp. 235-265). Elsevier
Open this publication in new window or tab >>Cyber situational awareness issues and challenges
Show others...
2022 (English)In: Cybersecurity and Cognitive Science / [ed] Ahmed A. Moustafa, Elsevier , 2022, p. 235-265Chapter in book (Other academic)
Abstract [en]

Today, most enterprises are increasingly reliant on information technology to carry out their operations. This also entails an increasing need for cyber situational awareness—roughly, to know what is going on in the cyber domain, and thus be able to adequately respond to events such as attacks or accidents. This chapter argues that cyber situational awareness is best understood by combining three complementary points of view: the technological, the socio-cognitive, and the organizational perspectives. In addition, the chapter investigates the prospects for reasoning about adversarial actions. This part also reports on a small empirical investigation where participants in the Locked Shields cyber defense exercise were interviewed about their information needs with respect to threat actors. The chapter is concluded with a discussion regarding important challenges to be addressed along with suggestions for further research.

Place, publisher, year, edition, pages
Elsevier, 2022
Keywords
Adversarial behavior, Cognition, Cyber situational awareness, Organization, Technology
National Category
Computer and Information Sciences
Identifiers
urn:nbn:se:kth:diva-319570 (URN)10.1016/B978-0-323-90570-1.00015-2 (DOI)2-s2.0-85137911650 (Scopus ID)
Funder
Swedish Armed Forces
Note

Part of book: ISBN 978-0-323-90570-1, QC 20221214

Available from: 2022-12-13 Created: 2022-12-13 Last updated: 2022-12-14Bibliographically approved
Organisations
Identifiers
ORCID iD: ORCID iD iconorcid.org/0000-0003-2017-7914

Search in DiVA

Show all publications