6 minute read
A Scholar in Security
Photo by Megan Bean
A Scholar in Security
By Carolanne Roberts
Turn back the clock to late summer. At this time, Dr. Merrill Warkentin had 19 articles under review at academic journals throughout the United States and abroad, with 15 more researched and nearly ready for submission to yet more publications. That’s a total of 34 in a short window – not unusual for Warkentin, but for many professors it would be record breaking.
Add to that his more than 300 published manuscripts and his status as one of the 150 most cited information systems scholars globally, with 15,000 citations, and Warkentin clearly emerges as a leader in his field. Warkentin has also written seven books, is Editor-in-Chief of the Journal of Intellectual Capital and holds editorial roles at other journals. Last year, he was named a Distinguished Member for Outstanding Scientific Contributions to Computing by the Association for Computing Machinery – the first person in Mississippi ever to earn the honor.
Obviously, this isn’t just any professor. He’s prolific, yes, but he also generates subject matter that is even more impressive than the quantity of his output.
“It’s fascinating,” says Warkentin, the James J. Rouse Endowed Professor of Information Systems and a William L. Giles Distinguished Professor. “My field generates so many interesting research questions, which will keep me busy for years.”
That field, essentially, is online security and privacy.
Early on, Warkentin saw threats lurking behind the excitement that surrounded the introduction of the Internet.
“I don’t think anyone had an inkling of the many ways bad people could use technology for nefarious gains, but I did recognize the negative potential of it,” he says. “I published an article in 1992 in our top journal about security, based on some data we collected from companies in 1988 and 1989. The average person wasn’t using computers, but companies were. What we found was that most CEOs
Warkentin is teaching the next generation of scholars in security and privacy behaviors.
Photo by Megan Bean
thought other companies were more vulnerable than they were. It’s called ‘optimism bias.’”
Headlines and history have taken the edge off optimism bias; Warkentin’s research has led the way to insights at every juncture.
“I look at the threat factors and what we do to attack those factors to make ourselves safer,” he explains. “Should you open certain emails or links? It’s no longer enough to suggest we all pick strong passwords.”
He also studies human behavior as it relates to technology. “I’m working on ‘learned resignation’ projects,” he shares. “We’re doing research on why people develop apathy about their privacy. Another is about ‘herd behavior,’ things people do without thinking about them. Or how people pick passwords out of habit.
“We study individuals. For instance, what kind of person is vulnerable? Our research shows that individuals who rank high on the agreeable/conscientiousness scale are likely to act in more secure ways. We look at social media questions like why some people are addicted to Facebook or why some users get very envious of others they see on Facebook.”
At MSU, Warkentin works primarily with PhD and master’s students. “My students are interested in learning to creatively explore some of these research questions so we can have a firmer understanding of the more nuanced aspects of security and privacy behaviors,” he says.
The program includes eight students – five on assistantship, two working full time for the University and one foreign student with financial support from his government – and five tenuretrack faculty members, as well as several other faculty. PhD candidates at times co-author articles with their professor.
“Maybe the biggest part of my teaching is leading young minds down the path to becoming scholars,” he remarks.
His teaching, however, extends beyond campus, as he shares his knowledge through international speaking engagements. In the coming months, he’ll travel to Montreal and Italy, among other destinations, to address conferences.
“Most academic audiences are interested in how we study security phenomena, the research methods I use – which include collecting data through experiments, surveys and field studies – and any advice I can give individuals on their projects,” Warkentin says.
He adds that he has also worked in the field of national security, having consulted with NATO on certain topics.
“I have a current project where we evaluate how the United States, New Zealand, Australia, the UK and Canada set policy to help their citizens be more secure,” he says.
Warkentin’s work has received funding from NATO, the National Science Foundation, the National Security Agency, the U.S. Department of Defense, Homeland Security, IBM and others. This all emanates from Starkville, MS, where the professor is in his 19th year of teaching and researching.
“I’ve lived in Boston and Washington [DC] and find everything is a trade-off,” he says of his career choices. “I could live someplace with an Ethiopian restaurant or a store that sells nothing but kites, but here I have a six-minute commute, there’s low crime and I can go home for lunch. I love my workplace. The people I work with are friendly – MSU is consistently one of the highestrated universities in terms of employee satisfaction – and we are treated with respect. I could go somewhere else and make more money, but I might not be as happy.”
And who wouldn’t be happy living, as he and his wife do, on a lake where, he says, “We’re surrounded by water and Canada geese, bald eagles and nature – I love to watch the big thunderstorms roll in on the open sky with no trees to block the view.”
Warkentin laughs, “Someone once said the best thing about being a full professor is that you get to choose which 70 hours you work a week. And I do work a lot, but I also make room for adventure.”
He, for instance, has bungee-jumped three times, having recently jumped off the tallest building in New Zealand. He has enjoyed skydiving and whitewater rafting, and he flies his own Piper Cherokee aircraft. He shrugs off the notion of danger – after all, this is a professor who studies all manners of dangerous activity.
“I reject the idea that these are daredevil things,” Warkentin says. “I have no death wish. I just like to have some excitement!”
What he does back on campus is exciting too, and it leads us forward. When asked for practical guidance, Warkentin is happy to pluck from his arsenal of advice, based, of course, on his research. “The majority of people just aren’t cautious,” he begins. “They foolishly open attachments, click on links they shouldn’t and will answer their phone and reveal things they should never say. Part of our research has been to drill down to what types of individuals are more likely to exhibit this behavior, then see what we can do to mitigate it.”
The need-to-know counsel he offers is scary but true: “Shields up! Be more careful. They’re out to get you. They really are.”
Now go change those passwords, thanking our professor as you do.
