Research Philosophy
My research program addresses the critical need to understand how socio-cultural factors influence security outcomes. Previous studies have identified a knowledge gap in the interpretation of cybersecurity from the human perspective.
I believe that for cybersecurity technologies and systems to be effective, they must be designed with people in mind; otherwise, their impact will be limited. My work focuses on bridging this gap, ensuring technology design can better integrate usability and privacy without sacrificing security.
Research Focus & Publications
My current focus is on five high-level areas pertaining to the intersection of cybersecurity and socio-cultural factors:
- Cyber Risk Quantification & Modelling: Examining approaches for cyber insurance and risk modeling.
- Human Factors & Behavioral Science: Exploring how socio-cultural factors contribute to human errors in cyber incidents and how applied behavioral science can mitigate these.
- Usability and Security: Understanding and improving the balance between these two critical aspects to enhance user adoption of cybersecurity products and services.
- Privacy and Security Risks from Usage Patterns: Identifying risks inherent in how users interact with digital technologies.
- Digital Transformation Impacts: Analyzing disruptions in supply chains and outsourcing relationships related to digital changes.
Project Funding
Key deliverables from my research extend beyond high-quality journal and conference publications. A major focus is on attracting significant external and internal funding—over $3M AUD has been acquired across various projects—and extending research impact to the general public through reports, articles, and media engagements.
I am actively involved in establishing collaborative research opportunities with academic and research institutions globally, including Carnegie Mellon University, the National University of Malaysia (UKM), Korea University etc. to foster a broad and expanding research scope.
The list of projects funded to date (June 2025) are listed as per below:
| Project Name | Amount (AUD) | Funding Body |
|---|---|---|
| Quantum Automation for Cyber Defence | $479K | Australian Economic Accelerator (AEA) |
| Designing and Delivering a Cybersecurity Code of Practice for a Malaysian Critical National Infrastructure Provider | $504K | Australian Department of Foreign Affairs and Trade (DFAT) |
| Building Malaysia’s Cyber Leadership: A Bespoke Training Program for Operators of Critical Infrastructure | $260K | Australian Department of Foreign Affairs and Trade (DFAT) |
| Developing Malaysia’s Cyber Resilience Through Research-Informed and Standards-Based Training in Strategic Thinking and Cyber Leadership | $405K | Australian Department of Foreign Affairs and Trade (DFAT) & National Cyber Security Agency of Malaysia (NACSA) |
| Developing Malaysia’s Cyber Incident Response Capability | $550K | Australian Department of Foreign Affairs and Trade (DFAT) & National Cyber Security Agency of Malaysia (NACSA) |
| Usability Framework for Verifiable Credentials | $58K | CSIRO & BUPA HI Pty Ltd |
| Privacy Enhancing Digital Identity Wallets | $325K | Tata Consulting Services & Cyber Security CRC |
| Cyber Harm Prevention Program – Feasibility Study | $255K | Victorian Managed Insurance Authority |
| Usable Security for Physical Authentication Devices | $100K | Deakin University & Cyber Security CRC |
Research Outcomes
Outcomes from this research have resulted in the following:
JOURNAL PUBLICATIONS
- [1] Jeong, Shah, Nanda, Doss, Nosouhi & Webb (2024), User Characteristics and Its Impact on Usable Security for Physical Authentication Devices, IEEE Transactions on Human-Machine Systems. DOI: 10.1109/thms.2024.3421538
- [2] Jeong & Nanda*, Shah, Doss & Nosouhi (2024), Improving User Perceptions on Physical Authentication Devices through Enhanced Usable Security Features, Computers & Security. DOI: 10.1016/j.cose.2024.103664
- [3] Nosouhi, Sood, Chamola, Jeong & Gaddam (2023), Towards Quantum Secure SDN–IoT Networks, IET Quantum Communication. DOI: 10.1049/qtc2.12053
- [4] Nanda, Sha, Jeong & Doss (2023), Towards Higher Levels of Assurance in Remote Identity Proofing, IEEE Consumer Electronics Magazine. DOI: 10.1109/MCE.2023.3256640
- [5] Jeong, Zolotavkin and Doss (2022), Examining the Current Status of Continuous Authentication Technologies through Social Network Analysis, ACM Computing Surveys. DOI: 10.1145/3533705
- [6] Jeong & Zolotavkin*, Kuchta, Slavnenko and Doss (2022), Improving Unlinkability of Attribute Based Authentication through Game Theory, ACM Transactions on Privacy and Security. DOI: 10.1145/3501260
- [7] Jeong, Oliver, Kang, Creese and Thomas (2021), The Current State of Research on People, Culture and Cybersecurity, Personal and Ubiquitous Computing. DOI: 10.1007/s00779-021-01591-8
- [8] Grobler, Chamikara, Abbott, Jeong, Nepal and Paris (2020), The Importance of Social Identity on Password Formulations, Personal and Ubiquitous Computing. DOI: 10.1007/s00779-020-01477-1
CONFERENCE PUBLICATIONS
- [1] Jeong & Ahmad (2025), The Psychological Contract and Its Impact on Relationship Quality in IT Outsourcing, Pacific Asia Conference on Information Systems (PACIS).
- [2] Jeong, Shah, Nanda, Nosouhi & Doss (2025), Improving the Adoption of Physical Authentication Devices through Enhanced Usable Security Features, International Conference on Human-Computer Interaction (HCII).
- [3] Nuha, Zahidah, Jeong, Ahmad & Maynard (2025), Ethical Thinking in Cyber Resilience: Lessons from Malaysian Cyber Leaders, International Congress on Information and Communication Technology (ICICT).
- [4] Talib, Nuha, Jeong, Ahmad & Maynard (2024), Strategic Thinking for Cyber Resilience from the Perspectives of Malaysian Public Sector, IEEE International Conference on Computing, Engineering, and Design Building (ICCED).
- [5] Hawash, Mokhtar, Jeong, Maynard, Shukur, Abdullah, Razali, Lim & Ahmad (2024), Cyber Situational Awareness in Security Operation Centres, Pacific Asia Conference on Information Systems (PACIS). (No direct DOI for individual paper yet, see proceedings at https://aisel.aisnet.org/pacis2024/track07_secprivacy/track07_secprivacy/8)
- [6] Jeong, Yang, Doss, Gauravaram, Wang, Abdelrazek, Nanda & Viswanathan (2024), Addressing the Privacy by Use Challenges in Verifiable Credential based Digital Wallets, ACM ASIA Conference on Computer and Communications Security (AsiaCCS).
- [7] Sinclair & Jeong (2022), The Critical Success Factors of Managing Insourced Chinese IT Teams in Cross-cultural Environments, Pacific Asia Conference on Information Systems (PACIS).
- [8] Jeong, Grobler and Chamikara (2022), Optimising Cybersecurity Maturity Assessments through National Culture, Hawaii International Conference on System Sciences (HICSS).
- [9] Lalchandani, Jeong, Zolotavkin, Jiang and Doss (2021), Evaluating the Current State of Application Programming Interfaces for Verifiable Credentials, IEEE International Conference on Privacy, Security and Trust (IEEE PST). DOI: 10.1109/PST52912.2021.9647805
- [10] Slavnenko, Zolotavkin, Jeong, Kuchta and Doss (2021), Enhancing Privacy Through DMMA: Decision-Making Method for Authentication, IEEE International Conference on Trust, Security and Privacy in Computing and Communications (IEEE TRUSTCOM). DOI: 10.1109/TrustCom53373.2021.00055
- [11] Jeong, Grobler, Chamikara and Rudolph (2019), Fuzzy logic application to link national culture and cybersecurity maturity, IEEE International Conference on Collaboration and Internet Computing (IEEE CIC). DOI: 10.1109/CIC48465.2019.00062
- [12] Jeong, Mihelcic, Oliver and Rudolph (2019), Towards an Improved Understanding of Human Factors in Cybersecurity, IEEE International Conference on Collaboration and Internet Computing (IEEE CIC). DOI: 10.1109/CIC48465.2019.00047
- [13] Jeong, Kurnia, Samson and Cullen (2018), Psychological Contract in IT Outsourcing, Psychological Contract in IT Outsourcing: A Systematic Literature Review, Hawaii International Conference on System Sciences (HICSS).
- [14] Jeong, Kurnia, Samson and Cullen (2018), Enhancing the Application and Measurement of Relationship Quality in Future IT Outsourcing studies, European Conference on Information Systems (ECIS).
- [15] Jeong, Kurnia and Bekmamedova (2012), Exploring the current status of call centre offshoring research: a research agenda and future directions, Australasian Conference on Information Systems (ACIS).
MISC PUBLICATIONS
- [1] [Patent] Behavioural Assessment for Individual Cyber Risk Quantification (2025, TNK2 Pty Ltd)
- [2] [Report] Horizon Scan Report: Code of Practice for Cyber Security (2025, National Cyber Security Agency of Malaysia (NACSA) & The University of Melbourne)
- [3] [Article] Australia’s new digital ID scheme falls short of global privacy standards. Here’s how it can be fixed (2024, The Conversation)
- [4] [Article] Human error is the weakest link in the cyber security chain. Here are 3 ways to fix it (2024, The Conversation)
- [5] [Patent] Digital Credential Wallet (2024, Cybersecurity Cooperative Research Centre)
- [6] [Report] Horizon Scan Report: Privacy Respecting and Compliant Digital Credential Wallet (2023, Cybersecurity Cooperative Research Centre) (Link not available in sources)
- [7] [Report] Cyber Harm Prevention Program Recommendations for the Victorian Managed Insurance Authority (2023, Victorian Managed Insurance Authority (VMIA))
- [8] [Article] Crypto scams will increase over the holidays – here’s what you need to know to not fall victim (2022, The Conversation)
- [9] [Article] Just 25% of businesses are insured against cyber-attacks. Here’s why (2022, The Conversation)
- [10] [Article] Enhancing Usable Security Features for Cyber Security Devices & Applications (2022, Cyber Today Magazine)
- [11] [Article] What is multi-factor authentication, and how should I be using it? (2022, The Conversation)
- [12] [Article] How hackers can use message mirroring apps to see all your SMS texts — and bypass 2FA security (2021, Australian Broadcasting Corporation)
- [13] [Article] Australia’s National Digital ID is here, but the government’s not talking about it (2020, The Conversation)
- [14] [Report] Horizon Scan Report: Development of Next Generation Authentication Technologies (2019), Cybersecurity Cooperative Research Centre)
- [15] [Report] The 6 Myths of the Written Contract and How to Achieve Breakthroughs with the Psychological Contract (2017), Open Windows Research White Paper Series