I’m delighted to share this news — two of my latest papers with key collaborators have been conditionally accepted on their first try, and at very competitive venues! While these papers cover different topics (one focusing on the psychology of anxiety and the other on the unique safety needs of international students), they share a common goal: making digital security more inclusive, less stressful, and deeply grounded in the human experience.
Measuring Invisible Stress: The Cybersecurity Anxiety Scale (CybAS)
Conditionally accepted for CHI 2026 (Barcelona, Spain)
For years, we’ve known that users feel fatigued and concerned by the drumbeat of cybersecurity and privacy threats. However, we have lacked a validated way to measure the specific, persistent worry that comes with navigating these threats. We call this emotional state Cybersecurity Anxiety.
Led by Peter Mayer and first-authored by Nikolaj Dall and Hanno Gustav Hagge, our paper, “From Fear to Control: Developing a Three-Factor Scale for Cybersecurity Anxiety (CybAS),” introduces a new 15-item psychometric tool. Through several rounds of survey studies, we identified three core factors that define this anxiety:
- Present: Immediate concerns and stress during security tasks.
- Future: The “what-if” worry about anticipated threats.
- Control: The feeling (or lack thereof) that one has the agency to stay safe.
Why it matters: By using CybAS, researchers and designers can better diagnose why a security tool might be failing. If a system makes a user feel helpless, they are more likely to disengage. CybAS allows us to build “anxiety-aware” security systems that empower users rather than scaring them.
Designing Safety Tools for, and with, International Students
To be presented at USEC 2026 (San Diego, CA)
When students from the Global South move to the U.S. to study, they don’t just face a new culture; they face a new and often treacherous digital ecosystem. These educational migrants are frequently targeted by cross-channel scams (SMS, phone calls, and emails) that exploit their unfamiliarity with local institutions.
As described in “From Scam to Safety: Participatory Design of Digital Privacy and Security Tools with International Students from Global South,” lead author Sarah Tabassum conducted participatory design sessions with 22 students to imagine better safety solutions, using AI capabilities as a design material.
From this data, we identified several must-have features that current tools lack:
- University Integration: Students trust their schools. By embedding safety support into university platforms, we can provide a trusted safety net.
- Cross-channel filtering: Moving beyond just email spam to filter SMS and voice scams.
- Contextual explanations: Instead of just saying “this is a scam,” tools should explain why based on the cultural cues the student might be missing.
Why it matters: This work reminds us that security is not a one-size-fits-all solution. For these users, it must account for the situational vulnerabilities of those moving across borders.
Orientation challenges experienced by educational migrants (Point 1) and the four migrant-centered security features they identified as necessary for safer digital navigation (Points 2–5). See the paper for more details and participants’ sketches and choices of AI capabilities for their tools.
Looking Ahead to 2026
These two papers exemplify the types of work I wanted to conduct when I founded my SPEX research group at UNC Charlotte. Together, and with our external collaborators, we are creating new knowledge of how to make people feel safer and more capable in a complex digital world.
I am incredibly proud of student authors Nikolaj, Hanno, Sarah and her co-author Narges Zare, and my other collaborators and lab mates for their hard work. If you are attending USEC in February or CHI in April, please come say hello! We look forward to sharing our full findings and connecting with fellow researchers who are passionate about human-centered security and privacy.
