Margit Christa SchollTechnische Hochschule Wildau | TH Wildau · Economy, Computing, Law
Margit Christa Scholl
PhD
Retired, however, I will continue to work on projects at TH Wildau and offer further training and certification (TWZ).
About
233
Publications
31,921
Reads
How we measure 'reads'
A 'read' is counted each time someone views a publication summary (such as the title, abstract, and list of authors), clicks on a figure, or views or downloads the full-text. Learn more
569
Citations
Introduction
Margit Scholl will continue to work on projects at TH Wildau and offer further training and certification through WILLE (TWZ e.V.) for employees from universities, public administrations and SMEs with a focus on information security & management systems, data protection & security and awareness raising, and project management.
Additional affiliations
March 1994 - September 2023
Position
- Professor
Description
- Professor: Business Computing and Administration IT, E-Government, Information Security & Awareness, Data Protection and Data Security, Security Concepts; Research Projects; Implementation of personal certifications for information security officers, data protection officers and awareness officers.
Publications
Publications (233)
The latest cybersecurity reports for 2023 again show a critical situation in IT security in Germany — in fact, the threat in cyberspace is higher than ever before. There can be no doubt that small and medium-sized enterprises (SMEs) need to build their cyber resilience around their staff. Humans are becoming the key to increasing information securi...
Cybersecurity is playing an increasing role in society today. Private individuals and small to medium-sized enterprises often do not have the staffing capacity to install their information security team, including IT administrators, who could protect the enterprise against cyberattacks. A crucial step toward improving the company’s defenses against...
Der Begriff Informationssicherheit bezieht sich auf den Schutz von Informationen jeglicher Art und Herkunft. Gefährdungen existieren durch menschliche Fehlhandlungen, organisatorische Mängel, vorsätzliche Handlungen, technisches Versagen oder höhere Gewalt. Führungskräfte und Mitarbeitende der Unternehmen sollten daher gegenüber technischen und org...
https://researchpod.org/informatics-technology/home-office-security-awareness ;
Topic: German SMEs and the “home office” ;
Reference/read the original article: https://www.intechopen.com/chapters/1171513 ; Prof. Margit Scholl, Technical University of Applied Sciences in Wildau
Image Source: Adobe Stock Images / Podcast produced by Research Po...
https://researchpod.org/informatics-technology/home-office-security-awareness
Topic: Security sensitization and awareness.
References/read the original articles: doi.org/10.13140/RG.2.2.12630.22082 and https://hdl.handle.net/10125/103369; Prof. Margit Scholl, Technical University of Applied Sciences in Wildau.
Image Source: Adobe Stock Images /...
Podcast 5:
https://researchpod.org/informatics-technology/ceo-fraud-attacks
Topic: Scam Alert! Raising Employee Awareness of CEO Fraud Attacks.
Reference/read the original article: https://link.springer.com/chapter/10.1007/978-3-031-33258-6_40; Prof. Margit Scholl, Technical University of Applied Sciences in Wildau.
Image Source: Adobe Stoc...
https://www.youtube.com/watch?v=Kmfa0WL0t8s
Raising awareness in universities, colleges and schools (Youtube video in German): Within the project SecAware4job, an additional job-related qualification for students is developed and tested in the form of an innovative further education aimed at strengthening the awareness and skills with regard to i...
https://alarm.wildau.biz/alarm_media/alarm-intro-video.mp4
Raising awareness in SMEs (video in German): Awareness Lab SME (ALARM) Information Security aims, over the space of three years, to create a complete scenario that ranges from raising awareness in SMEs and supporting them in the area of information security to creating tools to enable the...
https://researchpod.org/informatics-technology/alarm-information-security-training
Recent research emphasizes the interdisciplinary nature of information security teams, combining creative perspectives with technical expertise. The German “ALARM Information Security” project, led by Professor Margit Scholl at TH Wildau is part of her wide-reachin...
https://researchpod.org/informatics-technology/security-sensitization
Small and Medium-sized Enterprises (SMEs) are growing concerned over business interruptions and cyberattacks, especially in Germany. There is a notable gap in organizational measures relating to information security despite current safeguards, particularly in the areas of awaren...
Latest cybersecurity reports for 2023 again show a critical situation in IT security in Germany—in fact, the threat in cyberspace is higher than ever before. There can be no doubt that small and medium-sized enterprises (SMEs) need to build their cyber resilience with people. Humans are increasingly becoming the center of events to increase informa...
Modernization in our society and a more dynamic way of working is inconceivable without the use of the latest digital information communication technology (ICT) systems. Government digital agendas and business activities worldwide want to promote digital transformation in businesses and public administrations while acknowledging the digital changes...
This is a short summary in English of the German project documentation “Awareness Lab SME (ALARM) Information Security,” which is published in February 2024 by https://buchwelten-verlag.de/ebooks.php ISBN: BOOK 978-3-945740-75-0 PDF 978-3-945740-77-4 EPUB 978-3-945740-76-7 As planned, all the important materials (in German) of the project in tried-...
See https://alarm.wildau.biz/ or https://alarm.wildau.biz/en
Inhaltsverzeichnis / Table of content (in German)
Chapter 4: This study presented two new degree programs in administration from the German university system as well as lectures focusing on e-government. It examined questions of how competence in this area can be created and what the students’ expectations and experience are of the IT Planning Council’s modernization projects. The methods used in...
Cybersecurity is playing an increasing role in society today. Private individuals and small to medium-sized enterprises (SMEs) often do not have the staffing capacity to install their own information security team, including IT administrators, who could protect the enterprise against cyberattacks. Within the project “Awareness Lab SMEs (ALARM) Info...
This chapter presents methods for the implementation and evaluation of usable secure online public services.
This chapter explains the specific challenges of considering the general concepts presented in Chap. 1 in e-government applications.
This chapter introduces general concepts of usable privacy and information security, needed as a foundation for the subsequent chapters.
This chapter explains the specific challenges of considering the general concepts presented in Chap. 1 in online public services.
This chapter details the specific challenges related to usability in online public services that must cater also to people who are not familiar with information technology and/or computers.
The COVID-19 pandemic triggered a large, sustained shift to working from home. This sudden shift to a new environment rapidly increased the opportunities for cyberattacks on individuals. The employees of small- and medium-sized companies can be seen as a major new target for cyberattacks because cybercrime prevention is often neglected in home offi...
Success stories of the project "Awareness Lab SMEs (ALARM) Information Security" (third project report; https://alarm.wildau.biz/en)
Das Projekt „Instrumente zur aktiven und sicheren Verbraucherteilhabe an Online Public Services“ (IVTOPS) analysiert die Gestaltung von geeigneten Instrumenten zur Überwindung von Akzeptanzbarrieren bezüglich Datensicherheit und -schutz bei der Nutzung von öffentlichen Online-Diensten. In diesem Beitrag zeigen wir vorläufige Usable-Privacy-Gestaltu...
Informationssicherheit in den Arbeitsalltag nachhaltig integrieren:
Informationssicherheitskultur verstehen, mit Serious Games sensibilisieren und das Informationssicherheitsbewusstsein der Mitarbeitenden erhöhen
(S. 47-62)
Die Digitalisierung von öffentlichen Diensten ist für Verbraucher:innen eine große Herausforderung. In einer sich immer stärker diversifizierenden Angebots- und Anbietervielfalt von digitalen öffentlichen Leistungen benötigen Verbraucher:innen Orientierung, um Nutzungsentscheidungen treffen zu können. Speziell Datensicherheit und Datenschutz spiele...
This practice-oriented book is a unique guide to the implementation of usable, privacy-compliant and secure online services in the area of e-government. Beginning with a clarification of basic concepts of usability, data privacy, and cybersecurity, the book provides lucid explanations of different methods (quantitative, qualitative, and mixed metho...
Grundlage dieser Studie ist Desk Research, u. a. mit den beiden oben benannten tiefenpsychologischen Wirkungsanalysen, u. a. basierend auf Tests, Fokusinterviews bzw. Gruppendiskussionen mit insgesamt 136 Probanden/-innen aus KMU. Darüber hinaus kamen insbesondere auch beim FAQ und den Detailempfehlungen die Erfahrung während dieses Projektes und d...
This article illustrates the need for a different approach to awareness-raising as a means to generate more cybersecurity in companies. Important findings from the applied scientific literature on the specific topic of CEO fraud attacks are summarized, and two game-based learning scenarios from a current German project for small and medium-sized en...
Awareness Forum 2023: Presentation of the results of the "Awareness Laboratory SMEs (ALARM) Information Security" project at the Technical University of Wildau on June 23, 2023
Presentation of the paper:
Sustainable Information Security Sensitization in SMEs: Designing Measures with Long-Term Effect
Margit Scholl
Technische Hochschule Wildau
margit.scholl@th-wildau.de
Research studies repeatedly show that, worldwide, violations of security guidelines and data protection regulations often result from unconscious behavior and/or active (flawed) decisions made by individuals. The training and education of users to promote awareness of information security (InfoSec) and appropriate behavior should be one critical an...
Abstract
Profile groups tailored to the everyday working life and usage behavior of employees facilitate authentic learning based on a constructivist concept. Information security training is needed for every job profile in German SMEs. To verify this, an online survey was conducted and analyzed descriptively. Questions include the use of technical...
As part of the "ALARM information security" project funded by the Federal Ministry for Economic Affairs and Climate Protection (BMWK), the Technical University of Applied Sciences Wildau, together with company partners, is developing so-called "security awareness tools" (in German) until the end of September 2023, which can be used by SMEs free of...
This article illustrates the need for a different approach to awareness-raising as a means to generate more cybersecurity in companies.
Important findings from the applied scientific literature on the specific topic of CEO fraud attacks are summarized and two game-based learning scenarios from a current German project for small and medium-sized en...
Sensibilisierung für Informationssicherheit und die Förderung entsprechender Kenntnisse sind essentiell für eine gelungene Digitalisierung. Im vorliegenden Projekt werden dafür u. a. digitale Serious Games entwickelt und erprobt. Serious Games bieten in der Nachbildung realistischer Alltagssituationen einen geschützten Raum, in dem Fehler gemacht,...
Das Projekt "Instrumente zur aktiven und sicheren Verbraucherteilhabe an Online Public Services" (IVTOPS) analysiert die Verbraucherakzeptanz von öffentlichen Online-Dienste am Beispiel von Nutzerkonten in Berlin und Brandenburg, um geeignete Instrumente zur Überwindung von Akzeptanzbarrieren bzw. Informations- und digitalen Kompetenzasymmetrien be...
The paper is accepted by HICSS-56, 2023:
This paper outlines an overall scenario for on-going personnel development measures designed to increase information security awareness in small and medium-sized enterprises (SMEs) in Germany and to help small businesses improve their security levels and defenses. The three-year project combines different ac...
Angewandte Forschung in der Wirtschaftsinformatik 2022 Tagungsband zur 35. Jahrestagung des Arbeitskreises Wirtschaftsinformatik an Hochschulen für Angewandte Wissenschaften im deutschsprachigen Raum (AKWI) vom 11.09. bis 13.09.2022, ausgerichtet von der Hochschule für Technik und Wirtschaft Berlin (HTW Berlin) und der Hochschule für Wirtschaft und...
Awareness raising is a crucial step in achieving a higher level of information security (InfoSec), which is needed, in turn, for successful digitization. To encourage employees to feel positive toward InfoSec and as a means to support their learning process, awareness-raising measures can make use of the principles of emotional design. In this pape...
Die Ergebnisse unserer ersten Online-Umfrage innerhalb des Projekts „Awareness Labor KMU (ALARM) Informationssicherheit“ lassen vermuten, dass Informationssicherheit nicht in allen KMU tatsächlich ganzheitlich wahrgenommen wird. Informationssicherheitsmanagement auf der Basis von IT-Grundschutz des BSI enthält jedoch neben technischen auch infrastr...
As digitization becomes increasingly ubiquitous,the importance of information security for everyinstitution is growing more evident year by year.According to recent studies, the cyberattacks of thepast year have shown that any company can betargeted by hackers. Without proper informationsecurity, a company’s survival is at risk. Germancompanies hav...
Instrumente zur aktiven und sicheren Verbraucherteilhabe an Online Public Services (IVTOPS): Im Projekt wird die Akzeptanz von Servicekonten aus der Perspektive des Digital Divide mit qualitativen (Experteninterviews) und quantitativen Methoden (Umfrage) analysiert.
Unsere Mission:
Das vom Bundesministerium für Wirtschaft und Klimaschutz (BMWK) geförderte Projekt "Awareness Labor KMU (ALARM) Informationssicherheit" versucht das Sicherheitsniveau in KMU einhergehend mit einer Personal- und Kompetenzentwicklung der Mitarbeitenden zu erhöhen.
Das Ziel:
Um zur Steigerung der Sicherheitskultur in KMU beizutragen u...
Anregung und Anleitung zur Entwicklung von analogen, haptischen Lernszenarien zur Erhöhung des Informationssicherheitsbewusstseins zu folgenden Themen:
Ransomware, Social Engineering, Apps, Home Office, Messenger, Beschäftigten-Datenschutz.
Studiengruppe 1. Semester Verwaltungsinformatik, TH Wildau, Fach "Informationssicherheit und Awareness", Prof...
In 2019, I developed the complex project Awareness Lab SME (ALARM) Information Security with the idea of creating an innovative overall scenario for building up information security in small and medium-sized enterprises (SMEs). A funding proposal for the project was submitted to the Federal Ministry for Economic Affairs and Energy (BMWi) with a pla...
Das Forschungsprojekt RESPAN wurde durch das Bundesministerium für Bildung und Forschung (BMBF) von Januar 2021 bis Dezember 2021 im Themenfeld „Zivile Sicherheit – Corona-Pandemie“ gefördert.
In der Corona-Pandemie werden in den unterschiedlichsten Bereichen Erfahrungen gesammelt, aus denen neues Wissen generiert werden kann. Dies gilt insbesonde...
Computer crime is a matter of increasing concern, and worldwide action is required if the proper responses to it are to be found. One of the tools that can be deployed here is the Global cybersecurity index (GCI), a control and feedback mechanism based on a composite indicator. The GCI is based on a hierarchy of sub-indicators. The indicators used...
IT is being increasingly used in most areas of life. With the IoT, this technology is set to be in a state of continuous evolution in urban and regional settings. The ongoing development of digitalization processes also increases the possibilities of abuse—both at the technical and interpersonal level. Better information security (IS) awareness (IS...
The role of information security in German SMEs is becoming increasingly important. External input plays a key role here, but some of it tends to overwhelm SMEs rather than providing systematic assistance that can be readily implemented. In a project funded by the German Federal Ministry for Economic Affairs and Energy, an overall scenario for new...
Tiefenpsychologische Grundlagenstudie im
Projekt »ALARM Informationssicherheit«
Foreword with an Introduction to and Summary of the Study "Added Value for SMEs"
With increasing digitization, information security (IS) is becoming an important issue for all employees working in companies and organizations. If the human factor is to be seen as a strength rather than a weakness, appropriate awareness-raising measures are required. One way to raise awareness is through game-based learning (GBL), which can be us...
ISBN: 978-1-950492-54-1 (Collection) ISBN: 978-1-950492-56-5 (Volume II)
ABSTRACT
How important is Information Security in pandemic times? With digital processes playing an increasing role in all areas of life, the growing phenomenon of cybercrime includes a broad spectrum of attack possibilities. The attackers have no regard for the pandemic on...
Based on extensive research of the literature on the current status
of the health sector in Germany, the four spotlight areas of CRITIS,
the pandemic situation, pandemic planning, and communication
and learning are discussed in more detail in connection
with information security. They may be used to create an integrative
research map for holistic a...
Development of a learning scenario for SMEs to raise awareness of
potential threats and the importance of risk management.
Development of a learning scenario for SMEs to raise awareness of interpersonal manipulation (social engineering). The learning scenario is in German; the poster in Englisch.
Ein Projekt der Technischen Hochschule Wildau im Auftrag des FZI Forschungszentrum Informatik. Das Lernszenario zum Thema Social Engineering basiert auf der Idee eines im Projekt „Informationssicherheit für den Berufseinstieg (SecAware4job)“, das von der Horst Görtz Stiftung gefördert wurde, unvollendeten entwickelten Rollenspiels. Daraus entstande...
Anleitungen zu den erlebnisorientierten Lernszenarien "Social Engineering Theater (SET)" und "Security Risk Roulette (SRR)" für KMU.
ISBN: 978-3-9819225-3-0
With increasing digitization, information security (IS) is becoming an important issue for all employees working in companies and organizations. If the human factor is to be seen as strength rather than a weakness, appropriate awareness-raising measures are required. One way to raise awareness is through game-based learning (GBL), which can be used...
Poster_LS_Datenspionage
Poster_LS_Fake News erkennen
Poster_LS_Storytelling
Poster_LS_Verhalten in sozialen Netzwerken
Poster_LS_Digital Sozial
Poster_LS_Bildrechte digital (Image rights)
Poster_LS_Security Duell
Security_Arbeitsblaetter_Berufsfeld_Informationssicherheit
Flyer des Projekts SecAware4school (Deutsch)
Poster_LS_Security Surfer
Poster_LS_Schnelles Begrifferaten
Ausleihformular-Koffer_Lernszenarien Projekt Security
This minitrack focuses on how digital transformation happens in government, fundamentally changing how government information and services operate and deliver value to citizens and organizations. It sets out to explore the complexities of effectively governing, organizing, and managing the transformational potential of digital and smart government....
Flyer of the project Awareness Lab Information Security (German)
Flyer of the project Awareness Lab Information Security (English)
Documentation of the project "SecAware4school".
The process of comprehensive digitization and the ease with which many people can be duped are being exploited in criminal attacks. For this reason, there can be no question that a security culture needs to be established in institutions to raise awareness and ensure the commitment of employees. However, virtualization changes our understanding of...
Die Nutzung von digitalen und smarten Endgeräten wie Tablets, Smartphones, Smartwatches etc. ist nicht mehr aus unserem Alltag wegzudenken. Es ist praktisch unmöglich Kinder und Jugendliche in einem gut entwickelten Industrieland wie Deutschland, ohne den Einfluss von Internet aufwachsen zu lassen. Umso wichtiger ist es, sie für die Nutzung von Int...
Broschüre über die im Projekt SecAware4school entwickelten analogen und digitalen Lernszenarien zur Erhöhung des Informationssicherheitsbewusstsein im Schulalltag.
Brochure about the analog and digital learning scenarios developed in the SecAware4school project to increase information security awareness in schools' daily life.
Das Projekt SecAware4school „Informationssicherheitsbewusstsein für den Schulalltag“, gefördert von der Horst Görtz Stiftung (HGS) von September 2018 bis Dezember 2020, hatte das Ziel, bei Schülerinnen und Schülern das Interesse an Informationssicherheit zu wecken. Sie sollen zudem nachhaltig mit spielbasierten analogen und digitalen Lernszenarien,...
No one wants embarrassing photos, comments, or publicly visible access data from their banking app on the Internet, and the secure handling of personal data thus affects everyone, from infants to grandmothers. We live in a world of increasing digitization and are obliged to protect our privacy and the information associated with it and to treat oth...
Congratulations on your new job as an information security officer!
What does this responsibility actually entail? How will you manage not to get bogged down? How are you going to keep all the relevant issues in mind? How will you get started?
This book is intended to help you take a holistic approach to information security while retaining an ov...
The process of sensitizing people should be seen as an important factor in enhancing knowledge of information security issues and developing appropriate behavior in response to them. In the project described here, this is carried out by means of awareness training with the help of experience-oriented learning scenarios and coaching and mentoring co...
Information security in everyday school life is an area with enormous potential for expansion. Schools are gradually adopting digitization, but there is a lack of knowledge about information security among both pupils and teachers, who have not been trained in appropriate practices. Creative methods such as game-based learning, accelerated learning...
Herzlichen Glückwunsch zu Ihrer neuen Tätigkeit als Beauftragte oder Beauftragter für Informationssicherheit!
Was bedeutet diese verantwortliche Tätigkeit eigentlich? Wie schaffen Sie es, sich nicht zu verzetteln? Wie gelingt es Ihnen, kein relevantes Thema zu vergessen? Wie fangen Sie das Ganze an?
Dieses Buch soll Ihnen helfen, sich dem Thema...
The paper presents two new degree programs in administration from the German university system as well as lectures focusing on e-government and the questions of how competence in this area can be created and what the students’ expectations and experience are of the IT Planning Council’s modernization projects. It transpired that students were as ye...
Ziel des vom Forschungsteam Scholl der Technischen Hochschule Wildau (TH Wildau) ins Leben gerufenen Projektes "Gendersensible Studien-und Berufsorientierung für den Beruf Security Spe-zialistin (Security)" war es, bei Schülerinnen das Interesse an dem Berufsfeld Informationssicherheit zu wecken. Die zunehmende Digitalisierung von Geschäftsprozesse...
Der Frauenanteil in dem Berufsfeld Informationssicherheit beträgt weltweit nur circa 11 Prozent. Mit dem vom BMBF von September 2017 bis Dezember 2019 geförderten Projekt sollten Studiengänge und Ausbildungen mit Informatikbezug für junge Frauen attraktiver werden. Dafür lernten Schülerinnen (und Schüler) der Klassenstufe 9 die Vielfältigkeit des B...
Questions
Question (1)
Not only, but also e-government requires interdisciplinarity in education.
I have just completed a compulsory optional cource concerning information security and data protection with very committed students from five different studies, but it was not planned at all ....
Interdisciplinarity needs from the university management a support and a concrete walkable way.
Why do we don't do it?
Best wishes
Margit