I am a scholar in human-computer interaction and assistant professor at the University of North Carolina at Charlotte, where I direct the Security and Privacy Experiences (SPEX) research group.

I work in usable privacy and security. My focus is on understanding how people's security attitudes and social environments weigh in their decision to adopt - or not adopt - secure behaviors (such as sharing passwords securely or ignoring UX cues to scams and "fake news"). I employ a mix of qualitative and quantitative methods from social science, computer science, and design. My work also is informed by prior experiences as a journalist, IT/UX specialist, and social media manager.

In 2018-19, I created the SA-6 security attitude scale. SA-6 is a six-item, self-report measure of a person's engagement with and attentiveness to cybersecurity measures. You are free to use it with attribution. Also, see my SA-13 inventory and the associated working paper for items measuring resistance and concernedness.

I maintain a list of publicly available Large Language Models (LLMs) and other Generative AI tools, crowdsourced from my courses and audiences for my speaking engagements. Feel free to suggest additions or edits in the comments at this link.

You can book time with me during my office hours on campus using my Calendly link.

Interested in survey research for HCI? Check out (and comment on) my list of books, papers and blog posts that either helped me or are good exemplars (yes, some of them are my own papers) at this link.

Recent news:

  • For Fall 2024, I am teaching ITIS 4353/5353: Social Technology Design (a mixed undergraduate/graduate course that counts for the Human-Centered Computing concentration). I also am taking on 1-3 independent-study students (ITIS 4990 or grad equivalent). Contact me if you are interested in working with me on a specific research topic.
  • I am conducting a survey right now of unmet tech needs for Charlotte's regional community infrastructure (ex: small businesses, healthcare and nursing homes, government agencies, nonprofits). The results will help me and the rest of our cybersecurity program in developing external outreach activities for our students.
  • Many thanks to BasisTech and SleuthLabs for their generous gift to my research lab! We are conducting usability audits of their tools for Digital Forensics and Incident Response (DFIR) in cybersecurity.
  • I am serving on two program committees for 2023-24: the USENIX Symposium on Usable Privacy and Security (SOUPS 2024) and the ACM Human Factors in Computing Systems conference (CHI 2024) subcommittee on Privacy and Security. [List of Usable Security conferences]