[{"language":[{"iso":"eng"}],"_id":"65583","ddc":["000"],"user_id":"55800","conference":{"location":"Milan, Italy","start_date":"2026-06-15","name":"34 European Conference on Information Systems","end_date":"2026-06-17"},"author":[{"first_name":"Samira","last_name":"Taaibi","full_name":"Taaibi, Samira","id":"55800"},{"first_name":"Emanuel","last_name":"Kahraman","full_name":"Kahraman, Emanuel"},{"full_name":"Berg, Kevin","last_name":"Berg","first_name":"Kevin"},{"id":"3901","full_name":"Dziwok, Stefan","orcid":"http://orcid.org/0000-0002-8679-6673","last_name":"Dziwok","first_name":"Stefan"}],"year":"2026","status":"public","title":"Beyond Security: A Qualitative Study of Cyber Resilience Across the Software Development Lifecycle in German Organisations","has_accepted_license":"1","date_updated":"2026-06-18T09:58:01Z","publication_status":"accepted","date_created":"2026-05-08T03:32:48Z","file":[{"file_size":512850,"access_level":"closed","file_name":"Cyber Resilience in the SDLC.pdf","date_updated":"2026-06-18T09:56:19Z","relation":"main_file","content_type":"application/pdf","success":1,"file_id":"65931","creator":"staaibi","date_created":"2026-06-18T09:56:19Z"}],"keyword":["Cyber Resilience","Software Development Lifecycle","Qualitative Study","Cyber Resiliency Engineering Framework"],"type":"conference","citation":{"bibtex":"@inproceedings{Taaibi_Kahraman_Berg_Dziwok, title={Beyond Security: A Qualitative Study of Cyber Resilience Across the Software Development Lifecycle in German Organisations}, booktitle={ECIS 2026 Proceedings}, author={Taaibi, Samira and Kahraman, Emanuel and Berg, Kevin and Dziwok, Stefan} }","ama":"Taaibi S, Kahraman E, Berg K, Dziwok S. Beyond Security: A Qualitative Study of Cyber Resilience Across the Software Development Lifecycle in German Organisations. In: <i>ECIS 2026 Proceedings</i>.","mla":"Taaibi, Samira, et al. “Beyond Security: A Qualitative Study of Cyber Resilience Across the Software Development Lifecycle in German Organisations.” <i>ECIS 2026 Proceedings</i>.","short":"S. Taaibi, E. Kahraman, K. Berg, S. Dziwok, in: ECIS 2026 Proceedings, n.d.","chicago":"Taaibi, Samira, Emanuel Kahraman, Kevin Berg, and Stefan Dziwok. “Beyond Security: A Qualitative Study of Cyber Resilience Across the Software Development Lifecycle in German Organisations.” In <i>ECIS 2026 Proceedings</i>, n.d.","ieee":"S. Taaibi, E. Kahraman, K. Berg, and S. Dziwok, “Beyond Security: A Qualitative Study of Cyber Resilience Across the Software Development Lifecycle in German Organisations,” presented at the 34 European Conference on Information Systems, Milan, Italy.","apa":"Taaibi, S., Kahraman, E., Berg, K., &#38; Dziwok, S. (n.d.). Beyond Security: A Qualitative Study of Cyber Resilience Across the Software Development Lifecycle in German Organisations. <i>ECIS 2026 Proceedings</i>. 34 European Conference on Information Systems, Milan, Italy."},"publication":"ECIS 2026 Proceedings","file_date_updated":"2026-06-18T09:56:19Z","abstract":[{"text":"As digital products become increasingly embedded in organisational operations, cyber resilience – the ability to anticipate, withstand, recover from and adapt to cyber disruptions – has become essential. This paper investigates how professionals in German organisations interpret cyber resilience within the software development lifecycle and how socio-technical factors influence its implementation. Drawing on the MITRE Cyber Resiliency Engineering Framework for data collection and coding on Socio-Technical Systems as an interpretive lens, the study adopts a qualitative approach based on semi-structured interviews with 14 professionals across five organisations. The findings reveal a pronounced socio-technical imbalance: while technical measures centred on anticipate and withstand are comparatively established, the corresponding social factors – shared understanding, dedicated responsibility structures, and systematic learning – remain underdeveloped. These conditions are compounded by resource constraints and the absence of strategic prioritisation. Six exploratory hypotheses capture these patterns and offer empirically grounded starting points for future research on product-level cyber resilience.","lang":"eng"}]},{"language":[{"iso":"eng"}],"title":"Security Belts: A Maturity Model for DevOps Teams to Increase the Software Security of their Product - An Experience Report","year":"2024","author":[{"full_name":"Taaibi, Samira","first_name":"Samira","last_name":"Taaibi","id":"55800"},{"id":"3901","first_name":"Stefan","orcid":"http://orcid.org/0000-0002-8679-6673","last_name":"Dziwok","full_name":"Dziwok, Stefan"},{"last_name":"Hermerschmidt","first_name":"Lars","full_name":"Hermerschmidt, Lars"},{"full_name":"Koch, Thorsten","first_name":"Thorsten","last_name":"Koch","id":"13616"},{"last_name":"Merschjohann","first_name":"Sven","full_name":"Merschjohann, Sven","id":"11394"},{"full_name":"Vollmary, Mark","first_name":"Mark","last_name":"Vollmary"}],"publication_status":"accepted","date_updated":"2026-05-08T03:26:03Z","file":[{"creator":"staaibi","date_created":"2024-05-02T08:54:21Z","file_size":540990,"access_level":"closed","file_name":"AMCIS2024_final_submission_maturity model security belt paper.pdf","date_updated":"2024-05-02T08:54:21Z","relation":"main_file","success":1,"content_type":"application/pdf","file_id":"53812"}],"date_created":"2024-05-02T08:57:52Z","keyword":["Software security","maturity model"],"type":"conference","department":[{"_id":"662"}],"publication":"AMCIS 2024 Proceedings. 13.","abstract":[{"lang":"eng","text":"Persistent security challenges plague DevOps teams due to a deficiency in expertise regarding security tools and methods, as evidenced by frequent security incidents. Existing maturity models fail to adequately address the specific needs of DevOps teams. In response, this paper proposes \"Security Belts,\" a novel maturity model inspired by martial arts ranking systems. This model aims to assist DevOps teams in enhancing their security capabilities by providing a structured approach, starting with fundamental activities and progressing to more advanced techniques. Drawing from the experiences of monitoring 21 teams, the paper presents lessons learned and offers actionable advice for refining maturity models tailored to software quality improvement."}],"_id":"53811","user_id":"55800","ddc":["000"],"status":"public","conference":{"end_date":"2024-08-17","location":"Salt Lake City","start_date":"2024-08-15","name":" 30th Americas Conference on Information Systems"},"has_accepted_license":"1","file_date_updated":"2024-05-02T08:54:21Z","citation":{"short":"S. Taaibi, S. Dziwok, L. Hermerschmidt, T. Koch, S. Merschjohann, M. Vollmary, in: AMCIS 2024 Proceedings. 13., n.d.","chicago":"Taaibi, Samira, Stefan Dziwok, Lars Hermerschmidt, Thorsten Koch, Sven Merschjohann, and Mark Vollmary. “Security Belts: A Maturity Model for DevOps Teams to Increase the Software Security of Their Product - An Experience Report.” In <i>AMCIS 2024 Proceedings. 13.</i>, n.d.","apa":"Taaibi, S., Dziwok, S., Hermerschmidt, L., Koch, T., Merschjohann, S., &#38; Vollmary, M. (n.d.). Security Belts: A Maturity Model for DevOps Teams to Increase the Software Security of their Product - An Experience Report. <i>AMCIS 2024 Proceedings. 13.</i>  30th Americas Conference on Information Systems, Salt Lake City.","ieee":"S. Taaibi, S. Dziwok, L. Hermerschmidt, T. Koch, S. Merschjohann, and M. Vollmary, “Security Belts: A Maturity Model for DevOps Teams to Increase the Software Security of their Product - An Experience Report,” presented at the  30th Americas Conference on Information Systems, Salt Lake City.","ama":"Taaibi S, Dziwok S, Hermerschmidt L, Koch T, Merschjohann S, Vollmary M. Security Belts: A Maturity Model for DevOps Teams to Increase the Software Security of their Product - An Experience Report. In: <i>AMCIS 2024 Proceedings. 13.</i>","bibtex":"@inproceedings{Taaibi_Dziwok_Hermerschmidt_Koch_Merschjohann_Vollmary, title={Security Belts: A Maturity Model for DevOps Teams to Increase the Software Security of their Product - An Experience Report}, booktitle={AMCIS 2024 Proceedings. 13.}, author={Taaibi, Samira and Dziwok, Stefan and Hermerschmidt, Lars and Koch, Thorsten and Merschjohann, Sven and Vollmary, Mark} }","mla":"Taaibi, Samira, et al. “Security Belts: A Maturity Model for DevOps Teams to Increase the Software Security of Their Product - An Experience Report.” <i>AMCIS 2024 Proceedings. 13.</i>"}}]
