Prof. Dr. Nico Ebert

Prof. Dr. Nico Ebert

ZHAW School of Management and Law
Institute of Information Systems
Theaterstrasse 17
8400 Winterthur

Work at ZHAW

Experience

IT-Consultant
McKinsey, Namics and others.
01 / 2010 - 07 / 2016
Founder / Managing Director
LearningCulture GmbH
01 / 2013 - 12 / 2014

Education and Continuing education

Education

Research semester (SNSF) / Information Systems
Tsinghua University, Beijing
08 / 2009 - 12 / 2009
PhD / Information Systems
University of St.Gallen
08 / 2005 - 07 / 2009
Master of Science / Information Systems
University of Paderborn
10 / 2000 - 07 / 2005

Network

Membership of networks

ORCID digital identifier

ORCID ID: 0000-0002-9683-4792

Awards

CHI 2020 Honourable Mentions
ACM
11 / 2020

Social media

Media presence

Projects

Publications

Articles in scientific journal, peer-reviewed

Ambuehl, B. et al. (2026) 'Towards an action-based Taxonomy of Employee Cybersecurity Behaviour in Organisations (TECBO)', Computers in Human Behavior Reports, 22(101090). doi: 10.1016/j.chbr.2026.101090.
Ebert, N. et al. (2026) 'From procedures to peril : towards risk transparency in information privacy for users', Telecommunications Policy, 50(5), p. 103195. doi: 10.1016/j.telpol.2026.103195.
Geppert, T. et al. (2026) 'CYRENZH Cybersecurity Clinic : Konzept und Erkenntnisse', HMD Praxis der Wirtschaftsinformatik, 63(2), pp. 425–439. doi: 10.1365/s40702-026-01250-7.
Ebert, N. et al. (2025) 'Learning from safety science : designing incident reporting systems in cybersecurity', Journal of Cybersecurity, 11(1), p. tyaf019. doi: 10.1093/cybsec/tyaf019.
Schaltegger, T. et al. (2025) 'Human behavior in cybersecurity : an opportunity for risk research', Journal of Risk Research, 28(8), pp. 843–854. doi: 10.1080/13669877.2025.2539109.
Zimmermann, V. et al. (2024) 'Human-centered cybersecurity revisited : from enemies to partners', Communications of the ACM, 67(11), pp. 72–81. doi: 10.1145/3665665.
Ebert, N. et al. (2023) 'Learning from safety science : a way forward for studying cybersecurity incidents in organizations', Computers & Security, 134(103435). doi: 10.1016/j.cose.2023.103435.
Geppert, T. et al. (2022) 'Trusted execution environments : applications and organizational challenges', Frontiers in Computer Science, 4(930741). doi: 10.3389/fcomp.2022.930741.
Ebert, N., Ackermann, K. A. and Bearth, A. (2022) 'When information security depends on font size : how the saliency of warnings affects protection behavior', Journal of Risk Research, 26(3), pp. 233–255. doi: 10.1080/13669877.2022.2142952.
Ebert, N., Schmid, M. and Böni, Y. (2019) 'Verbreitung von App-Tracking in der Schweiz', Digma: Zeitschrift für Datenrecht und Informationssicherheit, 2019(4), pp. 222–223.
Kägi, P. and Ebert, N. (2019) 'Die Rolle des Business-Analysten : Kompetenz- und Qualifikationsanforderungen aus Stellenanzeigen', Zeitschrift Führung + Organisation, 88(2), pp. 76–82.
Ebert, N. et al. (2018) 'Die Business-Analyse in deutschsprachigen Unternehmen', HMD Praxis der Wirtschaftsinformatik, 55(4), pp. 866–882. doi: 10.1365/s40702-018-0416-8.
Ebert, N., Weber, K. and Koruna, S. (2017) 'Integration platform as a service', Business & Information Systems Engineering, 59(5), pp. 375–379. doi: 10.1007/s12599-017-0486-0.
Ebert, N. and Schlatter, U. (2017) 'Cloud-basierte Integration', Informatik Spektrum, 40(3), pp. 278–282. doi: 10.1007/s00287-017-1035-4.
Christ, O. and Ebert, N. (2016) 'Predictive Analytics im Human Capital Management : Status Quo und Potentiale', HMD Praxis der Wirtschaftsinformatik, 53(3), pp. 298–309. doi: 10.1365/s40702-015-0193-6.
Ebert, N. and Weber, K. (2015) 'Cloud-basierte Plattformen zur Anwendungsintegration : Angebote und Praxisbeispiel', HMD Praxis der Wirtschaftsinformatik, 52(6), pp. 931–944. doi: 10.1365/s40702-015-0186-5.

Book chapters, peer-reviewed

Keller, T., Brucker-Kley, E. and Ebert, N. (2020) 'The use of virtual reality at lower secondary schools', in Isaias, P., Sampson, D. G., and Ifenthaler, D. (eds) Technology Supported Innovations in School Education. Cham: Springer, pp. 15–32. doi: 10.1007/978-3-030-48194-0_2.

Written conference contributions, peer-reviewed

Schaltegger, T. et al. (2025) 'Understanding the critical role of expert intuition in cyber incident response', in ICIS 2025 Proceedings. Association for Information Systems, p. 5. Available at: https://aisel.aisnet.org/icis2025/cyb_security/cyb_security/5.
Fischer-Hübner, S. et al. (2025) 'Usable and useful notice & consent', in Schaub, F. et al. (eds) Dagstuhl Reports. Schloss Dagstuhl – Leibniz-Zentrum für Informatik, pp. 17–23. doi: 10.4230/DagRep.15.1.1.
Geppert, T. et al. (2025) 'The data collaboration canvas : a visual framework for systematically identifying and evaluating organizational data collaboration opportunities', in Beverungen, D., Lehrer, C., and Trier, M. (eds) Solutions and Technologies for Responsible Digitalization. Cham: Springer, pp. 49–64. doi: 10.1007/978-3-031-80122-8_4.
Geppert, T. et al. (2025) 'How to successfully implement phishing awareness training in organizations : a technology adoption perspective', in Bui, T. X. (ed.) Proceedings of the 58th Hawaii International Conference on System Sciences. University of Hawaiʻi at Mānoa, p. 6156. doi: 10.24251/hicss.2025.737.
Ebert, N. et al. (2024) 'Reflective data sharing on TikTok : encouraging adolescents to engage with privacy settings', in ECIS 2024 Proceedings. Association for Information Systems. Available at: https://aisel.aisnet.org/ecis2024/track24_socialmedia/track24_socialmedia/5/.
Schaltegger, T. et al. (2024) 'Re-thinking decision-making in cybersecurity : leveraging cognitive heuristics in situations of uncertainty', in Proceedings of the 57th Hawaii International Conference on System Sciences. University of Hawaiʻi at Mānoa, pp. 4734–4743. doi: 10.21256/zhaw-30548.
Ebert, N. et al. (2023) 'Creative beyond TikToks : investigating adolescents" social privacy management on TikTok', in Proceedings on Privacy Enhancing Technologies Symposium. Privacy Enhancing Technologies Board, pp. 221–235. doi: 10.56553/popets-2023-0049.
Geppert, T. et al. (2023) 'The data collaboration canvas : a visual framework for systematically identifying and evaluating organizational data collaboration opportunities', in Wirtschaftsinformatik 2023 Proceedings. Association for Information Systems, p. 103. Available at: https://aisel.aisnet.org/wi2023/1/.
Ebert, N. et al. (2023) 'QButterfly : lightweight survey extension for online user interaction studies for non-tech-savvy researchers', in CHI '23: Proceedings of the 2023 CHI Conference on Human Factors in Computing Systems. Association for Computing Machinery, p. 161. doi: 10.1145/3544548.3580780.
Geppert, T. et al. (2022) 'Overcoming cloud concerns with trusted execution environments? : exploring the organizational perception of a novel security technology in regulated Swiss companies', in Proceedings of the 55th Hawaii International Conference on System Sciences. Honolulu: University of Hawai'i at Manoa, pp. 6822–6829. doi: 10.24251/HICSS.2022.824.
Ebert, N., Ackermann, K. A. and Scheppler, B. (2021) 'Bolder is better : raising user awareness through salient and concise privacy notices', in CHI '21: Proceedings of the 2021 CHI Conference on Human Factors in Computing Systems. New York: Association for Computing Machinery, p. 67. doi: 10.1145/3411764.3445516.
Casutt, N. and Ebert, N. (2020) 'Data protection officers : figureheads of privacy or merely decoration?', in Proceedings of the 16th European Conference on Management Leadership and Governance. Reading: Academic Conferences International, pp. 39–48. doi: 10.34190/ELG.20.021.
Ebert, N., Ackermann, K. A. and Heinrich, P. (2020) 'Does context in privacy communication really matter? : a survey on consumer concerns and preferences', in CHI '20: Proceedings of the 2020 CHI Conference on Human Factors in Computing Systems. New York: Association for Computing Machinery. doi: 10.1145/3313831.3376575.
Keller, T. et al. (2018) 'Virtual reality at secondary school : first results', in Sampson, D. G., Ifenthaler, D., and Isaias, P. (eds) Proceedings of the 15th International Conference on Cognition and Exploratory Learning in the Digital Age (CELDA 2018). IADIS, pp. 53–60.
Ebert, N. and Weber, K. (2016) 'Integration platform as a service in der Praxis : eine Bestandsaufnahme', in Volker, N. et al. (eds) Multikonferenz Wirtschaftsinformatik (MKWI) 2016 : Band III. Universitätsverlag Ilmenau, pp. 1675–1685. Available at: https://www.db-thueringen.de/servlets/MCRFileNodeServlet/dbt_derivate_00033065/ilm1-2016100035.pdf.
Ebert, N. and Ruf, C. (2015) 'Documentation is dead : why requirements Engineering should further develop from formalization to effective collaboration', in Fachgruppentreffen RE 2015, Windisch, 18. November 2015.

Other publications

Nüesch Erismann, R., Ebert, N. and Geppert, T. (2023) Cyberangriffe und IT-Sicherheitsmassnahmen in der Schweizer Speditions- und Logistikindustrie : Standortbestimmung im Q1/2023. Winterthur: ZHAW Zürcher Hochschule für Angewandte Wissenschaften. doi: 10.21256/zhaw-2489.
Ebert, N., Dal Fuoco, A. and Geppert, T. (2021) Data collaboration canvas : facilitating data innovation between organizations. Winterthur: ZHAW Zürcher Hochschule für Angewandte Wissenschaften. doi: 10.21256/zhaw-2421.
Knuchel, C. and Ebert, N. (2020) 'DSGVO-konformes Löschen', Datenschutz und Datensicherheit, 44(2), pp. 126–127. doi: 10.1007/s11623-020-1235-y.
Ebert, N. and Widmer, M. (2020) Akzeptanz einer App zur Kontaktnachverfolgung von SARS-CoV-2 in der Schweizer Bevölkerung. Winterthur: ZHAW Zürcher Hochschule für Angewandte Wissenschaften. doi: 10.21256/zhaw-19987.
Ebert, N. and Widmer, M. (2018) Datenschutz in Schweizer Unternehmen 2018 : eine Studie des Instituts für Wirtschaftsinformatik und des Zentrums für Sozialrecht. Winterthur: ZHAW Zürcher Hochschule für Angewandte Wissenschaften. doi: 10.21256/zhaw-4001.
Ebert, N. et al. (2017) Business Analyse 2017 : eine empirische Untersuchung im deutschsprachigen Raum und Fallbeispiele aus Unternehmen. Edited by S. T. Näpflin and N. Ebert. Winterthur: ZHAW Zürcher Hochschule für Angewandte Wissenschaften. doi: 10.21256/zhaw-3460.
Ebert, N. et al. (2017) Integration Platform as a Service - Fallbeispiele aus der Praxis. Edited by N. Ebert and T. Keller. Winterthur: ZHAW Zürcher Hochschule für Angewandte Wissenschaften. doi: 10.21256/zhaw-1360.
Uhl, A. and Ebert, N. (2016) 'Die Befreiung von der Arbeit und ihr Preis', Personalwirtschaft: Magazin für Human Resources, 2016(11), pp. 12–14.
Ebert, N. and Weber, K. (2015) 'Sicherheit von Cloud-basierten Plattformen zur Anwendungsintegration : eine Bewertung aktueller Angebote', FHWS Science Journal, 3(2), pp. 10–23. doi: 10.21256/zhaw-4678.
Christ, O. and Ebert, N. (2015) 'Predictive Analytics im Human Capital Management : wie datengetriebene Unternehmen Personaldaten nutzen', IM+io - Magazin für Innovation, Organisation und Management, 2015(4), pp. 62–67.

Publications before appointment at the ZHAW

Ebert, N., Uebernickel, F., Hochstein, A., & Brenner, W. (2007). A service model for the development of management systems for IT-enabled services. In Proceedings of the 13th Americas Conference on Information Systems (AMCIS 2007).
Brenner, W., Hochstein, A., Übernickel, F., & Ebert, N. (2007). IT-Industrialisierung: Was ist das? Computerwoche, (15), 5.
Hau, T., Ebert, N., Hochstein, A., & Brenner, W. (2008). Where to start with SOA: Criteria for selecting SOA projects. In Proceedings of the 41st Annual Hawaii International Conference on System Sciences (HICSS 2008).
Ebert, N., Vogedes, A., Uebernickel, F., Brenner, W., & Heinz, M. (2008). Production planning for IT-service providers: An ERP-based concept. In Proceedings of the 19th Australasian Conference on Information Systems (ACIS 2008). Christchurch, New Zealand
Ebert, N., Vogedes, A., Hau, T., Uebernickel, F., & Brenner, W. (2008). Potenziale der Produktionsplanung und steuerung bei IT-Dienstleistern. In Proceedings der 10. Paderborner Frühjahrstagung. Universität Paderborn.
Ebert, N., & Vogedes, A. (2008). Dynamic Services for SAP Solutions der T Systems Enterprise Services GmbH. St. Gallen: Institut für Wirtschaftsinformatik, Universität St. Gallen.
Ebert, N. (2009). Produktionsplanung und steuerung bei IT-Dienstleistern (Dissertation, Universität St. Gallen).
Ebert, N., & Brenner, W. (2010). PPS im IT-Servicemanagement: Möglichkeiten und Grenzen für die Provisionierung standardisierter Services. HMD, 47(4), 103–111.