Prof. Dr. Nico Ebert

Work at ZHAW

Position

Professor of Business Information Systems, Head of Cybersecurity & People Group

Focus

Cyber Risk Perception & Communication, Cybersecurity Behavior Change, Human Factors in Privacy & Security, Incident Analysis & Response, IT Security Management & Governance, Privacy by Design & Usable Privacy

Teaching

IT Security Management

Experience

• IT-Consultant
  McKinsey, Namics and others.
  01 / 2010 - 07 / 2016
• Founder / Managing Director
  LearningCulture GmbH
  01 / 2013 - 12 / 2014

Education and Continuing education

Education

• Research semester (SNSF) / Information Systems
  Tsinghua University, Beijing
  08 / 2009 - 12 / 2009
• PhD / Information Systems
  University of St.Gallen
  08 / 2005 - 07 / 2009
• Master of Science / Information Systems
  University of Paderborn
  10 / 2000 - 07 / 2005

Network

Membership of networks

• DSI (Digital Society Initiative)
• Association for Computing Machinery (ACM)
• Cyber Resilience Network for the Canton of Zurich
• DIZH Fellows
• Cybersecurity @ ZHAW

ORCID digital identifier

ORCID ID: 0000-0002-9683-4792

Awards

CHI 2020 Honourable Mentions
ACM
11 / 2020

Social media

LinkedIn

Media presence

• SRF Rundschau - Tracking with Location Data
• SRF Podcast - Die Cookie-Falle
• SRF News - TikTok & Data Privacy

Projects

• Cyber Resilience Network For The Canton Of Zurich / Co-project leader / ongoing
• The effect of fear appeals on online privacy protection behavior / Project leader / ongoing
• Cybersecurity Awareness-Measurement @ ZHAW / Team member / completed
• TikTok privacy behaviour of Swiss young people / Project leader / completed
• Confidential Data Analytics based on Trusted Execution Environments / Project leader / completed
• Usable Privacy: Contextual privacy notices for app users / Project leader / completed
• Privacy-preserving confidential computing with trusted execution environments / Project leader / completed
• Acceptance of an app for contact-tracing of SARS-CoV-2 in the Swiss population / Project leader / completed
• User-Centric Privacy Policy: A GDPR-Compliant Policy Which Users Understand / Project leader / completed
• Component-based Tendering / Team member / completed

Publications

• Ebert, Nico; Schaltegger, Thierry; Ambuehl, Benjamin; Geppert, Tim; Trammell, Ariane; Knieps, Melanie; Zimmermann, Verena,

  2025.

  Learning from safety science : designing incident reporting systems in cybersecurity.

  Journal of Cybersecurity.

  11(1), pp. tyaf019.

  Available from: https://doi.org/10.1093/cybsec/tyaf019

• Schaltegger, Thierry; Ambuehl, Benjamin; Bosshart, Noah; Bearth, Angela; Ebert, Nico,

  2025.

  Human behavior in cybersecurity : an opportunity for risk research.

  Journal of Risk Research.

  28(8), pp. 843-854.

  Available from: https://doi.org/10.1080/13669877.2025.2539109

• Zimmermann, Verena; Schöni, Lorin; Schaltegger, Thierry; Ambuehl, Benjamin; Knieps, Melanie; Ebert, Nico,

  2024.

  Human-centered cybersecurity revisited : from enemies to partners.

  Communications of the ACM.

  67(11), pp. 72-81.

  Available from: https://doi.org/10.1145/3665665

• Ebert, Nico; Schaltegger, Thierry; Ambühl, Benjamin; Schöni, Lorin; Zimmermann, Verena; Knieps, Melanie,

  2023.

  Learning from safety science : a way forward for studying cybersecurity incidents in organizations.

  Computers & Security.

  134(103435).

  Available from: https://doi.org/10.1016/j.cose.2023.103435

• Ebert, Nico; Ackermann, Kurt A.; Bearth, Angela,

  2022.

  When information security depends on font size : how the saliency of warnings affects protection behavior.

  Journal of Risk Research.

  26(3), pp. 233-255.

  Available from: https://doi.org/10.1080/13669877.2022.2142952

• Geppert, Tim; Deml, Stefan; Sturzenegger, David; Ebert, Nico,

  2022.

  Trusted execution environments : applications and organizational challenges.

  Frontiers in Computer Science.

  4(930741).

  Available from: https://doi.org/10.3389/fcomp.2022.930741

• Kägi, Patrick; Ebert, Nico,

  2019.

  Die Rolle des Business-Analysten : Kompetenz- und Qualifikationsanforderungen aus Stellenanzeigen.

  Zeitschrift Führung + Organisation.

  88(2), pp. 76-82.

• Ebert, Nico; Schmid, Michael; Böni, Yannick,

  2019.

  Verbreitung von App-Tracking in der Schweiz.

  Digma: Zeitschrift für Datenrecht und Informationssicherheit.

  2019(4), pp. 222-223.

• Ebert, Nico; Zenklusen, Pirmin; Kaeser, Benjamin Flavio; Brucker-Kley, Elke,

  2018.

  Die Business-Analyse in deutschsprachigen Unternehmen.

  HMD Praxis der Wirtschaftsinformatik.

  55(4), pp. 866-882.

  Available from: https://doi.org/10.1365/s40702-018-0416-8

• Ebert, Nico; Schlatter, Ueli,

  2017.

  Cloud-basierte Integration.

  Informatik Spektrum.

  40(3), pp. 278-282.

  Available from: https://doi.org/10.1007/s00287-017-1035-4

• Ebert, Nico; Weber, Kristin; Koruna, Stefan,

  2017.

  Integration platform as a service.

  Business & Information Systems Engineering.

  59(5), pp. 375-379.

  Available from: https://doi.org/10.1007/s12599-017-0486-0

• Christ, Oliver; Ebert, Nico,

  2016.

  Predictive Analytics im Human Capital Management : Status Quo und Potentiale.

  HMD Praxis der Wirtschaftsinformatik.

  53(3), pp. 298-309.

  Available from: https://doi.org/10.1365/s40702-015-0193-6

• Ebert, Nico; Weber, Kristin,

  2015.

  Cloud-basierte Plattformen zur Anwendungsintegration : Angebote und Praxisbeispiel.

  HMD Praxis der Wirtschaftsinformatik.

  52(6), pp. 931-944.

  Available from: https://doi.org/10.1365/s40702-015-0186-5

• Keller, Thomas; Brucker-Kley, Elke; Ebert, Nico,

  2020.

  The use of virtual reality at lower secondary schools.

  In:

  Isaias, Pedro; Sampson, Demetrios G.; Ifenthaler, Dirk, eds.,

  Technology Supported Innovations in School Education.

  Cham:

  Springer.

  pp. 15-32.

  Cognition and Exploratory Learning in the Digital Age.

  Available from: https://doi.org/10.1007/978-3-030-48194-0_2

• Schaltegger, Thierry; Ambuehl, Benjamin; Geppert, Tim; Ebert, Nico,

  2025.

  Understanding the critical role of expert intuition in cyber incident response[paper].

  In:

  ICIS 2025 Proceedings.

  46th International Conference on Information Systems (ICIS), Nashville, USA, 14-17 December 2025.

  Association for Information Systems.

  pp. 5.

  Available from: https://aisel.aisnet.org/icis2025/cyb_security/cyb_security/5

• Geppert, Tim; Dudas, Tibor; Zimmermann, Severin; Sutter, Thomas; Ebert, Nico,

  2025.

  How to successfully implement phishing awareness training in organizations : a technology adoption perspective[paper].

  In:

  Bui, Tung X., ed.,

  Proceedings of the 58th Hawaii International Conference on System Sciences.

  58th Hawaii International Conference on System Sciences (HICSS), Waikōloa Village, USA, 7-10 January 2025.

  University of Hawaiʻi at Mānoa.

  pp. 6156.

  Available from: https://doi.org/10.24251/hicss.2025.737

• Ebert, Nico; Geppert, Tim; Knieps, Melanie; Zarouali, Brahim; Schaltegger, Thierry; Wiedemann, Anna; Ambuehl, Benjamin,

  2024.

  Reflective data sharing on TikTok : encouraging adolescents to engage with privacy settings[paper].

  In:

  ECIS 2024 Proceedings.

  32nd European Conference on Information Systems (ECIS), Paphos, Cyprus, 13-19 June 2024.

  Association for Information Systems.

  Available from: https://aisel.aisnet.org/ecis2024/track24_socialmedia/track24_socialmedia/5/

• Schaltegger, Thierry; Ambuehl, Benjamin; Ackermann, Kurt Alexander; Ebert, Nico,

  2024.

  Re-thinking decision-making in cybersecurity : leveraging cognitive heuristics in situations of uncertainty[paper].

  In:

  Proceedings of the 57th Hawaii International Conference on System Sciences.

  57th Hawaii International Conference on System Sciences (HICSS), Honolulu, USA, 3-6 January 2024.

  University of Hawaiʻi at Mānoa.

  pp. 4734-4743.

  Available from: https://doi.org/10.21256/zhaw-30548

• Geppert, Tim; Dal Fuoco, Alice; Leikert-Boehm, Ninja; Deml, Stefan; Sturzenegger, David; Ebert, Nico,

  2023.

  The data collaboration canvas : a visual framework for systematically identifying and evaluating organizational data collaboration opportunities[paper].

  In:

  Wirtschaftsinformatik 2023 Proceedings.

  18th International Conference on Wirtschaftsinformatik, Paderborn, Germany, 18-21 September 2023.

  Association for Information Systems.

  pp. 103.

  Available from: https://aisel.aisnet.org/wi2023/1/

• Ebert, Nico; Scheppler, Björn; Ackermann, Kurt Alexander; Geppert, Tim,

  2023.

  QButterfly : lightweight survey extension for online user interaction studies for non-tech-savvy researchers[paper].

  In:

  CHI '23: Proceedings of the 2023 CHI Conference on Human Factors in Computing Systems.

  Conference on Human Factors in Computing Systems (CHI), Hamburg, Germany, 23-28 April 2023.

  Association for Computing Machinery.

  pp. 161.

  Available from: https://doi.org/10.1145/3544548.3580780

• Ebert, Nico; Geppert, Tim; Strycharz, Joanna; Knieps, Melanie; Hönig, Michael; Brucker-Kley, Elke,

  2023.

  Creative beyond TikToks : investigating adolescents' social privacy management on TikTok[paper].

  In:

  Proceedings on Privacy Enhancing Technologies Symposium.

  The 23rd Privacy Enhancing Technologies Symposium, Lausanne, Switzerland, 10-15 July 2023.

  Privacy Enhancing Technologies Board.

  pp. 221-235.

  Available from: https://doi.org/10.56553/popets-2023-0049

• Geppert, Tim; Anderegg, Jan; Frei, Leoncio; Moeller, Simon; Deml, Stefan; Sturzenegger, David; Ebert, Nico,

  2022.

  Overcoming cloud concerns with trusted execution environments? : exploring the organizational perception of a novel security technology in regulated Swiss companies[paper].

  In:

  Proceedings of the 55th Hawaii International Conference on System Sciences.

  55th Hawaii International Conference on System Sciences (HICSS), virtual, 3-7 January 2022.

  Honolulu:

  University of Hawai'i at Manoa.

  pp. 6822-6829.

  Available from: https://doi.org/10.24251/HICSS.2022.824

• Ebert, Nico; Ackermann, Kurt Alexander; Scheppler, Björn,

  2021.

  Bolder is better : raising user awareness through salient and concise privacy notices[paper].

  In:

  CHI '21: Proceedings of the 2021 CHI Conference on Human Factors in Computing Systems.

  Conference on Human Factors in Computing Systems (CHI), Yokohama, Japan, 8-13 May 2021.

  New York:

  Association for Computing Machinery.

  pp. 67.

  Available from: https://doi.org/10.1145/3411764.3445516

• Casutt, Nadine; Ebert, Nico,

  2020.

  Data protection officers : figureheads of privacy or merely decoration?[paper].

  In:

  Proceedings of the 16th European Conference on Management Leadership and Governance.

  16th European Conference on Management Leadership and Governance (ECMLG), Oxford, United Kingdom, 26-27 October 2020.

  Reading:

  Academic Conferences International Limited.

  pp. 39-48.

  Available from: https://doi.org/10.34190/ELG.20.021

• Ebert, Nico; Ackermann, Kurt Alexander; Heinrich, Peter,

  2020.

  Does context in privacy communication really matter? : a survey on consumer concerns and preferences[paper].

  In:

  CHI '20: Proceedings of the 2020 CHI Conference on Human Factors in Computing Systems.

  Conference on Human Factors in Computing Systems (CHI), Honolulu, USA, 25-30 April 2020.

  New York:

  Association for Computing Machinery.

  Available from: https://doi.org/10.1145/3313831.3376575

• Keller, Thomas; Glauser, Philipp; Ebert, Nico; Brucker-Kley, Elke,

  2018.

  Virtual reality at secondary school : first results[paper].

  In:

  Sampson, Demetrios G.; Ifenthaler, Dirk; Isaias, Pedro, eds.,

  Proceedings of the 15th International Conference on Cognition and Exploratory Learning in the Digital Age (CELDA 2018).

  CELDA 2018, Budapest, Hungary, 21-23 October 2018.

  International Association for Development of the Information Society (IADIS).

  pp. 53-60.

• Ebert, Nico; Weber, Kristin,

  2016.

  Integration platform as a service in der Praxis : eine Bestandsaufnahme[paper].

  In:

  Volker, Nissen; Stelzer, Dirk; Strassburger, Steffen; Fischer, Daniel, eds.,

  Multikonferenz Wirtschaftsinformatik (MKWI) 2016 : Band III.

  Multikonferenz Wirtschaftsinformatik (MKWI) 2016, Ilmenau, Deutschland, 9.-11. März 2016.

  Universitätsverlag Ilmenau.

  pp. 1675-1685.

  Available from: https://www.db-thueringen.de/servlets/MCRFileNodeServlet/dbt_derivate_00033065/ilm1-2016100035.pdf

• Ebert, Nico; Ruf, Christian,

  2015.

  Documentation is dead : why requirements Engineering should further develop from formalization to effective collaboration[paper].

  In:

  Fachgruppentreffen RE 2015, Windisch, 18. November 2015.

• Nüesch Erismann, Reto; Ebert, Nico; Geppert, Tim,

  2023.

  Cyberangriffe und IT-Sicherheitsmassnahmen in der Schweizer Speditions- und Logistikindustrie : Standortbestimmung im Q1/2023.

  Winterthur:

  ZHAW Zürcher Hochschule für Angewandte Wissenschaften.

  Available from: https://doi.org/10.21256/zhaw-2489

• Ebert, Nico; Dal Fuoco, Alice; Geppert, Tim,

  2021.

  Data collaboration canvas : facilitating data innovation between organizations.

  Winterthur:

  ZHAW Zürcher Hochschule für Angewandte Wissenschaften.

  Available from: https://doi.org/10.21256/zhaw-2421

• Ebert, Nico; Widmer, Michael,

  2020.

  Akzeptanz einer App zur Kontaktnachverfolgung von SARS-CoV-2 in der Schweizer Bevölkerung.

  Winterthur:

  ZHAW Zürcher Hochschule für Angewandte Wissenschaften.

  Available from: https://doi.org/10.21256/zhaw-19987

• Knuchel, Christian; Ebert, Nico,

  2020.

  DSGVO-konformes Löschen.

  Datenschutz und Datensicherheit.

  44(2), pp. 126-127.

  Available from: https://doi.org/10.1007/s11623-020-1235-y

• Ebert, Nico; Widmer, Michael,

  2018.

  Datenschutz in Schweizer Unternehmen 2018 : eine Studie des Instituts für Wirtschaftsinformatik und des Zentrums für Sozialrecht.

  Winterthur:

  ZHAW Zürcher Hochschule für Angewandte Wissenschaften.

  Available from: https://doi.org/10.21256/zhaw-4001

• Näpflin, Simon Tobias; Ebert, Nico, eds.,

  2017.

  Business Analyse 2017 : eine empirische Untersuchung im deutschsprachigen Raum und Fallbeispiele aus Unternehmen.

  Winterthur:

  ZHAW Zürcher Hochschule für Angewandte Wissenschaften.

  Available from: https://doi.org/10.21256/zhaw-3460

• Ebert, Nico; Keller, Thomas, eds.,

  2017.

  Integration Platform as a Service - Fallbeispiele aus der Praxis.

  Winterthur:

  ZHAW Zürcher Hochschule für Angewandte Wissenschaften.

  Available from: https://doi.org/10.21256/zhaw-1360

• Uhl, Axel; Ebert, Nico,

  2016.

  Die Befreiung von der Arbeit und ihr Preis.

  Personalwirtschaft: Magazin für Human Resources.

  2016(11), pp. 12-14.

  Available from: https://www.wiso-net.de/document/PWI__442B8CA12B4E7C78AEB463CA4125AA61

• Christ, Oliver; Ebert, Nico,

  2015.

  Predictive Analytics im Human Capital Management : wie datengetriebene Unternehmen Personaldaten nutzen.

  IM+io - Magazin für Innovation, Organisation und Management.

  2015(4), pp. 62-67.

• Ebert, Nico; Weber, Kristin,

  2015.

  Sicherheit von Cloud-basierten Plattformen zur Anwendungsintegration : eine Bewertung aktueller Angebote.

  FHWS Science Journal.

  3(2), pp. 10-23.

  Available from: https://doi.org/10.21256/zhaw-4678

Publications before appointment at the ZHAW

• Ebert, N., Uebernickel, F., Hochstein, A., & Brenner, W. (2007). A service model for the development of management systems for IT-enabled services. In Proceedings of the 13th Americas Conference on Information Systems (AMCIS 2007).
• Brenner, W., Hochstein, A., Übernickel, F., & Ebert, N. (2007). IT-Industrialisierung: Was ist das? Computerwoche, (15), 5.
• Hau, T., Ebert, N., Hochstein, A., & Brenner, W. (2008). Where to start with SOA: Criteria for selecting SOA projects. In Proceedings of the 41st Annual Hawaii International Conference on System Sciences (HICSS 2008).
• Ebert, N., Vogedes, A., Uebernickel, F., Brenner, W., & Heinz, M. (2008). Production planning for IT-service providers: An ERP-based concept. In Proceedings of the 19th Australasian Conference on Information Systems (ACIS 2008). Christchurch, New Zealand
• Ebert, N., Vogedes, A., Hau, T., Uebernickel, F., & Brenner, W. (2008). Potenziale der Produktionsplanung und steuerung bei IT-Dienstleistern. In Proceedings der 10. Paderborner Frühjahrstagung. Universität Paderborn.
• Ebert, N., & Vogedes, A. (2008). Dynamic Services for SAP Solutions der T Systems Enterprise Services GmbH. St. Gallen: Institut für Wirtschaftsinformatik, Universität St. Gallen.
• Ebert, N. (2009). Produktionsplanung und steuerung bei IT-Dienstleistern (Dissertation, Universität St. Gallen).
• Ebert, N., & Brenner, W. (2010). PPS im IT-Servicemanagement: Möglichkeiten und Grenzen für die Provisionierung standardisierter Services. HMD, 47(4), 103–111.

Research data

Ebert, Nico; Widmer, Michael, 2021. SARS-CoV-2 contact-tracing app survey Switzerland. OSF. Available from: https://doi.org/10.17605/OSF.IO/F8CUK

go back