Continuous development and increasing usage of Information and Communication Technologies (ICT) introduce many opportunities for individuals, organizations and the society at large. The usage of ICT, however, increases also people’s dependency on the well-functioning of Information Systems (ISs), which are, in turn, based on ICT. This dependency on ISs introduces increasing risks for individuals, organizations and the society. Privacy and cybersecurity risks constitute two important categories of such IS risks due to proliferation of personal data via ISs and the vulnerability of these systems to intentional and unintentional threats.
In order to address and contain privacy and cybersecurity risks, there is an increasing need for protecting ISs and the personal data that are collected by, stored in, and analyzed within these systems. This need shapes the mission of the Research Chair on Privacy & Cybersecurity at Rotterdam University of Applied Sciences. This mission can be formulated as: How to realize privacy-protecting and secure ISs in practice? Currently, there are gaps between the existing approaches and what is needed in practice. Bridging these gaps requires further research as well as embodiment of the research results in education curricula. As a starting point, this contribution elaborates on a number of the existing gaps and discusses some possible directions for bridging these gaps.