Thi Tran | Source | Binghamton University, State University of New York
Thi Tran is currently an assistant professor of management information systems at the Binghamton University School of Management. He holds a PhD in Information Technology, specializing in cyber security research from the Department of Information Management and Cyber Security at the University of Texas at San Antonio. He also obtained a Master of Science in Information Technology and Management, specializing in data analytics and IT project management from The University of Texas at Dallas. Before joining the information technology field, he graduated from a Bachelor of Business Administration program at the University of Economics in Ho Chi Minh City, Vietnam, specializing in human resource management and strategic management.
Tran’s current research interests are confronting cyber security issues, including but not limited to investigating misinformation harms, designing misinformation handling systems, and examining social impacts of cyberattacks, data breaches and phishing emails. He has published in several reputable high-impact information systems – computer science journals, including the International Journal of Information Management (IJIM), Information Systems Frontiers, AIS Transactions on Human Computer Interactions, and IEEE Transactions on Professional Communication, as well as some papers under review at leading information systems journals.
He has presented his studies at peer-reviewed conference proceedings publications at several information systems and cyber security conferences such as IEEE Big Data, IEEE AI for Good, International Conference on Information Systems (ICIS), American Conference on Information Systems (AMCIS), Secure Knowledge Management Conference in Artificial Intelligence Era (SKM), IDeaS Annual Conferences, or IFIP WG8.11/WG11.13 Conference on Information Systems Security Research. His work has received the Outstanding Doctoral Student Paper Award at the Pre-ICIS Workshop on Information Security and Privacy 2021 (WISP 2021), as well as the National Science Foundation (NSF) research grant and various other institutional research grants.
He has been teaching management information systems courses since 2020, covering various aspects, including cyber security, information assurance, data analytics, artificial intelligence, Internet of Things, big data, and IT project management.
-
A recent study suggests companies are vulnerable to cyberattacks after layoffs. Here's how they can avoid costly data breaches.
A recent study suggests layoffs can lead to cyberattacks by ex-employees. Here's how companies can thwart hackers and avoid data breaches.
Article -
Parents raise concerns with growth in AI access
AI chatbots are expanding in number and knowledge by the day.
Article -
SUNY Binghamton cybersecurity expert speaks on Signal app after Trump Officials’ misstep
Top national security officials in the Trump administration used the app “Signal” to share classified military plans, but a journalist was inadvertently included in the group, raising security concerns.
Article
-
Microsoft's Honeypots: A New Era for Deception-Based Security?
Thi explains that deceptive security solutions, like honeypots, mimic real targets to lure cybercriminals, offering insights into their tactics. While effective, they pose ethical and legal challenges. With Microsoft's report highlighting a "cyber storm," Thi suggests that aggressive deception should complement other security measures. However, only 5% of phishing sites fall for these traps, underscoring the need for a multifaceted approach.
-
The encrypted messaging service Signal has been exploited in the past and shouldn't have been used so carelessly by government officials, according to Thi Tran, a cybersecurity researcher at Binghamton University, State University of New York.
Signal recently made headlines and sparked concerns and debate in the U.S. after it was revealed that a journalist from The Atlantic had been privy to a conversation in which government officials were discussing a war plan.
Tran said that staff and even leaders normally do not pay attention to policies and regulations or security procedures, up until the point they know the protective values of these facing incidents, mostly when it is already too late and the damages have already occurred.
"As officials, they must have gone through serious security training, particularly about policies in handling classified information and trusting communication channels," Tran said, "yet this incident suggested that these preparations might not be effective in preventing unwanted consequences such as leaked sensitive information,"
Tran said that Signal has faced multiple incidents of being hacked or exploited by cybercriminals, and that it should not be trusted by government officials to use and share sensitive and valuable information.
"The incident could have been prevented if the involved staff had been more careful when using such a platform with existing security issues, if they were careful in checking the list of members in the group chat and the settings of the group, and if they complied with regulations and warnings of not to disclose military related sensitive information, whether or not such information has been classified in any specific levels of sensitivity," said Tran.
-
We’re most likely to care about fake news if it causes a harm that impacts readers or audiences. If people perceive there’s no harm, they’re more likely to share the misinformation. The harms come from whether audiences act according to claims from the misinformation, or if they refuse the proper action because of it. If we have a systematic way of identifying where misinformation will do the most harm, that will help us know where to focus on mitigation.
