The LOCS team investigates different aspects of organizational cyber security. Our approach is
multi-pronged: we look at technology and tools (e.g., performance of program analysis tools,
explainable AI methods, automation of security technology) and processes and people (for example,
how secure software engineering programs are organized in organizations and how to improve them, how
attack trees are actually used in industry and how to facilitate practical adoption of academic
theories of attack trees, how to select the most cost-effective countermeasures). In this way we are
able to identify relevant security issues and propose solutions that will actually work in practice.