Dr. Michael Lapke is a SyMeCo Postdoctoral Fellow with Lero at Munster Technological University, where he conducts research under the supervision of Dr. Anila Mjeda. He holds a PhD in Information Systems from Virginia Commonwealth University, completed under the guidance of Dr. Gurpreet Dhillon. While his primary research interests were initially established within the policy-oriented dimensions of cybersecurity, his scholarly agenda has since evolved to incorporate more technical attributes, specifically focusing on the interdisciplinary intersection of engineering and organisational science. Michael’s work has been extensively disseminated in high-impact peer-reviewed journals and international conferences, including Computers & Security, the Journal of Information Systems Security, Health Policy and Technology, AMCIS, and ECIS.

Michael’s SyMeCo research project investigates the escalating threat of phishing, with a specific focus on voice phishing (vishing), a vector highlighted by the FBI’s Internet Crime Complaint Center (IC3). While phishing has historically leveraged deceptive electronic communications to compromise sensitive data, the advent of Large Language Models (LLMs)—such as GPT-4o—presents a critical shift in the threat landscape. This research explores how the automation of vishing attacks through AI enables malicious actors to scale operations with unprecedented efficiency. Utilising a Design Science Research (DSR) methodology, the project seeks to develop a vishing AI prototype to evaluate its impact, subsequently informing the design of an innovative filtering system to mitigate AI-driven attacks.

Project impact – The project’s primary contributions comprise the development of AI-enabled vishing attack and defense frameworks, alongside empirical findings derived from the DSR process. The academic dissemination strategy is strategically phased to maximise peer feedback and scholarly impact. Initial findings will be presented at regional venues such as the Security Conference, SAIS, and IFIP 8.6, leveraging these developmental communities for early-stage refinement and constructive critique. As the research matures toward its midpoint, results will target premier international conferences, specifically the European Conference on Information Systems (ECIS), to subject the work to more rigorous peer scrutiny. The final scholarly output is intended for submission to the Association for Information Systems (AIS) “Senior Basket” of journals, representing the field’s highest tier of academic excellence. Beyond the scholarly community, the project aims to influence policy and public awareness through white papers, student-led workshops, and media contributions, targeting a diverse stakeholder group that includes industry professionals, policymakers, and the general public.

Interdisciplinary aspects: Inherently interdisciplinary, this research resides at the nexus of software engineering and organisational science. While the initial phase is anchored in the engineering domain at Munster Technological University, the project’s later stages require an organisational perspective to address human and systemic factors.