Bibliography for IY5613: Human Aspects of Information Security and Privacy BETA

[1]

Acquisti, A. and Grossklags, J. 2005. Privacy and Rationality in Individual Decision Making. IEEE Security and Privacy Magazine. 3, 1 (2005), 26–33. DOI:https://doi.org/10.1109/MSP.2005.22.

[2]

Adams, A. and Sasse, M.A. 1999. Users Are Not the Enemy. Communications of the ACM. 42, 12 (1999), 40–46. DOI:https://doi.org/10.1145/322796.322806.

[3]

Arıcak, O.T. et al. 2015. Mediating Effect of Self-Acceptance Between Values and Offline/online Identity Expressions Among College Students. Computers in Human Behavior. 49, (2015), 362–374. DOI:https://doi.org/10.1016/j.chb.2015.03.025.

[4]

Bulgurcu, B. et al. 2010. Information Security Policy Compliance: An Empirical Study of Rationality-Based Beliefs and Information Security Awareness. MIS Quarterly. 34, 3 (2010). DOI:https://doi.org/10.2307/25750690.

[5]

Cho, H. et al. 2010. Optimistic Bias About Online Privacy Risks: Testing the Moderating Effects of Perceived Controllability and Prior Experience. Computers in Human Behavior. 26, 5 (2010), 987–995. DOI:https://doi.org/10.1016/j.chb.2010.02.012.

[6]

Cialdini, R.B. 2007. Influence: The Psychology of Persuasion. Collins.

[7]

Cialdini, R.B. 2009. Influence: The Psychology of Persuasion. Collins.

[8]

Ciampa, M.D. 2017. Security Awareness: Applying Practical Security in Your World. Cengage Learning.

[9]

Clarke, R. 2009. Privacy Impact Assessment: Its Origins and Development. Computer Law & Security Review. 25, 2 (2009), 123–135. DOI:https://doi.org/10.1016/j.clsr.2009.02.002.

[10]

Colwill, C. 2009. Human Factors in Information Security: The Insider Threat – Who Can You Trust These Days? Information Security Technical Report. 14, 4 (2009), 186–196. DOI:https://doi.org/10.1016/j.istr.2010.04.004.

[11]

Da Veiga, A. and Eloff, J.H.P. 2010. A Framework and Assessment Instrument for Information Security Culture. Computers & Security. 29, 2 (2010), 196–207. DOI:https://doi.org/10.1016/j.cose.2009.09.002.

[12]

Dennedy, M.F. et al. 2014. The Privacy Engineer’s Manifesto: Getting From Policy to Code to QA to Value. Apress Open.

[13]

Dourish, P. and Anderson, K. 2006. Collective Information Practice: Exploring Privacy and Security as Social and Cultural Phenomena. Human-Computer Interaction. 21, 3 (2006), 319–342. DOI:https://doi.org/10.1207/s15327051hci2103_2.

[14]

Gupta, M. and Sharman, R. 2009. Social and Human Elements of Information Security: Emerging Trends and Countermeasures. Information Science Reference.

[15]

Hadnagy, C. 2010. Social Engineering: The Art of Human Hacking. John Wiley & Sons.

[16]

Hadnagy, C. 2011. Social Engineering: The Art of Human Hacking. Wiley.

[17]

Herath, T. and Rao, H.R. 2009. Encouraging Information Security Behaviors in Organizations: Role of Penalties, Pressures and Perceived Effectiveness. Decision Support Systems. 47, 2 (2009), 154–165. DOI:https://doi.org/10.1016/j.dss.2009.02.005.

[18]

Herath, T. and Rao, H.R. 2009. Protection Motivation and Deterrence: A Framework for Security Policy Compliance in Organisations. European Journal of Information Systems. 18, 2 (2009), 106–125. DOI:https://doi.org/10.1057/ejis.2009.6.

[19]

Hovav, A. and D’Arcy, J. 2012. Applying an Extended Model of Deterrence Across Cultures: An Investigation of Information Systems Misuse in the U.S. and South Korea. Information & Management. 49, 2 (Mar. 2012), 99–110. DOI:https://doi.org/10.1016/j.im.2011.12.005.

[20]

Ifinedo, P. 2012. Understanding Information Systems Security Policy Compliance: An Integration of the Theory of Planned Behavior and the Protection Motivation Theory. Computers & Security. 31, 1 (2012), 83–95. DOI:https://doi.org/10.1016/j.cose.2011.10.007.

[21]

Johnston and Warkentin 2010. Fear Appeals and Information Security Behaviors: An Empirical Study. MIS Quarterly. 34, 3 (2010). DOI:https://doi.org/10.2307/25750691.

[22]

Leeuw, K. de and Bergstra, J.A. 2007. The History of Information Security: A Comprehensive Handbook. Elsevier.

[23]

Leeuw, K. de and Bergstra, J.A. 2007. The History of Information Security: A Comprehensive Handbook. Elsevier.

[24]

Magnusson, J. 2013. Intentional Decentralization and Instinctive Centralization. Information Resources Management Journal. 26, 4 (2013), 1–17. DOI:https://doi.org/10.4018/irmj.2013100101.

[25]

Mitnick, K.D. and Simon, W.L. 2011. Ghost in the Wires: My Adventures as the World’s Most Wanted Hacker. Little, Brown.

[26]

Okenyi, P.O. and Owens, T.J. 2007. On the Anatomy of Human Hacking. Information Systems Security. 16, 6 (2007), 302–314. DOI:https://doi.org/10.1080/10658980701747237.

[27]

Öqvist, K.L. 2018. Hands-On Guide to GDPR Compliance: Privacy by Design, Privacy by Default. International Association for Privacy Professionals.

[28]

Öqvist, K.L. 2018. Hands-On Guide to GDPR Compliance: Privacy by Design, Privacy by Default. International Association for Privacy Professionals.

[29]

Pfleeger, S.L. et al. 2014. From Weakest Link to Security Hero: Transforming Staff Security Behavior. Journal of Homeland Security and Emergency Management. 11, 4 (2014). DOI:https://doi.org/10.1515/jhsem-2014-0035.

[30]

Safa, N.S. 2016. Human Aspects of Information Security in Organisations. Computer Fraud & Security. 2016, 2 (2016), 15–18. DOI:https://doi.org/10.1016/S1361-3723(16)30017-3.

[31]

Sharman, R. and Gupta, M. 2008. Social and Human Elements of Information Security: Emerging Trends and Countermeasures. Information Science Reference.

[32]

Smith, G.M. 2005. Into Cerberus’ Lair: Bringing the Idea of Security to Light. The British Journal of Politics and International Relations. 7, 4 (2005), 485–507. DOI:https://doi.org/10.1111/j.1467-856x.2005.00204.x.

[33]

Warren, S.D. and Brandeis, L.D. 1890. The Right to Privacy. Harvard Law Review. 4, 5 (1890). DOI:https://doi.org/10.2307/1321160.

[34]

Wilson, M. and Hash, J. Building an Information Technology Security Awareness and Training Program.

[35]

Wright, D. and Hert, P. de eds. 2012. Privacy Impact Assessment. Springer.