Acquisti, A., and J. Grossklags. 2005. ‘Privacy and Rationality in Individual Decision Making’. IEEE Security and Privacy Magazine 3(1):26–33. doi: 10.1109/MSP.2005.22.
Adams, Anne, and Martina Angela Sasse. 1999. ‘Users Are Not the Enemy’. Communications of the ACM 42(12):40–46. doi: 10.1145/322796.322806.
Arıcak, Osman Tolga, Şahin Dündar, and Mark Saldaña. 2015. ‘Mediating Effect of Self-Acceptance Between Values and Offline/Online Identity Expressions Among College Students’. Computers in Human Behavior 49:362–74. doi: 10.1016/j.chb.2015.03.025.
Bulgurcu, Burcu, Hasan Cavusoglu, and Izak Benbasat. 2010. ‘Information Security Policy Compliance: An Empirical Study of Rationality-Based Beliefs and Information Security Awareness’. MIS Quarterly 34(3). doi: 10.2307/25750690.
Cho, Hichang, Jae-Shin Lee, and Siyoung Chung. 2010. ‘Optimistic Bias About Online Privacy Risks: Testing the Moderating Effects of Perceived Controllability and Prior Experience’. Computers in Human Behavior 26(5):987–95. doi: 10.1016/j.chb.2010.02.012.
Cialdini, Robert B. 2007. Influence: The Psychology of Persuasion. Revised edition. New York: Collins.
Cialdini, Robert B. 2009. Influence: The Psychology of Persuasion. EPub edition. New York: Collins.
Ciampa, Mark D. 2017. Security Awareness: Applying Practical Security in Your World. Fifth edition. Australia: Cengage Learning.
Clarke, Roger. 2009. ‘Privacy Impact Assessment: Its Origins and Development’. Computer Law & Security Review 25(2):123–35. doi: 10.1016/j.clsr.2009.02.002.
Colwill, Carl. 2009. ‘Human Factors in Information Security: The Insider Threat – Who Can You Trust These Days?’ Information Security Technical Report 14(4):186–96. doi: 10.1016/j.istr.2010.04.004.
Da Veiga, A., and J. H. P. Eloff. 2010. ‘A Framework and Assessment Instrument for Information Security Culture’. Computers & Security 29(2):196–207. doi: 10.1016/j.cose.2009.09.002.
Dennedy, Michelle Finneran, Jonathan Fox, and Thomas R. Finneran. 2014. The Privacy Engineer’s Manifesto: Getting From Policy to Code to QA to Value. [Place of publication not identified]: Apress Open.
Dourish, Paul, and Ken Anderson. 2006. ‘Collective Information Practice: Exploring Privacy and Security as Social and Cultural Phenomena’. Human-Computer Interaction 21(3):319–42. doi: 10.1207/s15327051hci2103_2.
Gupta, Manish, and Raj Sharman. 2009. Social and Human Elements of Information Security: Emerging Trends and Countermeasures. Hershey, PA: Information Science Reference.
Hadnagy, Christopher. 2010. Social Engineering: The Art of Human Hacking. John Wiley & Sons.
Hadnagy, Christopher. 2011. Social Engineering: The Art of Human Hacking. Indianapolis, Ind: Wiley.
Herath, Tejaswini, and H.R. Rao. 2009. ‘Encouraging Information Security Behaviors in Organizations: Role of Penalties, Pressures and Perceived Effectiveness’. Decision Support Systems 47(2):154–65. doi: 10.1016/j.dss.2009.02.005.
Herath, Tejaswini, and H Raghav Rao. 2009. ‘Protection Motivation and Deterrence: A Framework for Security Policy Compliance in Organisations’. European Journal of Information Systems 18(2):106–25. doi: 10.1057/ejis.2009.6.
Hovav, Anat, and John D’Arcy. 2012. ‘Applying an Extended Model of Deterrence Across Cultures: An Investigation of Information Systems Misuse in the U.S. and South Korea’. Information & Management 49(2):99–110. doi: 10.1016/j.im.2011.12.005.
Ifinedo, Princely. 2012. ‘Understanding Information Systems Security Policy Compliance: An Integration of the Theory of Planned Behavior and the Protection Motivation Theory’. Computers & Security 31(1):83–95. doi: 10.1016/j.cose.2011.10.007.
Johnston and Warkentin. 2010. ‘Fear Appeals and Information Security Behaviors: An Empirical Study’. MIS Quarterly 34(3). doi: 10.2307/25750691.
Leeuw, Karl de, and J. A. Bergstra. 2007a. The History of Information Security: A Comprehensive Handbook. Amsterdam: Elsevier.
Leeuw, Karl de, and J. A. Bergstra. 2007b. The History of Information Security: A Comprehensive Handbook. Amsterdam: Elsevier.
Magnusson, Johan. 2013. ‘Intentional Decentralization and Instinctive Centralization’. Information Resources Management Journal 26(4):1–17. doi: 10.4018/irmj.2013100101.
Mitnick, Kevin D., and William L. Simon. 2011. Ghost in the Wires: My Adventures as the World’s Most Wanted Hacker. New York: Little, Brown.
Okenyi, Peter O., and Thomas J. Owens. 2007. ‘On the Anatomy of Human Hacking’. Information Systems Security 16(6):302–14. doi: 10.1080/10658980701747237.
Öqvist, Karen Lawrence. 2018a. Hands-On Guide to GDPR Compliance: Privacy by Design, Privacy by Default. Portsmouth, NH: International Association for Privacy Professionals.
Öqvist, Karen Lawrence. 2018b. Hands-On Guide to GDPR Compliance: Privacy by Design, Privacy by Default. Portsmouth, NH: International Association for Privacy Professionals.
Pfleeger, Shari Lawrence, M. Angela Sasse, and Adrian Furnham. 2014. ‘From Weakest Link to Security Hero: Transforming Staff Security Behavior’. Journal of Homeland Security and Emergency Management 11(4). doi: 10.1515/jhsem-2014-0035.
Safa, Nader Sohrabi. 2016. ‘Human Aspects of Information Security in Organisations’. Computer Fraud & Security 2016(2):15–18. doi: 10.1016/S1361-3723(16)30017-3.
Sharman, Raj, and Manish Gupta. 2008. Social and Human Elements of Information Security: Emerging Trends and Countermeasures. Hershey, Pa: Information Science Reference.
Smith, Graham M. 2005. ‘Into Cerberus’ Lair: Bringing the Idea of Security to Light’. The British Journal of Politics and International Relations 7(4):485–507. doi: 10.1111/j.1467-856x.2005.00204.x.
Warren, Samuel D., and Louis D. Brandeis. 1890. ‘The Right to Privacy’. Harvard Law Review 4(5). doi: 10.2307/1321160.
Wilson, Mark, and Joan Hash. n.d. ‘Building an Information Technology Security Awareness and Training Program’.
Wright, David, and Paul de Hert, eds. 2012. Privacy Impact Assessment. Vol. volume 6. Dordrecht: Springer.
