Bibliography for IY5613: Human Aspects of Information Security and Privacy BETA

@article{Acquisti_Grossklags_2005, title={Privacy and Rationality in Individual Decision Making}, volume={3}, DOI={10.1109/MSP.2005.22}, number={1}, journal={IEEE Security and Privacy Magazine}, author={Acquisti, A. and Grossklags, J.}, year={2005}, pages={26–33} }

@article{Adams_Sasse_1999, title={Users Are Not the Enemy}, volume={42}, DOI={10.1145/322796.322806}, number={12}, journal={Communications of the ACM}, author={Adams, Anne and Sasse, Martina Angela}, year={1999}, pages={40–46} }

@article{Arıcak_Dündar_Saldaña_2015, title={Mediating Effect of Self-Acceptance Between Values and Offline/online Identity Expressions Among College Students}, volume={49}, DOI={10.1016/j.chb.2015.03.025}, journal={Computers in Human Behavior}, author={Arıcak, Osman Tolga and Dündar, Şahin and Saldaña, Mark}, year={2015}, pages={362–374} }

@article{Bulgurcu_Cavusoglu_Benbasat_2010, title={Information Security Policy Compliance: An Empirical Study of Rationality-Based Beliefs and Information Security Awareness}, volume={34}, DOI={10.2307/25750690}, number={3}, journal={MIS Quarterly}, author={Bulgurcu, Burcu and Cavusoglu, Hasan and Benbasat, Izak}, year={2010} }

@article{Cho_Lee_Chung_2010, title={Optimistic Bias About Online Privacy Risks: Testing the Moderating Effects of Perceived Controllability and Prior Experience}, volume={26}, DOI={10.1016/j.chb.2010.02.012}, number={5}, journal={Computers in Human Behavior}, author={Cho, Hichang and Lee, Jae-Shin and Chung, Siyoung}, year={2010}, pages={987–995} }

@book{Cialdini_2007, address={New York}, edition={Revised edition}, title={Influence: The Psychology of Persuasion}, publisher={Collins}, author={Cialdini, Robert B.}, year={2007} }

@book{Cialdini_2009, address={New York}, edition={EPub edition}, title={Influence: The Psychology of Persuasion}, url={https://www.safaribooksonline.com/library/view/-/9780061899874/?ar}, publisher={Collins}, author={Cialdini, Robert B.}, year={2009} }

@book{Ciampa_2017, address={Australia}, edition={Fifth edition}, title={Security Awareness: Applying Practical Security in Your World}, publisher={Cengage Learning}, author={Ciampa, Mark D.}, year={2017} }

@article{Clarke_2009, title={Privacy Impact Assessment: Its Origins and Development}, volume={25}, url={https://www.sciencedirect.com/science/article/pii/S0267364909000302}, DOI={10.1016/j.clsr.2009.02.002}, number={2}, journal={Computer Law & Security Review}, author={Clarke, Roger}, year={2009}, pages={123–135} }

@article{Colwill_2009, title={Human Factors in Information Security: The Insider Threat – Who Can You Trust These Days?}, volume={14}, DOI={10.1016/j.istr.2010.04.004}, number={4}, journal={Information Security Technical Report}, author={Colwill, Carl}, year={2009}, pages={186–196} }

@article{Da Veiga_Eloff_2010, title={A Framework and Assessment Instrument for Information Security Culture}, volume={29}, DOI={10.1016/j.cose.2009.09.002}, number={2}, journal={Computers & Security}, author={Da Veiga, A. and Eloff, J.H.P.}, year={2010}, pages={196–207} }

@book{Dennedy_Fox_Finneran_2014, address={[Place of publication not identified]}, title={The Privacy Engineer’s Manifesto: Getting From Policy to Code to QA to Value}, publisher={Apress Open}, author={Dennedy, Michelle Finneran and Fox, Jonathan and Finneran, Thomas R.}, year={2014} }

@article{Dourish_Anderson_2006, title={Collective Information Practice: Exploring Privacy and Security as Social and Cultural Phenomena}, volume={21}, DOI={10.1207/s15327051hci2103_2}, number={3}, journal={Human-Computer Interaction}, author={Dourish, Paul and Anderson, Ken}, year={2006}, pages={319–342} }

@book{Gupta_Sharman_2009, address={Hershey, PA}, title={Social and Human Elements of Information Security: Emerging Trends and Countermeasures}, url={http://ezproxy01.rhul.ac.uk/login?url=http://www.dawsonera.com/depp/reader/protected/external/AbstractView/S9781605660370}, publisher={Information Science Reference}, author={Gupta, Manish and Sharman, Raj}, year={2009} }

@book{Hadnagy_2010, title={Social Engineering: The Art of Human Hacking}, publisher={John Wiley & Sons}, author={Hadnagy, Christopher}, year={2010} }

@book{Hadnagy_2011, address={Indianapolis, Ind}, title={Social Engineering: The Art of Human Hacking}, url={http://ezproxy01.rhul.ac.uk/login?url=http://www.dawsonera.com/depp/reader/protected/external/AbstractView/S9781118028018}, publisher={Wiley}, author={Hadnagy, Christopher}, year={2011} }

@article{Herath_Rao_2009a, title={Protection Motivation and Deterrence: A Framework for Security Policy Compliance in Organisations}, volume={18}, DOI={10.1057/ejis.2009.6}, number={2}, journal={European Journal of Information Systems}, author={Herath, Tejaswini and Rao, H Raghav}, year={2009}, pages={106–125} }

@article{Herath_Rao_2009b, title={Encouraging Information Security Behaviors in Organizations: Role of Penalties, Pressures and Perceived Effectiveness}, volume={47}, url={https://www.sciencedirect.com/science/article/pii/S0167923609000530}, DOI={10.1016/j.dss.2009.02.005}, number={2}, journal={Decision Support Systems}, author={Herath, Tejaswini and Rao, H.R.}, year={2009}, pages={154–165} }

@article{Hovav_D’Arcy_2012, title={Applying an Extended Model of Deterrence Across Cultures: An Investigation of Information Systems Misuse in the U.S. and South Korea}, volume={49}, DOI={10.1016/j.im.2011.12.005}, number={2}, journal={Information & Management}, author={Hovav, Anat and D’Arcy, John}, year={2012}, month={Mar}, pages={99–110} }

@article{Ifinedo_2012, title={Understanding Information Systems Security Policy Compliance: An Integration of the Theory of Planned Behavior and the Protection Motivation Theory}, volume={31}, url={https://www.sciencedirect.com/science/article/pii/S0167404811001337}, DOI={10.1016/j.cose.2011.10.007}, number={1}, journal={Computers & Security}, author={Ifinedo, Princely}, year={2012}, pages={83–95} }

@article{Johnston_Warkentin_2010, title={Fear Appeals and Information Security Behaviors: An Empirical Study}, volume={34}, DOI={10.2307/25750691}, number={3}, journal={MIS Quarterly}, author={Johnston and Warkentin}, year={2010} }

@book{Leeuw_Bergstra_2007a, address={Amsterdam}, title={The History of Information Security: A Comprehensive Handbook}, publisher={Elsevier}, author={Leeuw, Karl de and Bergstra, J. A.}, year={2007} }

@book{Leeuw_Bergstra_2007b, address={Amsterdam}, title={The History of Information Security: A Comprehensive Handbook}, url={http://ezproxy01.rhul.ac.uk/login?url=http://www.dawsonera.com/depp/reader/protected/external/AbstractView/S9780080550589}, publisher={Elsevier}, author={Leeuw, Karl de and Bergstra, J. A.}, year={2007} }

@article{Magnusson_2013, title={Intentional Decentralization and Instinctive Centralization}, volume={26}, url={https://www.igi-global.com/gateway/article/99710}, DOI={10.4018/irmj.2013100101}, number={4}, journal={Information Resources Management Journal}, author={Magnusson, Johan}, year={2013}, pages={1–17} }

@book{Mitnick_Simon_2011, address={New York}, title={Ghost in the Wires: My Adventures as the World’s Most Wanted Hacker}, publisher={Little, Brown}, author={Mitnick, Kevin D. and Simon, William L.}, year={2011} }

@article{Okenyi_Owens_2007, title={On the Anatomy of Human Hacking}, volume={16}, DOI={10.1080/10658980701747237}, number={6}, journal={Information Systems Security}, author={Okenyi, Peter O. and Owens, Thomas J.}, year={2007}, pages={302–314} }

@book{Öqvist_2018a, address={Portsmouth, NH}, title={Hands-On Guide to GDPR Compliance: Privacy by Design, Privacy by Default}, publisher={International Association for Privacy Professionals}, author={Öqvist, Karen Lawrence}, year={2018} }

@book{Öqvist_2018b, address={Portsmouth, NH}, title={Hands-On Guide to GDPR Compliance: Privacy by Design, Privacy by Default}, publisher={International Association for Privacy Professionals}, author={Öqvist, Karen Lawrence}, year={2018} }

@article{Pfleeger_Sasse_Furnham_2014, title={From Weakest Link to Security Hero: Transforming Staff Security Behavior}, volume={11}, url={https://discovery.ucl.ac.uk/id/eprint/1460572/2/jhsem-2014-0035.pdf}, DOI={10.1515/jhsem-2014-0035}, number={4}, journal={Journal of Homeland Security and Emergency Management}, author={Pfleeger, Shari Lawrence and Sasse, M. Angela and Furnham, Adrian}, year={2014} }

@article{Safa_2016, title={Human Aspects of Information Security in Organisations}, volume={2016}, DOI={10.1016/S1361-3723(16)30017-3}, number={2}, journal={Computer Fraud & Security}, author={Safa, Nader Sohrabi}, year={2016}, pages={15–18} }

@book{Sharman_Gupta_2008, address={Hershey, Pa}, title={Social and Human Elements of Information Security: Emerging Trends and Countermeasures}, publisher={Information Science Reference}, author={Sharman, Raj and Gupta, Manish}, year={2008} }

@article{Smith_2005, title={Into Cerberus’ Lair: Bringing the Idea of Security to Light}, volume={7}, DOI={10.1111/j.1467-856x.2005.00204.x}, number={4}, journal={The British Journal of Politics and International Relations}, author={Smith, Graham M.}, year={2005}, pages={485–507} }

@article{Warren_Brandeis_1890, title={The Right to Privacy}, volume={4}, DOI={10.2307/1321160}, number={5}, journal={Harvard Law Review}, author={Warren, Samuel D. and Brandeis, Louis D.}, year={1890} }

@misc{Wilson_Hash, title={Building an Information Technology Security Awareness and Training Program}, url={https://ws680.nist.gov/publication/get_pdf.cfm?pub_id=151287}, author={Wilson, Mark and Hash, Joan} }

@book{Wright_Hert_2012, address={Dordrecht}, title={Privacy Impact Assessment}, volume={volume 6}, publisher={Springer}, year={2012} }