Bibliography for IY5613: Human Aspects of Information Security and Privacy BETA

Acquisti, A., and J. Grossklags. ‘Privacy and Rationality in Individual Decision Making’. IEEE Security and Privacy Magazine 3.1 (2005): 26–33. Web.

Adams, Anne, and Martina Angela Sasse. ‘Users Are Not the Enemy’. Communications of the ACM 42.12 (1999): 40–46. Web.

Arıcak, Osman Tolga, Şahin Dündar, and Mark Saldaña. ‘Mediating Effect of Self-Acceptance Between Values and Offline/Online Identity Expressions Among College Students’. Computers in Human Behavior 49 (2015): 362–374. Web.

Bulgurcu, Burcu, Hasan Cavusoglu, and Izak Benbasat. ‘Information Security Policy Compliance: An Empirical Study of Rationality-Based Beliefs and Information Security Awareness’. MIS Quarterly 34.3 (2010): n. pag. Web.

Cho, Hichang, Jae-Shin Lee, and Siyoung Chung. ‘Optimistic Bias About Online Privacy Risks: Testing the Moderating Effects of Perceived Controllability and Prior Experience’. Computers in Human Behavior 26.5 (2010): 987–995. Web.

Cialdini, Robert B. Influence: The Psychology of Persuasion. Revised edition. New York: Collins, 2007. Print.

---. Influence: The Psychology of Persuasion. EPub edition. New York: Collins, 2009. Web. <https://www.safaribooksonline.com/library/view/-/9780061899874/?ar>.

Ciampa, Mark D. Security Awareness: Applying Practical Security in Your World. Fifth edition. Australia: Cengage Learning, 2017. Print.

Clarke, Roger. ‘Privacy Impact Assessment: Its Origins and Development’. Computer Law & Security Review 25.2 (2009): 123–135. Web. <https://www.sciencedirect.com/science/article/pii/S0267364909000302>.

Colwill, Carl. ‘Human Factors in Information Security: The Insider Threat – Who Can You Trust These Days?’ Information Security Technical Report 14.4 (2009): 186–196. Web.

Da Veiga, A., and J.H.P. Eloff. ‘A Framework and Assessment Instrument for Information Security Culture’. Computers & Security 29.2 (2010): 196–207. Web.

Dennedy, Michelle Finneran, Jonathan Fox, and Thomas R. Finneran. The Privacy Engineer’s Manifesto: Getting From Policy to Code to QA to Value. [Place of publication not identified]: Apress Open, 2014. Print.

Dourish, Paul, and Ken Anderson. ‘Collective Information Practice: Exploring Privacy and Security as Social and Cultural Phenomena’. Human-Computer Interaction 21.3 (2006): 319–342. Web.

Gupta, Manish, and Raj Sharman. Social and Human Elements of Information Security: Emerging Trends and Countermeasures. Hershey, PA: Information Science Reference, 2009. Web. <http://ezproxy01.rhul.ac.uk/login?url=http://www.dawsonera.com/depp/reader/protected/external/AbstractView/S9781605660370>.

Hadnagy, Christopher. Social Engineering: The Art of Human Hacking. John Wiley & Sons, 2010. Print.

---. Social Engineering: The Art of Human Hacking. Indianapolis, Ind: Wiley, 2011. Web. <http://ezproxy01.rhul.ac.uk/login?url=http://www.dawsonera.com/depp/reader/protected/external/AbstractView/S9781118028018>.

Herath, Tejaswini, and H Raghav Rao. ‘Protection Motivation and Deterrence: A Framework for Security Policy Compliance in Organisations’. European Journal of Information Systems 18.2 (2009): 106–125. Web.

Herath, Tejaswini, and H.R. Rao. ‘Encouraging Information Security Behaviors in Organizations: Role of Penalties, Pressures and Perceived Effectiveness’. Decision Support Systems 47.2 (2009): 154–165. Web. <https://www.sciencedirect.com/science/article/pii/S0167923609000530>.

Hovav, Anat, and John D’Arcy. ‘Applying an Extended Model of Deterrence Across Cultures: An Investigation of Information Systems Misuse in the U.S. and South Korea’. Information & Management 49.2 (2012): 99–110. Web.

Ifinedo, Princely. ‘Understanding Information Systems Security Policy Compliance: An Integration of the Theory of Planned Behavior and the Protection Motivation Theory’. Computers & Security 31.1 (2012): 83–95. Web. <https://www.sciencedirect.com/science/article/pii/S0167404811001337>.

Johnston and Warkentin. ‘Fear Appeals and Information Security Behaviors: An Empirical Study’. MIS Quarterly 34.3 (2010): n. pag. Web.

Leeuw, Karl de, and J. A. Bergstra. The History of Information Security: A Comprehensive Handbook. Amsterdam: Elsevier, 2007. Print.

---. The History of Information Security: A Comprehensive Handbook. Amsterdam: Elsevier, 2007. Web. <http://ezproxy01.rhul.ac.uk/login?url=http://www.dawsonera.com/depp/reader/protected/external/AbstractView/S9780080550589>.

Magnusson, Johan. ‘Intentional Decentralization and Instinctive Centralization’. Information Resources Management Journal 26.4 (2013): 1–17. Web. <https://www.igi-global.com/gateway/article/99710>.

Mitnick, Kevin D., and William L. Simon. Ghost in the Wires: My Adventures as the World’s Most Wanted Hacker. New York: Little, Brown, 2011. Print.

Okenyi, Peter O., and Thomas J. Owens. ‘On the Anatomy of Human Hacking’. Information Systems Security 16.6 (2007): 302–314. Web.

Öqvist, Karen Lawrence. Hands-On Guide to GDPR Compliance: Privacy by Design, Privacy by Default. Portsmouth, NH: International Association for Privacy Professionals, 2018. Print.

---. Hands-On Guide to GDPR Compliance: Privacy by Design, Privacy by Default. Portsmouth, NH: International Association for Privacy Professionals, 2018. Print.

Pfleeger, Shari Lawrence, M. Angela Sasse, and Adrian Furnham. ‘From Weakest Link to Security Hero: Transforming Staff Security Behavior’. Journal of Homeland Security and Emergency Management 11.4 (2014): n. pag. Web. <https://discovery.ucl.ac.uk/id/eprint/1460572/2/jhsem-2014-0035.pdf>.

Safa, Nader Sohrabi. ‘Human Aspects of Information Security in Organisations’. Computer Fraud & Security 2016.2 (2016): 15–18. Web.

Sharman, Raj, and Manish Gupta. Social and Human Elements of Information Security: Emerging Trends and Countermeasures. Hershey, Pa: Information Science Reference, 2008. Print.

Smith, Graham M. ‘Into Cerberus’ Lair: Bringing the Idea of Security to Light’. The British Journal of Politics and International Relations 7.4 (2005): 485–507. Web.

Warren, Samuel D., and Louis D. Brandeis. ‘The Right to Privacy’. Harvard Law Review 4.5 (1890): n. pag. Web.

Wilson, Mark, and Joan Hash. ‘Building an Information Technology Security Awareness and Training Program’. Web. <https://ws680.nist.gov/publication/get_pdf.cfm?pub_id=151287>.

Wright, David, and Paul de Hert, eds. Privacy Impact Assessment. volume 6. Dordrecht: Springer, 2012. Print.