Background and activities
Scientific, academic and artistic work
A selection of recent journal publications, artistic productions, books, including book and report excerpts. See all publications in the database
- (2019) Quantifying and Analyzing Information Security Risk from Incident Data. Lecture Notes in Computer Science (LNCS). vol. 11720.
- (2018) Empirical Case Studies of the Root Cause Analysis Method in Information Security. International journal on advances in security. vol. 11 (1&2).
- (2018) A framework for estimating information security risk assessment method completeness: Core Unified Risk Framework. International Journal of Information Security. vol. 17 (6).
- (2017) User Modeling Validation Over the Security Awareness of Digital Natives. Future Internet. vol. 9 (3).
- (2017) Security Awareness of the Digital Natives. Information. vol. 8 (2).
- (2017) Information Security Risk Assessment: A Method Comparison. Computer. vol. 50 (4).
- (2016) Cyber security risk assessment of a DDoS attack. Lecture Notes in Computer Science (LNCS). vol. 9866.
- (2015) An Initial Insight Into InfoSec Risk Management Practices. Norsk Informasjonssikkerhetskonferanse (NISK).
- (2015) Conflicting Incentives Risk Analysis: A Case Study of the Normative Peer Review Process. Administrative Sciences. vol. 5 (3).
- (2015) The role of malware in reported cyber espionage: A review of the impact and mechanism. Information. vol. 6 (2).
Part of book/report
- (2020) The Root Causes of Compromised Accounts at the University. Proceedings of the 6th International Conference on Information Systems Security and Privacy.
- (2019) Cybersecurity Awareness and Culture in Rural Norway. Thirteenth International Symposium on Human Aspects of Information Security & Assurance (HAISA 2019).
- (2017) An Empirical Study of Root-Cause Analysis in Information Security Management. SECURWARE 2017 - The Eleventh International Conference on Emerging Security Information, Systems and Technologies.
- (2016) An initial insight into Information Security Risk Assessment practices. Annals of Computer Science and Information Systems, Volume 8 Proceedings of the 2016 Federated Conference on Computer Science and Information Systems.
- (2016) Quantitative Risk, Statistical Methods and the Four Quadrants for Information Security. Risks and Security of Internet and Systems: 10th International Conference, CRiSIS 2015, Mytilene, Lesbos Island, Greece, July 20-22, 2015, Revised Selected Papers.
- (2014) A Comparison between Business Process Management and Information Security Management. Proceedings of the 2014 Federated Conference on Computer Science and Information Systems.
- (2013) A Taxonomy of Challenges in Information Security Risk Management. Proceeding of Norwegian Information Security Conference / Norsk informasjonssikkerhetskonferanse - NISK 2013 - Stavanger, 18th-20th November 2013.
- (2017) Cyber Security Risk Assessment Practices: Core Unified Risk Framework. Norges teknisk-naturvitenskapelige universitet. 2017. ISBN 978-82-326-2378-5. Doktoravhandlinger ved NTNU (153).