Maria Bartnes

Assistant Associate Professor

Department of Information Security and Communication Technology Centre for Continuing Education and Professional Development Faculty of Information Technology and Electrical Engineering

maria.bartnes@sintef.no +47 45218102

Trondheim, Strindvegen 4

I received my MSc from NTNU, Dept. of Telematics, in 2002, and my PhD from the same department in 2015. In my PhD project I studyed how Distribution System Operators (DSOs) in the power industry prepare for, and respond to, information security incidents in their IT and control systems. I was a research scientist at SINTEF ICT in Trondheim 2002-2015, and 2015-2017 I was responsible for information security for the SINTEF organization. I am currently Research Director at SINTEF Digital and Head of the Software Engineering, Safety and Security department.

My scientific interests include:

Incident management
Privacy
Risk assessments
Awareness

For more information on my PhD project, please go to my webpage at the department.

Scientific, academic and artistic work

A selection of recent journal publications, artistic productions, books, including book and report excerpts. See all publications in the database

Journal publications

Bartnes, Maria; Moe, Nils Brede. (2017) Challenges in IT security preparedness exercises: A case study. Computers & security. vol. 67.
Bartnes, Maria; Moe, Nils Brede; Heegaard, Poul Einar. (2016) The future of information security incident management training: A case study of electrical power companies. Computers & security (Print). vol. 61.
Jaatun, Martin Gilje; Bartnes, Maria; Tøndel, Inger Anne. (2016) Zebras and Lions: Better Incident Handling Through Improved Cooperation. Communications in Computer and Information Science. vol. 648.
Line, Maria Bartnes; Albrechtsen, Eirik. (2016) Examining the suitability of industrial safety management approaches for information security incident management. Information and Computer Security. vol. 24 (1).
Bartnes, Maria; Tøndel, Inger Anne; Jaatun, Martin Gilje. (2015) Current practices and challenges in industrial control organizations regarding information security incident management – Does size matter? Information security incident management in large and small industrial control organizations. International Journal of Critical Infrastructure Protection. vol. 12.
Graffer, Ingrid; Bartnes, Maria; Bernsmed, Karin. (2015) Play2Prepare: A Board Game Supporting IT Security Preparedness Exercises for Industrial Control Organizations. Norsk Informasjonssikkerhetskonferanse (NISK).
Line, Maria Bartnes. (2014) Why securing smart grids is not just a straightforward consultancy exercise. Security and Communication Networks. vol. 7 (1).
Tøndel, Inger Anne; Line, Maria Bartnes; Jaatun, Martin Gilje. (2014) Information security incident management: Current practice as reported in the literature. Computers & security (Print). vol. 45.
Gjære, Erlend Andreas; Tøndel, Inger Anne; Line, Maria Bartnes; Andresen, Herbjørn; Toussaint, Pieter Jelle. (2011) Personal Health Information on Display: Balancing Needs, Usability and Legislative Requirements. Studies in Health Technology and Informatics. vol. 169.
Line, Maria Bartnes; Tøndel, Inger Anne; Gjære, Erlend Andreas. (2011) A Risk-Based Evaluation of Group Access Control Approaches in a Healthcare Setting. Lecture Notes in Computer Science. vol. 6908.
Line, Maria Bartnes; Tøndel, Inger Anne; JAATUN, Martin Gilje. (2011) Cyber Security Challenges in Smart Grids. IEEE PES Innovative Smart Grid Technologies Conference Europe.
Nicolaysen, Torstein; Sassoon, Richard; Bartnes, Maria; Jaatun, Martin Gilje. (2010) Agile Software Development: The Straight and Narrow Path to Secure Software?. International Journal of Secure Software Engineering. vol. 1 (3).
Jaatun, Martin Gilje; Line, Maria Bartnes; Grøtan, Tor Olav. (2009) Secure Remote Access to Autonomous Safety Systems: A Good Practice Approach. International Journal of Autonomous and Adaptive Communications Systems. vol. 2 (3).
Jaatun, Martin Gilje; Albrechtsen, Eirik; Bartnes, Maria; Johnsen, Stig Ole; Wærø, Irene; Longva, Odd Helge; Tøndel, Inger Anne. (2008) A Study of Information Security Practice in a Critical Infrastructure Application. Lecture Notes in Computer Science. vol. 5060.
Johnsen, Stig Ole; Hansen, Christian Waale; Line, Maria B.; Nordby, Yngve; Rich, Eliot; Qian, Ying. (2007) CheckIT-- A program to measure and improve information security and safety culture. International Journal of Performability Engineering. vol. 3 (1).
Johnsen, Stig Ole; Line, Maria Bartnes. (2007) CheckIT - A Program to Measure and Improve Information Security and Safety Culture. International Journal of Performability Engineering. vol. 3 (1, part II).
Johnsen, Stig Ole; Waale Hansen, Christian; Line, Maria Bartnes; Nordby, Yngve; Rich, Eliot; Qian, Ying. (2007) Check-IT - a Program to Measure and Improve Information Security and Safety Culture. International Journal of Performability Engineering. vol. 3 (1).
Johnsen, Stig Ole; Waale Hansen, Christian; Nordby, Yngve; Line, Maria Bartnes. (2006) Measurement and improvement of information security culture. Measurement and control (London. 1968). vol. 39.

Part of book/report

Gjertsen, Eyvind Gaarder Bull; Gjære, Erlend Andreas; Bartnes, Maria; Flores, Waldo Rocha. (2017) Gamification of Information Security Awareness and Training. Proceedings of the 3rd International Conference on Information Systems Security and Privacy, Porto, Portugal, 19 - 21 February, 2017.
Line, Maria Bartnes; Moe, Nils Brede. (2015) Understanding Collaborative Challenges in IT Security Preparedness Exercises. ICT Systems Security and Privacy Protection : 30th IFIP TC 11 International Conference, SEC 2015, Hamburg, Germany, May 26-28, 2015, Proceedings.

Maria Bartnes

Background and activities

Scientific, academic and artistic work

Journal publications

Part of book/report

Links