Adams, A., Sasse, M.A.: Users are not the enemy. Commun. ACM 42(12), 40–46 (1999)
CrossRef
Google Scholar
Albrechtsen, E., Hovden, J.: The information security digital divide between information security managers and users. Comput. Secur. 28(6), 476–490 (2009)
CrossRef
Google Scholar
Appelbaum, S.H.: Socio-technical systems theory: an intervention strategy for organizational development. Manag. Decis. 35(6), 452–463 (1997)
CrossRef
Google Scholar
Ashenden, D., Lawrence, D.: Security dialogues: building better relationships between security and business. IEEE Secur. Priv. 14, 82–87 (2016)
CrossRef
Google Scholar
Ashenden, D., Sasse, A.: CISOs and organisational culture: their own worst enemy? Comput. Secur. 39, 396–405 (2013)
CrossRef
Google Scholar
Bada, M., Sasse, A.M., Nurse, J.R.C.: Cyber Security Awareness Campaigns: why do they fail to change behaviour? In: Satapathy, S.C., Joshi, A., Modi, N., Pathak, N. (eds.) Proceedings of International Conference on ICT for Sustainable Development. AISC. Springer, Singapore (2016)
Google Scholar
Barrett, S.: Overcoming transactional distance as a barrier to effective communication over the Internet. Int. Educ. J. 3, 34–42 (2002)
Google Scholar
Beautement, A., Sasse, M.A., Wonham, M.: The compliance budget: managing security behaviour in organisations. In: Keromytis, A., Somayaji, A., Probst, C.W., Bishop, M. (eds.) Proceedings of the 2008 Workshop on New Security Paradigms, p. 47. Association for Computing Machinery, New York (2008)
Google Scholar
Becker, I., Parkin, S., Sasse, M.A.: Finding security champions in blends of organisational culture. In: Acar, Y., Fahl, S. (eds.) Proceedings 2nd European Workshop on Usable Security. Internet Society, Reston (2017)
Google Scholar
Beris, O., Beautement, A., Sasse, M.A.: Employee rule breakers, excuse makers and security champions: mapping the risk perceptions and emotions that drive security behaviors. In: Proceedings of the 2015 New Security Paradigms Workshop, NSPW 2015, pp. 73–84. Association for Computing Machinery, New York (2015)
Google Scholar
Berne, E.: Spiele der Erwachsenen: Psychologie der menschlichen Beziehungen, rororo, vol. 61350: rororo-Sachbuch. Rowohlt-Taschenbuch-Verl., Reinbek bei Hamburg, neuaufl. edn. (2002)
Google Scholar
BetterCloud: State of Insider Threats in the Digital Workplace (2019)
Google Scholar
Burdon, M., Coles-Kemp, L.: The significance of securing as a critical component of information security: an Australian narrative. Comput. Secur. 87, 101601 (2019)
CrossRef
Google Scholar
Posey, C., Roberts, T.L., Lowry, P.B., Hightower, R.T.: Bridging the divide: a qualitative comparison of information security thought patterns between information security professionals and ordinary organizational insiders. Inf. Manag. 51(5), 551–567 (2014)
CrossRef
Google Scholar
Clegg, S.: Frameworks of Power. Sage Publication, London (1989)
CrossRef
Google Scholar
Coles-Kemp, L., Ashenden, D., O’Hara, K.: Why should i? Cybersecurity, the security of the state and the insecurity of the citizen. Politics Gov. 6(2), 41–48 (2018)
CrossRef
Google Scholar
Coyle, D.: The Culture Code: The Secrets of Highly Successful Groups, 11th edn. Bantam Books, New York (2018)
Google Scholar
Di Maio, P.: Towards a metamodel to support the joint optimization of socio technical systems. Systems 2(3), 273–296 (2014)
CrossRef
Google Scholar
Dogan, K., Vecchio, R.P.: Managing envy and jealousy in the workplace. Compens. Benefits Rev. 33(2), 57–64 (2001)
CrossRef
Google Scholar
Galvin, K.M., Wilkinson, C.A.: The communication process: Impersonal and interpersonal (2006). Accessed 1 May 2011
Google Scholar
Heath, C.P., Hall, P.A., Coles-Kemp, L.: Holding on to dissensus: participatory interactions in security design. Strateg. Des. Res. J. 11(2), 65–78 (2018)
Google Scholar
Herley, C.: So Long, and no thanks for the externalities: the rational rejection of security advice by users. In: Proceedings of the 2009 Workshop on New Security Paradigms Workshop, NSPW 2009, pp. 133–144. Association for Computing Machinery, New York (2009)
Google Scholar
Herley, C.: More is not the answer. IEEE Secur. Priv. 12(1), 14–19 (2014)
CrossRef
Google Scholar
Herley, C., van Oorschot, P.C.: SoK: science, security and the elusive goal of security as a scientific pursuit. In: 2017 IEEE Symposium on Security and Privacy (SP), pp. 99–120 (2017)
Google Scholar
Hobbs, N.: Gruppen-bezogene Psychotherapie. In: Rogers, C.R. (ed.) Die klientenzentrierte Gesprächspsychotherapie. Client-Centered Therapy. FISCHER Taschenbuch (2021)
Google Scholar
Inglesant, P., Sasse, M.A.: Information security as organizational power: a framework for re-thinking security policies. In: 2011 1st Workshop on Socio-Technical Aspects in Security and Trust (STAST), pp. 9–16 (2011)
Google Scholar
Ponemon Institute: Managing Insider Risk Whitepaper (2016)
Google Scholar
Budge, J., O’Malley, C., Blankenship, J., Flug, M., Nagel, B.: The Forrester Wave™: Security Awareness and Training Solutions, Q1 2020 (2020)
Google Scholar
Kirlappos, I., Parkin, S., Sasse, M.A.: Learning from “Shadow Security”: why understanding non-compliant behaviors provides the basis for effective security. In: Smith, M., Wagner, D. (eds.) Proceedings 2014 Workshop on Usable Security. Internet Society, Reston, 23 February 2014
Google Scholar
Klimburg-Witjes, N., Wentland, A.: Hacking humans? Social engineering and the construction of the “deficient user” in cybersecurity discourses. Sci. Technol. Hum. Values 46(6), 1316–1339 (2021)
Google Scholar
Knapp, L.: Zum Umgang mit Schuld in Organisationen. Entwicklung und erste Validierung einer Skala zur Erfassung eines Klimas der Schuldzuweisungen. Master thesis, Ruhr University Bochum, Chair for Organisational Psychology (2016)
Google Scholar
Kocksch, L., Korn, M., Poller, A., Wagenknecht, S.: Caring for IT security: accountabilities, moralities, and oscillations in IT security practices. Proc. ACM Hum.-Comput. Interact. 2(CSCW), 1–20 (2018)
Google Scholar
Labianca, G., Brass, D.J.: Exploring the social ledger: negative relationships and negative asymmetry in social networks in organizations. Acad. Manag. Rev. 31(3), 596–614 (2006)
CrossRef
Google Scholar
Coles-Kemp, L., Stang, F.: Making digital technology research human: learning from clowning as a social research intervention. Rivista Italiana di Studi sull’Umorismo (RISU) 2(1), 35–45 (2019)
Google Scholar
Coles-Kemp, L., Hall, P.: TREsPASS Book 3: Creative Engagements. Royal Holloway (2016)
Google Scholar
Lukenbill, W.B.: The OK reference department-using transactional analysis in evaluating organizational climates. RQ 15(4), 317–322 (1976). http://www.jstor.org/stable/41354348
Octavia, J.R., van den Hoven, E., de Mondt, H.: Overcoming the distance between friends. In: Electronic Workshops in Computing, BCS Learning & Development (2007)
Google Scholar
Pasmore, W., Francis, C., Haldeman, J., Shani, A.: Sociotechnical systems: a North American reflection on empirical studies of the seventies. Hum. Relat. 35(12), 1179–1204 (1982)
CrossRef
Google Scholar
Ponemon Institute: Global Encryption Trends Study (2019)
Google Scholar
Proctor, T., Doukakis, I.: Change management: the role of internal communication and employee development. Corp. Commun. Int. J. 8(4), 268–277 (2003)
CrossRef
Google Scholar
Putz, D., Schilling, J., Kluge, A., Stangenberg, C.: OlaF. Fragebogen zur Erfassung des organisationalen Klimas für Lernen aus Fehlern. In: Sarges, W. (ed.) Organisationspsychologische Instrumente: Handbuch wirtschaftspsychologischer Testverfahren; 2, pp. 251–258. Pabst, Lengerich [u.a.] (2010)
Google Scholar
Putz, D., Schilling, J., Kluge, A., Stangenberg, C.: Measuring organizational learning from errors: development and validation of an integrated model and questionnaire. Manag. Learn. 44(5), 511–536 (2013)
CrossRef
Google Scholar
Reason, J.: Human error: models and management. BMJ (Clinical Research Ed.) 320(7237), 768–770 (2000)
CrossRef
Google Scholar
Renaud, K., Searle, R., Dupui, M.: Shame in cyber security: effective behavior modification tool or counterproductive foil? In: Proceedings of the 2021 New Security Paradigms Workshop, NSPW 2021. Association for Computing Machinery, New York (2021, To appear)
Google Scholar
Wilson, S.H.: Combating the Lazy User: An Examination of Various Password Policies and Guidelines (2002)
Google Scholar
Sasse, A.: Scaring and bullying people into security won’t work. IEEE Secur. Priv. 13(3), 80–83 (2015)
CrossRef
Google Scholar
Schneier, B.: Secrets and Lies: Digital Security in a Networked World. Wiley, New York (2000)
Google Scholar
Susan, S., Shade, M.: People, the weak link in cyber-security: can ethnography bridge the gap? In: Ethnographic Praxis in Industry Conference Proceedings, vol. 2015, no. 1, pp. 47–57 (2015)
Google Scholar
Tjosvold, D., Yu, Z.Y., Hui, C.: Team learning from mistakes: the contribution of cooperative goals and problem-solving*. J. Manag. Stud. 41(7), 1223–1245 (2004)
Google Scholar
Tracy, K., Eisenberg, E.: Giving criticism: a multiple goals case study. Res. Lang. Soc. Interact. 24(1–4), 37–70 (1990)
CrossRef
Google Scholar
Whitten, A., Tygar, J.D.: Why Johnny can’t encrypt: a usability evaluation of PGP 5.0. In: Proceedings of the 8th Conference on USENIX Security Symposium, SSYM 1999, vol. 8, p. 14. USENIX Association (1999)
Google Scholar
Zhu, Y., Nel, P., Bhat, R.: A cross cultural study of communication strategies for building business relationships. Int. J. Cross Cult. Manag. 6(3), 319–341 (2006)
CrossRef
Google Scholar