Skip to main content

ITEC 8501 Seminar in Information Security: Welcome & Course Readings

Welcome to your course guide

Please find your required library readings below. If you have problems with the links below, please contact the Library. If you have APA questions about these materials, please contact the Writing Center.

Course Readings

After clicking on a citation below, enter your myWalden user name and password at the prompt.

Please Ask a Librarian if you have any questions about the links.

Atyam, S. B. (2010). Effectiveness of Security Control Risk Assessments for Enterprises: Assess on the Business Perspective of Security Risks. Information Security Journal: A Global Perspective, 19(6), 343-350.

Furman, S. M., Theofanos, M. F., Choong, Y., & Stanton, B. (2012). Basing Cybersecurity Training on User Perceptions. Security & Privacy, IEEE, 10(2), 40-49.

Furnell, S., & Clarke, N. (2012). Power to the people? The evolving recognition of human aspects of security. Computers & Security, 31(8), 983-988.

Goode, S., & Lacey, D. (2011). Detecting complex account fraud in the enterprise: The role of technical and non-technical controls. Decision Support Systems, 50(4), 702-714. ISSN 0167-9236.

Kirlappos, I., & Sasse, M. A. (2012). Security Education against Phishing: A Modest Proposal for a Major Rethink. Security & Privacy, IEEE, 10(2), 24-32.

Montesino, R., & Fenz, S. (2011). Information Security Automation: How Far Can We Go? Availability, Reliability and Security (ARES), 2011 Sixth International Conference on. doi:10.1109/ARES.2011.48.

Pattinson, M. R., & Anderson, G. (2007). How well are information risks being communicated to your computer end-users? Information Management & Computer Security, 15(5), 362-371.

Pfleeger, S. (2012). Security Measurement Steps, Missteps, and Next Steps. Security & Privacy, IEEE, 10(4), 5-9. doi:10.1109/MSP.2012.106.

Pfleeger, S.L.; Predd, J.B.; Hunker, J.; Bulford, C. (2010). Insiders Behaving Badly: Addressing Bad Actors and Their Actions. Information Forensics and Security, IEEE Transactions on, 5(1). 169-179. doi:10.1109/TIFS.2009.2039591.

Sheng, S., Holbrook, M., Kumaraguru, P., Cranor, L. F., & Downs, J. (2010). Who falls for phish?: a demographic analysis of phishing susceptibility and effectiveness of interventions. CHI '10 – Proceedings of the SIGCHI Conference on Human Factors in Computing Systems, 373-382. doi:10.1145/1753326.1753383.

Stewart, A. (2004). On risk: perception and direction. Computers & Security, 23(5), 362-370.

Stewart, G., & Lacey, D. (2012). Death by a thousand facts: Criticising the technocratic approach to information security awareness. Information Management & Computer Security, 20(1), 29-38. doi:10.1108/09685221211219182.

Stolfo, S., Bellovin, S. M., & Evans, D. (2011). Measuring Security. Security & Privacy, IEEE, 9(3), 60-65. doi:10.1109/MSP.2011.56.

Thompson, H. (2013). The Human Element of Information Security. Security & Privacy, IEEE, 11(1), 32-35.

West, R. (2008). The psychology of security. Communications of the ACM, 51(4), 34-40. DOI: 10.1145/1330311.1330320.

Whitman, M. (2003). Enemy at the gate: threats to information security. Communications of the ACM, 46(8). 91-95. doi:10.1145/859670.859675

Other Readings

Optional or supplemental readings may or may not be available in the library. Find further information about optional readings here.

If you have questions about your required course textbooks, please contact Customer Care at