Publications

 

Full list of academic publications

Status: October 2022

 

Agrafiotis, I., Bada, M., Cornish, P., Creese, S. Goldsmith, M., Ignatuschtschenko, E., Roberts, T. and Upton, D. M. (2016). Cyber Harm: Concepts, Taxonomy and Measurement - Working Paper 2016-23. Available from: https://papers.ssrn.com/sol3/papers.cfm?abstract_id=2828646 [Accessed 15 August 2019]

 

Agrafiotis, I., Nurse, J.R.C., Goldsmith, M., Creese, S., Upton, D. (2018), ‘A Taxonomy of Cyber-harms: Defining the Impacts of Cyber-attacks and Understanding How They Propagate’, Journal of Cybersecurity, v 4 n 1, p.1-15.  nd Understanding How They Propagate’, Journal of Cybersecurity, v 4 n 1, p.1-15. https://academic.oup.com/cybersecurity/article/4/1/tyy006/5133288?searchresult=1 [Accessed 4 November 2019]

 

Austin, R. D. and Upton, D. M. (2016). Leading in the Age of Super-Transparency. MITSloan Management Review. 57(2), pp 25 – 32. Available from: http://research.cbs.dk/files/44436506/robert_austin_leading_in_the_age_postprint.pdf  [Accessed 15 August 2019]

 

Axon, L., Creese, S., Dixon, W., Saunders, J. (2020). Why we need to solve our quantum security challenges. World Economic Forum. Available at https://www.weforum.org/agenda/2020/06/quantum-computers-security-challenges/ [Accessed 2 November 2020]

 

Bada, M. and Sasse, A. (2014). Cyber Security Awareness Campaigns: Why do they fail to change behaviour? Available from: http://discovery.ucl.ac.uk/1468954/ [Accessed 15 August 2019]
 

Bada, M., Creese, S., Goldsmith, M. and Mitchell, C.J. (2017). Improving the Effectiveness of CSIRTs. CYBER 2017: The Second International Conference on Cyber-Technologies and Cyber-Systems. Available from: http://www.thinkmind.org/index.php?view=article&articleid=cyber_2017_4_30_80060 [Accessed 15 August 2019]

 

Bada, M., Creese, S., Goldsmith, M., Mitchell, C., & Phillips, E. (2017). Improving the effectiveness of CSIRTs. In The Second International Conference on Cyber-Technologies and Cyber-Systems (pp. 53-58). Available from: https://www.semanticscholar.org/paper/Improving-the-Effectiveness-of-CSIRTs-Bada-Creese/976697ab0217fedd540cac7bea08907762448970 [Accessed 15 August 2019]

 

Bada, M., Creese, S., Goldsmith, M., Mitchell, C.J., Phillips, E. (2014a). Computer Security Incident Response Teams (CSIRTs) – An Overview. Available from:  https://papers.ssrn.com/sol3/papers.cfm?abstract_id=3659974 [Accessed 15 August 2019]

 

Bada, M., Nurse, J.R.C. (2016). The Cybercrime Ecosystem: How the Internet Supports Criminal Behaviour Online. OII Oxford Internet Institute, Connected Life 2016: Collective Action and the Internet Conference, June 2016.  Available at https://gcscc.ox.ac.uk/article/cybercrime-ecosystem-how-internet-may-support-criminal-behaviour-online [Accessed 8 August 2020]

 

Bada, M., Nurse, J.R.C. (2016b). Profiling the Cybercriminal. International Crime and Intelligence Analysis Conference. 25-26 February 2016 Manchester, England. Available at https://gcscc.ox.ac.uk/article/profiling-cybercriminal [Accessed 4 August 2020]

 

Bada, M., Von Solms, B., Agrafiotis, I. (2019), ‘Reviewing National Cybersecurity Awareness for Users and Executives in Africa’, The International Journal on Advances in Security, v 12 n 1&2, p.108-118.  Available from: http://www.iariajournals.org/security/sec_v12_n12_2019_paged.pdf [Accessed 15 August 2019]

An earlier version of this publication appeared as: Bada, M., Von Solms, B. and Agrafiotis, I. (2018). Reviewing National Cybersecurity Awareness in Africa: An empirical study. CYBER 2018: The Third International Conference on Cyber-Technologies and Cyber-Systems. Available from: https://www.thinkmind.org/index.php?view=article&articleid=cyber_2018_6_20_80051 [Accessed 15 August 2019]

 

Bagui, L., Boorman, J., Calandro, E., Pule, N., Weisser Harris, C. (2020). Reviewing cybersecurity capacity in a COVID-19 environment. Available from: www.c3sa.uct.ac.za/c3sa/news/2020/review [Accessed 15 October 2020]

 

Bauer, J. M. and Dutton, W. H. (2015), ‘The New Cyber Security Agenda: Economic and Social Challenges to a Secure Internet’, Joint working paper for the Oxford Global Cybersecurity Project at the Oxford Martin Institute, University of Oxford, and the Quello Center at MSU, based on a briefing document prepared by the authors to support the World Bank World Development Report. Available from: https://papers.ssrn.com/sol3/papers.cfm?abstract_id=2614545 [Accessed 15 August 2019]

Bauer, J. M. and Dutton, W. H. (2021), ‘Cybersecurity: Towards a New Agenda for Policy and Practice’ in Portuguese as: ‘A Nova Agenda de Cbersegurança: Desafios Econômicos e Sociais Para Uma Internet Segura’, pp. 35-64 in Cadernos NIC.br Estudos Setoriais - Segurança Digital: Uma Análise de Gestão de Risco em Empresa Brasileiras. 

 

Bispham, M., Creese, S., Dutton, W. H., Esteve-González, P., and Goldsmith, M. (2022). 'An Exploratory Study of Cybersecurity in Working from Home: Problem or Enabler?' Journal of Information Policy, 12. https://doi.org/10.5325/jinfopoli.12.2022.0010 

 

Blank, G., Bolsover, G. and Dubois, E. (2014). A New Privacy Paradox: Young People and Privacy on Social Network Sites. Available from https://www.oxfordmartin.ox.ac.uk/downloads/A%20New%20Privacy%20Paradox%20April%202014.pdf [Accessed 15 August 2019]

 

Bund, J. (2019), ‘Susceptibility Awareness: Domestic Vectors for Disrupting the Kill Chain of Cyber-enabled Influence Operations’, European Cybersecurity Journal, v 5 n 2, p.34-45. https://cybersecforum.eu/media/ECJ_2019.pdf [Accessed 4 November 2019]

 

Cornish P. (2017). Deterrence and the Ethics of Cyber Conflict. In: Taddeo M., Glorioso L. eds. Ethics and Policies for Cyber Operations. Philosophical Studies Series. vol 124. Cham: Springer, pp. 1 – 16. Available from: https://link.springer.com/chapter/10.1007/978-3-319-45300-2_1 [Accessed 15 August 2019]

 

Creese, S., Dutton, W. H., and Esteve-González, P. (2021), ‘The Social and Cultural Shaping of Cybersecurity Capacity Building: A Comparative Study of Nations and Regions'. Personal and Ubiquitous Computing, 25, 941-955. https://doi.org/10.1007/s00779-021-01569-6

 

Creese, S., Dutton, W. H., Esteve-González, P., and Shillair, R., (2021), 'Cybersecurity Capacity-Building: Cross-National Benefits and International Divides'. Journal of Cyber Policy. https://doi.org/10.1080/23738871.2021.1979617

Preliminary results presented at the 2019 GFCE Annual Meeting in Addis Ababa. Available from: https://www.slideshare.net/WHDutton/presentation-to-gfce-2019-in-addis-ababa-ethiopia [Accessed 21 July 2020]

 

Creese, S., Goldsmith, M., Griffin, M., Puello Alfonso S., Weisser Harris, C., Agrafiotis, I., Bund, J., and Nagyfejeo, E. (2019). GCSCC Global Impact. GCSCC Working Paper on the Knowledge and Policy Contributions from the First Five Years. Available from: https://gcscc.web.ox.ac.uk/sites/default/files/gcscc_booklet_web.pdf [Accessed 15 August 2019]

 

Creese, S., Shillair, R., Bada, M., Reisdorf, B.C., and Dutton, W. H. (2019), The Cybersecurity Capacity of Nations, pp. 165-179 in Graham, M., and Dutton, W. H. (eds), Society and the Internet: How Networks of Information and Communication are Changing our Lives, 2nd Edition. Oxford: Oxford University Press.

An early version of this book chapter was presented at the TPRC conference, Dutton, WH., Creese, S., Shillair, R., Bada, M. and Roberts, T. (2017). Cyber Security Capacity: Does It Matter? Quello Center Working Paper No. 2938078. Available from: https://ssrn.com/abstract=2938078 [Accessed 15 August 2019]

 

S. Creese, J. Saunders, L. Axon and W. Dixon, (2020) Future Series Report: Cybersecurity, emerging technology and systemic risk, November 2020, Available from https://www.weforum.org/reports/future-series-cybersecurity-emerging-technology-and-systemic-risk [Accessed 3 December 2020] 

 

De Bruin, R. and von Solms, S.H. (2015). Modelling Cyber Security Governance Maturity. 2015 IEEE International Symposium on Technology and Society, pp. 1–8. Available from: https://ieeexplore.ieee.org/abstract/document/7439415/ [Accessed 15 August 2019]

 

Dutton, W. (2017). Fostering a Cyber Security Mindset. Internet Policy Review, 6(1): DOI: 10.14763/2017.1.443. Available from: https://policyreview.info/node/443/pdf. An abridged version was reprinted in Encore, a publication of The Alexander von Humboldt Institute for Internet and Society (HIIG), forthcoming in 2018. Available from: https://www.hiig.de/en/fostering-cybersecurity-mindset/ [Accessed 15 August 2019]

 

Dutton, W. (2020). To Be or Not to Be Virtual. Intermedia Issue. Vol. 48 Issue 3. Available from https://www.iicom.org/wp-content/uploads/dutton.pdf [Accessed 20 October 2020] 

 

Dutton, William H., Creese, S., Sadie, Gonzalez, P. E, Goldsmith, Michael, G., and Weisser, H.C., (2022), Next Steps for the EU: Building on the Paris Call and EU Cybersecurity Strategy. Available at SSRN: https://ssrn.com/abstract=4052728 [Accessed February 15, 2022]

 

Dutton, W. H., Creese, S., Shillair, R., and Bada, M. (2019a). Cyber Security Capacity: Does It Matter? Journal of Information Policy, 9, pp. 280-306. Available at https://www.jstor.org/stable/10.5325/jinfopoli.9.2019.0280#metadata_info_tab_contents [Accessed 15 August 2019] 

 

Dutton, W. H., Griffin, M., Nagyfejeo, E., Puello Alfonso, S., Weisser Harris, C., and Bada, M., (2018), Collaborative Approaches to a Wicked Problem: Global Responses to Cybersecurity Capacity Building, February. GCSCC Working Paper on the 2018 Annual GCSCC Conference, Oxford University. Available from https://papers.ssrn.com/sol3/papers.cfm?abstract_id=3660000 [Accessed 15 August 2019]

 

Dutton, William H. and Axon, Louise and Weisser Harris, Carolin (2021) Structured Field Coding and Its Application to National Assessments. Available at SSRN: https://ssrn.com/abstract=3781600 [Accessed 20 February 2021] 

 

Dutton, William H. and Esteve-Gonzalez, Patricia, Multidisciplinary Approaches to the Rise of Cybersecurity Research (November 17, 2020). Available at SSRN: https://ssrn.com/abstract=3732333 or http://dx.doi.org/10.2139/ssrn.3732333 [Accessed 20 November 2020]

 

Griffin, M. (2018). Global Cybersecurity Education – Lessons from the CMM. GCSCC Working Paper. Available from: https://gcscc.ox.ac.uk/article/global-cybersecurity-education-lessons-cmm [Accessed 8 August 2020]

 

Hameed, F., Agrafiotis, I., Weisser, C., Goldsmith, M. and Creese S. (2018). Analysing Trends and Success Factors of International Cybersecurity Capacity-Building Initiatives. SECURWARE 2018: The Twelfth International Conference on Emerging Security Information, Systems and Technologies. Available from: https://ora.ox.ac.uk/objects/uuid:50e9c5aa-4f3d-40f0-a0a0-ff538b735291/download_file?file_format=pdf&safe_filename=Analysing-trends-success%2BFaisal%2BHameed%2B10SEP18%2BCamera%2BReady.pdf&type_of_work=Conference+item [Accessed 15 August 2019]

 

Ignatuschtschenko, E. (2016). Jurisdiction on the Internet: Making Multi-Stakeholder Cooperation Work. Available from: https://gcscc.ox.ac.uk/article/jurisdiction-internet-making-multi-stakeholder-cooperation-work [Accessed 8 August 2020]

 

Korff, Douwe. (2016). Harm caused to fundamental rights and freedoms by state cybersecurity interventions. Available at https://ssrn.com/abstract=3709808 [Accessed 12 October 2020] 

 

Kritzinger, E., Bada, M., Nurse, J.R.C. (2017). A Study into the Cybersecurity Awareness Initiatives for School Learners in South Africa and the UK. In: Bishop, M., Futcher, L., Miloslavskaya, N., Theocharidou, M. eds. WISE 2017: Information Security Education for a Global Digital Society. Cham: Springer, pp. 110 – 120. Available from: https://link.springer.com/chapter/10.1007/978-3-319-58553-6_10 [Accessed 15 August 2019]

 

Mary Bispham, Sadie Creese, William H. Dutton, Patricia Esteve-Gonzalez, and Michael Goldsmith (2021), 'Cybersecurity in Working from Home: An Exploratory Study’, Paper prepared for presentation at the Policy Research Conference on Communications, Information, and the Internet (TPRC49), to be held online 22-24 September 2021. Available at: https://ssrn.com/abstract=3897380

 

Nagyfejeo, E. (2018), ‘EU’s Emerging Strategic Cyber Culture(s)’, Policing: A Journal of Policy and Practice, 24 December: 1-24. Available at https://doi.org/10.1093/police/pay092 [Accessed 10 January 2019]

 

Nagyfejeo, E., Solms, B.V. (2020). Why Do National Cybersecurity Awareness Programmes Often Fail?. International Journal of Information Security and Cybercrime, 9(2), 18-27. Available from https://www.ijisc.com/year-2020-issue-2-article-3/ [Accessed 5 February 2021] 

 

Nurse J. and Bada, M. (2019). The Group Element of Cybercrime: Types, Dynamics, and Criminal Operations. In: Attrill-Smith, A., Fullwood, C., Keep, M. and Kuss, D.J. eds. The Oxford Handbook of Cyberpsychology. Oxford: Oxford University Press. Available from: https://www.oxfordhandbooks.com/view/10.1093/oxfordhb/9780198812746.001.0001/oxfordhb-9780198812746-e-36?print=pdf [Accessed 15 August 2019]

 

Nurse, J. R. C. and Bada, M. (2017). Connected Life: Digital Inequalities. MIND THE GAP: How Digital Inequality Impacts Cyber Security. Oxford: Oxford Internet Institute.

 

Nurse, J., Agrafiotis, I., Erola, A., Bada, M., Roberts, T., Williams, M., Goldsmith, M., and Creese, S. (2016). An Independent Assessment of the Procedural Components of the Estonian Internet Voting System - Working Paper 6. Cyber Studies Programme Working Paper Series in Department of Politics and International Relations, University of Oxford. Available from: https://ssrn.com/abstract=2858336 [Accessed 15 August 2019]

 

Roberts, T. (2016) Deciphering the Chinese Underground Economy. GCSCC Working Paper. Available from: https://gcscc.ox.ac.uk/article/deciphering-chinese-underground-economy [Accessed 8 August 2020]

 

Roberts, T., Bada, M., and Dotzauer, E. (2014). Strategies for Increasing Scale and Quality of Cybersecurity Capacity-Building Investments. Available from: https://papers.ssrn.com/sol3/papers.cfm?abstract_id=3660003  [Accessed 15 August 2019]

 

Rudolph, C., Creese, S., Sharma, S. (2020). Cybersecurity in Pacific Island Nations. Communications of the ACM. Vol. 63 No. 4, Pages 53-54. Available at https://doi.org/10.1145/3378550 [Accessed 12 October 2020] 

 

Shillair, R., Esteve-González, P., Dutton, W.H., Creese, S., Nagyfejeo, E., and von Solms, B. (2022). Cybersecurity education, awareness raising, and training inititiatives: National level evidence-based results, challenges, and promise. Computers & Security, 119. https://doi.org/10.1016/j.cose.2022.102756 [Accessed 24 May 2022]

 

The Global Cyber Security Capacity Centre continues its work across the world. Inspired Research, Winter 2018, Issue 13. Available from: http://www.cs.ox.ac.uk/innovation/inspiredresearch/InspiredResearchwinter2018.pdf [Accessed 15 August 2019]

 

Von Solms, B. and Upton, D. (2016). Cyber security capacity governance. The Business & Management Review. 7(4), pp. 34.

 

Weisser Harris, C. (2020) GCSCC Presents Research Findings to Global Community and Welcomes Regional Partner in South Africa. Available from:  https://www.oxfordmartin.ox.ac.uk/blog/gcscc-presents-research-findings-to-global-community/ [Accessed 3 July 2020]

 

Weisser Harris, C. (2020). GCSCC Welcomes Newest Regional Partner in South Africa and Moves to Online Training – An Experience Capture from the Capacity Centre. Available from: http://www.cs.ox.ac.uk/innovation/inspiredresearch/InspiredResearch-summer2020.pdf [Accessed 3 July 2020]

 

Weisser Harris, C. and Bada, M. (2016). Kosovo – What Followed the CMM Review? A GCSCC Working Paper. Available from: https://gcscc.ox.ac.uk/article/kosovo-what-followed-cmm-review [Accessed 8 August 2020]

 

Yates, S. J., Jones, G., Preston, A., Dutton, B., and Carmi, E. (2020), ‘ESRC Review: Governance and Security’, pp. 605-627 in Rice, R. E., Yates, S. J. (eds), The Oxford Handbook of Digital Technology and Society. New York, NY: Oxford University Press.  

 

Zorina, A., and Dutton, W. H. (forthcoming), ‘Theorizing Actor Interactions Shaping Innovation in Digital Infrastructures: The Case of Residential Internet Development in Belarus’, Organization Science, forthcoming.