Albrechtsen, E. (2007). A qualitative study of users’ view on information security. Computers & Security, 26 (4), 276–289.
Andrijcic, E., & Horowitz, B. (2006). A macro-economic framework for evaluation of cyber security risks related to protection of intellectual property. Risk Analysis, 26 (4), 907–923.
Andriotis, P., Tryfonas, T., & Oikonomou, G. (2014, June). Complexity metrics and user strength perceptions of the pattern-lock graphical authentication method. In International Conference on Human Aspects of Information Security, Privacy, and Trust (pp. 115–126). Cham, Germany: Springer.
Arendasy, M. E., & Sommer, M. (2012). Using automatic item generation to meet the increasing item demands of high-stakes educational and occupational assessment. Learning and Individual Differences, 22 (1), 112–117.
Ash, R. A., & Levine, E. L. (1980). A framework for evaluating job analysis-methods. Personnel, 57 (6), 53–59.
Ben-Asher, N., & Gonzalez, C. (2015). Effects of cyber security knowledge on attack detection. Computers in Human Behavior, 48, 51–61.
Beus, J. M., Payne, S. C., Bergman, M. E., & Arthur, W. Jr. (2010). Safety climate and injuries: An examination of theoretical and empirical relationships. Journal of Applied Psychology, 95 (4), 713–727.
Brannick, M. T., Levine, E. L., & Morgeson, F. P. (2007). Job and work analysis: Methods, research, and applications for human resource management. Thousand Oaks, CA: Sage Publications.
Brannick, M. T., Pearlman, K., & Sanchez, J. I. (2017). Work analysis. In Farr, J. L. & Tippins, N. T. (Eds.), Handbook of employee selection (pp. 134–162): New York, NY: Routledge.
Bulgurcu, B., Cavusoglu, H., & Benbasat, I. (2010). Information security policy compliance: An empirical study of rationality-based beliefs and information security awareness. MIS Quarterly, 34 (3), 523–548.
Campbell, S. G., Saner, L. D., & Bunting, M. F. (2016, April). Characterizing cybersecurity jobs: Applying the cyber aptitude and talent assessment framework. In Scherlis, W. L. & Brumley, D. (Chairs), Proceedings of the Symposium and Bootcamp on the Science of Security (pp. 25–27). New York, NY: ACM.
Champion, M. A., Rajivan, P., Cooke, N. J., & Jariwala, S. (2012, March). Team-based cyber defense analysis. In 2012 IEEE International Multi-Disciplinary Conference on Cognitive Methods in Situation Awareness and Decision Support (pp. 218–221). Piscataway, NJ: IEEE.
Clarke, S. (2006). The relationship between safety climate and safety performance: A meta-analytic review. Journal of Occupational Health Psychology, 11 (4), 315–327.
Coovert, M. D., Dreibelbis, R., & Borum, R. (2016). Factors influencing the human-technology interface for effective cyber security performance. In Zaccaro, S. J., Dalal, R. S., Tetrick, L. E., & Steinke, J. A., (Eds.), Psychosocial dynamics of cyber security (pp. 267–290). New York, NY: Routledge.
Dorsey, D. W., Martin, J., Howard, D. J., & Coovert, M. D. (2017). Cybersecurity issues in selection. In Farr, J. L. & Tippins, N. T. (Eds.), Handbook of employee selection (pp. 913–930). New York, NY: Routledge.
El-Din, R. S., Cairns, P., & Clark, J. (2015). The human factor in mobile phishing. In Dawson, M. & Omar, M. (Eds.), New threats and countermeasures in digital crime and cyber terrorism (pp. 53–65). Hershey, PA: Information Science Reference.
Eloff, M. M., & von Solms, S. H. (2000). Information security management: A hierarchical framework for various approaches. Computers & Security, 19 (3), 243–256.
Evans, K., & Reeder, F. (2010). A human capital crisis in cybersecurity: Technical proficiency matters. Washington, DC: CSIS.
Gibson, K., & Mulkey, J. (2016). Dumping the dopes who use braindump sites: How IBM turned the tables using data forensics. Presented at the 2016 ATP Innovations in Testing Conference, Orlando, FL.
Gordon, T., Coovert, M. D., Miles, D. E., Riddle, D., Elliott, L., & Schiflett, S. G. (2001, June). Classifying jobs: Integrating cognitive task analysis and verbal protocol analysis. Paper presented at the annual meeting of the American Psychological Association, Toronto, Canada.
Greitzer, F. L., & Frincke, D. A. (2010). Combining traditional cyber security audit data with psychosocial data: Towards predictive modeling for insider threat mitigation. In Probst, C. W. & Hunker, J. (Eds.), Insider threats in cyber security (pp. 85–113). New York, NY: Springer US.
Guo, K. H. (2013). Security related behavior in using information systems in the workplace: A review and synthesis. Computers & Security, 32, 242–251.
Guo, K. H., Yuan, Y., Archer, N. P., & Connelly, C. E. (2011). Understanding nonmalicious security violations in the workplace: A composite behavior model. Journal of Management Information Systems, 28 (2), 203–236.
Gutzwiller, R. S., Fugate, S., Sawyer, B. D., & Hancock, P. A. (2015, September). The human factors of cyber network defense. In Proceedings of the Human Factors and Ergonomics Society Annual Meeting (Vol. 59, No. 1, pp. 322–326). Thousand Oaks, CA: SAGE Publications.
Herath, T., & Rao, H. R. (2009). Encouraging information security behaviors in organizations: Role of penalties, pressures and perceived effectiveness. Decision Support Systems, 47 (2), 154–165.
Hu, Q., Dinev, T., Hart, P., & Cooke, D. (2012). Managing employee compliance with information security policies: The critical role of top management and organizational culture. Decision Sciences, 43 (4), 615–659.
Jagatic, T. N., Johnson, N. A., Jakobsson, M., & Menczer, F. (2007). Social phishing. Communications of the ACM, 50 (10), 94–100.
Jose, I., LaPort, K., & Trippe, D. M. (2016). Requisite attributes for cyber security personnel and teams: Cyber risk mitigation through talent management. In Zaccaro, S. J., Dalal, R. S., Tetrick, L. E., & Steinke, J. A. (Eds.), Psychosocial dynamics of cyber security (pp. 167–193). New York, NY: Routledge.
Kolmstetter, E. (2003). I-Os making an impact: TSA transportation security screener skill standards, selection system and hiring process. The Industrial-Organizational Psychologist, 40, 39–46.
Landis, R. S., Fogli, L., & Goldberg, E. (1998). Future-oriented job analysis: A description of the process and its organizational implications. International Journal of Selection and Assessment, 6 (3), 192–198.
Mancuso, V. F., Christensen, J. C., Cowley, J., Finomore, V., Gonzalez, C., & Knott, B. (2014, September). Human factors in cyber warfare II emerging perspectives. In Proceedings of the Human Factors and Ergonomics Society Annual Meeting (Vol. 58, No. 1, pp. 415–418). Thousand Oaks, CA: SAGE Publications.
Meyer, J. P. & Allen, N.J. (1997). Commitment in the workplace: Theory, research, and application. Thousand Oaks, CA: SAGE Publications.
Motowidlo, S. J., Borman, W. C., & Schmit, M. J. (1997). A theory of individual differences in task and contextual performance. Human Performance, 10 (2), 71–83.
Mueller-Hanson, R. & Garza, M. (2016). Selection and staffing of cyber security positions. In Zaccaro, S. J., Dalal, R. S., Tetrick, L. E., & Steinke, J.A. (Eds.). Psychosocial dynamics of cyber security (pp. 167–193). New York, NY: Routledge.
Norman, K. L. (2008). Cyberpsychology: An introduction to human-computer interaction (Vol. 1). New York, NY: Cambridge University Press.
Padayachee, K. (2012). Taxonomy of compliant information security behavior. Computers & Security, 31, 673–680.
Parrish, J. L. Jr., Bailey, J. L., & Courtney, J. F. (2009). A personality-based model for determining susceptibility to phishing attacks. Little Rock, AK: University of Arkansas.
Paul, C. L. (2014, November). Human-centered study of a network operations center: experience report and lessons learned. In Proceedings of the 2014 ACM Workshop on Security Information Workers (pp. 39–42). New York, NY: ACM.
Paul, C. L., & Whitley, K. (2013, July). A taxonomy of cyber awareness questions for the user-centered design of cyber situation awareness. In International Conference on Human Aspects of Information Security, Privacy, and Trust (pp. 145–154). Berlin/Heidelberg, Germany: Springer.
Pfleeger, S. L., & Caputo, D. D. (2012). Leveraging behavioral science to mitigate cybersecurity risk. Computers & Security, 31, 597–611.
Ployhart, R. E., & Turner, S. F. (2014). Organizational adaptability. In Chan, D. (Ed.), Individual adaptability to changes at work: New directions in research (pp. 73–92). New York, NY: Routledge.
Rajivan, P., Champion, M., Cooke, N. J., Jariwala, S., Dube, G., & Buchanan, V. (2013, July). Effects of teamwork versus group work on signal detection in cyber defense teams. In International Conference on Augmented Cognition (pp. 172–180). Berlin/Heidelberg, Germany: Springer.
Reynolds, D. (2010, October). A primer on privacy: What every I-O psychologist needs to know about data protection. The Industrial and Organizational Psychologist, 48 (2). Retrieved from http://www.siop.org/tip/oct10/05reynolds.aspx.
Sager, C. E., Russell, T. L., Campbell, R. C., & Ford, L. A. (2005). Future soldiers: Analysis of entry-level performance requirements and their predictors. Army Research for the Behavioral Sciences, Technical Report 1169. Alexandria, VA: United States
Sasse, M. A., Smith, M., Herley, C., Lipford, H., & Vaniea, K. (2016). Debunking security-usability tradeoff myths. IEEE Security & Privacy, 14 (5), 33–39.
Schneider, B., & Konz, A. M. (1989). Strategic job analysis. Human Resource Management, 28 (1), 51–63.
Sheng, S., Holbrook, M., Kumaraguru, P., Cranor, L. F., & Downs, J. (2010). Who falls for phish: A demographic analysis of phishing susceptibility and effectiveness of interventions. In Proceedings of the SIGCHI Conference on Human Factors in Computing Systems (pp. 373–382). New York, NY: ACM. doi:10.1145/1753326.1753383.
Smith, R. W., & Prometric, T. (2004, April). The impact of braindump sites on item exposure and item parameter drift. Paper presented at the annual meeting of the American Education Research Association, San Diego, CA.
Tippins, N. T. (2009). Internet alternatives to traditional proctored testing: Where are we now? Industrial and Organizational Psychology, 2 (1), 2–10.
Van Niekerk, J. F., & Von Solms, R. (2010). Information security culture: A management perspective. Computers & Security, 29 (4), 476–486.
Vishwanath, A. (2015). Examining the distinct antecedents of e-mail habits and its influence on the outcomes of a phishing attack. Journal of Computer-Mediated Communication, 20 (5), 570–584.
Von Solms, B. (2000). Information security—the third wave? Computers & Security, 19 (7), 615–620.
West, R. (2008). The psychology of security. Communications of the ACM, 51 (4), 34–40.
Wiederhold, B. K. (2014). The role of psychology in enhancing cybersecurity. Cyberpsychology, Behavior, and Social Networking, 17 (3), 131–132.
Wiener, N. (1961). Cybernetics or control and communication in the animal and the machine (Vol. 25). Cambridge, MA: MIT Press.