 |
Informatie(on)veilig gedrag van medewerkers (IB Magazine, 24(5), 8-13, 2024)
;
Veldonderzoek naar (on)veilig gedrag (IB Magazine, 25(2), 28-34, 2025)
:
Two Dutch research articles on modeling insecure behaviour, a systematic approach to improve security behaviour, and factor-specific guidelines for improving behaviour.
|
 |
Factors that influence secure behaviour while using mobile digital devices (Information and Computer Security, 2024)
:
Research article on a new cybersecurity awareness model and the results of a field study applying this model.
|
| |
Information security education based on job profiles and the e-CF (Higher Education, Skills and Work-based Learning, 12(2), 294-308, 2022)
[
Published version
]:
Case study on standardization of cybersecurity education based on a PvIB job profile and the underlying e-CF framework.
|
| |
Masteropleiding Technische Cybersecurity gebaseerd op PvIB-beroepsprofiel (IB Magazine, 19(4), 38-41, 2019)
:
Background to the development of a cybersecurity master of science curriculum based on a new PvIB job profile.
|
| |
Informatie onder controle (MS, 2018)
:
Textbook about information and IT management.
Includes an introduction to information technology and information systems, as well as the basics of outsourcing and shared services centres.
|
| |
Volwassenheid Informatiebeveiliging: 3-Pijlermodel (RAAK-project Veilig Water, 2017)
:
Whitepaper, describing the Three Pillar Model of Information Security Maturity.
|
| |
Job profiles for information security 2.0 (PvIB, 2017)
[
Beroepsprofielen voor informatiebeveiliging 2.0a (PvIB, 2017)
]:
Standard job profiles defined by the Dutch Association of Information Security Professionals.
|
| |
Safe in cyberspace; van awareness naar actie (PBLQ, 2015)
:
A book providing a concise introduction to cyberspace and cybersecurity for managers.
|
| |
De cyberwereld wordt niet vanzelf veilig (In "Onderzoekend op weg", THUAS, 65-72, 2014)
:
More focus is required on educating safe cyber behaviour.
|
| |
Verkenning Informatieveiligheid Buitenland (Taskforce BID, 2014)
:
A comparative study report on information security in different European countries.
|
| |
Kwalificatie en certificatie van informatiebeveiligers (Beveiliging, 11, 70-73, 2011)
[ Onderzoeksrapport (CPNI.NL, 2011)
]:
Research on the need for a new qualification system for infosec professionals.
|
| |
Criminaliteit in de cyberwereld (In "Van buiten leren", Politie Haaglanden, 41-47, 2011)
:
The involvement of the Dutch police in tackling cybercrime.
|
| |
Bewust veilig? (IT-Auditor, 4, 15-21, 2010)
:
How to set up information security awareness in organizations.
|
| |
Informatiebeveiliging en bewustzijn (IT-Auditor, 1, 24-27, 2010)
:
Human behaviour and information security in organizations.
|
| |
De riskante wereld van de IT (In "Omdat onderzoek toekomst heeft", THUAS, 215-224, 2010)
:
A brief introduction into IT risk management.
|
| |
Een serious game voor informatiebeveiliging (Informatiebeveiliging, 8, 18-20, 2009)
:
Description of a serious game for information security awareness training.
|
| |
Digitale veiligheid voor burgers (In "Wereldstedelingen", Karakter, 141-152, 2006)
:
Risks related to interconnection of information systems.
|
| |
Integratie van informatiebeveiliging (In "Jaarboek IT Beheer en informatiebeveiliging 2006", Academic Service, 359-367, 2005)
:
Integration on information security into the business.
|
| |
Een twee-sporenaanpak voor informatiebeveiliging (Management Executive, 1, 34-37, 2004; In "IB Jaarboek 2004/2005", Academic Service, 63-71, 2004)
:
A practical two-track approach to implement information security. |
| |
Waardevol maakt kwetsbaar: het belang van informatiebeveiliging (THUAS, 2003)
:
My inaugural lecture at The Hague University of Applied Sciences.
|
| |
Van ontwijken naar uitwijken (HEC, 2003)
:
An introduction book about continuity management for IT infrastructures.
|
| |
Intrusion detection als probaat middel tegen inbraak (Management & Informatie, 6, 38-43, 2002)
:
Introduction to ID systems, its use and its management.
|
| |
Information capability engineering (In "Complexiteit van beheer, beheer van complexiteit", DUP, 55-67, 2001)
:
A structured approach to (re)organize the information function.
|
| |
Human Error and Information Security (DUT, 2000)
:
Whitepaper, describing a model for human behavior and human error and relevant security measures.
|
| |
Expert in disaster recovery scenarios (Contingency Planning & Recovery Journal, 1, 2-15, 2000)
:
The use of an expert system to develop disaster recovery scenarios.
|
| |
ITIL Security Management: een kritische beschouwing (Compact, 4, 12-15, 2000)
:
Critical review of ITIL (version 2) Security Management.
|
| |
Risk analysis on Internet connection (In "Proceedings of IFIP SEC '99", IFIP, 89-101, 1999)
:
Framework for risk analysis of systems connected to the Internet.
|
| |
Competing against human failing (In "Proceedings of IFIP SEC ’98", IFIP, 392-401, 1998)
:
Explanation of human failure types and the way to compete against it.
|
| |
Beveiliging tegen indirect menselijk falen (IT Beheer Praktijkjournaal, 3, 1-4, 1998)
:
Indirect error and relevant security measures.
|
| |
IT-beveiliging in cijfers (In "Handboek Informatiebeveiliging, Aanvulling 18", Kluwer Editorial, 1998)
:
Inventory of threats and security measures in Dutch practice.
|