Publications
Full publications list in alphabetical order.
2025
Axon, L., Bouckaert, J., Creese, S., Joshi, A., & Saunders, J. (2025). Artificial intelligence and cybersecurity: Balancing risks and rewards. World Economic Forum. https://reports.weforum.org/docs/WEF_Artificial_Intelligence_and_Cybersecurity_Balancing_Risks_and_Rewards_2025.pdf
Blank, G., Boiko, N., Chernenko, E., Dembitsky, S., Dutton, W. H., & Goroshko, O. (2025). Political communication in wartime Ukraine. Conference presentation.
Chernenko, E., & Dutton, W. H. (2025). The role of Telegram in wartime Ukraine. https://doi.org/10.2139/ssrn.5669030
Dutton, W. H. (2025). The war on information in Ukraine. In Reclaiming Europe (pp. 62–71).
Dutton, W. H., & Blank, G. (2025). The war on trust in public officials and the media of Ukraine. https://ssrn.com/abstract=5202222
Dutton, W. H., Goroshko, O., Dembitskyi, S., Chernenko, L., Blank, G., & Boiko, N. (2025). Trust in media, information, and the government in Ukraine: A virtuous circle of challenges [Conference presentation]. 2025 Meeting of the World Internet Project, Berlin, Germany. https://papers.ssrn.com/sol3/papers.cfm?abstract_id=5311707
Esteve-González, P., Axon, L., Creese, S., Dutton, W. H., Saunders, J., Carver, J., & Goldsmith, M. (2025). Cybersecurity capacities for the application of UN cyber norms. https://doi.org/10.2139/ssrn.5089805
Rohland, L., Beato, F., Paine, K., Agrafiotis, I., Creese, S., Dutton, W. H., Esteve-González, P., & Saunders, J. (2025). The cyber resilience compass. World Economic Forum. https://reports.weforum.org/docs/WEF_The_Cyber_Resilience_Compass_2025.pdf
2024
Agrafiotis, I., Beato, F., Creese, S., Dutton, W. H., Esteve-González, P., Saunders, J., & Rohland, L. (2024). Unpacking cyber resilience. World Economic Forum. https://www.weforum.org/publications/unpacking-cyber-resilience/
Axon, L., Saunders, J., Esteve-González, P., Carver, J., Dutton, W., Goldsmith, M., & Creese, S. (2024). Private-public initiatives for cybersecurity: The case of Ukraine. Journal of Cyber Policy, 9(3), 399–422.
Goroshko, O., Dutton, W. H., Dembitskyi, S., Chernenko, L., Boiko, N., & Blank, G. (2024). Media use and attitudes in Ukraine: A smart nation. https://papers.ssrn.com/abstract=4958986
Sheriff, P., Weisser Harris, C., & Saunders, J. (2024). Evaluating the impact of cybersecurity capacity building. https://papers.ssrn.com/abstract=4821426
Wall, D. S. (2024). Cybercrime: The transformation of crime in the information age (2nd ed.). Polity.
2023
Dutton, W. H. (2023). The Fifth Estate: The power shift of the digital age. Oxford University Press.
Dutton, W. H., & Dubois, E. (2023). The Fifth Estate: A new source of democratic accountability. In S. Coleman & L. Sorenson (Eds.), Handbook of digital politics (2nd ed., pp. 272–286). Edward Elgar.
Dutton, W. H., Shillair, R., Axon, L., & Weisser, C. (2023). Structured field coding and its applications to national risk and cybersecurity assessments. Applied Cybersecurity & Internet Governance, 2(1), 1–5. https://acigjournal.com/resources/html/article/details?id=614694&language=en
Shillair, R., Esteve-González, P., Dutton, W. H., Creese, S., & von Solms, B. (2023). Building cybersecurity capacity through education, awareness, and training. In N. R. Vajjhala & K. D. Strang (Eds.), Cybersecurity for decision makers (Chapter 22, forthcoming). Taylor & Francis. https://doi.org/10.1201/9781003319887
2022
Bispham, M., Creese, S., Dutton, W. H., Esteve-González, P., & Goldsmith, M. (2022). Cybersecurity in working from home. Journal of Information Policy, 12, 353–386.
Dutton, W. H. (2022). Will going online save or sink the traditional university system? In Outsmarting the Next Pandemic (pp. 233–248). Routledge.
Shillair, R., Esteve-González, P., Dutton, W. H., Creese, S., Nagyfejeo, E., & von Solms, B. (2022). Cybersecurity education, awareness raising, and training initiatives: National level evidence-based results, challenges, and promise. Computers & Security, 119. https://doi.org/10.1016/j.cose.2022.102756
Zhang, X., Wan-Ying Lin, W.-Y., & Dutton, W. H. (2022). Political consequences of online disagreement. Social Media + Society, 8(3). https://doi.org/10.1177/20563051221114391
2021
Bauer, J. M., & Dutton, W. H. (2021). Cybersecurity: Towards a new agenda for policy and practice. In Cadernos NIC.br Estudos Setoriais (pp. 35–64).
Creese, S., Dutton, W. H., & Esteve-González, P. (2021). The social and cultural shaping of cybersecurity capacity building: A comparative study of nations and regions. Personal and Ubiquitous Computing, 25, 941–955. https://doi.org/10.1007/s00779-021-01569-6
Creese, S., Dutton, W. H., Esteve-González, P., & Shillair, R. (2021). Cybersecurity capacity-building: Cross-national benefits and international divides. Journal of Cyber Policy, 6(2), 214–235. https://doi.org/10.1080/23738871.2021.1979617
Dutton, W. H., Axon, L., & Weisser Harris, C. (2021). Structured field coding and its application to national assessments (Working paper). https://ssrn.com/abstract=3781600
Dutton, W. H., & Robertson, C. T. (2021). Disentangling polarization and civic empowerment in the digital age: The role of filter bubbles and echo chambers in the rise of populism. In H. Tumber & S. Waisbord (Eds.), The Routledge companion to media misinformation and populism (pp. 420–434). Routledge.
Dutton, W. H., & Zorina, A. (2021). The ecology of games reshaping information policy: Internet access in Belarus to cyber harms in the United Kingdom. In A. Duff (Ed.), Research handbook on information policy (pp. 130–145). Edward Elgar.
Zorina, A., & Dutton, W. H. (2021). Theorizing actor interactions shaping innovation in digital infrastructures: The case of residential Internet development in Belarus. Organization Science, 32(1), 156–180. https://doi.org/10.1287/orsc.2020.1389
2020
Axon, L., Creese, S., Dixon, W., & Saunders, J. (2020). Why we need to solve our quantum security challenges. World Economic Forum. https://www.weforum.org/agenda/2020/06/quantum-computers-security-challenges/
Bagui, L., Boorman, J., Calandro, E., Pule, N., & Weisser Harris, C. (2020). Reviewing cybersecurity capacity in a COVID-19 environment. https://www.c3sa.uct.ac.za/c3sa/news/2020/review
Creese, A., Saunders, J., Axon, L., & Dixon, W. (2020). Future Series Report: Cybersecurity, emerging technology and systemic risk. World Economic Forum.
Dutton, W. H. (2020). To be or not to be virtual. Intermedia, 48(3). https://www.iicom.org/wp-content/uploads/dutton.pdf
Dutton, W. H. (Ed.). (2020). A research agenda for digital politics. Edward Elgar Publishing.
Dutton, W. H., & Esteve-González, P. (2020). Multidisciplinary approaches to the rise of cybersecurity research. https://ssrn.com/abstract=3732333
Reisdorf, B., Fernandez, L., Hampton, K. N., Shin, I., & Dutton, W. H. (2020). Mobile phones will not eliminate digital and social divides. Social Science Computer Review. https://doi.org/10.1177/0894439320909446
Rudolph, C., Creese, S., & Sharma, S. (2020). Cybersecurity in Pacific Island nations. Communications of the ACM, 63(4), 53–54. https://doi.org/10.1145/3378550
Yates, S. J., Jones, G., Preston, A., Dutton, B., & Carmi, E. (2020). ESRC review: Governance and security. In The Oxford Handbook of Digital Technology and Society (pp. 605–627). Oxford University Press.
2019
Bada, M., von Solms, B., & Agrafiotis, I. (2019). Reviewing national cybersecurity awareness for users and executives in Africa. The International Journal on Advances in Security, 12(1-2), 108–118. http://www.iariajournals.org/security/sec_v12_n12_2019_paged.pdf
Bund, J. (2019). Susceptibility awareness. European Cybersecurity Journal, 5(2), 34–45. https://cybersecforum.eu/media/ECJ_2019.pdf
Creese, S., Goldsmith, M., Griffin, M., Puello Alfonso, S., Weisser Harris, C., Agrafiotis, I., Bund, J., & Nagyfejeo, E. (2019). GCSCC global impact. https://gcscc.ox.ac.uk/sites/default/files/gcscc_booklet_web.pdf
Creese, S., Shillair, R., Bada, M., Reisdorf, B. C., & Dutton, W. H. (2019). The cybersecurity capacity of nations. In Society and the Internet (pp. 165–179). Oxford University Press.
Dutton, W. H., Creese, S., Shillair, R., & Bada, M. (2019). Cyber security capacity: Does it matter? Journal of Information Policy, 9, 280–306. https://doi.org/10.5325/jinfopoli.9.2019.0280
2018
Agrafiotis, I., Nurse, J. R. C., Goldsmith, M., Creese, S., & Upton, D. (2018). A taxonomy of cyber-harms. Journal of Cybersecurity, 4(1), 1–15. https://academic.oup.com/cybersecurity/article/4/1/tyy006/5133288
Dutton, W. H., Griffin, M., Nagyfejeo, E., Puello Alfonso, S., Weisser Harris, C., & Bada, M. (2018). Collaborative approaches to a wicked problem (GCSCC Working Paper). https://papers.ssrn.com/sol3/papers.cfm?abstract_id=3660000
Griffin, M. (2018). Global cybersecurity education – Lessons from the CMM. https://gcscc.ox.ac.uk/article/global-cybersecurity-education-lessons-cmm
Nagyfejeo, E. (2018). EU’s emerging strategic cyber culture(s). Policing: A Journal of Policy and Practice. https://doi.org/10.1093/police/pay092
2017
Bada, M., Creese, S., Goldsmith, M., Mitchell, C., & Phillips, E. (2017). Improving the effectiveness of CSIRTs. In The Second International Conference on Cyber-Technologies and Cyber-Systems (pp. 53–58). https://www.semanticscholar.org/paper/Improving-the-Effectiveness-of-CSIRTs-Bada-Creese/976697ab0217fedd540cac7bea08907762448970
Cornish, P. (2017). Deterrence and the ethics of cyber conflict. In M. Taddeo & L. Glorioso (Eds.), Ethics and policies for cyber operations (pp. 1–16). Springer. https://link.springer.com/chapter/10.1007/978-3-319-45300-2_1
Kritzinger, E., Bada, M., & Nurse, J. R. C. (2017). A study into the cybersecurity awareness initiatives for school learners in South Africa and the UK. In WISE 2017 (pp. 110–120). Springer. https://link.springer.com/chapter/10.1007/978-3-319-58553-6_10
2016
Agrafiotis, I., Bada, M., Cornish, P., Creese, S., Goldsmith, M., Ignatuschtschenko, E., Roberts, T., & Upton, D. M. (2016). Cyber harm: Concepts, taxonomy and measurement (Working Paper No. 2016-23). https://papers.ssrn.com/sol3/papers.cfm?abstract_id=2828646
Austin, R. D., & Upton, D. M. (2016). Leading in the age of super-transparency. MIT Sloan Management Review, 57(2), 25–32. http://research.cbs.dk/files/44436506/robert_austin_leading_in_the_age_postprint.pdf
Bada, M., & Nurse, J. R. C. (2016). The cybercrime ecosystem: How the Internet supports criminal behaviour online. Connected Life 2016 Conference. https://gcscc.ox.ac.uk/article/cybercrime-ecosystem-how-internet-may-support-criminal-behaviour-online
Bada, M., & Nurse, J. R. C. (2016b). Profiling the cybercriminal. International Crime and Intelligence Analysis Conference. https://gcscc.ox.ac.uk/article/profiling-cybercriminal
Ignatuschtschenko, E. (2016). Jurisdiction on the Internet: Making multi-stakeholder cooperation work. https://gcscc.ox.ac.uk/article/jurisdiction-internet-making-multi-stakeholder-cooperation-work
Korff, D. (2016). Harm caused to fundamental rights and freedoms by state cybersecurity interventions. https://ssrn.com/abstract=3709808
Von Solms, B., & Upton, D. (2016). Cyber security capacity governance. The Business & Management Review, 7(4), 34.
Weisser Harris, C., & Bada, M. (2016). Kosovo – What followed the CMM review? GCSCC Working Paper. https://gcscc.ox.ac.uk/article/kosovo-what-followed-cmm-review
2015
Bauer, J. M., & Dutton, W. H. (2015). The new cyber security agenda: Economic and social challenges to a secure Internet (Working paper). https://papers.ssrn.com/sol3/papers.cfm?abstract_id=2614545
De Bruin, R., & von Solms, S. H. (2015). Modelling cyber security governance maturity. In 2015 IEEE International Symposium on Technology and Society (pp. 1–8). https://ieeexplore.ieee.org/abstract/document/7439415/
2014
Bada, M., & Sasse, A. (2014). Cyber security awareness campaigns: Why do they fail to change behaviour? http://discovery.ucl.ac.uk/1468954/
Bada, M., Creese, S., Goldsmith, M., Mitchell, C., & Phillips, E. (2014). Computer security incident response teams (CSIRTs): An overview. The Global Cyber Security Capacity Centre. https://ssrn.com/abstract=3659974
Blank, G., Bolsover, G., & Dubois, E. (2014). A new privacy paradox: Young people and privacy on social network sites. https://www.oxfordmartin.ox.ac.uk/downloads/A%20New%20Privacy%20Paradox%20April%202014.pdf
Roberts, T., Bada, M., & Dotzauer, E. (2014). Strategies for increasing scale and quality of cybersecurity capacity-building investments. https://papers.ssrn.com/sol3/papers.cfm?abstract_id=3660003
