Publications

Agrafiotis, I., Bada, M., Cornish, P., Creese, S. Goldsmith, M., Ignatuschtschenko, E., Roberts, T. and Upton, D. M. (2016). Cyber Harm: Concepts, Taxonomy and Measurement - Working Paper 2016-23. Available from: https://papers.ssrn.com/sol3/papers.cfm?abstract_id=2828646 [Accessed 15 August 2019]

 

Agrafiotis, I., Beato, F., Creese, S., Dutton, Esteve-Gonzalez, P., Saunders, J., Rohland, L. (2024). 'Unpacking Cyber Resilience: White Paper.' World Economic Forum. Available at https://gcscc.web.ox.ac.uk/sitefiles/wef-unpacking-cyber-resilience-2024.pdf

 

Agrafiotis, I., Nurse, J.R.C., Goldsmith, M., Creese, S., Upton, D. (2018). ‘A Taxonomy of Cyber-harms: Defining the Impacts of Cyber-attacks and Understanding How They Propagate’, Journal of Cybersecurity, v 4 n 1, p.1-15.  nd Understanding How They Propagate’, Journal of Cybersecurity, v 4 n 1, p.1-15. https://academic.oup.com/cybersecurity/article/4/1/tyy006/5133288?searchresult=1 [Accessed 4 November 2019]

 

Austin, R. D. and Upton, D. M. (2016). Leading in the Age of Super-Transparency. MITSloan Management Review. 57(2), pp 25 – 32. Available from: http://research.cbs.dk/files/44436506/robert_austin_leading_in_the_age_postprint.pdf  [Accessed 15 August 2019]

 

Axon, L., Creese, S., Dixon, W., Saunders, J. (2020). Why we need to solve our quantum security challenges. World Economic Forum. Available at https://www.weforum.org/agenda/2020/06/quantum-computers-security-challenges/ [Accessed 2 November 2020]

 

Axon, L., Saunders, J., Esteve-González, P., Carver, J., Dutton, W., Goldsmith, M. and Creese, S., forthcoming. Private-public initiatives for cybersecurity: The case of Ukraine. Journal of Cyber Policy. Chatham House.

 

Bada, M. and Sasse, A. (2014). Cyber Security Awareness Campaigns: Why do they fail to change behaviour? Available from: http://discovery.ucl.ac.uk/1468954/ [Accessed 15 August 2019]
 

Bada, M., Creese, S., Goldsmith, M. and Mitchell, C.J. (2017). Improving the Effectiveness of CSIRTs. CYBER 2017: The Second International Conference on Cyber-Technologies and Cyber-Systems. Available from: http://www.thinkmind.org/index.php?view=article&articleid=cyber_2017_4_30_80060 [Accessed 15 August 2019]

 

Bada, M., Creese, S., Goldsmith, M., Mitchell, C., & Phillips, E. (2017). Improving the effectiveness of CSIRTs. In The Second International Conference on Cyber-Technologies and Cyber-Systems (pp. 53-58). Available from: https://www.semanticscholar.org/paper/Improving-the-Effectiveness-of-CSIRTs-Bada-Creese/976697ab0217fedd540cac7bea08907762448970 [Accessed 15 August 2019]

 

Bada, M., Creese, S., Goldsmith, M., Mitchell, C.J., Phillips, E. (2014a). Computer Security Incident Response Teams (CSIRTs) – An Overview. Available from:  https://papers.ssrn.com/sol3/papers.cfm?abstract_id=3659974 [Accessed 15 August 2019]

 

Bada, M., Nurse, J.R.C. (2016). The Cybercrime Ecosystem: How the Internet Supports Criminal Behaviour Online. OII Oxford Internet Institute, Connected Life 2016: Collective Action and the Internet Conference, June 2016.  Available at https://gcscc.ox.ac.uk/article/cybercrime-ecosystem-how-internet-may-support-criminal-behaviour-online [Accessed 8 August 2020]

 

Bada, M., Nurse, J.R.C. (2016b). Profiling the Cybercriminal. International Crime and Intelligence Analysis Conference. 25-26 February 2016 Manchester, England. Available at https://gcscc.ox.ac.uk/article/profiling-cybercriminal [Accessed 4 August 2020]

 

Bada, M., Von Solms, B., Agrafiotis, I. (2019), ‘Reviewing National Cybersecurity Awareness for Users and Executives in Africa’, The International Journal on Advances in Security, v 12 n 1&2, p.108-118.  Available from: http://www.iariajournals.org/security/sec_v12_n12_2019_paged.pdf [Accessed 15 August 2019]

An earlier version of this publication appeared as: Bada, M., Von Solms, B. and Agrafiotis, I. (2018). Reviewing National Cybersecurity Awareness in Africa: An empirical study. CYBER 2018: The Third International Conference on Cyber-Technologies and Cyber-Systems. Available from: https://www.thinkmind.org/index.php?view=article&articleid=cyber_2018_6_20_80051 [Accessed 15 August 2019]

 

Bagui, L., Boorman, J., Calandro, E., Pule, N., Weisser Harris, C. (2020). Reviewing cybersecurity capacity in a COVID-19 environment. Available from: www.c3sa.uct.ac.za/c3sa/news/2020/review [Accessed 15 October 2020]

 

Bauer, J. M. and Dutton, W. H. (2015), ‘The New Cyber Security Agenda: Economic and Social Challenges to a Secure Internet’, Joint working paper for the Oxford Global Cybersecurity Project at the Oxford Martin Institute, University of Oxford, and the Quello Center at MSU, based on a briefing document prepared by the authors to support the World Bank World Development Report. Available from: https://papers.ssrn.com/sol3/papers.cfm?abstract_id=2614545 [Accessed 15 August 2019]

Bauer, J. M. and Dutton, W. H. (2021), ‘Cybersecurity: Towards a New Agenda for Policy and Practice’ in Portuguese as: ‘A Nova Agenda de Cbersegurança: Desafios Econômicos e Sociais Para Uma Internet Segura’, pp. 35-64 in Cadernos NIC.br Estudos Setoriais - Segurança Digital: Uma Análise de Gestão de Risco em Empresa Brasileiras. 

 

Bispham, M., Creese, S., Dutton, W. H., Esteve-González, P., and Goldsmith, M. (2022). 'An Exploratory Study of Cybersecurity in Working from Home: Problem or Enabler?' Journal of Information Policy, 12. https://doi.org/10.5325/jinfopoli.12.2022.0010 

 

Blank, G., Bolsover, G. and Dubois, E. (2014). A New Privacy Paradox: Young People and Privacy on Social Network Sites. Available from https://www.oxfordmartin.ox.ac.uk/downloads/A%20New%20Privacy%20Paradox%20April%202014.pdf [Accessed 15 August 2019]

 

Bund, J. (2019), ‘Susceptibility Awareness: Domestic Vectors for Disrupting the Kill Chain of Cyber-enabled Influence Operations’, European Cybersecurity Journal, v 5 n 2, p.34-45. https://cybersecforum.eu/media/ECJ_2019.pdf [Accessed 4 November 2019]

 

Cornish P. (2017). Deterrence and the Ethics of Cyber Conflict. In: Taddeo M., Glorioso L. eds. Ethics and Policies for Cyber Operations. Philosophical Studies Series. vol 124. Cham: Springer, pp. 1 – 16. Available from: https://link.springer.com/chapter/10.1007/978-3-319-45300-2_1 [Accessed 15 August 2019]

 

Creese, S., Dutton, W. H., and Esteve-González, P. (2021), ‘The Social and Cultural Shaping of Cybersecurity Capacity Building: A Comparative Study of Nations and Regions'. Personal and Ubiquitous Computing, 25, 941-955. https://doi.org/10.1007/s00779-021-01569-6

 

Creese, S., Dutton, W. H., Esteve-González, P., and Shillair, R., (2021), 'Cybersecurity Capacity-Building: Cross-National Benefits and International Divides'. Journal of Cyber Policy. https://doi.org/10.1080/23738871.2021.1979617

Preliminary results presented at the 2019 GFCE Annual Meeting in Addis Ababa. Available from: https://www.slideshare.net/WHDutton/presentation-to-gfce-2019-in-addis-ababa-ethiopia [Accessed 21 July 2020]

 

Creese, S., Goldsmith, M., Griffin, M., Puello Alfonso S., Weisser Harris, C., Agrafiotis, I., Bund, J., and Nagyfejeo, E. (2019). GCSCC Global Impact. GCSCC Working Paper on the Knowledge and Policy Contributions from the First Five Years. Available from: https://gcscc.web.ox.ac.uk/sites/default/files/gcscc_booklet_web.pdf [Accessed 15 August 2019]

 

Creese, S., Shillair, R., Bada, M., Reisdorf, B.C., and Dutton, W. H. (2019), The Cybersecurity Capacity of Nations, pp. 165-179 in Graham, M., and Dutton, W. H. (eds), Society and the Internet: How Networks of Information and Communication are Changing our Lives, 2nd Edition. Oxford: Oxford University Press.

An early version of this book chapter was presented at the TPRC conference, Dutton, WH., Creese, S., Shillair, R., Bada, M. and Roberts, T. (2017). Cyber Security Capacity: Does It Matter? Quello Center Working Paper No. 2938078. Available from: https://ssrn.com/abstract=2938078 [Accessed 15 August 2019]

 

S. Creese, J. Saunders, L. Axon and W. Dixon, (2020) Future Series Report: Cybersecurity, emerging technology and systemic risk, November 2020, Available from https://www.weforum.org/reports/future-series-cybersecurity-emerging-technology-and-systemic-risk [Accessed 3 December 2020] 

 

De Bruin, R. and von Solms, S.H. (2015). Modelling Cyber Security Governance Maturity. 2015 IEEE International Symposium on Technology and Society, pp. 1–8. Available from: https://ieeexplore.ieee.org/abstract/document/7439415/ [Accessed 15 August 2019]

 

Dutton, W. H. (2017). Fostering a Cyber Security Mindset. Internet Policy Review, 6(1): DOI: 10.14763/2017.1.443. Available from: https://policyreview.info/node/443/pdf. An abridged version was reprinted in Encore, a publication of The Alexander von Humboldt Institute for Internet and Society (HIIG). 2018. Available from: https://www.hiig.de/en/fostering-cybersecurity-mindset/ [Accessed 15 August 2019]

 

Dutton, W. H. (2020). To Be or Not to Be Virtual. Intermedia Issue. Vol. 48 Issue 3. Available from https://www.iicom.org/wp-content/uploads/dutton.pdf [Accessed 20 October 2020] 

 

Dutton, W. H., Creese, S., Sadie, Gonzalez, P. E, Goldsmith, Michael, G., and Weisser, H.C., (2022), Next Steps for the EU: Building on the Paris Call and EU Cybersecurity Strategy. Available at SSRN: https://ssrn.com/abstract=4052728 [Accessed February 15, 2022]

 

Dutton, W. H. (2020) (ed.), A Research Agenda for Digital Politics. Cheltenham, UK and Northampton, MA, USA: Edward Elgar Publishing.

 

Dutton, W. H. (2020), ‘The Fifth Estate: Canaries in the Institutions of Liberal Democracies’, pp. 59-65 in Melanie Nagel, Patrick Kenis, Philip Leifeld, and Hans-Jörg Schmedes (Hrsg.), Politische Komplexität, Governance von Innovationen und Policy-Netzwerke: Festschrift für Volker Schneider. Wiesbaden, Germany: Springer VS. https://doi.org/10.1007/978-3-658-30914-5

 

Dutton, W. H. (2022), ‘Will Going Online Save or Sink the Traditional University System?’, Chapter 10, pp. 233-248 in Elizabeth Anne Kirley and Deborah Porter, eds, Outsmarting the Next Pandemic: What COVID-19 Can Teach Us. London and New York: Routledge. 

 

Dutton, W. H. (2023), The Fifth Estate: The Power Shift of the Digital Age. New York: Oxford University Press.

 

Dutton, W. H. and Robertson, C. T. (2021), ‘Disentangling Polarization and Civic Empowerment in the Digital Age: The Role of Filter Bubbles and Echo Chambers in the Rise of Populism’, pp. 420-434 in Howard Tumber and Silvio Waisbord (eds), The Routledge Companion to Media Misinformation and Populism. New York: Routledge.

 

Dutton, W. H., and Zorina, A. (2021), ‘The Ecology of Games Reshaping Information Policy: Internet Access in Belarus to Cyber Harms in the United Kingdom’, Chapter 9, pp. 130-145 in Duff, A., ed., Research Handbook on Information Policy. Cheltenham, UK: Edward Elgar Publishing Ltd

 

Dutton, W. H., Creese, S., Shillair, R., and Bada, M. (2019a). Cyber Security Capacity: Does It Matter? Journal of Information Policy, 9, pp. 280-306. Available at https://www.jstor.org/stable/10.5325/jinfopoli.9.2019.0280#metadata_info_tab_contents [Accessed 15 August 2019] 

 

Dutton, W. H., Griffin, M., Nagyfejeo, E., Puello Alfonso, S., Weisser Harris, C., and Bada, M., (2018), Collaborative Approaches to a Wicked Problem: Global Responses to Cybersecurity Capacity Building, February. GCSCC Working Paper on the 2018 Annual GCSCC Conference, Oxford University. Available from https://papers.ssrn.com/sol3/papers.cfm?abstract_id=3660000 [Accessed 15 August 2019]

 

Dutton, William H. and Axon, Louise and Weisser Harris, Carolin (2021) Structured Field Coding and Its Application to National Assessments. Available at SSRN: https://ssrn.com/abstract=3781600 [Accessed 20 February 2021] 

 

Dutton, William H. and Esteve-Gonzalez, Patricia, Multidisciplinary Approaches to the Rise of Cybersecurity Research (November 17, 2020). Available at SSRN: https://ssrn.com/abstract=3732333 or http://dx.doi.org/10.2139/ssrn.3732333 [Accessed 20 November 2020]

 

Dutton, W. H., and Zorina, A. (2021), ‘The Ecology of Games Reshaping Information Policy: Internet Access in Belarus to Cyber Harms in the United Kingdom’, Chapter 9, pp. forthcoming, in Duff, A., ed., Research Handbook on Information Policy. Cheltenham, UK: Edward Elgar Publishing Ltd

 

Goroshko, O., Dutton, W. H., Dembitskyi, S., Chernenko, L., Boiko, N., and Blank, G. (2024). Media Use and Attitudes in Ukraine: A Smart Nation. Available from: https://papers.ssrn.com/sol3/papers.cfm?abstract_id=4958986 [Accessed 14 October 2024]

 

Griffin, M. (2018). Global Cybersecurity Education – Lessons from the CMM. GCSCC Working Paper. Available from: https://gcscc.ox.ac.uk/article/global-cybersecurity-education-lessons-cmm [Accessed 8 August 2020]

 

Hameed, F., Agrafiotis, I., Weisser, C., Goldsmith, M. and Creese S. (2018). Analysing Trends and Success Factors of International Cybersecurity Capacity-Building Initiatives. SECURWARE 2018: The Twelfth International Conference on Emerging Security Information, Systems and Technologies. Available from: https://ora.ox.ac.uk/objects/uuid:50e9c5aa-4f3d-40f0-a0a0-ff538b735291/download_file?file_format=pdf&safe_filename=Analysing-trends-success%2BFaisal%2BHameed%2B10SEP18%2BCamera%2BReady.pdf&type_of_work=Conference+item [Accessed 15 August 2019]

 

Ignatuschtschenko, E. (2016). Jurisdiction on the Internet: Making Multi-Stakeholder Cooperation Work. Available from: https://gcscc.ox.ac.uk/article/jurisdiction-internet-making-multi-stakeholder-cooperation-work [Accessed 8 August 2020]

 

Korff, Douwe. (2016). Harm caused to fundamental rights and freedoms by state cybersecurity interventions. Available at https://ssrn.com/abstract=3709808 [Accessed 12 October 2020] 

 

Kritzinger, E., Bada, M., Nurse, J.R.C. (2017). A Study into the Cybersecurity Awareness Initiatives for School Learners in South Africa and the UK. In: Bishop, M., Futcher, L., Miloslavskaya, N., Theocharidou, M. eds. WISE 2017: Information Security Education for a Global Digital Society. Cham: Springer, pp. 110 – 120. Available from: https://link.springer.com/chapter/10.1007/978-3-319-58553-6_10 [Accessed 15 August 2019]

 

Mary Bispham, Sadie Creese, William H. Dutton, Patricia Esteve-Gonzalez, and Michael Goldsmith (2021), 'Cybersecurity in Working from Home: An Exploratory Study’, Paper prepared for presentation at the Policy Research Conference on Communications, Information, and the Internet (TPRC49), to be held online 22-24 September 2021. Available at: https://ssrn.com/abstract=3897380

 

Nagyfejeo, E. (2018), ‘EU’s Emerging Strategic Cyber Culture(s)’, Policing: A Journal of Policy and Practice, 24 December: 1-24. Available at https://doi.org/10.1093/police/pay092 [Accessed 10 January 2019]

 

Nagyfejeo, E., Solms, B.V. (2020). Why Do National Cybersecurity Awareness Programmes Often Fail?. International Journal of Information Security and Cybercrime, 9(2), 18-27. Available from https://www.ijisc.com/year-2020-issue-2-article-3/ [Accessed 5 February 2021] 

 

Nurse J. and Bada, M. (2019). The Group Element of Cybercrime: Types, Dynamics, and Criminal Operations. In: Attrill-Smith, A., Fullwood, C., Keep, M. and Kuss, D.J. eds. The Oxford Handbook of Cyberpsychology. Oxford: Oxford University Press. Available from: https://www.oxfordhandbooks.com/view/10.1093/oxfordhb/9780198812746.001.0001/oxfordhb-9780198812746-e-36?print=pdf [Accessed 15 August 2019]

 

Nurse, J. R. C. and Bada, M. (2017). Connected Life: Digital Inequalities. MIND THE GAP: How Digital Inequality Impacts Cyber Security. Oxford: Oxford Internet Institute.

 

Nurse, J., Agrafiotis, I., Erola, A., Bada, M., Roberts, T., Williams, M., Goldsmith, M., and Creese, S. (2016). An Independent Assessment of the Procedural Components of the Estonian Internet Voting System - Working Paper 6. Cyber Studies Programme Working Paper Series in Department of Politics and International Relations, University of Oxford. Available from: https://ssrn.com/abstract=2858336 [Accessed 15 August 2019]

 

Reisdorf, B., Fernandez, L., Hampton, K. N., Shin, I., and Dutton, W. H. (2020), ‘Mobile Phones Will Not Eliminate Digital and Social Divides: How Variation in Internet Activities Mediates the Relationship between Type of Internet Access and Local Social Capital in Detroit’, Social Science Computer Review, March: https://doi.org/10.1177/0894439320909446

 

Roberts, T. (2016) Deciphering the Chinese Underground Economy. GCSCC Working Paper. Available from: https://gcscc.ox.ac.uk/article/deciphering-chinese-underground-economy [Accessed 8 August 2020]

 

Roberts, T., Bada, M., and Dotzauer, E. (2014). Strategies for Increasing Scale and Quality of Cybersecurity Capacity-Building Investments. Available from: https://papers.ssrn.com/sol3/papers.cfm?abstract_id=3660003  [Accessed 15 August 2019]

 

Rudolph, C., Creese, S., Sharma, S. (2020). Cybersecurity in Pacific Island Nations. Communications of the ACM. Vol. 63 No. 4, Pages 53-54. Available at https://doi.org/10.1145/3378550 [Accessed 12 October 2020] 

 

Sheriff, P., Weisser Harris, C. and Saunders, J., 2024. Evaluating the Impact of Cybersecurity Capacity Building. [online] Available at: https://papers.ssrn.com/sol3/papers.cfm?abstract_id=4821426[Accessed 30 May 2024].

 

Shillair, R., Esteve-González, P., Dutton, W.H., Creese, S., Nagyfejeo, E., and von Solms, B. (2022). Cybersecurity education, awareness raising, and training inititiatives: National level evidence-based results, challenges, and promise. Computers & Security, 119. https://doi.org/10.1016/j.cose.2022.102756 [Accessed 24 May 2022]

Shillair, R., Esteve-Gonzaez, P., Dutton., W., Creese, S., & von Solms, B. (2023), ‘Building Cybersecurity Capacity Through Education, Awareness, and Training’, pp. forthcoming in Vajjhala, N.R. & Strang, K.D. (eds), Cybersecurity for Decision Makers. London: Taylor & Francis.

 

Von Solms, B. and Upton, D. (2016). Cyber security capacity governance. The Business & Management Review. 7(4), pp. 34.

 

Wall, D.S. (2024) Cybercrime: The transformation of crime in the information age, 2nd Edition (Significant rewrite), Cambridge: Polity. (Hardback ISBN: 978-0-745-65352-5) (Paperback ISBN: 978-0-745-65353-2) / UK Publication date 26 April 2024, US Publication date 22 July 2024.

 

Weisser Harris, C. and Bada, M. (2016). Kosovo – What Followed the CMM Review? A GCSCC Working Paper. Available from: https://gcscc.ox.ac.uk/article/kosovo-what-followed-cmm-review [Accessed 8 August 2020]

 

WEF (2020), World Economic Forum, ‘Future Series Report: Cybersecurity, emerging technology and systemic risk’, November. Available from https://www.weforum.org/reports/future-series-cybersecurity-emerging-technology-and-systemic-risk [Accessed 3 December 2020] 

 

Yates, S. J., Jones, G., Preston, A., Dutton, B., and Carmi, E. (2020), ‘ESRC Review: Governance and Security’, pp. 605-627 in Rice, R. E., Yates, S. J. (eds), The Oxford Handbook of Digital Technology and Society. New York, NY: Oxford University Press.  

 

Zhang, X., Wan-Ying Lin, W-Y. & Dutton, W. H. (2022), ‘The Political Consequences of Online Disagreement: The Filtering of Communication Networks in a Polarized Political Context’, Social Media and Society, accessible online at: https://journals.sagepub.com/doi/10.1177/20563051221114391.

 

Zorina, A., and Dutton, W. H. (2021), ‘Theorizing Actor Interactions Shaping Innovation in Digital Infrastructures: The Case of Residential Internet Development in Belarus’, Organization Science, 32(1), 156-180. Also published online in Articles in Advance: 26 Oct 2020, https://doi.org/10.1287/orsc.2020.1389