{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,2,21]],"date-time":"2026-02-21T08:04:36Z","timestamp":1771661076202,"version":"3.50.1"},"publisher-location":"Cham","reference-count":21,"publisher":"Springer International Publishing","isbn-type":[{"value":"9783030801281","type":"print"},{"value":"9783030801298","type":"electronic"}],"license":[{"start":{"date-parts":[[2021,1,1]],"date-time":"2021-01-01T00:00:00Z","timestamp":1609459200000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"},{"start":{"date-parts":[[2021,1,1]],"date-time":"2021-01-01T00:00:00Z","timestamp":1609459200000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.springernature.com\/gp\/researchers\/text-and-data-mining"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2021]]},"DOI":"10.1007\/978-3-030-80129-8_62","type":"book-chapter","created":{"date-parts":[[2021,7,5]],"date-time":"2021-07-05T09:04:22Z","timestamp":1625475862000},"page":"933-948","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":1,"title":["Assessing Small Institutions\u2019 Cyber Security Awareness Using Human Aspects of Information Security Questionnaire (HAIS-Q)"],"prefix":"10.1007","author":[{"given":"Glenn","family":"Papp","sequence":"first","affiliation":[]},{"given":"Petter","family":"Lovaas","sequence":"additional","affiliation":[]}],"member":"297","reference":[{"issue":"3","key":"62_CR1","doi-asserted-by":"publisher","first-page":"369","DOI":"10.2307\/248684","volume":"11","author":"I Benbasat","year":"1987","unstructured":"Benbasat, I., Goldstein, D.K., Mead, M.: The case research strategy in studies of information systems. MIS Q. 11(3), 369\u2013386 (1987)","journal-title":"MIS Q."},{"issue":"1","key":"62_CR2","doi-asserted-by":"publisher","first-page":"26","DOI":"10.1016\/j.cose.2006.12.005","volume":"26","author":"R Bernard","year":"2007","unstructured":"Bernard, R.: Information lifecycle security risk assessment: a tool for closing security gaps. Comput. Secur. 26(1), 26\u201330 (2007)","journal-title":"Comput. Secur."},{"issue":"2","key":"62_CR3","doi-asserted-by":"publisher","first-page":"70","DOI":"10.4018\/jisp.2008040105","volume":"2","author":"JA Cassini","year":"2008","unstructured":"Cassini, J.A., Medlin, B.D., Adriana, R.: Laws and regulations dealing with information security and privacy: an investigative study. Int. J. Inf. Secur. Priv. (IJISP) 2(2), 70\u201382 (2008)","journal-title":"Int. J. Inf. Secur. Priv. (IJISP)"},{"key":"62_CR4","doi-asserted-by":"crossref","unstructured":"Clarke, N., Li, F., Furnell, S.: A novel privacy preserving user identification approach for network traffic. Comput. Secur. 70(Supplement C), 335\u2013350 (2017)","DOI":"10.1016\/j.cose.2017.06.012"},{"key":"62_CR5","unstructured":"FFIEC Cybersecurity Assessment Tool. https:\/\/www.ffiec.gov\/pdf\/cybersecurity\/FFIEC_CAT_May_2017_All_Documents_Combined.pdf. Accessed 14 Oct 2020"},{"key":"62_CR6","doi-asserted-by":"crossref","unstructured":"Dauch, K., Hovak, A., Nestler, R.: Information assurance using a defense in-depth strategy, pp. 267\u2013272 (2009)","DOI":"10.1109\/CATCH.2009.25"},{"issue":"5","key":"62_CR7","doi-asserted-by":"publisher","first-page":"124","DOI":"10.1016\/j.cose.2008.07.009","volume":"27","author":"M Gerber","year":"2008","unstructured":"Gerber, M., von Solms, R.: Information security requirements \u2013 interpreting the legal aspects. Comput. Secur. 27(5), 124\u2013135 (2008)","journal-title":"Comput. Secur."},{"key":"62_CR8","doi-asserted-by":"crossref","unstructured":"Groat, S., Tront, J., Marchany, R.: Advancing the defense in depth model, pp. 285\u2013290 (2012)","DOI":"10.1109\/SYSoSE.2012.6384127"},{"key":"62_CR9","doi-asserted-by":"publisher","first-page":"102","DOI":"10.1016\/j.cose.2017.10.008","volume":"73","author":"JM Hatfield","year":"2018","unstructured":"Hatfield, J.M.: Social engineering in cybersecurity: the evolution of a concept. Comput. Secur. 73, 102\u2013113 (2018)","journal-title":"Comput. Secur."},{"issue":"4","key":"62_CR10","doi-asserted-by":"publisher","first-page":"571","DOI":"10.2307\/249133","volume":"12","author":"B Kaplan","year":"1988","unstructured":"Kaplan, B., Duchon, D.: Combining qualitative and quantitative methods in information systems research: a case study. MIS Q. 12(4), 571\u2013586 (1988)","journal-title":"MIS Q."},{"issue":"4","key":"62_CR11","doi-asserted-by":"publisher","first-page":"289","DOI":"10.1016\/j.cose.2006.02.008","volume":"25","author":"HA Kruger","year":"2006","unstructured":"Kruger, H.A., Kearney, W.D.: A prototype for assessing information security awareness. Comput. Secur. 25(4), 289\u2013296 (2006)","journal-title":"Comput. Secur."},{"key":"62_CR12","doi-asserted-by":"publisher","first-page":"27","DOI":"10.1016\/j.cose.2017.05.001","volume":"70","author":"E Osborn","year":"2017","unstructured":"Osborn, E., Simpson, A.: On small-scale IT users\u2019 system architectures and cyber security: a UK case study. Comput. Secur. 70, 27\u201350 (2017)","journal-title":"Comput. Secur."},{"key":"62_CR13","doi-asserted-by":"publisher","first-page":"40","DOI":"10.1016\/j.cose.2017.01.004","volume":"66","author":"K Parsons","year":"2017","unstructured":"Parsons, K., Calic, D., Pattinson, M., Butavicius, M., McCormac, A., Zwaans, T.: The human aspects of information security questionnaire (HAIS-Q): two further validation studies. Comput. Secur. 66, 40\u201351 (2017)","journal-title":"Comput. Secur."},{"key":"62_CR14","doi-asserted-by":"publisher","first-page":"165","DOI":"10.1016\/j.cose.2013.12.003","volume":"42","author":"K Parsons","year":"2014","unstructured":"Parsons, K., McCormac, A., Butavicius, M., Pattinson, M., Jerram, C.: Determining employee awareness using the human aspects of information security questionnaire (HAIS-Q). Comput. Secur. 42, 165\u2013176 (2014)","journal-title":"Comput. Secur."},{"key":"62_CR15","unstructured":"Ross, R.S.: Security and Privacy Controls for Federal Information Systems and Organziations [including updates as of 1\/22\/2015] (NIST, 2015, Revision 4), NIST Special Publication 800-853 Revision 804"},{"key":"62_CR16","doi-asserted-by":"crossref","unstructured":"Sandhya, S., Sumithra Devi, K.A., Paramasivam, S.: Augmenting Bluetooth security by behavior based user categorization. Procedia Comput. Sci. 57(Supplement C), 1424\u20131431 (2015)","DOI":"10.1016\/j.procs.2015.07.462"},{"key":"62_CR17","doi-asserted-by":"crossref","unstructured":"Sayogo, D.S., Pardo, T.A., Bloniarz, P.: Information sharing and financial market regulation: understanding the capability gap. In: Proceedings of the 6th International Conference on Theory and Practice of Electronic Governance, Albany, New York, USA, pp. 123\u2013131. ACM (2012)","DOI":"10.1145\/2463728.2463756"},{"key":"62_CR18","doi-asserted-by":"publisher","first-page":"14","DOI":"10.1016\/j.cose.2015.11.001","volume":"57","author":"A Shameli-Sendi","year":"2016","unstructured":"Shameli-Sendi, A., Aghababaei-Barzegar, R., Cheriet, M.: Taxonomy of information security risk assessment (ISRA). Comput. Secur. 57, 14\u201330 (2016)","journal-title":"Comput. Secur."},{"key":"62_CR19","doi-asserted-by":"publisher","first-page":"100","DOI":"10.1016\/j.cose.2015.08.004","volume":"55","author":"K Solic","year":"2015","unstructured":"Solic, K., Ocevcic, H., Golub, M.: The information systems\u2019 security level assessment model based on an ontology and evidential reasoning approach. Comput. Secur. 55, 100\u2013112 (2015)","journal-title":"Comput. Secur."},{"key":"62_CR20","doi-asserted-by":"publisher","first-page":"1","DOI":"10.1016\/j.cose.2014.04.005","volume":"44","author":"J Webb","year":"2014","unstructured":"Webb, J., Ahmad, A., Maynard, S.B., Shanks, G.: A situation awareness model for information security risk management. Comput. Secur. 44, 1\u201315 (2014)","journal-title":"Comput. Secur."},{"issue":"4","key":"62_CR21","doi-asserted-by":"publisher","first-page":"635","DOI":"10.1111\/j.1540-5915.2001.tb00975.x","volume":"32","author":"D Zhu","year":"2001","unstructured":"Zhu, D., Premkumar, G., Zhang, X., Chao-Hsien, C.: Data mining for network intrusion detection: a comparison of alternative methods. Decis. Sci. 32(4), 635\u2013660 (2001)","journal-title":"Decis. Sci."}],"container-title":["Lecture Notes in Networks and Systems","Intelligent Computing"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-030-80129-8_62","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2026,2,21]],"date-time":"2026-02-21T07:14:08Z","timestamp":1771658048000},"score":1,"resource":{"primary":{"URL":"https:\/\/link.springer.com\/10.1007\/978-3-030-80129-8_62"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2021]]},"ISBN":["9783030801281","9783030801298"],"references-count":21,"URL":"https:\/\/doi.org\/10.1007\/978-3-030-80129-8_62","relation":{},"ISSN":["2367-3370","2367-3389"],"issn-type":[{"value":"2367-3370","type":"print"},{"value":"2367-3389","type":"electronic"}],"subject":[],"published":{"date-parts":[[2021]]},"assertion":[{"value":"6 July 2021","order":1,"name":"first_online","label":"First Online","group":{"name":"ChapterHistory","label":"Chapter History"}}]}}