{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,5,18]],"date-time":"2026-05-18T10:40:51Z","timestamp":1779100851490,"version":"3.51.4"},"reference-count":90,"publisher":"Oxford University Press (OUP)","issue":"1","license":[{"start":{"date-parts":[[2023,5,2]],"date-time":"2023-05-02T00:00:00Z","timestamp":1682985600000},"content-version":"vor","delay-in-days":121,"URL":"https:\/\/creativecommons.org\/licenses\/by\/4.0\/"}],"funder":[{"name":"Open Philanthropy"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2023,1,5]]},"abstract":"<jats:title>Abstract<\/jats:title>\n               <jats:p>The world is facing a cybersecurity skills gap as cybercrime and cyberwarfare grow in importance. One often-discussed quality that is potentially relevant to cybersecurity recruitment and education is the so-called \u201csecurity mindset\u201d: a way of thinking characteristic of some security professionals that they believe to be especially advantageous in their work. Although some employers express a desire to hire people with a security mindset, and initiatives to cultivate the security mindset are being implemented, it has no common definition and little is known about its characteristics, its development, and its consequences. We interviewed 21 cybersecurity professionals who strongly identified as having a security mindset based on a minimal description drawn from existing literature. Thematic analysis of the interview data suggests that the security mindset can be conceptualized as consisting of three interconnected aspects\u2014\u201cmonitoring\u201d for potential security anomalies, \u201cinvestigating\u201d anomalies more deeply to identify security flaws, and \u201cevaluating\u201d the relevance of those flaws in a larger context. These three aspects develop in different ways and have different personal and professional consequences. Participants mostly spoke positively of the security mindset, but they also mentioned several disadvantages not mentioned by existing security-mindset literature, such as mental health pressures, workplace tensions, and negative effects on personal relationships. We discuss the implications of these findings for future study of the security mindset and suggest practical implications for cybersecurity management, education, and recruitment.<\/jats:p>","DOI":"10.1093\/cybsec\/tyad010","type":"journal-article","created":{"date-parts":[[2023,5,2]],"date-time":"2023-05-02T08:38:01Z","timestamp":1683016681000},"source":"Crossref","is-referenced-by-count":24,"title":["The security mindset: characteristics, development, and consequences"],"prefix":"10.1093","volume":"9","author":[{"given":"Koen","family":"Schoenmakers","sequence":"first","affiliation":[{"name":"Department of Psychology, Harvard University , Cambridge, MA 02138 , USA"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0000-0003-2576-8588","authenticated-orcid":false,"given":"Daniel","family":"Greene","sequence":"additional","affiliation":[{"name":"Gryphon Scientific LLC, 6930 Carroll Ave., Takoma Park MD 20912, and Center for International Security and Cooperation, Stanford University , Stanford, CA 94305 , USA"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Sarah","family":"Stutterheim","sequence":"additional","affiliation":[{"name":"Care and Public Health Research Institute & Department of Health Promotion, Faculty of Health, Medicine, and Life Sciences, Maastricht University , 6200 MD, Maastricht , the Netherlands"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Herbert","family":"Lin","sequence":"additional","affiliation":[{"name":"Center for International Security and Cooperation, Stanford University , Stanford, CA 94305 , USA"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Megan J","family":"Palmer","sequence":"additional","affiliation":[{"name":"Department of Bioengineering and Center for International Security and Cooperation, Stanford University , Stanford, CA 94305 , USA"}],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"286","published-online":{"date-parts":[[2023,5,2]]},"reference":[{"key":"2023052911415331400_bib1","article-title":"The security mindset \u2013 Schneier on security","volume-title":"Schneier on Security","author":"Schneier","year":"2008"},{"key":"2023052911415331400_bib2","article-title":"The cybersecurity skills gap","author":"Naden","year":"2021"},{"key":"2023052911415331400_bib3","first-page":"32","article-title":"Closing the cybersecurity skills gap","volume":"4","author":"Vogel","year":"2016","journal-title":"Salus Journal"},{"key":"2023052911415331400_bib4","article-title":"The real-world impact of the global cybersecurity workforce gap on cyber defenders","volume-title":"Dark Reading","author":"Rosso","year":"2021"},{"key":"2023052911415331400_bib5","first-page":"1","article-title":"Cybersecurity Jobs Report 2018\u20132021","volume-title":"Cybersecurity Ventures","author":"Morgan","year":"2021"},{"key":"2023052911415331400_bib6","volume-title":"Cybersecurity Curricula 2017: Curriculum Guidelines for Post-Secondary Degree Programs in Cybersecurity","author":"Joint Task Force on Cybersecurity Education","year":"2017"},{"key":"2023052911415331400_bib7","doi-asserted-by":"crossref","first-page":"29","DOI":"10.4018\/IJHIoT.2018010103","article-title":"An Exploration of the Cybersecurity Workforce Shortage","volume":"2","author":"Burrell","year":"2018","journal-title":"Int J Hyperconnect Internet Things"},{"key":"2023052911415331400_bib8","doi-asserted-by":"publisher","first-page":"67","DOI":"10.48009\/2_iis_2019_62-72","article-title":"What is cybersecurity and what cybersecurity skills are employers seeking?","volume":"2","author":"Peslak","year":"2019","journal-title":"IIS"},{"key":"2023052911415331400_bib9","article-title":"Build (Don\u2019t Buy): A Skills-Based Strategy to Solve the Cybersecurity Talent Shortage","author":"Emsi","year":"2020"},{"key":"2023052911415331400_bib10","doi-asserted-by":"crossref","article-title":"Workforce Framework for Cybersecurity (NICE Framework)","author":"Petersen","DOI":"10.6028\/NIST.SP.800-181r1"},{"key":"2023052911415331400_bib11","doi-asserted-by":"crossref","first-page":"1","DOI":"10.1145\/3285002.3285004","article-title":"Against mindset","volume-title":"Proceedings of the New Security Paradigms Workshop on \u2013 NSPW \u201918","author":"Padmos","year":"2018"},{"key":"2023052911415331400_bib12","author":"ISC2","year":"2020"},{"key":"2023052911415331400_bib13","article-title":"The Security Mindset: The Key to Success in the Security Field","author":"Tripwire"},{"key":"2023052911415331400_bib14","article-title":"How to build a security mindset","author":"O'Toole"},{"key":"2023052911415331400_bib15","doi-asserted-by":"crossref","first-page":"48","DOI":"10.1109\/MSP.2011.80","article-title":"Embracing the Kobayashi Maru: why you should teach your students to cheat","volume":"9","author":"Conti","year":"2011","journal-title":"IEEE Secur Priv"},{"key":"2023052911415331400_bib16","article-title":"Lesson 1 \u2013 The Security Mindset: Cybersecurity through Threat Modeling","author":"International Computer Science Institute"},{"key":"2023052911415331400_bib17","doi-asserted-by":"crossref","first-page":"523","DOI":"10.1145\/2538862.2538939","article-title":"Teaching the security mindset with reference monitors","volume-title":"Proceedings of the 45th ACM Technical Symposium on Computer science education \u2013 SIGCSE \u201914","author":"Cappos","year":"2014"},{"key":"2023052911415331400_bib18","doi-asserted-by":"crossref","first-page":"1","DOI":"10.14763\/2017.1.443","article-title":"Fostering a cyber security mindset","volume":"6","author":"Dutton","year":"2017","journal-title":"Internet Policy Rev"},{"key":"2023052911415331400_bib19","doi-asserted-by":"crossref","first-page":"82","DOI":"10.1109\/MSP.2008.115","article-title":"Developing and retaining a security testing mindset","volume":"6","author":"Bonver","year":"2008","journal-title":"IEEE Secur Priv"},{"key":"2023052911415331400_bib20","first-page":"404","article-title":"Can the security mindset make students better testers?","volume-title":"Proceedings of the 46th ACM Technical Symposium on Computer Science Education \u2013 SIGCSE \u201915","author":"Hooshangi","year":"2015"},{"key":"2023052911415331400_bib21","first-page":"1","article-title":"Teaching the security mindset to CS1 students","volume-title":"Proceeding of the 44th ACM technical symposium on Computer science education \u2013 SIGCSE \u201913","author":"Pournaghshband","year":"2013"},{"key":"2023052911415331400_bib22","doi-asserted-by":"crossref","first-page":"211","DOI":"10.1080\/10478400701598298","article-title":"Mindfulness: theoretical foundations and evidence for its salutary effects","volume":"18","author":"Brown","year":"2007","journal-title":"Psychol Inq"},{"key":"2023052911415331400_bib23","doi-asserted-by":"crossref","first-page":"701","DOI":"10.1037\/0096-3445.130.4.701","article-title":"On the fragility of skilled performance: what governs choking under pressure?","volume":"130","author":"Beilock","year":"2001","journal-title":"J Exp Psychol Gen"},{"key":"2023052911415331400_bib24","doi-asserted-by":"crossref","first-page":"82","DOI":"10.1037\/0022-3514.92.1.82","article-title":"A question of belonging: race, social fit, and achievement","volume":"92","author":"Walton","year":"2007","journal-title":"J Pers Soc Psychol"},{"key":"2023052911415331400_bib25","doi-asserted-by":"crossref","first-page":"491","DOI":"10.1146\/annurev-psych-042716-051139","article-title":"Mindfulness interventions","volume":"68","author":"Creswell","year":"2017","journal-title":"Annu Rev Psychol"},{"key":"2023052911415331400_bib26","doi-asserted-by":"crossref","first-page":"211","DOI":"10.1126\/science.1199427","article-title":"Writing about testing worries boosts exam performance in the classroom","volume":"331","author":"Ramirez","year":"2011","journal-title":"Science"},{"key":"2023052911415331400_bib27","first-page":"36","article-title":"The social-belonging intervention","volume-title":"Handbook of Wise Interventions: How Social-Psychological Insights can Help Solve Problems","author":"Walton","year":"2020"},{"key":"2023052911415331400_bib28","volume-title":"Practical Measurement","author":"Yeager","year":"2013"},{"key":"2023052911415331400_bib29","volume-title":"Handbook of Wise Interventions","author":"Walton","year":"2020"},{"key":"2023052911415331400_bib30","article-title":"Security mindset \u2013 What is it? Why is it important? What does Bruce Schneier think?","author":"Nassiokas"},{"key":"2023052911415331400_bib31","doi-asserted-by":"crossref","first-page":"81","DOI":"10.1109\/MSP.2004.84","article-title":"Software security testing","volume":"2","author":"Potter","year":"2004","journal-title":"IEEE Secur Priv"},{"key":"2023052911415331400_bib32","doi-asserted-by":"crossref","first-page":"7","DOI":"10.1109\/MC.2016.38","article-title":"Bruce Schneier: the security mindset","volume":"49","author":"Severance","year":"2016","journal-title":"Computer"},{"key":"2023052911415331400_bib33","first-page":"357","article-title":"\u201cWe make it a big deal in the company\u201d: Security mindsets in organizations that develop cryptographic products","volume-title":"SOUPS '18: Proceedings of the Fourteenth USENIX Conference on Usable Privacy and Security","author":"Haney","year":"2018"},{"key":"2023052911415331400_bib34","doi-asserted-by":"crossref","first-page":"1","DOI":"10.1109\/VL\/HCC50065.2020.9127203","article-title":"A case study of software security red teams at Microsoft","volume-title":"2020 IEEE Symposium on Visual Languages and Human-Centric Computing (VL\/HCC)","author":"Smith","year":"2020"},{"key":"2023052911415331400_bib35","doi-asserted-by":"crossref","first-page":"26","DOI":"10.4018\/IJISP.2015010102","article-title":"A meta-analysis of studies on protection motivation theory and information security behaviour","volume":"9","author":"Sommestad","year":"2015","journal-title":"Int J Inf Secur Priv"},{"key":"2023052911415331400_bib36","doi-asserted-by":"crossref","first-page":"115","DOI":"10.1016\/B978-0-12-802690-8.00004-9","article-title":"Behavior change interventions for cybersecurity","volume-title":"Behavior Change Research and Theory","author":"Briggs","year":"2017"},{"key":"2023052911415331400_bib37","doi-asserted-by":"crossref","first-page":"101875","DOI":"10.1016\/j.cose.2020.101875","article-title":"Cultivating cybersecurity learning: an integration of self-determination and flow","volume":"96","author":"Kam","year":"2020","journal-title":"Comput Secur"},{"key":"2023052911415331400_bib38","doi-asserted-by":"crossref","first-page":"888","DOI":"10.1111\/isj.12374","article-title":"That\u2019s interesting: an examination of interest theory and self-determination in organisational cybersecurity training","volume":"32","author":"Kam","year":"2021","journal-title":"Inf Syst J"},{"key":"2023052911415331400_bib39","doi-asserted-by":"crossref","first-page":"102281","DOI":"10.1016\/j.cose.2021.102281","article-title":"\u201cGet a red-hot poker and open up my eyes, it\u2019s so boring\u201d1: employee perceptions of cybersecurity training","volume":"106","author":"Reeves","year":"2021","journal-title":"Comput Secur"},{"key":"2023052911415331400_bib40","doi-asserted-by":"crossref","first-page":"161","DOI":"10.1016\/j.copsyc.2015.10.028","article-title":"What moves people to action? Culture and motivation","volume":"8","author":"Markus","year":"2016","journal-title":"Curr Opin Psychol"},{"key":"2023052911415331400_bib41","doi-asserted-by":"crossref","first-page":"84","DOI":"10.1016\/j.cobeha.2015.02.001","article-title":"Culture and social behavior","volume":"3","author":"Henrich","year":"2015","journal-title":"Curr Opin Behav Sci"},{"key":"2023052911415331400_bib42","doi-asserted-by":"crossref","first-page":"1","DOI":"10.1109\/WCCAIS.2014.6916579","article-title":"Information security culture: a definition and a literature review","volume-title":"2014 World Congress on Computer Applications and Information Systems (WCCAIS)","author":"AlHogail","year":"2014"},{"key":"2023052911415331400_bib43","doi-asserted-by":"crossref","first-page":"101713","DOI":"10.1016\/j.cose.2020.101713","article-title":"Defining organisational information security culture\u2014perspectives from academia and industry","volume":"92","author":"da\u00a0Veiga","year":"2020","journal-title":"Comput Secur"},{"key":"2023052911415331400_bib44","doi-asserted-by":"crossref","first-page":"146","DOI":"10.1108\/ICS-12-2016-0095","article-title":"Key elements of an information security culture in organisations","volume":"27","author":"Nel","year":"2019","journal-title":"ICS"},{"key":"2023052911415331400_bib45","doi-asserted-by":"crossref","first-page":"102003","DOI":"10.1016\/j.cose.2020.102003","article-title":"Developing cybersecurity culture to influence employee behavior: a practice perspective","volume":"98","author":"Alshaikh","year":"2020","journal-title":"Comput Secur"},{"key":"2023052911415331400_bib46","first-page":"161","article-title":"Why do programmers make security errors?","volume-title":"2011 IEEE Symposium on Visual Languages and Human-Centric Computing (VL\/HCC)","author":"Xie","year":"2011"},{"key":"2023052911415331400_bib47","first-page":"1095","article-title":"Social influences on secure development tool adoption: why security tools spread","volume-title":"Proceedings of the 17th ACM Conference on Computer Supported Cooperative Work & Social Computing","author":"Xiao","year":"2014"},{"key":"2023052911415331400_bib48","doi-asserted-by":"crossref","first-page":"1","DOI":"10.1145\/3313831.3376754","article-title":"Building and validating a scale for secure software development self-efficacy","volume-title":"Proceedings of the 2020 CHI Conference on Human Factors in Computing Systems","author":"Votipka","year":"2020"},{"key":"2023052911415331400_bib49","doi-asserted-by":"crossref","first-page":"190","DOI":"10.1016\/j.im.2012.04.002","article-title":"Motivating IS security compliance: insights from habit and protection motivation theory","volume":"49","author":"Vance","year":"2012","journal-title":"Inf Manag"},{"key":"2023052911415331400_bib50","doi-asserted-by":"crossref","first-page":"1043","DOI":"10.1287\/isre.2021.1014","article-title":"Understanding inconsistent employee compliance with information security policies through the lens of the extended parallel process model","volume":"32","author":"Chen","year":"2021","journal-title":"Inf Syst Res"},{"key":"2023052911415331400_bib51","doi-asserted-by":"crossref","first-page":"85","DOI":"10.1111\/j.1539-6924.1998.tb00918.x","article-title":"Worry and risk perception","volume":"18","author":"Sjoberg","year":"1998","journal-title":"Risk Anal"},{"key":"2023052911415331400_bib52","doi-asserted-by":"crossref","first-page":"9","DOI":"10.1002\/9781119189909.ch2","article-title":"Assessing worry: an overview","volume-title":"Generalized Anxiety Disorder and Worrying","author":"Rinner","year":"2020","edition":"1st ed."},{"key":"2023052911415331400_bib53","doi-asserted-by":"crossref","first-page":"14","DOI":"10.7748\/nr.2018.e1585","article-title":"A step-by-step approach to developing scales for survey research","volume":"26","author":"Younas","year":"2018","journal-title":"Nurse Res"},{"key":"2023052911415331400_bib54","volume-title":"Workforce Development and Curriculum Guide: A Role-Based Guide for Hiring Managers, Education, and Training Providers","author":"Canadian Centre for Cyber Security","year":"2020"},{"key":"2023052911415331400_bib55","doi-asserted-by":"crossref","first-page":"843","DOI":"10.1007\/978-981-10-5251-4_103","article-title":"Thematic analysis","volume-title":"Handbook of Research Methods in Health Social Sciences","author":"Braun","year":"2019"},{"key":"2023052911415331400_bib56","doi-asserted-by":"crossref","first-page":"77","DOI":"10.1191\/1478088706qp063oa","article-title":"Using thematic analysis in psychology","volume":"3","author":"Braun","year":"2006","journal-title":"Qual Res Psychol"},{"key":"2023052911415331400_bib57","first-page":"1","article-title":"Reliability and inter-rater reliability in qualitative research: norms and guidelines for CSCW and HCI practice","volume":"3","author":"McDonald","year":"2019","journal-title":"Proc ACM Hum-Comput Interact"},{"key":"2023052911415331400_bib58","doi-asserted-by":"crossref","first-page":"108","DOI":"10.1080\/13523260.2019.1669336","article-title":"50 shades of hacking: how IT and cybersecurity industry actors perceive good, bad, and former hackers","volume":"41","author":"Tanczer","year":"2019","journal-title":"Contemp Secur Policy"},{"key":"2023052911415331400_bib59","volume-title":"On Combat: The Psychology and Physiology of Deadly Conflict in War and in Peace","author":"Grossman LtColD","year":"2012"},{"key":"2023052911415331400_bib60","doi-asserted-by":"crossref","first-page":"1071","DOI":"10.1177\/0146167217703952","article-title":"Is it a dangerous world out there? The motivational bases of American gun ownership","volume":"43","author":"Stroebe","year":"2017","journal-title":"Personal Soc Psychol Bull"},{"key":"2023052911415331400_bib61","doi-asserted-by":"crossref","first-page":"584","DOI":"10.1177\/1368430216670024","article-title":"The world is a scary place: individual differences in belief in a dangerous world predict specific intergroup prejudices","volume":"21","author":"Cook","year":"2016","journal-title":"Group Process Intergroup Relat"},{"key":"2023052911415331400_bib62","doi-asserted-by":"crossref","first-page":"297","DOI":"10.1521\/soco.2014.32.3.297","article-title":"Perceiving risk in a dangerous world: associations between life experiences and risk perceptions","volume":"32","author":"Blum","year":"2014","journal-title":"Soc Cogn"},{"key":"2023052911415331400_bib63","doi-asserted-by":"crossref","first-page":"87","DOI":"10.1109\/MSP.2004.98","article-title":"Enhancing security: not for the conformist","volume":"2","author":"Caloyannides","year":"2004","journal-title":"IEEE Secur Privacy"},{"key":"2023052911415331400_bib64","doi-asserted-by":"crossref","first-page":"673","DOI":"10.1108\/IJOA-09-2014-0797","article-title":"The fuzziness of mindsets","volume":"24","author":"French","year":"2016","journal-title":"Int J Organ Anal"},{"key":"2023052911415331400_bib65","doi-asserted-by":"crossref","first-page":"116","DOI":"10.5465\/ame.2002.6640211","article-title":"Cultivating a global mindset","volume":"16","author":"Gupta","year":"2002","journal-title":"Acad Manag Perspect"},{"key":"2023052911415331400_bib66","first-page":"63","article-title":"Global mindsets for global managers","volume":"46","author":"Rhinesmith","year":"1992","journal-title":"Train Dev"},{"key":"2023052911415331400_bib67","first-page":"403","article-title":"Deliberative versus implemental mindsets in the control of action","volume-title":"Dual-Process Theories in Social Psychology","author":"Gollwitzer","year":"1999"},{"key":"2023052911415331400_bib68","doi-asserted-by":"crossref","first-page":"541","DOI":"10.1007\/978-1-4614-2018-7_26","article-title":"The power of mindsets: nurturing engagement, motivation, and resilience in students","volume-title":"Handbook of Research on Student Engagement","author":"Brooks","year":"2012"},{"key":"2023052911415331400_bib69","volume-title":"Mindset\u202f: Changing the Way You Think to Fulfil Your Potential","author":"Dweck","year":"2017"},{"key":"2023052911415331400_bib70","first-page":"13","article-title":"The Tortuous Evolution of the Multinational Corporation","volume":"17","author":"Perlmutter","year":"1969","journal-title":"Practicing Manager"},{"key":"2023052911415331400_bib71","first-page":"53","article-title":"Action phases and mind-sets","volume-title":"Handbook of Motivation and Cognition, Volume 2: Foundations of Social Behavior","author":"Gollwitzer","year":"1990"},{"key":"2023052911415331400_bib72","doi-asserted-by":"crossref","first-page":"e1005090","DOI":"10.1371\/journal.pcbi.1005090","article-title":"When does model-based control pay off?","volume":"12","author":"Kool","year":"2016","journal-title":"PLoS Comput Biol"},{"key":"2023052911415331400_bib73","doi-asserted-by":"crossref","first-page":"289","DOI":"10.1146\/annurev-psych-122414-033417","article-title":"Psychology of habit","volume":"67","author":"Wood","year":"2016","journal-title":"Annu Rev Psychol"},{"key":"2023052911415331400_bib74","doi-asserted-by":"crossref","first-page":"182","DOI":"10.1037\/a0012801","article-title":"Self-determination theory: a macrotheory of human motivation, development, and health","volume":"49","author":"Deci","year":"2008","journal-title":"Can Psychol\/Psychologie Canadienne"},{"key":"2023052911415331400_bib75","doi-asserted-by":"crossref","first-page":"133","DOI":"10.1177\/1477878509104318","article-title":"Autonomy, competence, and relatedness in the classroom: applying self-determination theory to educational practice","volume":"7","author":"Niemiec","year":"2009","journal-title":"Theory Res Educ"},{"key":"2023052911415331400_bib76","doi-asserted-by":"crossref","first-page":"978","DOI":"10.3109\/0142159X.2011.599896","article-title":"Twelve tips to stimulate intrinsic motivation in students through autonomy-supportive classroom teaching derived from self-determination theory","volume":"33","author":"Kusurkar","year":"2012","journal-title":"Med Teach"},{"key":"2023052911415331400_bib77","doi-asserted-by":"crossref","first-page":"223","DOI":"10.1080\/09523987.2021.1976826","article-title":"Mapping research directions on makerspaces in education","volume":"58","author":"Konstantinou","year":"2021","journal-title":"Educ Media Int"},{"key":"2023052911415331400_bib78","doi-asserted-by":"crossref","first-page":"221","DOI":"10.1080\/10749039.2019.1655651","article-title":"Makerspaces in early childhood education: principles of pedagogy and practice","volume":"26","author":"Marsh","year":"2019","journal-title":"Mind Cult Act"},{"key":"2023052911415331400_bib79","first-page":"25","article-title":"Gender inequality in cybersecurity: exploring the gender gap in opportunities and progression","volume":"9","author":"Peacock","year":"2017","journal-title":"GST"},{"key":"2023052911415331400_bib80","first-page":"1","article-title":"A call for concern: the unbalanced representation of minorities and women in cybersecurity profession","volume":"2","author":"Esin","year":"2020","journal-title":"J Women Minor Technol"},{"key":"2023052911415331400_bib81","doi-asserted-by":"crossref","first-page":"317","DOI":"10.1023\/A:1021320817372","article-title":"The color of discipline: sources of racial and gender disproportionality in school punishment","volume":"34","author":"Skiba","year":"2002","journal-title":"Urban Rev"},{"key":"2023052911415331400_bib82","doi-asserted-by":"crossref","first-page":"127","DOI":"10.1177\/0038040717694876","article-title":"Girls behaving badly? Race, gender, and subjective evaluation in the discipline of African American girls","volume":"90","author":"Morris","year":"2017","journal-title":"Sociol Educ"},{"key":"2023052911415331400_bib83","article-title":"Cybersecurity Workforce Development Resources","author":"Cybersecurity & Infrastructure Security Agency","year":"2020"},{"key":"2023052911415331400_bib84","article-title":"Cybersecurity Workforce Development Toolkit","author":"National Initiative for Cybersecurity Careers and Studies"},{"key":"2023052911415331400_bib85","doi-asserted-by":"crossref","first-page":"426","DOI":"10.1108\/QMR-06-2016-0053","article-title":"Sample size for qualitative research","volume":"19","author":"Boddy","year":"2016","journal-title":"Qual Mark Res Int J"},{"key":"2023052911415331400_bib86","doi-asserted-by":"crossref","first-page":"23","DOI":"10.1080\/14780887.2016.1219435","article-title":"Feedback from research participants: are member checks useful in qualitative research?","volume":"14","author":"Thomas","year":"2017","journal-title":"Qual Res Psychol"},{"key":"2023052911415331400_bib87","volume-title":"Measurement in Nursing and Health Research","author":"Waltz","year":"2017"},{"key":"2023052911415331400_bib88","doi-asserted-by":"crossref","first-page":"21","DOI":"10.1525\/jer.2009.4.3.21","article-title":"Challenges in measuring a new construct: perception of voluntariness for research and treatment decision making","volume":"4","author":"Miller","year":"2009","journal-title":"J Empir Res Hum Res Ethics"},{"key":"2023052911415331400_bib89","doi-asserted-by":"crossref","first-page":"2025","DOI":"10.1007\/s11135-011-9640-9","article-title":"Determinants of social desirability bias in sensitive surveys: a literature review","volume":"47","author":"Krumpal","year":"2013","journal-title":"Qual Quant"},{"key":"2023052911415331400_bib90","doi-asserted-by":"crossref","first-page":"783","DOI":"10.1177\/1049732319889354","article-title":"\u201cEverything Is Perfect, and We Have No Problems\u201d: detecting and limiting social desirability bias in qualitative research","volume":"30","author":"Bergen","year":"2020","journal-title":"Qual Health Res"}],"container-title":["Journal of Cybersecurity"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/academic.oup.com\/cybersecurity\/article-pdf\/9\/1\/tyad010\/50476410\/tyad010.pdf","content-type":"application\/pdf","content-version":"vor","intended-application":"syndication"},{"URL":"https:\/\/academic.oup.com\/cybersecurity\/article-pdf\/9\/1\/tyad010\/50476410\/tyad010.pdf","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2023,5,29]],"date-time":"2023-05-29T11:43:11Z","timestamp":1685360591000},"score":1,"resource":{"primary":{"URL":"https:\/\/academic.oup.com\/cybersecurity\/article\/doi\/10.1093\/cybsec\/tyad010\/7147623"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2023,1,1]]},"references-count":90,"journal-issue":{"issue":"1","published-print":{"date-parts":[[2023,1,5]]}},"URL":"https:\/\/doi.org\/10.1093\/cybsec\/tyad010","relation":{},"ISSN":["2057-2085","2057-2093"],"issn-type":[{"value":"2057-2085","type":"print"},{"value":"2057-2093","type":"electronic"}],"subject":[],"published-other":{"date-parts":[[2023,1,1]]},"published":{"date-parts":[[2023,1,1]]},"article-number":"tyad010"}}