{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,4,21]],"date-time":"2026-04-21T15:06:48Z","timestamp":1776784008925,"version":"3.51.2"},"publisher-location":"New York, NY, USA","reference-count":102,"publisher":"ACM","license":[{"start":{"date-parts":[[2024,9,30]],"date-time":"2024-09-30T00:00:00Z","timestamp":1727654400000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/creativecommons.org\/licenses\/by\/4.0\/"}],"funder":[{"name":"EPSRC Centre for Doctoral Training in Cybersecurity","award":["2413372"],"award-info":[{"award-number":["2413372"]}]}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":[],"published-print":{"date-parts":[[2024,9,30]]},"DOI":"10.1145\/3688459.3688472","type":"proceedings-article","created":{"date-parts":[[2024,11,20]],"date-time":"2024-11-20T08:31:55Z","timestamp":1732091515000},"page":"137-154","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":4,"title":["Understanding Operational Technology Personnel's Mindsets and Their Effect on Cybersecurity Perceptions: A Qualitative Study With Operational Technology Cybersecurity Practitioners"],"prefix":"10.1145","author":[{"ORCID":"https:\/\/orcid.org\/0009-0003-6974-3603","authenticated-orcid":false,"given":"Stefanos","family":"Evripidou","sequence":"first","affiliation":[{"name":"Centre for Doctoral Training in Cybersecurity, University College London (UCL), London, United Kingdom,"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0000-0003-0909-4579","authenticated-orcid":false,"given":"Jeremy","family":"Daniel McKendrick Watson","sequence":"additional","affiliation":[{"name":"Department of Science Technology Engineering and Public Policy (STEaPP), University College London (UCL), London, United Kingdom,"}],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"320","published-online":{"date-parts":[[2024,11,20]]},"reference":[{"key":"e_1_3_3_2_1_2","volume-title":"Gartner. Accessed","author":"Gartner","year":"2024","unstructured":"Gartner, \u201cDefinition of Operational Technology (OT) - Gartner Information Technology Glossary,\u201d Gartner. Accessed: May 17, 2024. [Online]. Available: https:\/\/www.gartner.com\/en\/information-technology\/glossary\/operational-technology-ot"},{"key":"e_1_3_3_2_2_2","volume-title":"Accessed","author":"National Protective Security Authority","year":"2024","unstructured":"National Protective Security Authority, \u201cCritical National Infrastructure | NPSA.\u201d Accessed: May 17, 2024. [Online]. Available: https:\/\/www.npsa.gov.uk\/critical-national-infrastructure-0"},{"key":"e_1_3_3_2_3_2","doi-asserted-by":"publisher","DOI":"10.1080\/23742917.2016.1252211"},{"key":"e_1_3_3_2_4_2","doi-asserted-by":"publisher","DOI":"10.1016\/j.compind.2018.09.004"},{"key":"e_1_3_3_2_5_2","volume-title":"Accessed","author":"National Cyber Security Centre","year":"2024","unstructured":"National Cyber Security Centre, \u201cNCSC warns of emerging threat to critical national infrastructure.\u201d Accessed: May 17, 2024. [Online]. Available: https:\/\/www.ncsc.gov.uk\/news\/ncsc-warns-of-emerging-threat-to-critical-national-infrastructure"},{"key":"e_1_3_3_2_6_2","volume-title":"Accessed","author":"Cybersecruity & Infrastructure National Agency","year":"2024","unstructured":"Cybersecruity & Infrastructure National Agency, \u201cIdentifying and Mitigating Living Off the Land Techniques | CISA.\u201d Accessed: May 23, 2024. [Online]. Available: https:\/\/www.cisa.gov\/resources-tools\/resources\/identifying-and-mitigating-living-land-techniques"},{"key":"e_1_3_3_2_7_2","volume-title":"GOV.UK. Accessed","author":"Government UK","year":"2024","unstructured":"UK Government, \u201cThe NIS Regulations 2018,\u201d GOV.UK. Accessed: May 17, 2024. [Online]. Available: https:\/\/www.gov.uk\/government\/collections\/nis-directive-and-nis-regulations-2018"},{"key":"e_1_3_3_2_8_2","volume-title":"Accessed","author":"Cybersecruity & Infrastructure National Agency","year":"2024","unstructured":"Cybersecruity & Infrastructure National Agency, \u201cNational Security Memorandum on Critical Infrastructure Security and Resilience | CISA.\u201d Accessed: May 17, 2024. [Online]. Available: https:\/\/www.cisa.gov\/national-security-memorandum-critical-infrastructure-security-and-resilience"},{"key":"e_1_3_3_2_9_2","volume-title":"Accessed","author":"International Society of Automation","year":"2024","unstructured":"International Society of Automation, \u201cISA\/IEC 62443 Series of Standards - ISA,\u201d isa.org. Accessed: May 17, 2024. [Online]. Available: https:\/\/www.isa.org\/standards-and-publications\/isa-standards\/isa-iec-62443-series-of-standards"},{"key":"e_1_3_3_2_10_2","first-page":"129","volume-title":"Nineteenth Symposium on Usable Privacy and Security (SOUPS 2023)","author":"Evripidou S.","year":"2023","unstructured":"S. Evripidou, U. D. Ani, S. Hailes, and J. D. M. Watson, \u201cExploring the Security Culture of Operational Technology (OT) Organisations: the Role of External Consultancy in Overcoming Organisational Barriers,\u201d presented at the Nineteenth Symposium on Usable Privacy and Security (SOUPS 2023), 2023, pp. 113\u2013129. Accessed: Jan. 25, 2024. [Online]. Available: https:\/\/www.usenix.org\/conference\/soups2023\/presentation\/evripidou"},{"key":"e_1_3_3_2_11_2","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-031-12172-2_11"},{"key":"e_1_3_3_2_12_2","doi-asserted-by":"publisher","DOI":"10.1016\/j.jmsy.2018.04.007"},{"key":"e_1_3_3_2_13_2","volume-title":"Challenges Governments Face in the Field of Critical Information Infrastructure Protection (CIIP): Stakeholders and Perspectives","author":"Abele-Wigert I.","year":"2006","unstructured":"I. Abele-Wigert, \u201cChallenges Governments Face in the Field of Critical Information Infrastructure Protection (CIIP): Stakeholders and Perspectives,\u201d 2006."},{"key":"e_1_3_3_2_14_2","doi-asserted-by":"publisher","DOI":"10.1007\/978-0-387-75462-8_3"},{"key":"e_1_3_3_2_15_2","volume-title":"The Shadow Warriors: In the no man's land between industrial control systems and enterprise IT systems","author":"Zanutto A.","unstructured":"A. Zanutto, B. Shreeve, K. Follis, J. Busby, and A. Rashid, \u201cThe Shadow Warriors: In the no man's land between industrial control systems and enterprise IT systems,\u201d p. 6."},{"key":"e_1_3_3_2_16_2","doi-asserted-by":"publisher","DOI":"10.1177\/20539517221108369"},{"key":"e_1_3_3_2_17_2","doi-asserted-by":"publisher","DOI":"10.1145\/322796.322806"},{"key":"e_1_3_3_2_18_2","first-page":"122","volume-title":"Proceedings of the Eleventh USENIX Conference on Usable Privacy and Security, in SOUPS \u201915","author":"Blythe J. M.","year":"2015","unstructured":"J. M. Blythe, L. Coventry, and L. Little, \u201cUnpacking security policy compliance: the motivators and barriers of employees\u2019 security behaviors,\u201d in Proceedings of the Eleventh USENIX Conference on Usable Privacy and Security, in SOUPS \u201915. USA: USENIX Association, Jul. 2015, pp. 103\u2013122."},{"key":"e_1_3_3_2_19_2","doi-asserted-by":"publisher","DOI":"10.1016\/j.cose.2013.12.003"},{"key":"e_1_3_3_2_20_2","first-page":"270","volume-title":"Twelfth Symposium on Usable Privacy and Security ({SOUPS} 2016)","author":"Beautement A.","year":"2016","unstructured":"A. Beautement, I. Becker, S. Parkin, K. Krol, and A. Sasse, \u201cProductive Security: A Scalable Methodology for Analysing Employee Security Behaviours,\u201d presented at the Twelfth Symposium on Usable Privacy and Security ({SOUPS} 2016), 2016, pp. 253\u2013270. [Online]. Available: https:\/\/www.usenix.org\/conference\/soups2016\/technical-sessions\/presentation\/beautement"},{"key":"e_1_3_3_2_21_2","doi-asserted-by":"publisher","DOI":"10.1108\/ICS-11-2016-0084"},{"key":"e_1_3_3_2_22_2","doi-asserted-by":"publisher","DOI":"10.1145\/3481357.3481522"},{"key":"e_1_3_3_2_23_2","doi-asserted-by":"publisher","DOI":"10.3850\/978-981-18-8071-1_P297-cd"},{"key":"e_1_3_3_2_24_2","doi-asserted-by":"publisher","DOI":"10.1016\/S0925-7535(00)00014-X"},{"key":"e_1_3_3_2_25_2","doi-asserted-by":"publisher","DOI":"10.1023\/A:1011902718709"},{"key":"e_1_3_3_2_26_2","doi-asserted-by":"publisher","DOI":"10.1145\/508171.508178"},{"key":"e_1_3_3_2_27_2","volume-title":"Security Symposium ({USENIX} Security 99), 1999","author":"Whitten A.","year":"2021","unstructured":"A. Whitten and J. D. Tygar, \u201cWhy Johnny Can't Encrypt: A Usability Evaluation of {PGP} 5.0,\u201d presented at the 8th {USENIX} Security Symposium ({USENIX} Security 99), 1999. Accessed: Aug. 01, 2021. [Online]. Available: https:\/\/www.usenix.org\/conference\/8th-usenix-security-symposium\/why-johnny-cant-encrypt-usability-evaluation-pgp-50"},{"key":"e_1_3_3_2_28_2","doi-asserted-by":"publisher","DOI":"10.1145\/1595676.1595684"},{"key":"e_1_3_3_2_29_2","volume-title":"Aug. 04, 2022, arXiv: arXiv: 2208","author":"Li K.","year":"2022","unstructured":"K. Li, K. M. Ramokapane, and A. Rashid, \u201c\"Yeah, it does have a...Windows `98 Vibe\u2019\u2019: Usability Study of Security Features in Programmable Logic Controllers,\u201d Aug. 04, 2022, arXiv: arXiv:2208.02500. Accessed: Oct. 02, 2022. [Online]. Available: http:\/\/arxiv.org\/abs\/2208.02500"},{"key":"e_1_3_3_2_30_2","doi-asserted-by":"publisher","DOI":"10.1145\/3617072.3617114"},{"key":"e_1_3_3_2_31_2","doi-asserted-by":"publisher","DOI":"10.1145\/3481357.3481376"},{"key":"e_1_3_3_2_32_2","doi-asserted-by":"publisher","DOI":"10.1145\/3498891.3498902"},{"key":"e_1_3_3_2_33_2","doi-asserted-by":"publisher","DOI":"10.1017\/dsi.2019.183"},{"key":"e_1_3_3_2_34_2","doi-asserted-by":"publisher","DOI":"10.1145\/3582515.3609565"},{"key":"e_1_3_3_2_35_2","doi-asserted-by":"publisher","DOI":"10.1016\/j.jretconser.2020.102051"},{"key":"e_1_3_3_2_36_2","doi-asserted-by":"publisher","DOI":"10.14236\/ewic\/HCI2010.17"},{"key":"e_1_3_3_2_37_2","doi-asserted-by":"publisher","DOI":"10.1109\/MSP.2015.17"},{"key":"e_1_3_3_2_38_2","first-page":"52","volume-title":"Proceedings of the Eleventh USENIX Conference on Usable Privacy and Security, in SOUPS \u201915","author":"Kang R.","year":"2015","unstructured":"R. Kang, L. Dabbish, N. Fruchter, and S. Kiesler, \u201c\u2018My data just goes everywhere\u2019: user mental models of the internet and implications for privacy and security,\u201d in Proceedings of the Eleventh USENIX Conference on Usable Privacy and Security, in SOUPS \u201915. USA: USENIX Association, Jul. 2015, pp. 39\u201352."},{"key":"e_1_3_3_2_39_2","doi-asserted-by":"publisher","DOI":"10.1002\/(SICI)1099-1727(199821)14:1<3::AID-SDR140>3.0.CO;2-K"},{"key":"e_1_3_3_2_40_2","first-page":"346","volume-title":"Eleventh Symposium On Usable Privacy and Security (SOUPS 2015)","author":"Ion I.","year":"2015","unstructured":"I. Ion, R. Reeder, and S. Consolvo, \u201c{\u2018...No} one Can Hack My {Mind\u2019}: Comparing Expert and {Non-Expert} Security Practices,\u201d presented at the Eleventh Symposium On Usable Privacy and Security (SOUPS 2015), 2015, pp. 327\u2013346. Accessed: May 19, 2024. [Online]. Available: https:\/\/www.usenix.org\/conference\/soups2015\/proceedings\/presentation\/ion"},{"key":"e_1_3_3_2_41_2","volume-title":"Mental Models of Information Security.","author":"McGregor S.","year":"2016","unstructured":"S. McGregor and E. Watkins, \u201cSecurity by Obscurity\u201d: Journalists\u2019 Mental Models of Information Security. 2016."},{"key":"e_1_3_3_2_42_2","doi-asserted-by":"publisher","DOI":"10.1145\/3481357.3481520"},{"key":"e_1_3_3_2_43_2","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-031-34433-6_9"},{"key":"e_1_3_3_2_44_2","first-page":"116","volume-title":"Eighteenth Symposium on Usable Privacy and Security (SOUPS 2022)","author":"Bieringer L.","year":"2022","unstructured":"L. Bieringer, K. Grosse, M. Backes, B. Biggio, and K. Krombholz, \u201cIndustrial practitioners\u2019 mental models of adversarial machine learning,\u201d presented at the Eighteenth Symposium on Usable Privacy and Security (SOUPS 2022), 2022, pp. 97\u2013116. Accessed: May 19, 2024. [Online]. Available: https:\/\/www.usenix.org\/conference\/soups2022\/presentation\/bieringer"},{"key":"e_1_3_3_2_45_2","first-page":"358","volume-title":"Proceedings of the Sixteenth USENIX Conference on Usable Privacy and Security, in SOUPS\u201920","author":"Mai A.","year":"2020","unstructured":"A. Mai, K. Pfeffer, M. Gusenbauer, E. Weippl, and K. Krombholz, \u201cUser mental models of cryptocurrency systems - a grounded theory approach,\u201d in Proceedings of the Sixteenth USENIX Conference on Usable Privacy and Security, in SOUPS\u201920. USA: USENIX Association, Aug. 2020, pp. 341\u2013358."},{"key":"e_1_3_3_2_46_2","doi-asserted-by":"publisher","DOI":"10.1093\/cybsec"},{"key":"e_1_3_3_2_47_2","doi-asserted-by":"publisher","DOI":"10.14763\/2017.1.443"},{"key":"e_1_3_3_2_48_2","first-page":"150","volume-title":"Nineteenth Symposium on Usable Privacy and Security (SOUPS 2023)","author":"Hielscher J.","year":"2023","unstructured":"J. Hielscher, M. Sch\u00f6ps, U. Menges, M. Gutfleisch, M. Helbling, and M. A. Sasse, \u201cLacking the Tools and Support to Fix Friction: Results from an Interview Study with Security Managers,\u201d presented at the Nineteenth Symposium on Usable Privacy and Security (SOUPS 2023), 2023, pp. 131\u2013150. Accessed: May 19, 2024. [Online]. Available: https:\/\/www.usenix.org\/conference\/soups2023\/presentation\/hielscher"},{"key":"e_1_3_3_2_49_2","doi-asserted-by":"publisher","DOI":"10.1016\/S1361-3723(09)70127-7"},{"key":"e_1_3_3_2_50_2","doi-asserted-by":"publisher","DOI":"10.1109\/SP46214.2022.9833756"},{"key":"e_1_3_3_2_51_2","doi-asserted-by":"publisher","DOI":"10.1016\/j.cose.2022.102840"},{"key":"e_1_3_3_2_52_2","doi-asserted-by":"publisher","DOI":"10.1145\/3549015.3554206"},{"key":"e_1_3_3_2_53_2","doi-asserted-by":"publisher","DOI":"10.1016\/j.jsis.2007.05.004"},{"key":"e_1_3_3_2_54_2","doi-asserted-by":"publisher","DOI":"10.14722\/usec.2014.23007"},{"key":"e_1_3_3_2_55_2","first-page":"2328","volume-title":"32nd USENIX Security Symposium (USENIX Security 23)","author":"Hielscher J.","year":"2023","unstructured":"J. Hielscher, U. Menges, S. Parkin, A. Kluge, and M. A. Sasse, \u201c{\u2018Employees} Who {Don't} Accept the Time Security Takes Are Not Aware {Enough\u2019}: The {CISO} View of {Human-Centred} Security,\u201d presented at the 32nd USENIX Security Symposium (USENIX Security 23), 2023, pp. 2311\u20132328. Accessed: Jul. 19, 2024. [Online]. Available: https:\/\/www.usenix.org\/conference\/usenixsecurity23\/presentation\/hielscher"},{"key":"e_1_3_3_2_56_2","doi-asserted-by":"publisher","DOI":"10.1145\/3290605.3300663"},{"key":"e_1_3_3_2_57_2","doi-asserted-by":"publisher","DOI":"10.1016\/j.cose.2009.01.003"},{"key":"e_1_3_3_2_58_2","doi-asserted-by":"publisher","DOI":"10.1109\/MSP.2016.57"},{"key":"e_1_3_3_2_59_2","doi-asserted-by":"publisher","DOI":"10.1016\/j.jsis.2011.06.001"},{"key":"e_1_3_3_2_60_2","first-page":"317","volume-title":"Sixteenth Symposium on Usable Privacy and Security (SOUPS 2020)","author":"Michalec O. A.","year":"2020","unstructured":"O. A. Michalec, D. van der Linden, S. Milyaeva, and A. Rashid, \u201cIndustry Responses to the European Directive on Security of Network and Information Systems (NIS): Understanding policy implementation practices across critical infrastructures,\u201d presented at the Sixteenth Symposium on Usable Privacy and Security (SOUPS 2020), 2020, pp. 301\u2013317. Accessed: Feb. 01, 2022. [Online]. Available: https:\/\/www.usenix.org\/conference\/soups2020\/presentation\/michalec"},{"key":"e_1_3_3_2_61_2","doi-asserted-by":"publisher","DOI":"10.1109\/CyberSA49311.2020.9139641"},{"key":"e_1_3_3_2_62_2","doi-asserted-by":"publisher","DOI":"10.11610\/isij.4812"},{"key":"e_1_3_3_2_63_2","volume-title":"ENISA. Accessed","author":"European Union Agency for Cybersecurity","year":"2024","unstructured":"European Union Agency for Cybersecurity, \u201cNIS Directive,\u201d ENISA. Accessed: Jan. 25, 2024. [Online]. Available: https:\/\/www.enisa.europa.eu\/topics\/cybersecurity-policy\/nis-directive-new"},{"key":"e_1_3_3_2_64_2","unstructured":"S. M. McBride C. D. Schou and J. Slay \u201cA Security Workforce to Bridge the IT-OT Gap\u201d."},{"key":"e_1_3_3_2_65_2","volume-title":"Accessed","author":"Gross N.","year":"2024","unstructured":"N. Gross, \u201cControl and Automation Engineering Education Programs: Challenges and Opportunities - News.\u201d Accessed: May 17, 2024. [Online]. Available: https:\/\/control.com\/news\/the-landscape-of-engineering-education-challenges-and-opportunities\/"},{"key":"e_1_3_3_2_66_2","doi-asserted-by":"publisher","DOI":"10.1007\/s10111-018-0511-1"},{"key":"e_1_3_3_2_67_2","volume-title":"Proceedings of the 5th P&OM World Confernece","author":"Madsen E. S.","year":"2016","unstructured":"E. S. Madsen, A. Bilberg, and D. Grube Hansen, \u201cIndustry 4.0 and digitalization call for vocational skills, applied industrial engineering, and less for pure academics: 5th World Conference on Production and Operations Management,\u201d Proceedings of the 5th P&OM World Confernece, 2016."},{"key":"e_1_3_3_2_68_2","doi-asserted-by":"publisher","DOI":"10.1002\/hfm.21005"},{"key":"e_1_3_3_2_69_2","volume-title":"A Guide to the Automation Body of Knowledge","year":"2024","unstructured":"\u201cA Guide to the Automation Body of Knowledge, Third Edition,\u201d automation.com. Accessed: May 23, 2024. [Online]. Available: https:\/\/www.automation.com\/en-us\/products\/featured-products-2020\/a-comprehensive-overview-of-automation"},{"key":"e_1_3_3_2_70_2","doi-asserted-by":"publisher","DOI":"10.53735\/cisse.v9i1.149"},{"key":"e_1_3_3_2_71_2","doi-asserted-by":"publisher","DOI":"10.1109\/IETC54973.2022.9796664"},{"key":"e_1_3_3_2_72_2","doi-asserted-by":"publisher","DOI":"10.1080\/07366981.2023.2216992"},{"key":"e_1_3_3_2_73_2","doi-asserted-by":"publisher","DOI":"10.1109\/INES59282.2023.10297768"},{"key":"e_1_3_3_2_74_2","volume-title":"Accessed","author":"Industrial Society of Automation","year":"2024","unstructured":"Industrial Society of Automation, \u201cCybersecurity Certificates - ISA,\u201d isa.org. Accessed: May 18, 2024. [Online]. Available: https:\/\/www.isa.org\/certification\/certificate-programs\/isa-iec-62443-cybersecurity-certificate-program"},{"key":"e_1_3_3_2_75_2","volume-title":"Accessed","author":"SANS Institute","year":"2024","unstructured":"SANS Institute, \u201cIndustrial Control Systems (ICS) | SANS Institute.\u201d Accessed: May 18, 2024. [Online]. Available: https:\/\/www.sans.org\/industrial-control-systems-security\/"},{"key":"e_1_3_3_2_76_2","volume-title":"Idaho National Laboratory. Accessed","author":"Idaho National Laboratory","year":"2023","unstructured":"Idaho National Laboratory, \u201cBuilding an Industrial Cybersecurity Workforce, A Manager's Guide.\u201d Idaho National Laboratory. Accessed: Feb. 21, 2023. [Online]. Available: https:\/\/inl.gov\/wp-content\/uploads\/2021\/02\/ICS_Workforce-ManagersGuide2021.pdf"},{"key":"e_1_3_3_2_77_2","unstructured":"S. McBride S. McBride C. Schou and J. Slay \u201cAn Initial Industrial Cybersecurity Workforce Development Framework\u201d."},{"key":"e_1_3_3_2_78_2","doi-asserted-by":"publisher","DOI":"10.32727\/8.2023.31"},{"key":"e_1_3_3_2_79_2","volume-title":"Accessed","year":"2024","unstructured":"\u201cA systematic review of Human Aspects in Industry 4.0 and 5.0: Cybersecurity Awareness and Soft Skills | IEEE Conference Publication | IEEE Xplore.\u201d Accessed: May 23, 2024. [Online]. Available: https:\/\/ieeexplore.ieee.org\/document\/10297768"},{"key":"e_1_3_3_2_80_2","unstructured":"S. McBride and J. Slay \u201cCriteria for International Industrial Cybersecurity Education and Training Standards\u201d."},{"key":"e_1_3_3_2_81_2","volume-title":"Social Research Methods","author":"Bryman A.","year":"2016","unstructured":"A. Bryman, Social Research Methods. Oxford University Press, 2016."},{"key":"e_1_3_3_2_82_2","doi-asserted-by":"publisher","DOI":"10.1191\/1478088706qp063oa"},{"key":"e_1_3_3_2_83_2","doi-asserted-by":"publisher","DOI":"10.1080\/2159676X.2019.1628806"},{"key":"e_1_3_3_2_84_2","doi-asserted-by":"publisher","DOI":"10.1080\/26895269.2022.2129597"},{"key":"e_1_3_3_2_85_2","doi-asserted-by":"publisher","DOI":"10.1080\/14780887.2020.1769238"},{"key":"e_1_3_3_2_86_2","doi-asserted-by":"publisher","DOI":"10.1007\/s11135-021-01182-y"},{"key":"e_1_3_3_2_87_2","doi-asserted-by":"publisher","DOI":"10.1080\/2159676X.2020.1840423"},{"key":"e_1_3_3_2_88_2","first-page":"183","volume-title":"The Counselling and Psychotherapy Research Handbook","author":"Braun V.","year":"2014","unstructured":"V. Braun, V. Clarke, and N. Rance, \u201cHow to use thematic analysis with interview data,\u201d The Counselling and Psychotherapy Research Handbook, p. 183, Jan. 2014."},{"key":"e_1_3_3_2_89_2","volume-title":"Accessed","year":"2024","unstructured":"\u201cmindset, n. meanings, etymology and more | Oxford English Dictionary.\u201d Accessed: Jul. 21, 2024. [Online]. Available: https:\/\/www.oed.com\/dictionary\/mindset_n"},{"key":"e_1_3_3_2_90_2","doi-asserted-by":"publisher","DOI":"10.1037\/apl0000114"},{"key":"e_1_3_3_2_91_2","doi-asserted-by":"publisher","DOI":"10.1007\/s10111-012-0237-4"},{"key":"e_1_3_3_2_92_2","volume-title":"Accessed","author":"Adivsory Barr","year":"2024","unstructured":"Barr Adivsory and Hive Systems, \u201cThe Impact of Technical Debt on Cybersecurity.\u201d Accessed: May 23, 2024. [Online]. Available: https:\/\/www.barradvisory.com\/wp-content\/uploads\/2022\/05\/The-Impact-of-Technical-Debt-on-Cybersecurity.pdf"},{"key":"e_1_3_3_2_93_2","doi-asserted-by":"publisher","DOI":"10.1177\/0018720813501549"},{"key":"e_1_3_3_2_94_2","doi-asserted-by":"publisher","DOI":"10.1136\/bmj.320.7237.768"},{"key":"e_1_3_3_2_95_2","doi-asserted-by":"publisher","DOI":"10.1145\/2897035.2897036"},{"key":"e_1_3_3_2_96_2","article-title":"Making Sense of Operational Technology Attacks: The Past, Present, and Future","author":"Derbyshire R.","year":"2024","unstructured":"R. Derbyshire, \u201cMaking Sense of Operational Technology Attacks: The Past, Present, and Future,\u201d The Hacker News. Accessed: May 23, 2024. [Online]. Available: https:\/\/thehackernews.com\/2024\/03\/making-sense-of-operational-technology.html","journal-title":"The Hacker News. Accessed"},{"key":"e_1_3_3_2_97_2","volume-title":"Accessed","author":"Everett Community College","year":"2024","unstructured":"Everett Community College, \u201cIndustrial Cybersecurity | Everett Community College.\u201d Accessed: May 29, 2024. [Online]. Available: https:\/\/www.everettcc.edu\/programs\/bat\/it-program\/industrial-cybersecurity"},{"key":"e_1_3_3_2_98_2","volume-title":"Accessed","author":"Idaho State University","year":"2024","unstructured":"Idaho State University, \u201cIndustrial Cybersecurity Engineering Technology.\u201d Accessed: May 29, 2024. [Online]. Available: https:\/\/www.isu.edu\/industrialcybersecurity\/"},{"key":"e_1_3_3_2_99_2","doi-asserted-by":"publisher","DOI":"10.1016\/j.cose.2021.102387"},{"key":"e_1_3_3_2_100_2","volume-title":"The big con: how the consulting industry weakens our businesses, infantilizes our governments, and warps our economies","author":"Mazzucato M.","year":"2023","unstructured":"M. Mazzucato and R. Collington, The big con: how the consulting industry weakens our businesses, infantilizes our governments, and warps our economies. Penguin, 2023."},{"key":"e_1_3_3_2_101_2","doi-asserted-by":"publisher","DOI":"10.1109\/HICSS.2008.201"},{"key":"e_1_3_3_2_102_2","doi-asserted-by":"publisher","DOI":"10.14236\/ewic"}],"event":{"name":"EuroUSEC 2024: The 2024 European Symposium on Usable Security","location":"Karlstad Sweden","acronym":"EuroUSEC 2024"},"container-title":["Proceedings of the 2024 European Symposium on Usable Security"],"original-title":[],"link":[{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3688459.3688472","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/3688459.3688472","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,6,19]],"date-time":"2025-06-19T01:10:29Z","timestamp":1750295429000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3688459.3688472"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2024,9,30]]},"references-count":102,"alternative-id":["10.1145\/3688459.3688472","10.1145\/3688459"],"URL":"https:\/\/doi.org\/10.1145\/3688459.3688472","relation":{},"subject":[],"published":{"date-parts":[[2024,9,30]]},"assertion":[{"value":"2024-11-20","order":3,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}