• A Game Based Long-Term Recruitment Framework 

      Niros, Baanusha (Master thesis, 2019)
      Det er et stort behov for ny generasjon av sikkerhetsesksperter i industrien som er i dag, hvor cyberangreper fortsetter å lykkes mens det er mangel på dyktige fagpersoner innen dette følgende fagfeltet. Det er videre ...
    • Agile Software Development: The Straight and Narrow Path to Secure Software? 

      Nicolaysen, Torstein; Sassoon, Richard; Bartnes, Maria; Jaatun, Martin Gilje (Journal article; Peer reviewed, 2010)
      In this article, we contrast the results of a series of interviews with agile software development organizations with a case study of a distributed agile development effort, focusing on how information security is taken ...
    • Analogies of Information Security 

      Sole, Amund Bauck (Master thesis, 2016)
      In this thesis it will be tested wither analogies and metaphors would make it easier to teach the fundamental subjects of information security and hacking to people with no previous background in computer science and only ...
    • Automatic Analysis of Scam Emails 

      Fagerland, Vegard (Master thesis, 2017)
      Email and email security have been the main topics of this master thesis. The thesis considers how an organization works with email security and security culture, the email specifications, threat agents, vulnerabilities ...
    • Challenges in IT Security Preparedness Exercises: A Case Study 

      Bartnes, Maria; Moe, Nils Brede (Journal article; Peer reviewed, 2016)
      The electric power industry is currently implementing major technological changes in order to achieve the goal of smart grids. However, these changes are expected to increase the susceptibility of the industry to IT security ...
    • Classification of logs using Machine Learning Technique 

      Vasquez Villano, Edwin Giancarlo (Master thesis, 2018)
      Currently, the use of information technologies is growing very fast in private or public companies. This is a worldwide trend, it is becoming needed than computers, printers,servers, cameras, etc. being interconnected ...
    • Gamification of Information Security Awareness and Training 

      Gjertsen, Eyvind Gaarder Bull; Gjære, Erlend Andreas; Bartnes, Maria; Flores, Waldo Rocha (Chapter, 2017)
      Security Awareness and Training (SAT) programs are commonly put in place to reduce risk related to insecure behaviour among employees. There are however studies questioning how effective SAT programs are in terms of improving ...
    • Implementation of Data Loss Prevention Mechanisms in a Knowledge Organization: A Balance Between User Experience and Security 

      Hurum, Vilde Innset (Master thesis, 2019)
      De fleste organisasjoner har retningslinjer for hvordan man skal be- skytte og klassifisere data. Til tross for dette, skjer det dessverre mange hendelser hvor data går tapt eller lekkes i næringslivet. Det er også en ...
    • Influencing Factors and Effectiveness of a Security Awareness Campaign 

      Strand, Kristine Larsen (Master thesis, 2018)
      As an organisation, it is important with technical security controls to protect information assets, but without cooperation from the employees, this is nearly useless. Gradually realising the importance of information ...
    • Personvern i kundeforhold - Hvordan tilrettelegge for informerte samtykker 

      Karlsen, Ida Cathrine (Master thesis, 2019)
      Den 25. mai 2018 ble personvernforordningen innført i medlemslandene av EU. Personvernforordningen trådte senere i kraft i Norge 20. juli 2018, på bakgrunn av at Norge er medlem av EØS. I sammenheng med innføringen av den ...
    • Play2Prepare: A Board Game Supporting IT Security Preparedness Exercises for Industrial Control Organizations 

      Graffer, Ingrid; Bartnes, Maria; Bernsmed, Karin (Journal article; Peer reviewed, 2015)
      Industrial control organizations need to perform IT security preparedness exercises more frequently than today. However, limited support material currently exists. This paper presents a board game, Play2Prepare, ...
    • Privacy and Social Media: Do Users Really Care? 

      Ersdal, Hannah; Skjærstad, Sølvi Svendby (Master thesis, 2016)
      Over the last decade, social media networks have experienced explosive growth. Social media has become a common form of communication for most people, and the average person spends more and more time in front of the computer. ...
    • The Security of Single Sign-On (SSO) in the Norwegian Public Sector 

      Aaby, Kristin (Master thesis, 2018)
      An isolated Identity Management System (IMS) requires a separate unique identifier for each specific Service Provider (SP). This model occurs to be problematic for users as there are a huge number of digital services utilize ...
    • Security Threats in Demo Steinkjer. Report from the Telenor-SINTEF collaboration project on Smart Grids 

      Tøndel, Inger Anne; Jaatun, Martin Gilje; Bartnes, Maria (SINTEF Rapport;A23351, Research report, 2012)
      This report describes security threats associated with the deployment of an Advanced Metering Infrastructure (AMI) in the Demo Steinkjer demonstration project. The description is based on the first phase of the actual smart ...
    • The future of information security incident management training: A case study of electrical power companies 

      Bartnes, Maria; Moe, Nils Brede; Heegaard, Poul Einar (Journal article; Peer reviewed, 2016)
      Recent attacks and threat reports indicate that industrial control organizations are attractive targets for attacks. Emerging threats create the need for a well-established capacity for responding to unwanted incidents. ...
    • Use of Gamification in Security Awareness and Training Programs 

      Gjertsen, Eyvind Garder B (Master thesis, 2016)
      The security reports are unambiguous: the human factor constitutes a real vulnerability in the information security domain. It is crucial that employees of companies and governments understand the risks and threats connected ...