Reading List

Introduction to Data Protection and Cyber Security

DLBCSIDPITS01

Version: 2021-05-01
Reading Types

Basic Reading

This is the background literature selected for the course, the content of which is highly relevant to the
respective course. These texts are useful resources and likely worth the purchase if required. Nevertheless,
we strive to make as many of these titles as possible available through our library.

Required Reading

In addition to further readings, required readings are selected for Master and MBA courses. These readings
are mandatory, and the content of these texts may be included in the exam. These readings must be
available from the IU International University of Applied Sciences online library.

Further Reading

These readings are designed to further students’ understanding of selected topics discussed in the course
book. Rather than addressing all unit content, these readings aim to introduce students to further research
and advanced discussions regarding specific topics. The further readings, as with the basic readings, are
recommended but not mandatory. These readings must be available from the IU online library or available
for free online.

Tip

All titles from the further reading are available online in the databases, unless otherwise indicated. If titles
from journals or edited volumes are not displayed correctly, please first enter the journal or volume title in
the search field and then select the desired article or chapter. Should you have any problems logging into
the library databases or accessing full texts, please contact the library helpdesk: library@iu.org
Basic Reading

Arnold, R. (2017). Cybersecurity: A business solution. An executive perspective on managing cyber risk. Threat
Sketch.

Mattord, H., & Whitman, M. (2017). Management of information security. Cengage.

European Parliament and Council of the European Union. (2016). EU General Data Protection Regulation
(GDPR): Regulation 2016/679 of the European Parliament and of the council of 27 April 2016 on the protection
of natural persons with regard to the processing of personal data and on the free movement of such data, and
repealing Directive 95/46/EC (General Data Protection Regulation). Official Journal of the European Union.
Chapters 1—3

Further Reading
(All sources can be found in the library databases unless otherwise indicated.)

Unit 1

Ahmad, A., Maynard, S. B., & Park, S. (2014). Information security strategies: Towards an organizational
multi-strategy perspective. Journal of Intelligent Manufacturing, 25(2), 357—370.

Istikoma, Bt Fakhri, N. F., Quarat-ul-Ain, & Ibrahim, J. (2015). Information security aligned to enterprise
management. Middle East Journal of Business, 10(1), 62—66.

Unit 2

Bendiek, A., & Römer, M. (2019). Externalizing Europe: The global effects of European data protection.
Digital Policy, Regulation and Governance, 21(1), 32—43.

International Organization for Standardization. (2011). Information technology—Security techniques—

Privacy framework (ISO/IEC standard no. 29100:2011).
Available online

Unit 3

Chung, J. J. (2018). Nation-states and their cyber operations in planting of malware in other countries: Is it
legal under international law? University of Pittsburgh Law Review, 80(1), 33—67.

3
Sharma, B. K., Joseph, M. A., Jacob, B., & Miranda, B. (2019). Emerging trends in digital forensic and cyber
security—An overview [Conference paper]. 2019 sixth HCT information technology trends (ITT), 309—313.
IEEE.

Unit 4

Jaya Putra, S., Nur Gunawan, M., Falach Sobri, A., Muslimin, J., Amilin, & Saepudin, D. (2020). Information
security risk management analysis using ISO 27005:2011 for the telecommunication company [Conference
paper]. 2020 8th international conference on cyber and IT service management (CITSM), pp. 1—5.

Slayton, R. (2015). Measuring risk: Computer security metrics, automation, and learning. IEEE Annals of
the History of Computing, 37(2), 32—45.

Unit 5

Jensen, M. L., Dinger, M., Wright, R. T., & Thatcher, J. B. (2017). Training to mitigate phishing attacks using
mindfulness techniques. Journal of Management Information Systems, 34(2), 597—626.

Sebescen, N., & Vitak, J. (2017). Securing the human: Employee security vulnerability risk in organizational
settings. Journal of the Association for Information Science & Technology, 68(9), 2237—2247.

Unit 6

Figueroa Lorenzo, S., Añorga Benito, J., García Cardarelli, P., Alberdi Garaia, J., & Arrizabalaga Juaristi, S.
(2019). A comprehensive review of RFID and Bluetooth security: Practical analysis. Technologies, 7(1),
Article 15, 1—29.

Forguites, J. (2014). Network segmentation boosts performance, protection. Technology update: Reduce
network cybersecurity risk and optimize network performance by following these 5 steps to leverage best
practices of network design. Control Engineering.

Unit 7
Helmiawan, M. A., Firmansyah, E., Fadil, I., Sofivan, Y., Mahardika, F., & Funtara, A. (2020). Analysis of
web security using open web application security project 10 [Conference paper]. 2020 8th international
conference on cyber and IT service management (CITSM), pp. 1—5.

Ponta, S. E., Plate, H., & Sabetta, A. (2020). Detection, assessment and mitigation of vulnerabilities in
open source dependencies. Empirical Software Engineering, 25(5), 3175—3215.