Publications

Selection of publications   English   Dutch

Masteropleiding Technische Cybersecurity gebaseerd op PvIB-beroepsprofiel (IB Magazine, 4, 2019, 38-41): Case study about the development of a cyber security master's study based on new job profiles and the e-CF framework.
Informatie onder controle (MS, 2018): Textbook about information and IT management, including outsourcing.
Job profiles for information security 2.0 (PvIB, 2017). [ Beroepsprofielen voor informatiebeveiliging 2.0a (PvIB, 2017)]: Standard job profiles defined by the Dutch Association of Information Security Professionals.
Safe in cyberspace; van awareness naar actie (PBLQ, 2015): An introduction to cyberspace and cyber security for managers.
De cyberwereld wordt niet vanzelf veilig ("Onderzoekend op weg", THUAS, 2014, 65-72): More focus is required on educating safe cyber behaviour.
Verkenning Informatieveiligheid Buitenland (Taskforce BID, 2014): A comparative study of information security in different European countries.
Kwalificatie en certificatie van informatiebeveiligers (Beveiliging, 11, 2011, 70-73) [onderzoeksrapport (CPNI.NL, 2011)]: Research on the need for a new qualification system for infosec professionals.
Criminaliteit in de cyberwereld ("Van buiten leren", Politie Haaglanden, 2011, 41-47): The involvement of the Dutch police in tackling cybercrime.
Bewust veilig? (IT-Auditor, 4, 2010, 15-21): How to set up information security awareness in organizations.
Informatiebeveiliging en bewustzijn (IT-Auditor, 1, 2010, 24-27): Human behaviour and information security in organizations.
De riskante wereld van de IT ("Omdat onderzoek toekomst heeft", THUAS, 2010, 215-224): A brief introduction into IT risk management.
Een serious game voor informatiebeveiliging (Informatiebeveiliging, 8, 2009, 18-20): Description of a serious game for information security awareness training.
Digitale veiligheid voor burgers ("Wereldstedelingen", Karakter, 2006, 141-152): Risks related to interconnection of information systems.
Integratie van informatiebeveiliging ("Jaarboek IT Beheer en informatiebeveiliging 2006", Academic Service, 2005, 359-367): Integration on information security into the business.
Een twee-sporenaanpak voor informatiebeveiliging (Management Executive, 1, 2004, 34-37; "IB Jaarboek 2004/2005", 2004, 63-71): A practical approach to implement information security.
Waardevol maakt kwetsbaar: het belang van informatiebeveiliging (THUAS, 2003): Inaugural lecture at The Hague University.
Van ontwijken naar uitwijken (HEC, 2003): An introduction to continuity management for IT infrastructures.
Intrusion detection als probaat middel tegen inbraak (Management & Informatie, 6, 2002, 38-43): Introduction to ID systems, its use and its management.
Information capability engineering ("Complexiteit van beheer, beheer van complexiteit", DUP, 2001, 55-67): A structured approach to (re)organize the information function.
Human Error and Information Security (DUT, 2000): A model for human behavior and human error and relevant security measures.
Expert in disaster recovery scenarios (Contingency Planning & Recovery Journal, 1, 2000, 2-15): The use of an expert system to develop disaster recovery scenarios.
ITIL Security Management: een kritische beschouwing (Compact, 4, 2000, 12-15): Critical review of ITIL (version 2) Security Management.
Risk analysis on Internet connection (Proceedings of IFIP SEC '99, 1999, 89-101): Framework for risk analysis of systems connected to the Internet.
Competing against human failing (Proceedings of IFIP SEC 98, 1998, 392-401): Explanation of human failure types and the way to compete against it.
Beveiliging tegen indirect menselijk falen (IT Beheer Praktijkjournaal, 3, 1998, 1-4): Indirect error and relevant security measures.
IT-beveiliging in cijfers ("Handboek Informatiebeveiliging, Aanvulling 18", Kluwer Editorial, 1998): Inventory of threats and security measures in Dutch practice.