Publications

Selection of publications   English   Dutch

Information security education based on job profiles and the e-CF (Higher Education, Skills and Work-based Learning, 2021) [ AAM version ]: Case study on standardization of cybersecurity education based on a PvIB job profile and the underlying e-CF framework.
Masteropleiding Technische Cybersecurity gebaseerd op PvIB-beroepsprofiel (IB Magazine, 4, 2019, 38-41) : Background to the development of a cybersecurity master of science curriculum based on a new PvIB job profile.
Informatie onder controle (MS, 2018) : Textbook about information and IT management. Includes an introduction to information technology and information systems, as well as the basics of outsourcing and shared services centres.
Volwassenheid Informatiebeveiliging: 3-Pijlermodel (RAAK-project Veilig Water, 2017) : Whitepaper, describing the 3 Pillar Model of Information Security Maturity.
Job profiles for information security 2.0 (PvIB, 2017) [ Beroepsprofielen voor informatiebeveiliging 2.0a (PvIB, 2017) ]: Standard job profiles defined by the Dutch Association of Information Security Professionals.
Safe in cyberspace; van awareness naar actie (PBLQ, 2015) : A book providing a concise introduction to cyberspace and cybersecurity for managers.
De cyberwereld wordt niet vanzelf veilig (In "Onderzoekend op weg", THUAS, 2014, 65-72) : More focus is required on educating safe cyber behaviour.
Verkenning Informatieveiligheid Buitenland (Taskforce BID, 2014) : A comparative study report on information security in different European countries.
Kwalificatie en certificatie van informatiebeveiligers (Beveiliging, 11, 2011, 70-73) [ Onderzoeksrapport (CPNI.NL, 2011) ]: Research on the need for a new qualification system for infosec professionals.
Criminaliteit in de cyberwereld (In "Van buiten leren", Politie Haaglanden, 2011, 41-47) : The involvement of the Dutch police in tackling cybercrime.
Bewust veilig? (IT-Auditor, 4, 2010, 15-21) : How to set up information security awareness in organizations.
Informatiebeveiliging en bewustzijn (IT-Auditor, 1, 2010, 24-27) : Human behaviour and information security in organizations.
De riskante wereld van de IT (In "Omdat onderzoek toekomst heeft", THUAS, 2010, 215-224) : A brief introduction into IT risk management.
Een serious game voor informatiebeveiliging (Informatiebeveiliging, 8, 2009, 18-20) : Description of a serious game for information security awareness training.
Digitale veiligheid voor burgers (In "Wereldstedelingen", Karakter, 2006, 141-152) : Risks related to interconnection of information systems.
Integratie van informatiebeveiliging (In "Jaarboek IT Beheer en informatiebeveiliging 2006", Academic Service, 2005, 359-367) : Integration on information security into the business.
Een twee-sporenaanpak voor informatiebeveiliging (Management Executive, 1, 2004, 34-37; In "IB Jaarboek 2004/2005", Academic Service, 2004, 63-71) : A practical two-track approach to implement information security.
Waardevol maakt kwetsbaar: het belang van informatiebeveiliging (THUAS, 2003) : My inaugural lecture at The Hague University of Applied Sciences.
Van ontwijken naar uitwijken (HEC, 2003) : An introduction book about continuity management for IT infrastructures.
Intrusion detection als probaat middel tegen inbraak (Management & Informatie, 6, 2002, 38-43) : Introduction to ID systems, its use and its management.
Information capability engineering (In "Complexiteit van beheer, beheer van complexiteit", DUP, 2001, 55-67) : A structured approach to (re)organize the information function.
Human Error and Information Security (DUT, 2000) : Whitepaper, describing a model for human behavior and human error and relevant security measures.
Expert in disaster recovery scenarios (Contingency Planning & Recovery Journal, 1, 2000, 2-15) : The use of an expert system to develop disaster recovery scenarios.
ITIL Security Management: een kritische beschouwing (Compact, 4, 2000, 12-15) : Critical review of ITIL (version 2) Security Management.
Risk analysis on Internet connection (In "Proceedings of IFIP SEC '99", IFIP, 1999, 89-101) : Framework for risk analysis of systems connected to the Internet.
Competing against human failing (In "Proceedings of IFIP SEC 98", IFIP, 1998, 392-401) : Explanation of human failure types and the way to compete against it.
Beveiliging tegen indirect menselijk falen (IT Beheer Praktijkjournaal, 3, 1998, 1-4) : Indirect error and relevant security measures.
IT-beveiliging in cijfers (In "Handboek Informatiebeveiliging, Aanvulling 18", Kluwer Editorial, 1998) : Inventory of threats and security measures in Dutch practice.