1. Aytes, K., & Connolly, T. (2003). A research model for investigating human behaviour related to computer security. Proceedings of the Americas Conference on Information Systems, 2003, 2028–2029.

2. Bogdan, R. C., & Biklen, S. K. (2003). Qualitative research of education: An introductive to theories and methods (4th ed.). Allyn and Bacon.

3. Brodin, M. A. (2019). Framework for GDPR compliance for small- and medium-sized enterprises. European Journal for Security Research, 4, 243–264. https://doi.org/10.1007/s41125-019-00042-z

4. Canongia, C., & Mandarino, R. (2014). Cybersecurity: The new challenge of the information society. In Crisis management: Concepts, methodologies, tools and applications (pp. 60–80). IGI Global. https://doi.org/10.4018/978-1-4666-4707-7.ch003

5. Cheng, C., Flasher, R., & Higgins, J. P. (2019). Accounting firm data breaches: One state’s records. Journal of Accountancy, 227(6), 1–11. Retrieved November 27, 2021, from http://search.ebscohost.com/login.aspx?direct=true&db=ent&AN=136855027&site=edslive&scope=site