1. Ashenden, D., & Lawrence, D. (2013, December). Can we sell security like soap? A new approach to behaviour change. In Proceedings of the 2013 Workshop on New Security Paradigms Workshop (pp. 87–94). ACM.

2. Ashenden, D., & Sasse, A. (2013). CISOs and organisational change: Their own worst enemy? Computers & Security, 39, 396–405.

3. Taratine, B. (2018). How can we build an agile robust resilient (cyber)security defence system? LinkedIn article. https://www.linkedin.com/pulse/how-can-we-build-robust-agile-resilient-cybersecurity-boris-taratine/ .

4. Snowden, D. (2011). Risk and resilience. https://www.youtube.com/watch?v=2Hhu0ihG3kY .

5. Wolff, J. (2006). Risk, fear, blame, shame and the regulation of public safety. Economics and Philosophy, 22, 409–427.