1. Ablon L (2018) Data thieves: the motivations of cyber threat actors and their use and monetization of stolen data. The RAND Corporation https://www.rand.org/content/dam/rand/pubs/testimonies/CT400/CT490/RAND_CT490.pdf. Accessed 30 May 2019

2. Air Canada (2018) Notice to Air Canada mobile app users https://www.aircanada.com/ca/en/aco/ home/book/travel-news-and-updates/2018/notice-air-canada-mobile-app-users.html. Accessed 22 July 2019

3. Akamai Technologies (2018) Summer 2018 – state of the internet/security: web attack. https://ww w.akamai.com/uk/en/multimedia/documents/state-of-the-internet/soti-summer-2018-web-attack -report.pdf. Accessed 25 July 2019

4. Alberts CJ, Dorofee A (2002) Managing information security risks: the OCTAVE approach. Addison-Wesley Longman Publishing Co Inc, Boston

5. Ashford W (2018) Radisson hotel group could be GDPR test case. Computer Weekly, 2 Nov. https://www.computerweekly.com/news/252451870/Radisson-hotel-group-could-be-GDPR-test-case. Accessed 24 July 2019