Running head: ANNOTATED BIBLIOGRAPHY ANNOTATED BIBLIOGRAPHY 2 Annotated bibliography Anil Kumar Bandi University of The Cumberlands ITS 835- Enterprise Risk Management Dr. Oludotun Oni July 5th, 2019 Annotated bibliography: Cyber Security Bada, M., Sasse, A. M., & Nurse, J. R. (2019). Cyber security awareness campaigns: Why do they fail to change behaviour. arXiv preprint arXiv:1901.02672. In this technology era where we are using technology everywhere and at the same time cyber threats also became very common. So, having awareness about the cyber security is always good. security is a touchy issue that should be treated with most extreme classification. Authors through this book, explained about the key factors regarding the security which may lead them to neglecting to properly change individuals' behavior. Past what's more, current endeavors to improve data security rehearses and advance a maintainable society have not had the ideal effect. It is significant in this way to basically think about the difficulties engaged with improving data security practices for natives, buyers and representatives as there are not aware of risks in cyber security. This research paper considers the challenges from a psychology perspective and, they believed that creating awareness is always based on how people react and perceive the risks. The very important finding from this study is that, people know the answers for the questions asked during the survey about the risks they know about the cyber security but the interested thing, they don’t react how they usually react in real life. Being that said, it is very proposed that it is very essential for having risk awareness and practices from the beginning. This article also explained about the factors influencing the risks awareness failure in cyber security. And other important finding is, intercessions dependent on major hypothetical information to change conduct that consider social convictions and frames of mind and are bound to succeed. Coffey, K., Maglaras, L. A., Smith, R., Janicke, H., Ferrag, M. A., Derhab, A., ... & Yousaf, A. (2018). Vulnerability Assessment of Cyber Security for SCADA Systems. In Guide to Vulnerability Analysis for Computer Networks and Systems (pp. 59-80). Springer, Cham. This paper explains about the cyber security risk assessment of Supervisory Control and Data Acquisition system. In this system, security is mainly done by controlling physical access to framework parts which were extraordinary unique restrictive correspondence conventions. According to this paper, security in this system was present as an implication of safety. Modern day SCADA systems are more sophisticated and because of using the advanced technology and it’s complex too and prone to many risks as well. The SCADA systems are also prone to may risks because of rapidly increasing interconnectivity, hard wares and protocols using for communication and their standardization. So, risk assessment ...