The 28 revised full papers presented together with 8 short papers were carefully reviewed and selected from 44 submissions. Among the topical areas covered were: use of game theory; control theory; and mechanism design for security and privacy; decision making for cybersecurity and security requirements engineering; security and privacy for the Internet-of-Things; cyber-physical systems; cloud computing; resilient control systems, and critical infrastructure; pricing; economic incentives; security investments, and cyber insurance for dependable and secure systems; risk assessment and security risk management; security and privacy of wireless and mobile communications, including user location privacy; sociotechnological and behavioral approaches to security; deceptive technologies in cybersecurity and privacy; empirical and experimental studies with game, control, or optimization theory-based analysis for security and privacy; and adversarial machine learning and crowdsourcing, and the role of artificial intelligence in system security.