Human Factors in Security – Cybersecurity Education and Awareness of Business Students
Abstract
Theoretical background: The rapid development of Internet interactions and a growing number of information technology users caused by digital society development and accelerated by the COVID-19 pandemic yield the significant growth of cyber-attacks and cybersecurity incidents. Members of Generation Z use information technology as a main tool for broadening their knowledge and skills. For such digital natives, proficiency in ICTs appears as an indispensable element of life. This is even more apparent during the COVID-19 pandemic, when they are forced to use IT tools more often, both for the entertainment, education, and work. Such acceleration generates new possibilities, but also new threats.
Purpose of the article: The aim of the paper is to check if members of Generation Z are aware of cybersecurity issues and whether they know basic threats and methods/tools that can improve the safety. We analyse students’ behaviour in the event of cyber incident and examine whether the analysed group is willing to improve cyber knowledge, skills, and attitudes.
Research methods: We explored data collected from business students (N = 182). The online questionnaire was prepared in LimeSurvey. Finally, data analysis and visualization were performed in Microsoft Excel and Tableau.
Main findings: The analysis indicates that business students have rather poor knowledge in cybersecurity. The results demonstrate the need for targeted educational campaigns and trainings that address the specific cyber weaknesses to build secure ecosystem, combining both technical, organizational, and behavioural aspects.
Keywords
Full Text:
PDFReferences
Abawajy, J. (2012). User preference of cyber security awareness delivery methods. Behaviour & Information Technology, 33(3), 237–248. doi:10.1080/0144929X.2012.708787
Affico, J.F. (2017). Expanding cyber security learning in the business curriculum. Proceedings for the Northeast Region Decision Sciences Institute (NEDSI), 420–435.
Alqahtani, H., & Kavakli-Thorne, M. (2020). Does decision-making style predict individuals’ cybersecurity avoidance behaviour? In International Conference on Human-Computer Interaction (pp. 32–50). Cham: Springer doi:10.1007/978-3-030-50309-3_3
Alqahtani, H., Kavakli-Thorne, M., & Alrowaily, M. (2020). The impact of gamification factor in the acceptance of cybersecurity awareness augmented reality game (CybAR). In International Conference on Human-Computer Interaction (pp. 16–31). Cham: Springer. doi:10.1007/978-3-030-50309-3_2
Arcuri, M.C., Gai, L., Ielasi, F., & Ventisette, E. (2020). Cyber attacks on hospitality sector: Stock market reaction Journal of Hospitality and Tourism Technology, 11(2), 277–290. doi:10.1108/JHTT-05-2019-0080
Arora, A., & Mendhekar, A. (2021). Innovative techniques for student engagement in cybersecurity education In Data Management, Analytics and Innovation (pp. 395–406). Singapore: Springer. doi:10.1007/978-981-15-5616-6_28
Blackwood-Brown, C., Levy, Y., & D’Arcy, J. (2021). Cybersecurity awareness and skills of senior citizens: A motivation perspective Journal of Computer Information Systems, 61(3), 1–12. doi:10.1080/08874417.2019.1579076
Cabaj, K., Domingos, D., Kotulski, Z., & Respício, A. (2018). Cybersecurity education: Evolution of the discipline and analysis of master programs Computers & Security, 75, 24–35. doi:10.1016/j.cose.2018.01.015
Cassotta, S., & Sidortsov, R. (2019). Sustainable cybersecurity? Rethinking approaches to protecting energy infrastructure in the European High North Energy Research & Social Science, 51, 129–133. doi:10.1016/j.erss.2019.01.003
Corradini, I., & Nardelli, E. (2020). Developing digital awareness at school: a fundamental step for cybersecurity education In International Conference on Applied Human Factors and Ergonomics (pp. 102–110). Cham: Springer. doi:10.1007/978-3-030-52581-1_14
Crumpler, W., & Lewis, J.A. (2019). Cybersecurity Workforce Gap Center for Strategic and International Studies (CSIS).
Cybint. (2020). Alarming Cyber Security Facts and Stats. Retrieved from https://www.cybintsolutions.com/cyber-security-facts-stats
Dahbur, K., Bashabsheh, Z., & Bashabsheh, D. (2017). Assessment of security awareness: A qualitative and quantitative study. International Management Review, 13(1), 37.
Demmese, F., Yuan, X., & Dicheva, D. (2020). Evaluating the effectiveness of gamifiation on students’ performance in a cybersecurity course Journal of the Colloquium for Information Systems Security Education, 8(1), 6–6.
Gartner. (2020). Forecast Analysis: Information Security, Worldwide, 2Q18 Update. Retrieved from https://www.gartner.com/en/documents/3889055
Gonzalez, H., Llamas, R., & Ordaz, F. (2017). Cybersecurity teaching through gamifiation: Aligning training resources to our syllabus Research in Computing Science, 146, 35–43.
Harris, M.A. (2015). Using Bloom’s and Webb’s taxonomies to integrate emerging cybersecurity topics into a computing curriculum Journal of Information Systems Education, 26(3), 219–234. Retrieved from https://aisel.aisnet.org/jise/vol26/iss3/4
Imgraben, J., Engelbrecht, A., & Choo, K.K.R. (2014). Always connected, but are smart mobile users getting more security savvy? A survey of smart mobile device users Behaviour & Information Technology, 33(12), 1347–1360. doi:10.1080/0144929X.2014.934286
Jin, G., Tu, M., Kim, T.H., Heffron, J., & White, J. (2018). Evaluation of game-based learning in cybersecurity education for high school students Journal of Education and Learning (EduLearn), 12(1), 150–158. doi:10.11591/edulearn.v12i1.7736
Jorgensen, R., Rowe, D., & Wyler, N. (2017). Competitions and gamifiation in cybersecurity education and workforce development and evaluation of real world skills. Journal of Computing Sciences in Colleges, 33(2), 155–156.
Kreider, C., & Almalag, M. (2019). A framework for cybersecurity gap analysis in higher education. Retrieved from https://aisel.aisnet.org/cgi/viewcontent.cgi?article=1005&context=sais2019
McCrohan, K.F., Engel, K., & Harvey, J.W. (2010). Inflence of awareness and training on cyber security. Journal of Internet Commerce, 9(1), 23–41. doi:10.1080/15332861.2010.487415
Ministry of Digital Affairs. (2017). The Strategy of Cybersecurity of the Republic of Poland for the years 2017–2022. Retrieved from https://www.gov.pl/web/cyfryzacja/strategia-cyberbezpieczenstwa-rzeczypospolitej-polskiej-na-lata-2017-2022
Ministry of National Education. (2017). Cybersecurity in schools. Retrieved from https://men.gov.pl/ministerstwo/informacje/cyberbezpieczenstwo-w-szkolach-list-minister-edukacji-narodowej.html
Newhouse, W., Keith, S., Scribner, B., & Witte, G. (2017). National initiative for cybersecurity education (NICE) cybersecurity workforce framework. NIST special publication, 800(2017), 181. doi:10.6028/NIST.SP.800-181
Pawlowski, S.D., & Jung, Y. (2015). Social representations of cybersecurity by university students and implications for instructional design Journal of Information Systems Education, 26(4), 281–294. Retrieved from https://aisel.aisnet.org/jise/vol26/iss4/3
Pencheva, D., Hallett, J., & Rashid, A. (2020). Bringing cyber to school: Integrating cybersecurity into secondary school education IEEE Security & Privacy, 18(2), 68–74. doi:10.1109/MSEC.2020.2969409
Pendley, J.A. (2018). Finance and accounting professionals and cybersecurity awareness. Journal of Corporate Accounting & Finance, 29(1), 53–58. doi:10.1002/jcaf.22291
Rahman, A., Malaysia, N.A., Sairi, M.T.U.K., Zizi, I.K., & Khalid, F. (2020). The importance of cybersecurity education in school International Journal of Information and Education Technology, 10(5), 378–382. doi:10.18178/ijiet.2020.10.5.1393
Ros, S., Gonzalez, S., Robles, A., Tobarra, L.L., Caminero, A., & Cano, J. (2020). Analyzing students’ self-perception of success and learning effectiveness using gamifiation in an online cybersecurity course IEEE Access, 8, 97718–97728. doi:10.1109/ACCESS.2020.2996361
Siddiqui, Z., & Zeeshan, N. (2020). A survey on cybersecurity challenges and awareness for children of all ages In 2020 International Conference on Computing, Electronics & Communications Engineering (ICCECE) IEEE, 131–136. doi:10.1109/iCCECE49321.2020.9231229
Son, J., Bhuse, V., Othmane, L.B., & Lilien, L. (2015). Incorporating lab experience into computer security courses: three case studies Global Journal of Enterprise Information System, 7(2), 69–80.
Tirumala, S.S., Valluri, M.R., & Babu, G.A. (2019). A survey on cybersecurity awareness concerns, practices and conceptual measures In 2019 International Conference on Computer Communication and Informatics (ICCCI), IEEE, 1–6. doi:10.1109/ICCCI.2019.8821951
Venkatachary, S.K., Prasad, J., & Samikannu, R. (2018). Cybersecurity and cyber terrorism-in energy sector – a review. Journal of Cyber Security Technology, 2(3–4), 111–130. doi:10.1080/23742917.2018.1518057
Whitty, M., Doodson, J., Creese, S., & Hodges, D. (2015). Individual differences in cyber security behaviors: an examination of who is sharing passwords. Cyberpsychology, Behavior, and Social Networking, 18(1), 3–7. doi:10.1089/cyber.2014.0179
Zhang-Kennedy, L., & Chiasson, S. (2021). A systematic review of multimedia tools for cybersecurity awareness and education. ACM Computing Surveys (CSUR), 54(1), 1–39. doi:10.1145/3427920
Zwilling, M., Klien, G., Lesjak, D., Wiechetek, Ł., Cetin, F., & Basim, H.N. (2020). Cyber security awareness, knowledge and behavior: A comparative study. Journal of Computer Information Systems, 1–16. doi:10.1080/08874417.2020.1712269
DOI: http://dx.doi.org/10.17951/h.2022.56.1.119-142
Date of publication: 2022-09-05 12:06:31
Date of submission: 2022-05-10 14:09:32
Statistics
Indicators
Refbacks
- There are currently no refbacks.
Copyright (c) 2022 Łukasz Wiechetek, Marek Mędrek
This work is licensed under a Creative Commons Attribution 4.0 International License.