ABSTRACT
Improving the cyber literacy of employees reduces a company's risk of cyber security breach. Game-based methods are found to be more effective in teaching users how to avoid fraudulent phishing links than traditional learning material such as videos and text. This paper reports on the development of a mobile app designed to improve cyber literacy and provoke users' perceptions of who is responsible for cyber security in organisations. Based on a preliminary trial with 17 participants, we investigated users perceptions of a tongue-in-cheek, provocative cyber security awareness game where users' jobs depend on their aptitude for protecting their organisations' cyber security. Findings suggest that users accepted the high responsibility levelled upon them in the game and that ludic elements hold promise for engagement and increasing users' cyber awareness.
- Jemal Abawajy. 2014. User preference of cyber security awareness delivery methods. Behaviour & Information Technology 33, 3 (2014), 237--248. Google ScholarDigital Library
- Fadi A Aloul. 2012. The need for effective information security awareness. Journal of Advances in Information Technology 3, 3 (2012), 176--183.Google ScholarCross Ref
- Ashley A Cain, Morgan E Edwards, and Jeremiah D Still. 2018. An exploratory study of cyber hygiene behaviors and knowledge. Journal of information security and applications 42 (2018), 36--45.Google ScholarCross Ref
- Tsvetozar Georgiev, Evgenia Georgieva, and Angel Smrikarov. 2004. M-learning-a New Stage of E-Learning. In International conference on computer systems and technologies-CompSysTech, Vol. 4. 1--4. Google ScholarDigital Library
- Culture Media & Sport Gov.uk, Department for Digital. 2017. Cyber Security Breaches Survey 2017. https://www.statista. com/statistics/270291/Google Scholar
- David R Krathwohl. 2002. A revision of Bloom's taxonomy: An overview. Theory into practice 41, 4 (2002), 212--218.Google Scholar
- Kaspersky Lab. 2015. Global IT Security Risks Survey 2015. Retrieved September 20, 2018 from https://media.kaspersky. com/pdf/global-it-security-risks-survey-2015.pdfGoogle Scholar
- Kaspersky Lab. 2017. Report Human Factor in IT Security. Retrieved September 20, 2018 from https://media.kasperskycontenthub.com/wp-content/uploads/sites/100/2017/11/10083900/20170710_Report_ Human-Factor-In-ITSec_eng_final.pdfGoogle Scholar
- Rebecca M Long. 2013. Using phishing to test social engineering awareness of financial employees. (2013).Google Scholar
- Brook Sattler, Irini Spyridakis, Ninad Dalal, and Judy Ramey. 2010. The learning experience: A literature review of the role of mobile technology. In Professional Communication Conference (IPCC), 2010 IEEE International. IEEE, 38--45.Google ScholarCross Ref
- Scott Seidenberger. 2016. A new role for human resource managers: Social engineering defense. (2016).Google Scholar
- Jeremiah D Still. 2016. Cybersecurity needs you! interactions 23, 3 (2016), 54--58. Google ScholarDigital Library
Index Terms
- Using a Game to Explore Notions of Responsibility for Cyber Security in Organisations
Recommendations
SEC-GAME: A Minigame Collection for Cyber Security Awareness
Entertainment Computing – ICEC 2023AbstractCybersecurity awareness is a fundamental aspect of cyber-attack prevention and web threats. Every day, end users are attacked by hackers through malwares, phishing techniques and vulnerability exploitation. However, current teaching approaches are ...
Government regulations in cyber security: Framework, standards and recommendations
AbstractCyber security refers to the protection of Internet-connected systems, such as hardware, software as well as data (information) from cyber attacks (adversaries). A cyber security regulation is needed in order to protect information ...
Highlights- We list and discuss the cyber attacks, security requirements and measures. We then discuss the cyber security incident management framework and its various ...
Comments