Human Factors in Security – Cybersecurity Education and Awareness of Business Students

• Authors: Łukasz Wiechetek , Marek Mędrek

Abstracts

EN

Theoretical background: The rapid development of Internet interactions and a growing number of information technology users caused by digital society development and accelerated by the COVID-19 pandemic yield the significant growth of cyber-attacks and cybersecurity incidents. Members of Generation Z use information technology as a main tool for broadening their knowledge and skills. For such digital natives, proficiency in ICTs appears as an indispensable element of life. This is even more apparent during the COVID-19 pandemic, when they are forced to use IT tools more often, both for the entertainment, education, and work. Such acceleration generates new possibilities, but also new threats.Purpose of the article: The aim of the paper is to check if members of Generation Z are aware of cybersecurity issues and whether they know basic threats and methods/tools that can improve the safety. We analyse students’ behaviour in the event of cyber incident and examine whether the analysed group is willing to improve cyber knowledge, skills, and attitudes.Research methods: We explored data collected from business students (N = 182). The online questionnaire was prepared in LimeSurvey. Finally, data analysis and visualization were performed in Microsoft Excel and Tableau.Main findings: The analysis indicates that business students have rather poor knowledge in cybersecurity. The results demonstrate the need for targeted educational campaigns and trainings that address the specific cyber weaknesses to build secure ecosystem, combining both technical, organizational, and behavioural aspects.

Keywords

EN

computer security; cybersecurity; cybersecurity awareness; security education; cybersecurity education; business students

• Publisher: Wydawnictwo Uniwersytetu Marii Curie-Skłodowskiej
• Journal: Annales Universitatis Mariae Curie-Skłodowska, sectio H – Oeconomia
• Year: 2022
• Volume: 56
• Issue: 1
• Pages: 119-142

Dates

published

2022

Contributors

author

Łukasz Wiechetek

• Maria Curie-Skłodowska University. Faculty of Economics

• https://orcid.org/0000000177552282

author

Marek Mędrek

• Maria Curie-Skłodowska University. Faculty of Economics

• https://orcid.org/0000000157525084

References

• Abawajy, J. (2012). User preference of cyber security awareness delivery methods. Behaviour & Information Technology, 33(3), 237–248. doi:10.1080/0144929X.2012.708787
• Affico, J.F. (2017). Expanding cyber security learning in the business curriculum. Proceedings for the Northeast Region Decision Sciences Institute (NEDSI), 420–435.
• Alqahtani, H., & Kavakli-Thorne, M. (2020). Does decision-making style predict individuals’ cybersecurity avoidance behaviour? In International Conference on Human-Computer Interaction (pp. 32–50). Cham: Springer doi:10.1007/978-3-030-50309-3_3
• Alqahtani, H., Kavakli-Thorne, M., & Alrowaily, M. (2020). The impact of gamification factor in the acceptance of cybersecurity awareness augmented reality game (CybAR). In International Conference on Human-Computer Interaction (pp. 16–31). Cham: Springer. doi:10.1007/978-3-030-50309-3_2
• Arcuri, M.C., Gai, L., Ielasi, F., & Ventisette, E. (2020). Cyber attacks on hospitality sector: Stock market reaction Journal of Hospitality and Tourism Technology, 11(2), 277–290. doi:10.1108/JHTT-05-2019-0080
• Arora, A., & Mendhekar, A. (2021). Innovative techniques for student engagement in cybersecurity education In Data Management, Analytics and Innovation (pp. 395–406). Singapore: Springer. doi:10.1007/978-981-15-5616-6_28
• Blackwood-Brown, C., Levy, Y., & D’Arcy, J. (2021). Cybersecurity awareness and skills of senior citizens: A motivation perspective Journal of Computer Information Systems, 61(3), 1–12. doi:10.1080/08874417.2019.1579076
• Cabaj, K., Domingos, D., Kotulski, Z., & Respício, A. (2018). Cybersecurity education: Evolution of the discipline and analysis of master programs Computers & Security, 75, 24–35. doi:10.1016/j.cose.2018.01.015
• Cassotta, S., & Sidortsov, R. (2019). Sustainable cybersecurity? Rethinking approaches to protecting energy infrastructure in the European High North Energy Research & Social Science, 51, 129–133. doi:10.1016/j.erss.2019.01.003
• Corradini, I., & Nardelli, E. (2020). Developing digital awareness at school: a fundamental step for cybersecurity education In International Conference on Applied Human Factors and Ergonomics (pp. 102–110). Cham: Springer. doi:10.1007/978-3-030-52581-1_14
• Crumpler, W., & Lewis, J.A. (2019). Cybersecurity Workforce Gap Center for Strategic and International Studies (CSIS).
• Cybint. (2020). Alarming Cyber Security Facts and Stats. Retrieved from https://www.cybintsolutions.com/cyber-security-facts-stats
• Dahbur, K., Bashabsheh, Z., & Bashabsheh, D. (2017). Assessment of security awareness: A qualitative and quantitative study. International Management Review, 13(1), 37.
• Demmese, F., Yuan, X., & Dicheva, D. (2020). Evaluating the effectiveness of gamifiation on students’ performance in a cybersecurity course Journal of the Colloquium for Information Systems Security Education, 8(1), 6–6.
• Gartner. (2020). Forecast Analysis: Information Security, Worldwide, 2Q18 Update. Retrieved from https://www.gartner.com/en/documents/3889055
• Gonzalez, H., Llamas, R., & Ordaz, F. (2017). Cybersecurity teaching through gamifiation: Aligning training resources to our syllabus Research in Computing Science, 146, 35–43.
• Harris, M.A. (2015). Using Bloom’s and Webb’s taxonomies to integrate emerging cybersecurity topics into a computing curriculum Journal of Information Systems Education, 26(3), 219–234. Retrieved from https://aisel.aisnet.org/jise/vol26/iss3/4
• Imgraben, J., Engelbrecht, A., & Choo, K.K.R. (2014). Always connected, but are smart mobile users getting more security savvy? A survey of smart mobile device users Behaviour & Information Technology, 33(12), 1347–1360. doi:10.1080/0144929X.2014.934286
• Jin, G., Tu, M., Kim, T.H., Heffron, J., & White, J. (2018). Evaluation of game-based learning in cybersecurity education for high school students Journal of Education and Learning (EduLearn), 12(1), 150–158. doi:10.11591/edulearn.v12i1.7736
• Jorgensen, R., Rowe, D., & Wyler, N. (2017). Competitions and gamifiation in cybersecurity education and workforce development and evaluation of real world skills. Journal of Computing Sciences in Colleges, 33(2), 155–156.
• Kreider, C., & Almalag, M. (2019). A framework for cybersecurity gap analysis in higher education. Retrieved from https://aisel.aisnet.org/cgi/viewcontent.cgi?article=1005&context=sais2019
• McCrohan, K.F., Engel, K., & Harvey, J.W. (2010). Inflence of awareness and training on cyber security. Journal of Internet Commerce, 9(1), 23–41. doi:10.1080/15332861.2010.487415
• Ministry of Digital Affairs. (2017). The Strategy of Cybersecurity of the Republic of Poland for the years 2017–2022. Retrieved from https://www.gov.pl/web/cyfryzacja/strategia-cyberbezpieczenstwa-rzeczypospolitej-polskiej-na-lata-2017-2022
• Ministry of National Education. (2017). Cybersecurity in schools. Retrieved from https://men.gov.pl/ministerstwo/informacje/cyberbezpieczenstwo-w-szkolach-list-minister-edukacji-narodowej.html
• Newhouse, W., Keith, S., Scribner, B., & Witte, G. (2017). National initiative for cybersecurity education (NICE) cybersecurity workforce framework. NIST special publication, 800(2017), 181. doi:10.6028/NIST.SP.800-181
• Pawlowski, S.D., & Jung, Y. (2015). Social representations of cybersecurity by university students and implications for instructional design Journal of Information Systems Education, 26(4), 281–294. Retrieved from https://aisel.aisnet.org/jise/vol26/iss4/3
• Pencheva, D., Hallett, J., & Rashid, A. (2020). Bringing cyber to school: Integrating cybersecurity into secondary school education IEEE Security & Privacy, 18(2), 68–74. doi:10.1109/MSEC.2020.2969409
• Pendley, J.A. (2018). Finance and accounting professionals and cybersecurity awareness. Journal of Corporate Accounting & Finance, 29(1), 53–58. doi:10.1002/jcaf.22291
• Rahman, A., Malaysia, N.A., Sairi, M.T.U.K., Zizi, I.K., & Khalid, F. (2020). The importance of cybersecurity education in school International Journal of Information and Education Technology, 10(5), 378–382. doi:10.18178/ijiet.2020.10.5.1393
• Ros, S., Gonzalez, S., Robles, A., Tobarra, L.L., Caminero, A., & Cano, J. (2020). Analyzing students’ self-perception of success and learning effectiveness using gamifiation in an online cybersecurity course IEEE Access, 8, 97718–97728. doi:10.1109/ACCESS.2020.2996361
• Siddiqui, Z., & Zeeshan, N. (2020). A survey on cybersecurity challenges and awareness for children of all ages In 2020 International Conference on Computing, Electronics & Communications Engineering (ICCECE) IEEE, 131–136. doi:10.1109/iCCECE49321.2020.9231229
• Son, J., Bhuse, V., Othmane, L.B., & Lilien, L. (2015). Incorporating lab experience into computer security courses: three case studies Global Journal of Enterprise Information System, 7(2), 69–80.
• Tirumala, S.S., Valluri, M.R., & Babu, G.A. (2019). A survey on cybersecurity awareness concerns, practices and conceptual measures In 2019 International Conference on Computer Communication and Informatics (ICCCI), IEEE, 1–6. doi:10.1109/ICCCI.2019.8821951
• Venkatachary, S.K., Prasad, J., & Samikannu, R. (2018). Cybersecurity and cyber terrorism-in energy sector – a review. Journal of Cyber Security Technology, 2(3–4), 111–130. doi:10.1080/23742917.2018.1518057
• Whitty, M., Doodson, J., Creese, S., & Hodges, D. (2015). Individual differences in cyber security behaviors: an examination of who is sharing passwords. Cyberpsychology, Behavior, and Social Networking, 18(1), 3–7. doi:10.1089/cyber.2014.0179
• Zhang-Kennedy, L., & Chiasson, S. (2021). A systematic review of multimedia tools for cybersecurity awareness and education. ACM Computing Surveys (CSUR), 54(1), 1–39. doi:10.1145/3427920
• Zwilling, M., Klien, G., Lesjak, D., Wiechetek, Ł., Cetin, F., & Basim, H.N. (2020). Cyber security awareness, knowledge and behavior: A comparative study. Journal of Computer Information Systems, 1–16. doi:10.1080/08874417.2020.1712269

Identifiers

DOI

10.17951/h.2022.56.1.119-142

Biblioteka Nauki

2168351