A Framework for Integrating Gamification in Information Security Awareness Programmes for Higher Education Students

被引:0
作者
Kapery, Ghafsa [1 ]
Snyman, Dirk [1 ]
机构
[1] Univ Cape Town, Dept Informat Syst, Cape Town, South Africa
来源
INFORMATION SECURITY EDUCATION-CHALLENGES IN THE DIGITAL AGE, WISE 2024 | 2024年 / 707卷
关键词
Gamification; Information Security; Higher Education; MANAGEMENT;
D O I
10.1007/978-3-031-62918-1_4
中图分类号
G40 [教育学];
学科分类号
040101 ; 120403 ;
摘要
In the context of higher education, students are often identified as targets for security attacks due to their seeming lack of security awareness. While institutions employ technological solutions to safeguard students when engaging with official systems, this does not extend to students' own devices and cannot influence how, and if, they employ good security practices. A possible mitigation strategy is security awareness training. Literature, however, is divided about the effectiveness of such programmes due to the complacency and irreverence that many people have toward security, possibly due to occurrences of security fatigue and risk homeostasis. Gamification has been shown to be an effective method of enhancing traditional training in such a way as to enhance engagement and promote retention of concepts. There is, however, a dearth of research that investigates the application of gamification in information security awareness training for higher education students. This research, therefore, contributes a framework for the gamification of security awareness training in this context. The framework was developed through identifying gamification mechanics from literature. Possible implementations of these mechanics were presented to higher education students by means of an online self-reporting questionnaire to measure their perception in these mechanics when applied to security training. Feedback from 196 students were incorporated into the development of the resulting framework. Furthermore, the framework was influenced by the Knowledge, Attitude, and Behaviour-model that often underpins research into the human aspects of information security. The resulting framework can contribute to the practical aspects of incorporating gamification in information security awareness training for higher education students.
引用
收藏
页码:50 / 64
页数:15
相关论文
共 46 条
[1]   Challenges of gamification in software process improvement [J].
Alhammad, Manal M. ;
Moreno, Ana M. .
JOURNAL OF SOFTWARE-EVOLUTION AND PROCESS, 2020, 32 (06)
[2]  
Alvarez Julian., 2011, Serious Games Simulation for Risks Management, V11, P11
[3]  
Bada M., 2019, arXiv
[4]   Security Fatigue: A Case Study of Data Specialists [J].
Bhana, Anusha ;
Ophoff, Jacques .
HUMAN ASPECTS OF INFORMATION SECURITY AND ASSURANCE, HAISA 2022, 2022, 658 :275-284
[6]   Towards a framework for gamification design on crowdsourcing systems: The GAME Approach [J].
Brito, Jailson ;
Vieira, Vaninha ;
Duran, Adolfo .
2015 12TH INTERNATIONAL CONFERENCE ON INFORMATION TECHNOLOGY - NEW GENERATIONS, 2015, :445-450
[7]   Cybersecurity education: Evolution of the discipline and analysis of master programs [J].
Cabaj, Krzysztof ;
Domingos, Duke ;
Kotulski, Zbigniew ;
Respicio, Ana .
COMPUTERS & SECURITY, 2018, 75 :24-35
[8]  
Chou Y, 2019, Actionable gamification: Beyond points, badges, and leaderboards
[9]  
Dicheva D, 2015, EDUC TECHNOL SOC, V18, P75
[10]  
Dubois D.J., 2013, Proceedings of the 2013 9th Joint Meeting on Foundations of Software Engineering, P659, DOI 10.1145/2491411.2494589