Lizards in the Street! Introducing Cybersecurity Awareness in a Digital Literacy Context (original) (raw)
Related papers
Want to Raise Cybersecurity Awareness? Start with Future IT Professionals.
2023
As cyber threats endanger everyone, from regular users to computing professionals, spreading cybersecurity awareness becomes increasingly critical. Therefore, our university designed an innovative cybersecurity awareness course that is freely available online for students, employees, and the general public. The course offers simple, actionable steps that anyone can use to implement defensive countermeasures. Compared to other resources, the course not only suggests learners what to do, but explains why and how to do it. To measure the course impact, we administered it to 138 computer science undergraduates within a compulsory information security and cryptography course. They completed the course as a part of their homework and filled out a questionnaire after each lesson. Analysis of the questionnaire responses revealed that the students valued the course highly. They reported new learning, perspective changes, and transfer to practice. Moreover, they suggested suitable improvements to the course. Based on the results, we have distilled specific insights to help security educators design similar courses. Lessons learned from this study are relevant for cybersecurity instructors, course designers, and educational managers.
Understanding Young People's Experiences of Cybersecurity
Proceedings of the 2021 European Symposium on Usable Security
Young people are increasingly becoming responsible for the security of their devices, yet do not appear to have the knowledge to protect themselves online. In this paper, we explore young people's knowledge of cybersecurity through a series of workshops with secondary school children, and co-design cybersecurity lessons aimed at engaging this demographic. We find that technical demonstrations are an effective way of engaging young people's curiosity in the subject, and that group activities aimed at exploring the subject are preferred methods. We also find that while knowledgeable about cybersecurity theory (e.g. passwords), their actual behaviours did not reflect best practice. We discuss the role of schools in cybersecurity education and how to best embed this content in the curriculum to maximise the engagement of students, including a focus on teaching about cybersecurity protective tools. CCS CONCEPTS • Security and privacy ~ Human and societal aspects of security and privacy ~ Social aspects of security and privacy.
Indonesian Journal of Electrical Engineering and Computer Science, 2022
This study examines the effect of adopting cybersecurity concepts on the information and technology (IT) curriculum and determines the potential effect on students' knowledge of cybersecurity practices and level of awareness. To this end, a pilot study was first conducted to measure the current level of cybersecurity awareness. The results revealed that students do not have much knowledge of cybersecurity. Thus, a four-step approach was proposed to infuse the relevant cybersecurity topics in five matched courses based on the latest cybersecurity curricular guidelines (CSEC2017). A sample of 42 students was selected purposively without prior knowledge of cybersecurity and divided identically into experimental and control groups. Students in the experimental group were asked to take five consecutive courses over five semesters. In each course, groups went through a pre-test for the infused topics. Then, the experimental group taught the corresponding infused topics. A post-test was administered to both groups at the end of each course, and the t-test was conducted. The results found significant differences between marks of prior and post-tests for 11 out of 14 infused topics. These satisfactory results would encourage universities to infuse cybersecurity concepts into their curriculum.
Research on students’ perception of information technology security – a new era of threats
Zeszyty Naukowe, 2023
The aim of the article is to diagnose the level of students' awareness about the security of information technology, the risks associated with it, attitudes towards threats and to identify the way of obtaining knowledge about it, protecting oneself against cyber fraud. Design/methodology/approach: The achievements and results presented in the article were obtained on the basis of literature research and surveys conducted among 119 students. The research technique was a standardized questionnaire completed without the presence of an interviewer via a website. Findings: On the basis of the obtained quantitative research results, the basic threats related to the use of information technology were identified, the level of students' awareness of cybersecurity and the sources of their knowledge on the subject were assessed. Research limitations/implications: The analysis of the obtained opinions of students is only a signal of the problem of the needed changes in education on cyber security, threats and opportunities to protect against cybercrime. Research should be extended to other stakeholder groups (e.g. due to age, education, type of work performed) and in a larger area of threats. Competences of students in the field of cybersecurity as future employees are very important, as they affect the willingness to adapt and the level of involvement in new technologies. Practical implications: The results of the survey have a practical impact on the Police as a source of information on the general knowledge of students in the field of cybersecurity, where they meet it, where they get information about protecting themselves against the threat. Originality/value: Original research achievements include valuable research results in the area of cybersecurity among the young generation of students. Their knowledge and ability to protect, use and responsibly deal in the area of information technology security is important now and in the future. This ability also indicates gaps and/or appropriate directions of education in the topic in question.
Htein Win-No.68-Embedding Security Awareness in Education: From Primary School to PhD
Education Management , 2024
As digital technologies become increasingly integral to everyday life, the importance of security awareness education across all educational stages has grown significantly. From primary school to postgraduate levels, embedding cybersecurity knowledge, responsible online behavior, and privacy protection into the curriculum is essential for preparing individuals to navigate the digital world safely. This paper explores the need for security awareness education in schools and universities, examining global best practices and the role of governments, educators, and parents in promoting digital safety. It emphasizes the importance of developing age-appropriate teaching strategies, incorporating gamification, and ensuring that security education is aligned with current cybersecurity laws and privacy regulations. The paper also highlights the role of alumni in maintaining security awareness throughout life and calls for a collaborative, lifelong approach to cybersecurity education. By fostering a culture of responsible digital citizenship, we can better protect individuals and society from the increasing range of online threats.
Student Misconceptions about Cybersecurity Concepts: Analysis of Think-Aloud Interviews
2018
We conducted an observational study to document student misconceptions about cybersecurity using thematic analysis of 25 think-aloud interviews. By understanding patterns in student misconceptions, we provide a basis for developing rigorous evidence-based recommendations for improving teaching and assessment methods in cybersecurity and inform future research. This study is the first to explore student cognition and reasoning about cybersecurity. We interviewed students from three diverse institutions. During these interviews, students grappled with security scenarios designed to probe their understanding of cybersecurity, especially adversarial thinking. We analyzed student statements using a structured qualitative method, novice-led paired thematic analysis, to document patterns in student misconceptions and problematic reasoning that transcend institutions, scenarios, or demographics. Themes generated from this analysis describe a taxonomy of misconceptions but not their causes o...
Measuring the Level of Cybersecurity Awareness among Senior High School Students
Mediterranean Journal of Basic and Applied Sciences (MJBAS) , 2024
This study aimed to assess the level of cybersecurity awareness among senior high school students at one of the educational private institutions in Ozamiz City, focusing on their profiles in terms of age, gender, grade level, and academic strand. Using random sampling, 100 students were selected to ensure a representative distribution. The study sought to determine the demographic profile of the respondents, evaluate their level of cybersecurity awareness, and investigate significant differences in awareness levels based on demographic factors. The findings revealed that the majority of respondents were 17 years old, predominantly male, and mainly in Grade 11, with varied social media usage indicating diverse online exposure. The students exhibited a "Knowledgeable" level of cybersecurity awareness, showing a consistent understanding across the population but highlighting the need for further improvement. Significant differences in cybersecurity awareness were found based on age, gender, and grade level, suggesting the necessity for tailored education programs. The study concluded that demographic diversity necessitates customized cybersecurity education to address specific needs and vulnerabilities. Effective education should combine theoretical knowledge with practical skills and critical thinking, integrated into the high school curriculum. Tailored approaches for different age groups and gender-specific strategies are recommended to ensure comprehensive and relevant cybersecurity education. These findings underscore the importance of personalized instructional strategies in enhancing students' digital safety and preparedness. Consequently, schools and policymakers should prioritize robust cybersecurity education programs that cater to diverse student demographics, fostering a higher level of cybersecurity awareness and promoting safer digital habits among senior high school students.
Pedagogic Challenges in Teaching Cyber Security -- a UK Perspective
arXiv (Cornell University), 2014
Cyber security has become an issue of national concern in the UK, USA and many other countries worldwide. Universities have reacted to this by launching numerous cyber security degree programmes. In this paper we explore the structure of these degrees and in particular highlight the challenges faced by academics teaching on them. We explore the issues relating to student expectations and the CSI effect in students entering cyber security. We highlight the science vs tools debate to bring focus to some of the pedagogic tensions between students/industry and the academics who teach on the degree courses. Cyber security is subject to numerous ethical issues and nowhere is this more so than in a university environment. We analyse some of the ethical teaching related issues in cyber security. This paper will be of interest to professionals in industry as well as academics interested in exploring the shape, flavour and structure of cyber security related degree courses and also the challenges presented to the academics that teach these degrees.
One view of a critical national need: Support for information security education and research
1997
Abstract We are facing a national crisis in the near term that threatens our national security, our individual safety, and our economic dominance. The rapid growth of information technology is a driving factor in this threat: we are relying on new and often fragile technology in critical applications. Furthermore, those applications present attractive targets to criminals, vandals, and foreign adversaries. Our students and soon-to-be students will be designing our information technologies of the future.
A Comparative Study of Cyber-Security Knowledge in Higher Education Institutes of Five Countries
EDULEARN proceedings
Cyber-security knowledge is becoming increasingly significant for everyday's online activities, while there is no adequate knowledge offered for their safe use in education. Individuals and organizations utilize cyber-security knowledge in various uses and various ways. It is important to understand how security and privacy issues are perceived and handled by learners, IT professionals and citizens of different cultures. The authors of this paper researched and identified different needs and uses and different reasons for acting so among the previous groups of people in five countries. The aim herein is to present and scrutinize information by learners (prospective IT professionals) of five countries, namely China, Finland, Greece, Nepal, and the UK. In particular the researchers wanted to find out about the future IT professionals' knowledge, conceptualizations and awareness of cyber-security regarding the use of cloud-based services by current IT students in higher education degree schemes and curricula about cyber-security. The authors further illustrate the research findings by proceeding to a comparative analysis taking into account different perspectives such as: national culture, gender, higher education and IT-related knowledge. The final research outcomes reveal interesting information for future IT professionals' skills, knowledge, and digital competencies. The latter comprise a body of realistic and practical knowledge for the IT professional communities to consider when designing cyber-security curricula. Hence, for advancing the IT professionals' role, cyber-security curricula designers should provide practical knowledge and socially acceptable solutions by i) incorporating real needs (e.g. cryptography-based cloud security) and ii) considering cultural awareness (values and national culture) in higher education degrees and related industrial training schemes.