Users represent the primary source of cyber security breaches. Unfortunately, Cyber Security Awareness training often fails to capture their interest and is perceived as a secondary task, an impediment, or a distraction from their core responsibilities. This indifference poses a significant risk to organizations, as cyber security breaches collectively cost businesses billions annually. An effective...
Gamification of cyber security awareness training for phishing against university students
Gamification of cybersecurity awareness – A systematic review of games
This thesis presents the state of the art of games used in cyber security awareness. In this regard, a systematic review of games following PRISMA guidelines was conducted on the relevant papers published between 2010 to 2021. The games were analyzed based on their purpose, cyber security topics taught, target audience, deployment methods, game genres...
Phish phinder: A game design approach to enhance user confidence in mitigating phishing attacks
This paper proposes and sets out the framework for the development of a game designed to help educate users about phishing attacks. The proposed game draws on academic research and would take the form a series of challenges that inherently educate users about phishing concepts.
How task familiarity and cognitive predispositions impact behavior in a security game of timing
This paper addresses security and safety choices that involve a decision on the timing of an action. Examples of such decisions include when to check log files for intruders and when to monitor financial accounts for fraud or errors. To better understand how performance in timing-related security situations is shaped by individuals' cognitive predispositions, we...