A taxonomy of perceived information security and privacy threats among IT security students

Farooq, Ali; Kakakhel, Syed Rameez Ullah; Virtanen, Seppo; Isoaho, Jouni

doi:10.1109/icitst.2015.7412106

Cited by 12 publications

(14 citation statements)

References 24 publications

Supporting

Mentioning

Contrasting

Unclassified

Order By: Relevance

“…The HAIS-Q questionnaire used 21 items to assess students' ISA general knowledge of the seven areas: password management, email use, Internet use, social media use, mobile devices, information handling, and incident reporting. As mentioned earlier, the HAIS-Q was appropriate to measure students' performance because of its consistency with IS education topics [3] and students' perceived threats domains [20]. Table 1 shows the connection between ISA knowledge topics and the areas of the HAIS-Q.…”

Section: Methodsmentioning

confidence: 99%

“…Parsons et al [1] showed that the HAIS-Q may provide a complete understanding of cybersecurity vulnerabilities caused by human behavior. The IS focuses of the HAIS-Q are primarily aligned with IS education topics suggested by Futcher et al [3] and with students' perceived threats domains identified by Farooq et al [20]. Empirically, the HAIS-Q measurement was utilized to examine the relationship between individual differences and ISA [19] and explain undergraduates' problematic information security behaviors [21].…”

Section: Information Security Awareness Knowledgementioning

confidence: 99%

See 1 more Smart Citation

Assessing the Effects of Gamification on Enhancing Information Security Awareness Knowledge

Wu¹,

Tien²,

Hsu

et al. 2021

Applied Sciences

View full text Add to dashboard Cite

Information security awareness (ISA) has become a vital issue, as security breaches often attributed to humans lead to losses for individuals and organizations. Information security (IS) education may be an effective strategy to improve students’ ISA; however, studies associated with the relationships between teaching effects and information security learning are few. This study adopted gamification practice and examined its effect on students’ ISA knowledge enhancement, attitude and intention of security compliance, and willingness for continuous IS education. This study also examined the gender difference in a gamified learning system. One hundred ten undergraduates participated in a quasi-experimental study. The results indicated that students within a gamified class performed better than students within a lecture-based instructional group. We found significant gamification effects on the three security focus areas of password management, Internet use, and information handling. Gamification did not significantly impact the attitude and intention of participants’ security compliance and students’ willingness for continuous IS learning. Gender difference in the effect of gamification on ISA knowledge enhancement was not observed as well. The research provides theoretical and practical contributions by incorporating gamification into IS learning and suggests gamification as an effective means to enhance students’ knowledge acquisition in an engaging, timely, economical, and repeated manner.

show abstract

Section: Methodsmentioning

confidence: 99%

Section: Information Security Awareness Knowledgementioning

confidence: 99%

Assessing the Effects of Gamification on Enhancing Information Security Awareness Knowledge

Wu¹,

Tien²,

Hsu

et al. 2021

Applied Sciences

View full text Add to dashboard Cite

show abstract

“…In addition, continuing with the application of the snowball technique [25] to the conceptual models indicated in the previous articles, the following conceptual models of ontologies and taxonomies have been considered for this proposal: [26], focused on asset ontologies per user; [27], focused on asset ontologies; [28], paper focused on taxonomy of impacts on assets; [29], focused on mobile asset taxonomy; [30], focused on threat taxonomy; [31], focused on taxonomy of voice over IP threats; [32], focused on attack ontology; [33], focused on attack taxonomy; [34], focused on vulnerability taxonomy; [35], focused on vulnerability taxonomy based on information attributes; [36], paper focused on vulnerability taxonomy; and [37], focused on vulnerability taxonomy.…”

Section: Contextmentioning

confidence: 99%

AVARCIBER: a framework for assessing cybersecurity risks

et al. 2020

View full text Add to dashboard Cite

Your article is protected by copyright and all rights are held exclusively by Springer Science+Business Media, LLC, part of Springer Nature. This e-offprint is for personal use only and shall not be self-archived in electronic repositories. If you wish to selfarchive your article, please use the accepted manuscript version for posting on your own website. You may further deposit the accepted manuscript version in any repository, provided it is only made publicly available 12 months after official publication or later and provided acknowledgement is given to the original source of publication and a link is inserted to the published article on Springer's website. The link must be accompanied by the following text: "The final publication is available at link.springer.com".

show abstract

“…The survey took 25-30 minute on an average. Seventy four concerns were taken from (Farooq et al, 2016), and each was presented with a standard statement "How concerned you are for…" in the questionnaire. A 7-point measurement scale (1: not at all concern to 7: extremely concerned) was used.…”

Section: Participants Setting and Measuresmentioning

confidence: 99%

Towards Comprehensive Information Security Awareness: A Systematic Classification of Concerns among University Students

Farooq

Alifov²,

Virtanen

et al. 2018

Electronic Workshops in Computing

Self Cite

View full text Add to dashboard Cite

In this paper, we have systematically identified and classified information security concerns (ISCs) of university students into areas where users perceive information security threats. 354 university students were asked to elicit their level of concern on a given set of 74 ISCs using a 7-point scale. Factor analysis (PCA) produced an 11-factor solution, each factor depicting an area of concern. These areas were related to Personal (legal awareness), Social (Sociality), Institutional (Staff member lapses, University networks), Technological (Online social network use, Intrusive service providers, Web browsing and email, Smartphone use, Electronic device use, and Conventional threats), and Non-technological (Cards and wallets security) aspects of student's day-today life. The majority of the students (66%) showed concerns related to online social network use, whereas, only 40% of them shown concerns related to sociality. The highest level of concerns was related to service providers, whereas the lowest level of concerns was related to sociality.

show abstract

A taxonomy of perceived information security and privacy threats among IT security students

Cited by 12 publications

References 24 publications

Assessing the Effects of Gamification on Enhancing Information Security Awareness Knowledge

Assessing the Effects of Gamification on Enhancing Information Security Awareness Knowledge

AVARCIBER: a framework for assessing cybersecurity risks

Towards Comprehensive Information Security Awareness: A Systematic Classification of Concerns among University Students

Contact Info

Product

Resources

About