Methods and effects of cybersecurity education: A systematic review.
DOI:
https://doi.org/10.30827/rec.7.33194Keywords:
Education, Cybersecurity, Cybercrime, Literature reviews, non-technical populationAbstract
The aim of this study was to analyze educational techniques in the area of cybersecurity and cybercrime, specifically those aimed at non-technical population. A systematic review of the scientific literature was carried out using the Scopus, Web of Science and Proquest databases. After analyzing 79 articles, it was found that gamification, training, simulation, multimethod and audiovisual media are the most common techniques with the best results in terms of effectiveness. It was also found that studies focus more on cybersecurity and protection tools than on educating on cyber threats and awareness. On the other hand, we found an even distribution of studies according to the age criterion, with the exception of education aimed at the elderly, which was found to be scarce. Finally, it was found that there is a strong predominance of STEAM sciences, such as computer science and informatics, as opposed to social sciences (psychology, criminology or educational sciences), with a serious lack of interdisciplinarity in the area of study.
References
Al-Daeef, M.M., Basir, N., & Saudi, M.M. (2017). Security awareness training: A review. Lecture Notes in Engineering and Computer Science, 2229, 446–451
Al-Hamar, Y., & Kolivand, H. (2020). A New Email Phishing Training Website. Proceedings - International Conference on Developments in eSystems Engineering, DeSE, 2020-December, 263-268. https://doi.org/10.1109/DeSE51703.2020.9450238
Aldawood, H., & Skinner, G. (2018). Educating and Raising Awareness on Cyber Security Social Engineering: A Literature Review. In Lee, MJW and Nikolic, S and Shen, J and Lei, LCU and Wong, GKW and Venkatarayalu, N (Ed.), PROCEEDINGS OF 2018 IEEE INTERNATIONAL CONFERENCE ON TALE, (pp. 62–68).
Alencar, G. D., de Lima, M. F., & Firmo, A. C. A. (2013). Behavioral analysis as a means to prevent social engineering and phishing. RESI Revista Electronica de Sistemas de Informacao, 12(3), 1. Advanced Technologies & Aerospace Collection.
Alqahtani, H., & Kavakli-Thorne, M. (2020). Design and evaluation of an augmented reality game for cybersecurity awareness (CybAR). Information (Switzerland), 11(2). https://doi.org/10.3390/info11020121
Althobaiti, K., Vaniea, K., & Zheng, S. (2018). Faheem: Explaining URLs to people using a Slack bot. Proceedings of AISB Annual Convention 2018, 1-8. https://www.scopus.com/inward/record.uri?eid=2-s2.0-85051426851&partnerID=40&md5=c56d6bb6162bb263e3b69498131e3c8a
Alwanain, M., I. (2020). Phishing Awareness and Elderly Users in Social Media. International Journal of Computer Science and Network Security, 20(9), 114-119. https://doi.org/10.22937/IJCSNS.2020.20.09.14
Alwanain, M., I. (2021). How Do Children Interact with Phishing Attacks? International Journal of Computer Science and Network Security, 21(3), 127-133. https://doi.org/10.22937/IJCSNS.2021.21.3.17
Amo, L. C., Liao, R., Frank, E., Rao, H. R., & Upadhyaya, S. (2019). Cybersecurity Interventions for Teens: Two Time-Based Approaches. IEEE Transactions on Education, 62(2), 134-140. Social Science Premium Collection. https://doi.org/10.1109/TE.2018.2877182
Baillon, A., de Bruin, J., Emirmahmutoglu, A., van de Veer, E., & van Dijk, B. (2019). Informing, simulating experience, or both: A field experiment on phishing risks. PLOS ONE, 14(12). https://doi.org/10.1371/journal.pone.0224216
Baslyman, M., & Chiasson, S. (2016). «smells Phishy?»: An educational game about online phishing scams. eCrime Researchers Summit, eCrime, 2016-June, 91-101. https://doi.org/10.1109/ECRIME.2016.7487946
Beckers, K., Pape, S., & Fries, V. (2016). HATCH: Hack and trick capricious humans – A serious game on social engineering. Proceedings of the 30th International BCS Human Computer Interaction Conference, HCI 2016, 2016-July. https://doi.org/10.14236/ewic/hci2016.94
Bosch-Capblanch X., Lavis, J.N., Lewin, S., Atun, R., Røttingen, J.A., Dröschel D., Beck, L., Abalos, E., El-Jardali, F., Gilson, L., Oliver, S., Wyss, K., Tugwell, P., Kulier, R., Pang, T., & Haines, A. (2012). Guidance for evidence-informed policies about health systems: rationale for and challenges of guidance development. PLoS Med, 9(3), e1001185. https://doi.org/10.1371/journal.pmed.1001185
Burris, J., Deneke, W., & Maulding, B. (2018). Activity simulation for experiential learning in cybersecurity workforce development. Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics), 10923 LNCS, 17-25. https://doi.org/10.1007/978-3-319-91716-0_2
Chadee, D., & Ng Ying, N.K. (2013). Predictors of fear of crime: general fear verses perceived risk. Journal of Applied Psychology, 43(1), 1896-1904.
Chattopadhyay, A., Christian, D., Oeder, A., & Budul, I. (2019). A Novel Visual-Privacy Themed Experiential- Learning Tool for Human-Privacy Societal-Security Awareness in Middle-School and High-School Youth. Proceedings - Frontiers in Education Conference, FIE, 2019-October. https://doi.org/10.1109/FIE43999.2019.9028375
Chen, T., Stewart, M., Bai, Z., Chen, E., Dabbish, L., & Hammer, J. (2020). Hacked time: Design and evaluation of a self-efficacy based cybersecurity game. DIS 2020 - Proceedings of the 2020 ACM Designing Interactive Systems Conference, 1737-1749. https://doi.org/10.1145/3357236.3395522
Choi, K. (2008). Computer Crime Victimization and Integrated Theory: An Empirical Assessment. International Journal of Cyber Criminology 2 (1): 308–333. Recuperado de: https://www.researchgate.net/publication/238621672_Computer_Crime_Victimization_and_Integrated_Theory_An_Empirical_Assessment
Coenraad, M., Pellicone, A., Ketelhut, D. J., Cukier, M., Plane, J., & Weintrop, D. (2020). Experiencing Cybersecurity One Game at a Time: A Systematic Review of Cybersecurity Digital Games. Simulation and Gaming, 51(5), 586–611. https://doi.org/10.1177/1046878120933312
Cornel, C., Cornel, C. M., Rowe, D. C., & Moses, S. (2016). A cybersecurity camp for girls. ASEE Annual Conference and Exposition, Conference Proceedings, 2016-June. Recuperado de: https://www.scopus.com/inward/record.uri?eid=2-s2.0-84983347749&partnerID=40&md5=bd701a49eabb23972b48d3b95806f211
Cuchta, T., Blackwood, B., Devine, T. R., Niichel, R. J., Daniels, K. M., Lutjens, C. H., Maibach, S., & Stephenson, R. J. (2019). Human risk factors in cybersecurity. SIGITE 2019 - Proceedings of the 20th Annual Conference on Information Technology Education, 87-92. https://doi.org/10.1145/3349266.3351407
Davinson, N., & Sillence, E. (2010). It won’t happen to me: Promoting secure behaviour among internet users. Computers in Human Behavior, 26(6), 1739-1747. APA PsycInfo. https://doi.org/10.1016/j.chb.2010.06.023
De Bona, M., & Paci, F. (2020). A real world study on employees’ susceptibility to phishing attacks. ACM International Conference Proceeding Series. https://doi.org/10.1145/3407023.3409179
Deterding, S., Dixon, D., Khaled, R., & Nacke, L. (2011). From game design elements to gamefulness: defining gamification. 15th international academic MindTrek conference: Envisioning future media environments. pp. 9-15.
Decusatis, C., Gormanly, B., Alvarico, E., Dirahoui, O., McDonough, J., Sprague, B., Maloney, M., Avitable, D., & Mah, B. (2022). A Cybersecurity Awareness Escape Room using Gamification Design Principles. 2022 IEEE 12th Annual Computing and Communication Workshop and Conference, CCWC 2022, 765-770. https://doi.org/10.1109/CCWC54503.2022.9720748
Dodge, R., Coronges, K., & Rovira, E. (2012). Empirical benefits of training to phishing susceptibility. IFIP Advances in Information and Communication Technology, 376 AICT, 457-464. https://doi.org/10.1007/978-3-642-30436-1_37
Ganesh, A., Ndulue, C., & Orji, R. (2022). Smartphone Security and Privacy – A Gamified Persuasive Approach with Protection Motivation Theory. Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics), 13213 LNCS, 89-100. https://doi.org/10.1007/978-3-030-98438-0_7
Ghernaouti-Helie, S. (2009). An Inclusive Information Society Needs a Global Approach of Information Security. 2009 International Conference on Availability, Reliability and Security, 658-662. DOI: 10.1109/ARES.2009.127
Giannakas, F., Kambourakis, G., & Gritzalis, S. (2015). CyberAware: A mobile game-based app for cybersecurity education and awareness. Proceedings of 2015 International Conference on Interactive Mobile Communication Technologies and Learning, IMCL 2015, 54-58. https://doi.org/10.1109/IMCTL.2015.7359553
Giannakas, F., Kambourakis, G., Papasalouros, A., & Gritzalis, S. (2016). Security education and awareness for K-6 going mobile. International Journal of Interactive Mobile Technologies, 10(2), 41-48. https://doi.org/10.3991/ijim.v10i2.5473
Giannakas, F., Papasalouros, A., Kambourakis, G., & Gritzalis, S. (2019). A comprehensive cybersecurity learning platform for elementary education. Information Security Journal, 28(3), 81-106. https://doi.org/10.1080/19393555.2019.1657527
Gokul, C. J., Pandit, S., Vaddepalli, S., Tupsamudre, H., Banahatti, V., & Lodha, S. (2018). Phishy—A serious game to train enterprise users on phishing awareness. CHI PLAY 2018 - Proceedings of the 2018 Annual Symposium on Computer-Human Interaction in Play Companion Extended Abstracts, 169-181. https://doi.org/10.1145/3270316.3273042
González, J., Buñuel, J.C., & González, P. (2012). Listas guía de comprobación de estudios observacionales: declaración STROBE. Evid Pediatr. 8:65
Grant, M.J., & Booth, A. (2009). A typology of reviews: an analysis of 14 review types and associated methodologies. Health Information and Libraries Journal, 26(2), 91-108. https://doi.org/10.1111/j.1471-1842.2009.00848.x
Hadlington, L., & Chivers, S. (2018). Segmentation analysis of susceptibility to cybercrime: Exploring individual differences in information security awareness and personality factors. Policing: A Journal of Policy and Practice, April, 1-14.
Herzberg, A., & Margulies, R. (2011). Forcing Johnny to login safely: Long-term user study of forcing and training login mechanisms. Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics), 6879 LNCS, 452-471. https://doi.org/10.1007/978-3-642-23822-2_25
Hutton, B., Catalá-López, F., & Moher, D. (2016). La extensión de la declaración PRISMA para revisiones sistemáticas que incorporan metaanálisis en red: PRISMA-NMA. Medicina Clinica, 147(6), 262–266. https://doi.org/10.1016/j.medcli.2016.02.025
Huynh, D., Luong, P., Iida, H., & Beuran, R. (2017). Design and evaluation of a cybersecurity awareness training game. Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics), 10507 LNCS, 183-188. https://doi.org/10.1007/978-3-319-66715-7_19
Jampen, D., Gür, G., Sutter, T., & Tellenbach, B. (2020). Don’t click: towards an effective anti-phishing training. A comparative literature review. In Human-centric Computing and Information Sciences (Vol. 10, Issue 1). Springer Berlin Heidelberg. https://doi.org/10.1186/s13673-020-00237-7
Jin, G., Tu, M., Kim, T.-H., Heffron, J., & White, J. (2018). Game based cybersecurity training for High School Students. SIGCSE 2018 - Proceedings of the 49th ACM Technical Symposium on Computer Science Education, 2018-January, 68-73. https://doi.org/10.1145/3159450.3159591
Kaabi, L. A., Ketbi, W. A., Khoori, A. A., Shamsi, M. A., & Alrabaee, S. (2022). Safe: Cryptographic Algorithms and Security Principles Gamification. IEEE Global Engineering Education Conference, EDUCON, 2022-March, 1169-1178. https://doi.org/10.1109/EDUCON52537.2022.9766526
Kolb, C., Strouse, J., Palmer, J., Ford, V., & Turygina, V. (2022). Cyber Securing the Future. AIP Conference Proceedings, 2425. https://doi.org/10.1063/5.0081419
Kovačević, A., & Radenković, S. D. (2020). SAWIT—Security Awareness Improvement Tool in the Workplace. Applied Sciences, 10(9), 3065. Advanced Technologies & Aerospace Collection; Earth, Atmospheric & Aquatic Science Collection; ProQuest One Academic; Publicly Available Content Database. https://doi.org/10.3390/app10093065
Kunz, A., Volkamer, M., Stockhardt, S., Palberg, S., Lottermann, T., & Piegert, E. (2016). NoPhish: Evaluation of a web application that teaches people being aware of phishing attacks. Lecture Notes in Informatics (LNI), Proceedings - Series of the Gesellschaft fur Informatik (GI), P-259, 509-518. Recuperado de: https://www.scopus.com/inward/record.uri?eid=2-s2.0-85020702971&partnerID=40&md5=4e91989eb224aacf8f160041c1eb053e
Kumaraguru, P., Rhee, Y., Acquisti, A., Cranor, L. F., Hong, J., & Nunge, E. (2007). Protecting people from phishing: The design and evaluation of an embedded training email system. Conference on Human Factors in Computing Systems - Proceedings, 905-914. https://doi.org/10.1145/1240624.1240760
Kumaraguru, P., Rhee, Y., Sheng, S., Hasan, S., Acquisti, A., Cranor, L. F., & Hong, J. (2007). Getting users to pay attention to anti-phishing education: Evaluation of retention and transfer. ACM International Conference Proceeding Series, 269, 70-81. https://doi.org/10.1145/1299015.1299022
Kumaraguru, P., Sheng, S., Acquisti, A., Cranor, L. F., & Hong, J. (2008). Lessons from a real world evaluation of anti-phishing training. eCrime Researchers Summit, eCrime 2008. https://doi.org/10.1109/ECRIME.2008.4696970
Kumaraguru, P., Cranshaw, J., Acquisti, A., Cranor, L., Hong, J., Blair, M. A., & Pham, T. (2009). School of phish: A real-world evaluation of anti-phishing training. SOUPS 2009 - Proceedings of the 5th Symposium On Usable Privacy and Security. https://doi.org/10.1145/1572532.1572536
Lastdrager, E., Gallardo, I. C., Hartel, P., & Junger, M. (2019). How effective is anti-phishing training for children? Proceedings of the 13th Symposium on Usable Privacy and Security, SOUPS 2017, 229-239. Recuperado de: https://www.scopus.com/inward/record.uri?eid=2-s2.0-85075917140&partnerID=40&md5=c509892b8cff514dd540a70a3f0bffd2
Liberati, A., Altman, D. G., Tetzlaff, J., Mulrow, C., Gotzsche, P. C., Ioannidis, J. P. A., & Moher, D. (2009). The PRISMA statement for reporting systematic reviews and meta-analyses of studies that evaluate healthcare interven¬tions: Explanation and elaboration. British Medical Journal, 339, b2700. doi: https://doi.org/10.1136/bmj. b2700
Lim, I., Park, Y.-G., & Lee, J.-K. (2016). Design of Security Training System for Individual Users. Wireless Personal Communications, 90(3), 1105-1120. Advanced Technologies & Aerospace Collection. https://doi.org/10.1007/s11277-016-3380-z
López, J., Sánchez, F., Herrera, D., Martínez, F., Rubio, M., Gil, V., Santiago, A.M., & Gómez, M.A . (2021). Informe sobre la Cibercriminalidad en España. Dirección General de Coordinación y Estudios Secretaría de Estado de Seguridad . Ministerio del Interior, España. Recuperado de https://www.interior.gob.es/opencms/pdf/archivos-y-documentacion/documentacion-y-publicaciones/publicaciones-descargables/publicaciones-periodicas/informe-sobre-la-cibercriminalidad-en-Espana/Informe_cibercriminalidad_Espana_2021_126200212.pdf
Maqsood, S., & Chiasson, S. (2021). Design, Development, and Evaluation of a Cybersecurity, Privacy, and Digital Literacy Game for Tweens. ACM Transactions on Privacy and Security, 24(4). https://doi.org/10.1145/3469821
Mikka-Muntuumo, J., & Peters, A. N. (2021). Designing an Interactive Game for Preventing Online Abuse in Namibia. 2021 3rd International Multidisciplinary Information Technology and Engineering Conference, IMITEC 2021. https://doi.org/10.1109/IMITEC52926.2021.9714592
Moreno-Fernández, M. M., Blanco, F., Garaizar, P., & Matute, H. (2017). Fishing for phishers. Improving Internet users’ sensitivity to visual deception cues to prevent electronic fraud. Computers in Human Behavior, 69, 421. Advanced Technologies & Aerospace Collection.
Mugayitoglu, B., Borowczak, M., Burrows, A., Carson, A., Person, C., Finch, A., & Kennedy, C. (2021). A university’s developmental framework: Creating, implementing, and evaluating a K-12 teacher cybersecurity micro-credential course. ICSIT 2021 - 12th International Conference on Society and Information Technologies, Proceedings, 35-40. Recuperado de https://www.scopus.com/inward/record.uri?eid=2-s2.0-85105867054&partnerID=40&md5=4d3140888267c6189eb1d76ae1c896ad
Neo, H.F., Teo, C.C., & Peng, C. L. (2021). Safe Internet: An Edutainment Tool for Teenagers. Lecture Notes in Electrical Engineering, 739 LNEE, 53-70. https://doi.org/10.1007/978-981-33-6385-4_6
Newbould, M., & Furnell, S. (2009). Playing safe: A prototype game for raising awareness of social engineering. Proceedings of the 7th Australian Information Security Management Conference, 24-30. https://www.scopus.com/inward/record.uri?eid=2-s2.0-84864552106&partnerID=40&md5=c35c02b54b3c5929bc9cdb6fffd4c843
Olano, M., Sherman, A., Oliva, L., Cox, R., Firestone, D., Kubik, O., Patil, M., Seymour, J., Sohn, I., & Thomas, D. (2014). SecurityEmpire: Development and evaluation of a digital game to promote cybersecurity education. 2014 USENIX Summit on Gaming, Games, and Gamification in Security Education, 3GSE 2014. https://www.scopus.com/inward/record.uri?eid=2-s2.0-85040226944&partnerID=40&md5=78b3676884e4e3fb2e7c4ecbfe3d4725
ONTSI (Observatorio Nacional de Tecnología y Sociedad). (2022). Cómo se protege a la ciudadanía ante los ciberriesgos. Estudio sobre percepción y nivel de confianza en España. Observaciber. Recuperado de https://www.observaciber.es/sites/observaciber/files/media/documents/ciudadaniaciberriesgos_abril2022_1.pdf
Peker, Y. K., Ray, L., da Silva, S., & IEEE. (2018). Online Cybersecurity Awareness Modules for College and High School Students (WOS:000463185700004). 24-33. https://doi.org/10.1109/NCS.2018.00009
Perestelo-Pérez, L. (2013). Standards on how to develop and report systematic reviews in Psychology and Health. International Journal of Clinical and Health Psychology, 13, 49–57.
Pittman, J. M., & Pike, R. E. (2016). An Observational Study of Peer Learning for High School Students at a Cybersecurity Camp. Information Systems Education Journal, 14(3), 4-13. ERIC.
Plachkinova, M., & Menard, P. (2019). An Examination of Gain- and Loss-Framed Messaging on Smart Home Security Training Programs. Information Systems Frontiers. https://doi.org/10.1007/s10796-019-09970-6
Quinkert, F., Degeling, M., & Holz, T. (2021). Spotlight on Phishing: A Longitudinal Study on Phishing Awareness Trainings. Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics), 12756 LNCS, 341-360. https://doi.org/10.1007/978-3-030-80825-9_17
Qusa, H., & Tarazi, J. (2021). Cyber-Hero: A Gamification framework for Cyber Security Awareness for High Schools Students. 2021 IEEE 11th Annual Computing and Communication Workshop and Conference, CCWC 2021, 677-682. https://doi.org/10.1109/CCWC51732.2021.9375847
Rastenis, J., Ramanauskaitė, S., Janulevičius, J., & Čenys, A. (2020). Impact of information security training on recognition of phishing attacks: A case study of vilnius gediminas technical university. Communications in Computer and Information Science, 1243 CCIS, 311-324. https://doi.org/10.1007/978-3-030-57672-1_23
Reid, R., & Van Niekerk, J. (2014). Snakes and ladders for digital natives: Information security education for the youth. Information Management & Computer Security, 22(2), 179-190. Advanced Technologies & Aerospace Collection; ProQuest One Academic; ProQuest One Business; Social Science Premium Collection. https://doi.org/10.1108/IMCS-09-2013-0063
Reid, R., & Van Niekerk, J. (2015). A cyber security culture fostering campaign through the lens of active audience theory. Proceedings of the 9th International Symposium on Human Aspects of Information Security and Assurance, HAISA 2015, 34-44.
Reinheimer, B., Aldag, L., Mayer, P., Mossano, M., Duezguen, R., Lofthouse, B., von Landesberger, T., & Volkamer, M. (2020). An investigation of phishing awareness and education over time: When and how to best remind users. Proceedings of the 16th Symposium on Usable Privacy and Security, SOUPS 2020, 259-284. https://www.scopus.com/inward/record.uri?eid=2-s2.0-85091852889&partnerID=40&md5=6643e561a062c251360023104af547b7
Saito, T., Yashiro, S., Tanabe, K., & Saito, Y. (2019). A Proposal and the Evaluation of a Hands-On Training System for Cyber Security. En Barolli, L and Leu, FY and Enokido, T and Chen, HC (Ed.), Advances on broadband and wireless computing, communication and applications, BWCCA-2018 (Vol. 25, pp. 339-349). https://doi.org/10.1007/978-3-030-02613-4_30
Salazar, M., Gaviria, J., Laorden, C., & Bringas, P. G. (2013). Enhancing cybersecurity learning through an augmented reality-based serious game. IEEE Global Engineering Education Conference, EDUCON, 602-607. https://doi.org/10.1109/EduCon.2013.6530167
Schoebel, S., Roepke, R., & Schroeder, U. (2021). Phishing Academy: Evaluation of a Digital Educational Game on URLs and Phishing. Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics), 13134 LNCS, 44-53. https://doi.org/10.1007/978-3-030-92182-8_5
Scholefield, S., & Shepherd, L. A. (2019). Gamification Techniques for Raising Cyber Security Awareness. Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics), 11594 LNCS, 191-203. https://doi.org/10.1007/978-3-030-22351-9_13
Sercombe, A. A., & Papadaki, M. (2012). Education in the «virtual» community: Can beating Malware Man teach users about social networking security? Proceedings of the 6th International Symposium on Human Aspects of Information Security and Assurance, HAISA 2012, 33-39. https://www.scopus.com/inward/record.uri?eid=2-s2.0-84926306106&partnerID=40&md5=f1644a3a54a362b2832d3bbb04d16e84
Septiana, R., & Julian, R. K. (2020). Design of Phishing Simulation Dashboard Using Analytic Data Concepts. Journal of Physics: Conference Series, 1577(1). Advanced Technologies & Aerospace Collection; ProQuest One Academic; Publicly Available Content Database. https://doi.org/10.1088/1742-6596/1577/1/012041
Shen, L. W., Mammi, H. K., & Din, M. M. (2021). Cyber Security Awareness Game (CSAG) for Secondary School Students. 2021 International Conference on Data Science and Its Applications, ICoDSA 2021, 48-53. https://doi.org/10.1109/ICoDSA53588.2021.9617548
Sheng, S., Magnien, B., Kumaraguru, P., Acquisti, A., Cranor, L. F., Hong, J., & Nunge, E. (2007). Anti-Phishing Phil: The design and evaluation of a game that teaches people not to fall for phish. ACM International Conference Proceeding Series, 229, 88-99. https://doi.org/10.1145/1280680.1280692
Silic, M., & Lowry, P. B. (2020). Using Design-Science Based Gamification to Improve Organizational Security Training and Compliance: JMIS. Journal of Management Information Systems, 37(1), 129-161. Advanced Technologies & Aerospace Collection; ProQuest One Academic; ProQuest One Business; Social Science Premium Collection. https://doi.org/10.1080/07421222.2019.1705512
Sookhanaphibarn, K., & Choensawat, W. (2020). Educational games for cybersecurity awareness. 2020 IEEE 9th Global Conference on Consumer Electronics, GCCE 2020, 424-428. https://doi.org/10.1109/GCCE50665.2020.9291723
Streiff, J., Justice, C., & Camp, J. (2019). Escaping to cybersecurity education: Using manipulative challenges to engage and educate. Proceedings of the European Conference on Games-based Learning, 2019-October, 1046-1050. https://doi.org/10.34190/GBL.19.183
Sucharew, H., & Macaluso, M. (2019). Methods for Research Evidence Synthesis: The Scoping Review Approach. Journal of Hospital Medicine 14, 416-418. https://doi.org/10.12788/jhm.3248
Sun, J. C.-Y., & Chen, A. Y.-Z. (2016). Effects of integrating dynamic concept maps with Interactive Response System on elementary school students’ motivation and learning outcome: The case of anti-phishing education. COMPUTERS & EDUCATION, 102, 117-127. https://doi.org/10.1016/j.compedu.2016.08.002
Svabensky, V., Vykopal, J., & Celeda, P. (2020). What Are Cybersecurity Education Papers About? A Systematic Literature Review of SIGCSE and ITiCSE Conferences. SIGCSE 2020 - Proceedings of the 51st ACM Technical Symposium on Computer Science Education, 2–8. https://doi.org/10.1145/3328778.3366816
Thackray, H., McAlaney, J., Dogan, H., Taylor, J., & Richardson, C. (2016). Social psychology: An under-used tool in cybersecurity. Proceedings of the 30th International BCS Human Computer Interaction Conference, HCI 2016, 2016-July. https://doi.org/10.14236/ewic/HCI2016.64
Tricco, A.C., Antony, J., Zarin, W., Strifler, L., Ghassemi, M., Ivory, J., Perrier, L., Hutton, B., Moher, D., & Straus, S.E. (2015). A scoping review of rapid review methods. BMC Medicine, 13(224). Recuperado de: https://bit.ly/2ZT1PUN
Tschakert, K. F., & Ngamsuriyaroj, S. (2019). Effectiveness of and user preferences for security awareness training methodologies. Heliyon, 5(6), 1. MEDLINE. https://doi.org/10.1016/j.heliyon.2019.e02010
Tsokkis, P., & Stavrou, E. (2018). A password generator tool to increase users’ awareness on bad password construction strategies. 2018 International Symposium on Networks, Computers and Communications, ISNCC 2018. https://doi.org/10.1109/ISNCC.2018.8531061
Veneruso, S. V., Ferro, L. S., Marrella, A., Mecella, M., & Catarci, T. (2020). CyberVR: An Interactive Learning Experience in Virtual Reality for Cybersecurity Related Issues. ACM International Conference Proceeding Series. https://doi.org/10.1145/3399715.3399860
Villasís-Keever, M.A., Rendón-Macías, M.E., García, H., Miranda-Novales., M.G., & Escamilla-Núñez, A. (2020). La revisión sistemática y el metaanálisis como herramienta de apoyo para la clínica y la investigación. Rev Alerg Mex.; 67(1):62-72.
Visoottiviseth, V., Sainont, R., Boonnak, T., & Thammakulkrajang, V. (2018). POMEGA: Security game for building security awareness. Proceeding of 2018 7th ICT International Student Project Conference, ICT-ISPC 2018. https://doi.org/10.1109/ICT-ISPC.2018.8523965
Volkamer, M., Renaud, K., Reinheimer, B., Rack, P., Ghiglieri, M., Mayer, P., Kunz, A., & Gerber, N. (2018). Developing and evaluating a five minute phishing awareness video. Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics), 11033 LNCS, 119-134. https://doi.org/10.1007/978-3-319-98385-1_9
Wang, Y.-J., Tseng, S.-S., Yang, T.-Y., & Weng, J.-F. (2018). Building a frame-based cyber security learning game. Communications in Computer and Information Science, 797, 32-41. https://doi.org/10.1007/978-981-10-7850-7_4
Wash, R., & Cooper, M. M. (2018). Who provides phishing training? Facts, stories, and people like me. Conference on Human Factors in Computing Systems - Proceedings, 2018-April. https://doi.org/10.1145/3173574.3174066
Weaver, B. W., Braly, A. M., & Lane, D. M. (2021). Training Users to Identify Phishing Emails. Journal of Educational Computing Research, 59(6), 1169-1183. https://doi.org/10.1177/0735633121992516
Wen, Z. A., Lin, Z., Chen, R., & Andersen, E. (2019). What.Hack: Engaging Anti-Phishing Training through a Role-playing Phishing Simulation Game. Conference on Human Factors in Computing Systems - Proceedings. https://doi.org/10.1145/3290605.3300338
Wolf, S., Burrows, A. C., Borowczak, M., Johnson, M., Cooley, R., & Mogenson, K. (2020). Integrated outreach: Increasing engagement in computer science and cybersecurity. Education Sciences, 10(12), 1-23. https://doi.org/10.3390/educsci10120353
Wolf, S., Cooley, R., Johnson, M., Burrows, A. C., & Borowczak, M. (2020). Constructing and refining engaging computer science outreach. ASEE Annual Conference and Exposition, Conference Proceedings, 2020-June. Recuperado de https://www.scopus.com/inward/record.uri?eid=2-s2.0-85095780473&partnerID=40&md5=05052e69cca875c069c9f7b96122cb68
Yett, B., Hutchins, N., Stein, G., Zare, H., Snyder, C., Biswas, G., Metelko, M., & Ledeczi, A. (2020). A hands-on cybersecurity curriculum using a robotics platform. SIGCSE 2020 - Proceedings of the 51st ACM Technical Symposium on Computer Science Education, 1040-1046. https://doi.org/10.1145/3328778.3366878
Zhang-Kennedy, L., Chiasson, S., & Biddle, R. (2016). The role of instructional design in persuasion: A comics approach for improving cybersecurity. International Journal of Human-Computer Interaction, 32(3), 215-257. APA PsycInfo®. https://doi.org/10.1080/10447318.2016.1136177
Zhang-Kennedy, L., & Chiasson, S. (2021). A Systematic Review of Multimedia Tools for Cybersecurity Awareness and Education. ACM Computing Surveys, 54(1), 1–39. https://doi.org/10.1145/3427920
Zielinska, O. A., Tembe, R., Hong, K. W., Ge, X., Murphy-Hill, E., & Mayhorn, C. B. (2014). One phish, two phish, how to avoid the internet phish: Analysis of training strategies to detect phishing emails. Proceedings of the Human Factors and Ergonomics Society, 2014-January, 1466-1470. https://doi.org/10.1177/1541931214581306
Downloads
Published
How to Cite
Issue
Section
License
Esta obra está bajo una licencia internacional Creative Commons Atribución 4.0.
