Performance Analysis of Cyber Security Awareness Delivery Methods

Abawajy, Jemal; Kim, Tai-hoon

doi:10.1007/978-3-642-17610-4_16

Jemal Abawajy⁷ &
Tai-hoon Kim⁸

Part of the book series: Communications in Computer and Information Science ((CCIS,volume 122))

1456 Accesses
8 Citations

Abstract

In order to decrease information security threats caused by human-related vulnerabilities, an increased concentration on information security awareness and training is necessary. There are numerous information security awareness training delivery methods. The purpose of this study was to determine what delivery method is most successful in providing security awareness training. We conducted security awareness training using various delivery methods such as text based, game based and a short video presentation with the aim of determining user preference delivery methods. Our study suggests that a combined delvery methods are better than individual secrity awareness delivery method.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution

Chapter: USD 29.95; Price excludes VAT (USA)

eBook: USD 39.99; Price excludes VAT (USA)

Softcover Book: USD 54.99; Price excludes VAT (USA)

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

References

Cone, B.D., Thompson, M.F., Irvine, C.E., Nguyen, T.D.: Cyber Security Training and Awareness Through Game Play, Security and Privacy in Dynamic Environments. In: IFIP International Federation for Information Processing 2006, vol. 201, pp. 431–436 (2006)
Google Scholar
Wu, M., Miller, R.C., Garfinkel, S.L.: Do Security Toolbars Actually Prevent Phishing Attacks? In: Grinter, R., Rodden, T., Aoki, P., Cutrell, E., Jeffries, R., Olson, G. (eds.) Proceedings of the SIGCHI Conference on Human Factors in Computing Systems, CHI, Montréal, Québec, Canada, April 22-27, pp. 601–610. ACM Press, New York (2006)
Chapter Google Scholar
Sheng, S., Magnien, B., Kumaraguru, P., Acquisti, A., Cranor, L.F., Hong, J., et al.: Anti-Phishing Phil: The Design and Evaluation of a Game That Teaches People Not to Fall for Phish. In: Symposium On Usable Privacy and Security (SOUPS) 2007, Pittsburgh, PA, USA, July 18-20 (2007)
Google Scholar
Kumaraguru, P., Rhee, Y., Acquisti, A., Cranor, L., Hong, J., Nunge, E.: Protecting People from Phishing: The Design and Evaluation of an Embedded Training Email System. In: Proceedings of the 2007 Computer Human Interaction, CHI (2007)
Google Scholar
Albrechtsen, E.: A qualitative study of users’ view on information security. Computers and Security 26(4), 276–289 (2007)
Article Google Scholar
Abawajy, J.H., Thatcher, K., Kim, T.-h.: Investigation of Stakeholders Commitment to Information Security Awareness Programs. In: 2008 International Conference on Information Security and Assurance (ISA 2008), pp. 472–476 (2008)
Google Scholar
Downs, J., Holbrook, M., Cranor, L.: Decision strategies and susceptibility to phishing. In: Proceedings of the Second Symposium on Usable Privacy and Security (SOUPS 2006), vol. 149 (2006)
Google Scholar
Prenski M.: Digital game-based learning. McGraw-Hill, New York (2001); Gredler, M.E.: Games and simulations and their relationships to learning. In: Handbook of Research on Educational Communications and Technology, 2nd edn., pp. 571–581. Lawrence Erlbaum Associates, Mahwah (2004)
Google Scholar
Shaw, R.S., Chen, C.C., Harris, A.L., Huang, H.-J.: The impact of information richness on information security awareness training effectiveness. Computers & Education 52, 92–100 (2009)
Article Google Scholar
Valentine, J.A.: Enhancing the Employee Security Awareness Model. Computer Fraud & Security (6), 17–19 (2006)
Google Scholar
New York State Office of Cyber Security & Critical Infrastructure Coordination. Gone Phishin, A Briefing on the Anti-Phishing Exercise Initiative for New York State Government. Aggregate Exercise Results for public release
Google Scholar

Download references

Author information

Authors and Affiliations

School of Information Technology, Deakin University, Melbourne, Australia
Jemal Abawajy
Department of Multimedia Engineering, Hannam University, Daejeon, Korea
Tai-hoon Kim

Authors

Jemal Abawajy
View author publications
You can also search for this author in PubMed Google Scholar
Tai-hoon Kim
View author publications
You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

Hannam University, Daejeon, South Korea
Tai-hoon Kim
National Chiao Tung University, Hsinchu, Taiwan
Wai-chi Fang
King Saud University, Riyadh, Saudi Arabia
Muhammad Khurram Khan
Mississippi State University, Mississippi State, MS, USA
Kirk P. Arnett
Dept. of Computer Engineering, Mokwon University, 800, Doan-dong, Seo-gu, 302-729, Daejeon, Korea
Heau-jo Kang
University of Warsaw & Infobright Inc., Poland
Dominik Ślęzak

Rights and permissions

Reprints and permissions

Copyright information

About this paper

Cite this paper

Abawajy, J., Kim, Th. (2010). Performance Analysis of Cyber Security Awareness Delivery Methods. In: Kim, Th., Fang, Wc., Khan, M.K., Arnett, K.P., Kang, Hj., Ślęzak, D. (eds) Security Technology, Disaster Recovery and Business Continuity. Communications in Computer and Information Science, vol 122. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-17610-4_16

Download citation

DOI: https://doi.org/10.1007/978-3-642-17610-4_16
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-17609-8
Online ISBN: 978-3-642-17610-4
eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics