Rayne Reid

Back to Basics: Information Security Education for the Youth via Gameplay

Cyber technology and information resources are both fundamental components of everybody’s daily life. This means that both society’s adults and youths are exposed to both the benefits and dangers that accompany these resources. Cyber security education is becoming a necessary precaution for individuals to learn how to protect themselves against the dangers of the technologies and resources. This is particularly important for the current and future youth who are the most technology literate generations. This paper presents a novel educational approach that can be used to introduce information security concepts to the youth from a very young age.

Snakes and ladders for digital natives: information security education for the youth

Purpose – This paper aims to educate the youth about information security. Cyber technologies and services are increasingly becoming integrated into individual’s daily lives. As such, individuals are constantly being exposed to the benefits and risks of these technologies. Cyber security knowledge and skills are becoming fundamental life skills for today’s users. This is particularly true for the current generation of digital natives. Design/methodology/approach – Within the design science paradigm, several case studies are used to evaluate the research artefact. Findings – The authors believe that the presented artefact could effectively convey basic information security concepts to the youth. Research limitations/implications – This study had a number of limitations. First, all the learner groups who participated in this study were too small to enable analysis of findings for statistical significance. Second, the data compiled on the long-term effectiveness of the game for Group B was incomplete. This l...

Brain-compatible, web-based information security education: a statistical study

Purpose – This paper aims to demonstrate that learners prefer brain-compatible cyber security educational material, over traditional presentation methods. Design/methodology/approach – A prototype brain-compatible cyber security educational system was evaluated using a survey as a research instrument. Findings – Presenting cyber security material in a brain-compatible manner is an effective way in which to stimulate the learners’ interest, engages them in the learning experience and motivates them to learn. Originality/value – As far as could be determined, no previous studies showed the relevance of brain-compatible pedagogical techniques to cyber security education.

Decoding audience interpretations of awareness campaign messages

Purpose This research aims to determine whether the educational influence of the cybersecurity awareness campaign on the audience (their knowledge, behaviour and potential cybersecurity culture) matches the campaign’s educational objectives. The research focuses on the knowledge component of this metric by examining the awareness campaign audience’s interpretative role in processing the campaign content, through the lens of active audience theory (AAT). Design/methodology/approach Using reflective practices, this research examines a single longitudinal case study of a cybersecurity awareness and education campaign which aims to raise awareness amongst school learners. Artefacts from a single sample are examined. Findings Reflexive practices using theories such as active audience can assist in identifying deviations between the message a campaign intends to communicate and the message that the campaign audience receives. Research limitations/implications Using this research approach, measurements could only be obtained for campaign messages depicted in artefacts. Future interventions should be designed to facilitate a more rigorous analysis of the audiences’ interpretation of all campaign messages using ATT. Originality/value This paper applied principles of ATT to examine the audience’s interpretative role in processing an awareness campaign’s content based on artifacts they created after exposure to the campaign. Conducting such analyses as part of a reflective process between cyber awareness/education campaign cycles provides a way to identify areas or topics within the campaign that require corrective action.

Guidelines for the creation of brain-compatible cyber security educational material in Moodle 2.0

Most current approaches towards information security education do not have a sound theoretical basis. This could lead to the failure of these educational programs. Furthermore, the need for information security knowledge is no longer only of concern to organizations, but has also become a concern for individuals using online services for personal entertainment, social networking, banking, and other activities. Thus, there is a need for “cyber security” education for both individuals and organizations. Such cyber security educational programs should be based on sound pedagogical theories. One such a pedagogically sound approach that could potentially play a role in cyber security educational programs is “brain compatible learning”. This paper will perform a critical evaluation of an existing information security education course, and evaluate the subject matter in terms of brain compatible learning approaches. The aim of the paper is to propose a set of brain compatible learning guidelines for the creation of cyber security educational material. The paper will also argue in favour of the use e-learning as a delivery mechanism for such content. As such, the guidelines will be proposed in the context of a Moodle 2.0 e-learning environment.

Cyber Safety for School Children

Protecting the youth against the dangers posed by cyber space has become a matter of national priority. Parents often lack the necessary cyberspace know-how, to teach their own children how to be safe online. It has thus become the responsibility of society at large to educate the youth. This paper reports on a cyber safety poster creation campaign in the Nelson Mandela Metropolis in South Africa.

Information security culture: A general living systems theory perspective

Information security culture (ISC) is often acknowledged as being a vital subculture within an organizational culture. As a subculture, its purpose is to fulfil its security purpose, while integrating into, and supporting, the broader organizational culture. However, in contrast, few discussions of ISCs acknowledge that the ISC itself is comprised of subcultures. The research literatures lack of exploration of this nested nature of ISC may be hindering in-depth understanding of the ISC as a system within itself, as well as within the broader organizational culture. This paper will therefore address this by straying from traditional views of ISCs. We will examine an ISC as a self-managing, self-repairing collective of multiple ISCs which meet the organizational cultures security needs. The papers objective is to show that an ISC can be viewed and understood as a living system.

From information security to cyber security cultures

Currently, all Internet and ICT users need basic levels of cyber security awareness and knowledge to perform their daily activities securely. Many security specialists and, indeed, nations are acknowledging the need for populaces to be aware of and educated about being more cyber secure. To achieve cyber security in current populations and to ensure continuity in future populaces, a “self-renewing” belief which affects behavior is needed. In an organizational context this need is met through the fostering of an information security culture (ISC). Similarly, in a societal context a cyber security culture (CSC) ought to be fostered. This raises the question of what precisely would constitute a CSC and how it differs from an ISC. The objective of this paper is to propose ways in which a CSC may be defined and viewed in comparison to an ISC.