Search results

The frequency and sophistication of cybercrimes are increasing. These cybercrimes are impacting government and private organizations as well as individuals. One of the countermeasures is to improve the cyber hygiene of the end-users. Serious games or game-based learning has emerged as a promising approach for implementing security education, training and awareness program. In this paper, the researchers propose a tabletop card game called Cyber Suraksha to increase threat awareness and motivate users to adopt recommended security controls for smartphone users. Cyber Suraksha provides an active learning environment for the players. This paper aims to provide the details of the design and evaluation of the game using a between-subjects design.

The researchers have used constructive learning theory and the Fogg behaviour model (FBM) to design a tabletop card game called Cyber Suraksha. The researchers evaluated the game using a between-subjects design. The participants' responses in the control and intervention groups were collected using the risk behaviour diagnosis scale. Pearson’s Chi-Square test with a 5% significance level was used to test the hypotheses.

The results indicate that the game is enjoyable and fun. Cyber Suraksha game effectively motivates users to adopt the recommended security control for the targeted behaviour. The results indicate that the participants in the intervention group are 2.65 times more likely to adopt recommended behaviour. The findings of this study provide evidence for the effectiveness of hope and fear appeals in improving cybersecurity awareness.

The generalizability of the study is limited because the sample size is small compared to the total number of smartphone users in India, and only students from computer/IT UG programs in India are used as participants in this study.

This study uses hope and a fear appeal to design an effective serious game. It also demonstrates using the FBM and constructive learning principles for effective serious game design. Cyber Suraksha is effective for the student group and may be tested with other age groups.

To the researchers' knowledge, there are no serious games for cybersecurity awareness focusing on the threats faced by smartphone users based on FBM and constructive learning theory. This research used hope along with a fear appeal to motivate smartphone users to adopt recommended security controls.

This study aims to explore auto mechanics awareness of repairs and maintenance related to the car’s cybersecurity and provide insights into challenges based on current practice.

This study is based on an empirical study consisting of semistructured interviews with representatives from both branded and independent auto workshops. The data was analyzed using thematic analysis. A version of the capability maturity model was introduced to the respondents as a self-evaluation of their cybersecurity awareness.

Cybersecurity was not found to be part of the current auto workshop work culture, and that there is a gap between independent workshops and branded workshops. Specifically, in how they function, approach problems and the tools and support available to them to resolve (particularly regarding previously unknown) issues.

Only auto workshop managers in Sweden were interviewed for this study. This role was picked because it is the most likely to have come in contact with cybersecurity-related issues. They may also have discussed the topic with mechanics, manufacturers or other auto workshops – thus providing a broader view of potential issues or challenges.

The challenges identified in this study offers actionable advice to car manufacturers, branded workshops and independent workshops. The goal is to further cooperation, improve knowledge sharing and avoid unnecessary safety or security issues.

As cars become smarter, they also become potential targets for cyberattacks, which in turn poses potential threats to human safety. However, research on auto workshops, which has previously ensured that cars are road safe, has received little research attention with regards to the role cybersecurity can play in repairs and maintenance. Insights from auto workshops can therefore shed light upon the unique challenges and issues tied to the cybersecurity of cars, and how they are kept up-to-date and road safe in the digital era.

This study aims to propose a cybersecurity framework that prioritizes sustainability in the manufacturing sector by identifying necessary resources and capabilities for effective cybersecurity management. The proposed framework aims to enhance resource protection and safeguard data confidentiality, integrity and accessibility, provide proactive steps for predicting cyber threats and highlight the importance of educating employees at all levels of the organization.

A thorough review of existing literature and analysis was conducted to develop the proposed cybersecurity framework. Several frameworks, including the NIST cybersecurity framework, were reviewed to identify the necessary skills and resources required to combat cyber threats and keep businesses sustainable.

The proposed framework includes proactive steps, such as predicting cyber threats, and emphasizes the importance of educating employees and raising awareness at all levels of the organization. Resilience is also emphasized, which refers to an organization's ability to recover and continue operations following a cyberattack. Implementing this framework may require a significant budget and time investment, and small organizations may face limitations in applying all aspects of the framework.

This study proposes a cybersecurity framework that prioritizes sustainability in the manufacturing sector, which provides added protection for organizations. The framework's key functions can be adopted partially or fully, making it suitable for organizations of varying sizes. Future research can focus on addressing the framework's limitations and shortcomings to further reduce cyber risks for sustainable manufacturing, establishing the scale of an industry based on its economy and extending the framework to non-manufacturing businesses.

The current advancements in technologies and the internet industry provide users with many innovative digital devices for entertainment, communication and trade. However, simultaneous development and the rising sophistication of cybercrimes bring new challenges. Micro businesses use technology like how people use it at home, but face higher cyber risks during riskier transactions, with human error playing a significant role. Moreover, information security researchers have often studied individuals’ adherence to compliance behaviour in response to cyber threats. The study aims to examine the protection motivation theory (PMT)-based model to understand individuals’ tendency to adopt secure behaviours.

The study focuses on Australian micro businesses since they are more susceptible to cyberattacks due to the least security measures in place. Out of 877 questionnaires distributed online to Australian micro business owners through survey panel provider “Dynata,” 502 (N = 502) complete responses were included. Structural equational modelling was used to analyse the relationships among the variables.

The results indicate that all constructs of the protection motivation, except threat susceptibility, successfully predict the user protective behaviours. Also, increased cybersecurity costs negatively impact users’ safe cyber practices.

The study has critical implications for understanding micro business owners’ cyber security behaviours. The study contributes to the current knowledge of cyber security in micro businesses through the lens of PMT.

This paper aims to present the evaluation of a self-paced tool, CyberSecurity Coach (CYSEC), and discuss the adoption of CYSEC for cybersecurity capability improvement in small- and medium-sized enterprises (SMEs). Cybersecurity is increasingly a concern for SMEs. Previous literature has explored the role of tools for awareness raising. However, few studies validated the effectiveness and usefulness of cybersecurity tools for SMEs in real-world practices.

This study is built on a qualitative approach to investigating how CYSEC is used in SMEs to support awareness raising and capability improvement. CYSEC was placed in operation in 12 SMEs. This study first conducted a survey study and then nine structured interviews with chief executive officers (CEOs) and chief information security officers (CISO).

The results emphasise that SMEs are heterogeneous. Thus, one cybersecurity solution may not suit all SMEs. The findings specify that the tool’s adoption varied quite widely. Four factors are primary determinants influencing the adoption of CYSEC: personalisation features, CEOs’ or CISOs’ awareness level, CEOs’ or CISOs’ cybersecurity and IT knowledge and skill and connection to cybersecurity expertise.

This empirical study provides new insights into how a self-paced tool has been used in SMEs. This study advances the understanding of cybersecurity activities in SMEs by studying the adoption of CYSEC. Moreover, this study proposes significant dimensions for future research.

This study aims to assess the research developments and works pertaining to cybersecurity risks.

A bibliometric analysis of 749 studies on cybersecurity risks published between 1999 and 2021 was conducted using Scopus and the VOSviewer software.

This study reveals various findings, including the most influential authors and the top countries, journals, papers, funding institutions and affiliations publishing research on cybersecurity risks. The bibliometric analysis shows that the existing studies have affected the knowledge of the consequences of cybersecurity risks. However, some research gaps still exist in this field.

This study’s contribution is that it presents a comprehensive evaluation of the research on cybercrime and cybersecurity risks. Moreover, to the best of the authors’ knowledge, bibliometric analysis has not been conducted on cybersecurity risks. This study’s findings are likely to prove useful to practitioners and academics in mitigating the consequences of cybercrime and cybersecurity risks.

The Kingdom of Saudi Arabia (KSA) is embracing digital transformation and e-government services, aiming to improve efficiency, accessibility and citizen-centricity. Nonetheless, the country faces challenges such as evolving cyber threats. The purpose of this study is to investigate the factors influencing cybersecurity practices to ensure the reliability and security of e-government services.

This paper investigates the multifaceted dynamics of cybersecurity practices and their impact on the quality and effectiveness of e-government services. Five key factors explored include organizational culture, technology infrastructure, adherence to standards and regulations, employee training and awareness and financial investment in cybersecurity. This study used a quantitative method to gather data from 320 participants. The researcher collected 285 completed questionnaires, excluding unusable or incomplete responses, and analyzed the final data set using partial least squares structural equation modeling.

The findings show that financial investment in cybersecurity, employee training and awareness and adherence to cybersecurity regulations significantly influence the adoption of robust cybersecurity practices. However, the relationship between organizational culture and cybersecurity practices is less straightforward. The research establishes a strong positive correlation between cybersecurity practices and e-government service quality, highlighting the role of security in fostering public trust and user satisfaction and meeting the evolving needs of citizens and businesses.

This research contributes valuable empirical evidence to the fields of e-government and cybersecurity, offering insights that can inform evidence-based policy decisions and resource allocation. By understanding the nuanced dynamics at play, Saudi Arabia is better poised to fortify its digital governance infrastructure and provide secure, high-quality e-government services to its constituents.

This study aims to investigate the impact of employees’ engagement in government social media (GSM) on their cybersecurity compliance attitude, protection motivation and protective behavior, thereby contributing to effective cybersecurity practices at organizations.

A quantitative cross-sectional field survey was conducted to collect primary data in big cities and large provinces in Vietnam. The final data set of 323 responses was analyzed using the partial least squares-structural equation modeling approach to interpret the results and test research hypotheses.

Engagement in GSM positively influences employees’ cybersecurity compliance attitude (ATT). Perceived threat vulnerability and response efficacy also contribute to a positive compliance attitude, although self-efficacy has a negative impact. Moreover, the cybersecurity compliance ATT significantly explains the information protection motivation, which in turn influences employee protective behaviors. However, the relationship between compliance attitude and protective behaviors is weak, unlike previous studies that found a strong correlation.

Although recent studies have explored specific information security practices in corporate and home contexts, the influence of GSM on individuals’ cybersecurity behaviors has received limited attention because of its novelty. This study contributes to the existing body of knowledge by investigating the impact of GSM on cybersecurity behaviors. This study provides significant contributions to understanding social media’s effects of social media on individuals’ cultivation processes, by expanding upon the protective motivation theory and cultivation theory. The results lead to practical suggestions for organizational managers and policymakers so that they can enhance their understanding of the importance of cybersecurity, encourage the implementation of self-defense strategies and highlight the significance of threat and coping evaluations in influencing attitudes and motivations.

The current body of empirical research regarding the impact of trust in the cybersecurity commitment of institutions on digital payment usage has focused solely on a macro-level analysis, overlooking the intricate dynamics between institutions' cybersecurity commitments and the trust levels of digital payment users. In light of this limitation, this study aims to offer a more comprehensive understanding of this complex relationship.

A case study was conducted on digital payment users in India through the critical realist lens. To gather data, interviews and focus group discussions were conducted with digital payment users from various regions of the country.

The citizen-centric outcomes of the national cybersecurity commitment (performance and responsiveness) are the most prominent and impactful trust indicators. These outcomes play a crucial role in shaping digital payment users' perception and trust in the cybersecurity commitment of public institutions. Individuals' value positions also influence trust judgments, as it is essential to recognize the value tensions that may arise due to security implementation and their congruence with citizens' values.

The findings of this study have significant implications for policymakers. They are potentially an artifact of the security and perception of digital payment users and the cultural uniqueness of digital payment users in India.

The study proposes a holistic understanding of the relationship between institutions' cybersecurity commitments and the trust levels of digital payment users. It offers a qualitative evaluation of how digital payment users perceive and construe efficient information security management implemented by public institutions.