Search results

1 – 10 of 277
To view the access options for this content please click here
Book part
Publication date: 7 October 2019

Saeed J. Roohani and Xiaochuan Zheng

With recent increases in cybersecurity incidents, it is imperative to supplement current accounting curriculum, equip accounting graduates with sufficient knowledge and…

Abstract

With recent increases in cybersecurity incidents, it is imperative to supplement current accounting curriculum, equip accounting graduates with sufficient knowledge and skills to assess cybersecurity risk, and learn about controls to mitigate such risks. In this chapter, the authors describe 10 teaching modules, supported by 10 professionally produced video series. The authors developed these videos for educating students on cybersecurity and the videos are available free to instructors from other institutions who wish to use them. The videos are filled with insights and advice from our two experts – one a former hacker and the other an experienced cybersecurity professional. This dialogue between two different sides provides a rich discussion that leads to answering many questions that people often have about cybersecurity. Further, in Exhibit 1, this chapter offers a framework for characterizing and analyzing some recent publicized data-breach cases, which can supplement discussion on cybersecurity modules. Instructors can add more cases to this source overtime. Finally, the authors share the analysis of feedback from students who went through the series. The results suggest that the students show interest in the topic, and videos helped them better understand the complexity of cybersecurity risk and controls.

Details

Advances in Accounting Education: Teaching and Curriculum Innovations
Type: Book
ISBN: 978-1-78973-394-5

Keywords

To view the access options for this content please click here
Article
Publication date: 13 November 2020

Stylianos Karagiannis and Emmanouil Magkos

This paper aims to highlight the potential of using capture the flag (CTF) challenges, as part of an engaging cybersecurity learning experience for enhancing skills and…

Abstract

Purpose

This paper aims to highlight the potential of using capture the flag (CTF) challenges, as part of an engaging cybersecurity learning experience for enhancing skills and knowledge acquirement of undergraduate students in academic programs.

Design/methodology/approach

The approach involves integrating interactivity, gamification, self-directed and collaborative learning attributes using a CTF hosting platform for cybersecurity education. The proposed methodology includes the deployment of a pre-engagement survey for selecting the appropriate CTF challenges in accordance with the skills and preferences of the participants. During the learning phase, storytelling elements were presented, while a behavior rubric was constructed to observe the participants’ behavior and responses during a five-week lab. Finally, a survey was created for getting feedback from the students and for extracting quantitative results based on the attention, relevance, confidence and satisfaction (ARCS) model of motivational design.

Findings

Students felt more confident about their skills and were highly engaged to the learning process. The outcomes in terms of technical skills and knowledge acquisition were shown to be positive.

Research limitations/implications

As the number of participants was small, the results and information retrieved from applying the ARCS model only have an indicative value; however, specific challenges to overcome are highlighted which are important for the future deployments.

Practical implications

Educators could use the proposed approach for deploying an engaging cybersecurity learning experience in an academic program, emphasizing on providing hands-on practice labs and featuring topics from real-world cybersecurity cases. Using the proposed approach, an educator could also monitor the progress of the participants and get qualitative and quantitative statistics regarding the learning impact for each exercise.

Social implications

Educators could demonstrate modern cybersecurity topics in the classroom, closing further the gap between theory and practice. As a result, students from academia will benefit from the proposed approach by acquiring technical skills, knowledge and experience through hands-on practice in real-world cases.

Originality/value

This paper intends to bridge the existing gap between theory and practice in the topics of cybersecurity by using CTF challenges for learning purposes and not only for testing the participants’ skills. This paper offers important knowledge for enhancing cybersecurity education programs and for educators to use CTF challenges for conducting cybersecurity exercises in academia, extracting meaningful statistics regarding the learning impact.

Details

Information & Computer Security, vol. 29 no. 1
Type: Research Article
ISSN: 2056-4961

Keywords

To view the access options for this content please click here
Article
Publication date: 6 March 2017

Neil Smith, Helen Caldwell, Mike Richards and Arosha Bandara

The purpose of this paper is to present a comparison of two ways of developing and delivering massive open online courses (MOOCs). One was developed by The Open University…

Abstract

Purpose

The purpose of this paper is to present a comparison of two ways of developing and delivering massive open online courses (MOOCs). One was developed by The Open University in collaboration with FutureLearn; the other was developed independently by a small team at the Northampton University.

Design/methodology/approach

The different approaches had very different profiles of pedagogic flexibility, cost, development processes, institutional support and participant numbers.

Findings

MOOCs on existing large platforms can reach thousands of people, but constrain pedagogical choice. Self-made MOOCs have smaller audiences but can target them more effectively.

Originality/value

This comparison shows that, several years after MOOCs became prominent, there are many viable approaches for MOOCs.

Details

The International Journal of Information and Learning Technology, vol. 34 no. 2
Type: Research Article
ISSN: 2056-4880

Keywords

To view the access options for this content please click here
Article
Publication date: 20 December 2019

Wu He, Ivan Ash, Mohd Anwar, Ling Li, Xiaohong Yuan, Li Xu and Xin Tian

An organization’s ability to successfully manage intellectual capital is determined by the actions of its employees to prevent or minimize information security incidents…

Abstract

Purpose

An organization’s ability to successfully manage intellectual capital is determined by the actions of its employees to prevent or minimize information security incidents. To prevent more data breaches to intellectual capital, organizations must provide regular cybersecurity awareness training for all personnel. The purpose of this paper is to investigate the effect of different evidence-based cybersecurity training methods on employees’ cybersecurity risk perception and self-reported behavior.

Design/methodology/approach

The study participants were randomly assigned into four groups (i.e. malware report, malware videos, both malware report and malware videos and no interventions) to assess the effects of cybersecurity training on their perceptions of vulnerability, severity, self-efficacy, security intention as well as their self-reported cybersecurity behaviors.

Findings

The results show that evidence-based malware report is a relatively better training method in affecting employees’ intentions of engaging in recommended cybersecurity behaviors comparing with the other training methods used in this study. A closer analysis suggests whether the training method contains self-relevant information could make a difference to the training effects.

Originality/value

This paper reports an in-depth investigation on how different evidence-based cybersecurity training methods impact employees’ perceptions of susceptibility, severity, self-efficacy, security intention as well as on their self-reported cybersecurity behaviors.

Details

Journal of Intellectual Capital, vol. 21 no. 2
Type: Research Article
ISSN: 1469-1930

Keywords

To view the access options for this content please click here
Article
Publication date: 3 March 2021

Alan Rea, Kaitlin Marshall and Dan Farrell

The purpose of this paper is twofold: first, to develop, test and validate a set of dimensions that can verify whether any specific online survey tool can be effectively…

Abstract

Purpose

The purpose of this paper is twofold: first, to develop, test and validate a set of dimensions that can verify whether any specific online survey tool can be effectively developed and deployed; second, to provide a framework and working topology for web-based survey tool selection.

Design/methodology/approach

A panel comprised of five experts determined the validity of the proposed dimensions the authors compiled from extensive feature research of the top online survey software identified by Alexa and Datanyze, which allows for web survey data to be pulled in a customizable fashion over a selected period of time. The validated dimensions were then ranked via a paper survey (n = 98) in a controlled environment using a 9-point Likert scale.

Findings

There was no strong correlation between highest-ranked dimensions and the market share and use of a particular online survey tool. However, overall dimension ranking dominance did predict an online survey tool obtaining higher market implementation and use. In addition, the influence of business roles on dimension weights should be considered when selecting survey software. Finally, two additional dimensions not prevalent in existing research – data analysis and technical support – must be considered in survey tool selection.

Practical implications

Online survey tools are increasingly supplementing or replacing random telephone-based opinion and polling surveys for data collection on important social issues, political candidacies, etc. Representative samples yielding the most accurate results are more easily obtained via mixed-mode methods that incorporate online survey tools.

Originality/value

The paper's findings suggest which dimensions must be present for widespread acceptance and implementation of a successful web-based online survey tool. Organizations must be able to assess a particular survey tool's viability for their specific purposes. The dimensions presented here can be developed into an effective adoption heuristic to meet an organization's particular requirements. Findings suggest that when evaluating survey software, one must remain cognizant of the various business roles associated with survey software to better account for decision-maker tendencies. For example, managers place greater emphasis on overall cost whereas developers may value survey creation and integration features.

Details

American Journal of Business, vol. ahead-of-print no. ahead-of-print
Type: Research Article
ISSN: 1935-5181

Keywords

To view the access options for this content please click here
Article
Publication date: 20 January 2020

Pintu Shah and Anuja Agarwal

For a good number of Indians, their smartphone is their first digital computing device. They have less experience in dealing with the Internet-enabled device and hence…

Abstract

Purpose

For a good number of Indians, their smartphone is their first digital computing device. They have less experience in dealing with the Internet-enabled device and hence less experience in handling security threats like malware as compared to users of other countries who have gone through the learning curve of handling such security threats using other Internet-enabled devices such as laptop and desktop. Because of this, the inexperienced Indian smartphone user may be vulnerable to Internet-related security breaches, as compared to the citizens of developed economies. Hence, it is essential to understand the attitude, behaviour and security practices of smartphone users in India. Limited research is available about the security behaviour of smartphone users in India as the majority of research in this domain is done outside India.

Design/methodology/approach

In this empirical study, the researchers identified 28 cybersecurity behaviours and practices through a survey of relevant literature. An online survey of identified cybersecurity behaviours and practices was administered to 300 smartphone users. Frequency analysis of the respondent data was done to understand the adoption of recommended cybersecurity behaviours and practices. Pearson’s chi-square with 5% level of significance has been used to test the hypotheses. Post hoc analysis with Bonferroni correction was conducted for statistically significant associations.

Findings

Overall, the respondents did not exhibit good cybersecurity behaviour. Respondents have adopted some of the most popular security features of the smartphone such as the use of screen lock. However, respondents have not adopted or are not aware of the technical security controls such as encryption and remote wipe. Statistically significant differences were found between the cybersecurity behaviour and practices and independent variables such as gender, age, mobile operating system (OS) and mother tongue. Respondents reported high level of motivation to protect their device and data, whereas they reported moderate level of threat awareness and the ability to protect to their device and data. Results of the comparative analysis with a similar study in China and the USA are also reported in this study.

Research limitations/implications

The main limitations of this study are as follows: the respondents' perceptions about their cybersecurity behaviours and practices were measured as opposed to their actual behaviours and practices and the generalizability of the study is limited because the sample size is small as compared to the total number of smartphone users in India.

Practical implications

The findings of this study may be useful for the design of effective cybersecurity prevention and intervention programs for general smartphone users of India.

Originality/value

This study provides an insight about cybersecurity behaviour of smartphone users in India. To the knowledge of the researchers, this is the first study to collect such quantitative data of smartphone users in India for a better understanding of the cybersecurity behaviours and practices. This study identified 28 cybersecurity behaviours and practices, which smartphone users should follow to improve cybersecurity.

Details

Information & Computer Security, vol. 28 no. 2
Type: Research Article
ISSN: 2056-4961

Keywords

To view the access options for this content please click here
Article
Publication date: 8 June 2021

Karen Renaud and Suzanne Prior

The purpose of this paper is to scope the field of child-related online harms and to produce a resource pack to communicate all the different dimensions of this domain to…

Abstract

Purpose

The purpose of this paper is to scope the field of child-related online harms and to produce a resource pack to communicate all the different dimensions of this domain to teachers and carers.

Design/methodology/approach

With children increasingly operating as independent agents online, their teachers and carers need to understand the risks of their new playground and the range of risk management strategies they can deploy. Carers and teachers play a prominent role in applying the three M’s: mentoring the child, mitigating harms using a variety of technologies (where possible) and monitoring the child’s online activities to ensure their cybersecurity and cybersafety. In this space, the core concepts of “cybersafety” and “cybersecurity” are substantively different and this should be acknowledged for the full range of counter-measures to be appreciated. Evidence of core concept conflation emerged, confirming the need for a resource pack to improve comprehension. A carefully crafted resource pack was developed to convey knowledge of risky behaviors for three age groups and mapped to the appropriate “three M’s” to be used as counter-measures.

Findings

The investigation revealed key concept conflation, and then identified a wide range of harms and countermeasures. The resource pack brings clarity to this domain for all stakeholders.

Research limitations/implications

The number of people who were involved in the empirical investigation was limited to those living in Scotland and Nigeria, but it is unlikely that the situation is different elsewhere because the internet is global and children’s risky behaviors are likely to be similar across the globe.

Originality/value

Others have investigated this domain, but no one, to the authors’ knowledge, has come up with the “Three M’s” formulation and a visualization-based resource pack that can inform educators and carers in terms of actions they can take to address the harms.

Details

Information & Computer Security, vol. ahead-of-print no. ahead-of-print
Type: Research Article
ISSN: 2056-4961

Keywords

To view the access options for this content please click here
Article
Publication date: 5 September 2019

Mark Paul Sallos, Alexeis Garcia-Perez, Denise Bedford and Beatrice Orlando

The purpose of this paper is to frame organisational cybersecurity through a strategic lens, as a function of an interplay of pragmatism, inference, holism and adaptation…

Abstract

Purpose

The purpose of this paper is to frame organisational cybersecurity through a strategic lens, as a function of an interplay of pragmatism, inference, holism and adaptation. The authors address the hostile epistemic climate for intellectual capital management presented by the dynamics of cybersecurity as a phenomenon. The drivers of this hostility are identified and their implications for research and practice are discussed.

Design/methodology/approach

The philosophical foundations of cybersecurity in its relation with strategy, knowledge and intellectual capital are explored through a review of the literature as a mechanism to contribute to the emerging theoretical underpinnings of the cybersecurity domain.

Findings

This conceptual paper argues that a knowledge-based perspective can serve as the necessary platform for a phenomenon-based view of organisational cybersecurity, given its multi-disciplinary nature.

Research limitations/implications

By recognising the knowledge-related vectors, mechanisms and tendencies at play, a novel perspective on the topic can be developed: cybersecurity as a “knowledge problem”. In order to facilitate such a perspective, the paper proposes an emergent epistemology, rooted in systems thinking and pragmatism.

Practical implications

In practice, the knowledge-problem narrative can underpin the development of new organisational support constructs and systems. These can address the distinctiveness of the strategic challenges that cybersecurity poses for the growing operational reliance on intellectual capital.

Originality/value

The research narrative presents a novel knowledge-based analysis of organisational cybersecurity, with significant implications for both interdisciplinary research in the field, and practice.

Details

Journal of Intellectual Capital, vol. 20 no. 4
Type: Research Article
ISSN: 1469-1930

Keywords

To view the access options for this content please click here
Book part
Publication date: 12 April 2021

Jing Li, Paige K. Evans, Cheryl J. Craig, Donna W. Stokes, Rakesh Verma and Gang Zhu

Scant attention has been paid to the influence of professors on science, technology, engineering, and mathematics (STEM) students' learning and lives at the tertiary…

Abstract

Scant attention has been paid to the influence of professors on science, technology, engineering, and mathematics (STEM) students' learning and lives at the tertiary level. To fill this void, this chapter examines the influence of professors on students' entering and remaining in the STEM disciplines and pursuing STEM careers within the context of six funded STEM grants in the southern United States. We examine professor–student interactions using the students' storied experiences as the fodder for our narrative inquiry. We present narrative exemplars from which the following themes emerged: (1) agency as a student and agency as a human being, (2) development of students' multilayered identities, and (3) professors' engagement of themselves in their interactions with students. A discussion of learner-centeredness and professors' professional development in higher education concludes this study of professors' influence on students' learning and intended careers.

Details

Preparing Teachers to Teach the STEM Disciplines in America’s Urban Schools
Type: Book
ISBN: 978-1-83909-457-6

Keywords

To view the access options for this content please click here
Article
Publication date: 29 March 2021

Susan Ramlo and John B. Nicholas

The purpose of this paper is to reveal and describe the divergent viewpoints about cybersecurity within a purposefully selected group of people with a range of expertise…

Abstract

Purpose

The purpose of this paper is to reveal and describe the divergent viewpoints about cybersecurity within a purposefully selected group of people with a range of expertise in relation to computer security.

Design/methodology/approach

Q methodology [Q] uses empirical evidence to differentiate subjective views and, therefore, behaviors in relation to any topic. Q uses the strengths of qualitative and quantitative research methods to reveal and describe the multiple, divergent viewpoints that exist within a group where individuals sort statements into a grid to represent their views. Analyses group similar views (sorts). In this study, participants were selected from a range of types related to cybersecurity (experts, authorities and uninformed).

Findings

Four unique viewpoints emerged such that one represents cybersecurity best practices and the remaining three viewpoints represent poor cybersecurity behaviors (Naïve Cybersecurity Practitioners, Worried but not Vigilant and How is Cybersecurity a Big Problem) that indicate a need for educational interventions within both the public and private sectors.

Practical implications

Understanding the divergent views about cybersecurity is important within smaller groups including classrooms, technology-based college majors, a company, a set of IT professionals or other targeted groups where understanding cybersecurity viewpoints can reveal the need for training, changes in behavior and/or the potential for security breaches which reflect the human factors of cybersecurity.

Originality/value

A review of the literature revealed that only large, nation-wide surveys have been used to investigate views of cybersecurity. Yet, surveys are not useful in small groups, whereas Q is designed to investigate behavior through revealing subjectivity within smaller groups.

Details

Information & Computer Security, vol. ahead-of-print no. ahead-of-print
Type: Research Article
ISSN: 2056-4961

Keywords

1 – 10 of 277