Search results

Prior research (Harrast, Olsen, & Sun, 2023) analyzes the eight emerging topics to be included in future CPA exams and discusses their importance to career success and appropriate teaching locus in light of survey evidence. They find that the general topic of data analytics is the most important of the eight emerging topics. To further understand the topics most important to career success, this study analyzes subtopics underlying the eight emerging topics. The results show that advanced Excel analysis tools, data visualization, and data extraction, transformation, and loading (ETL) are the most important data analytics subskills for career success according to professionals and that these topics should be both introduced and emphasized in the accounting curriculum. The results provide useful information to educators to prioritize general emerging topics and specific subtopics in the accounting curriculum by taking into account the most pressing needs of the profession.

The frequency and sophistication of cybercrimes are increasing. These cybercrimes are impacting government and private organizations as well as individuals. One of the countermeasures is to improve the cyber hygiene of the end-users. Serious games or game-based learning has emerged as a promising approach for implementing security education, training and awareness program. In this paper, the researchers propose a tabletop card game called Cyber Suraksha to increase threat awareness and motivate users to adopt recommended security controls for smartphone users. Cyber Suraksha provides an active learning environment for the players. This paper aims to provide the details of the design and evaluation of the game using a between-subjects design.

The researchers have used constructive learning theory and the Fogg behaviour model (FBM) to design a tabletop card game called Cyber Suraksha. The researchers evaluated the game using a between-subjects design. The participants' responses in the control and intervention groups were collected using the risk behaviour diagnosis scale. Pearson’s Chi-Square test with a 5% significance level was used to test the hypotheses.

The results indicate that the game is enjoyable and fun. Cyber Suraksha game effectively motivates users to adopt the recommended security control for the targeted behaviour. The results indicate that the participants in the intervention group are 2.65 times more likely to adopt recommended behaviour. The findings of this study provide evidence for the effectiveness of hope and fear appeals in improving cybersecurity awareness.

The generalizability of the study is limited because the sample size is small compared to the total number of smartphone users in India, and only students from computer/IT UG programs in India are used as participants in this study.

This study uses hope and a fear appeal to design an effective serious game. It also demonstrates using the FBM and constructive learning principles for effective serious game design. Cyber Suraksha is effective for the student group and may be tested with other age groups.

To the researchers' knowledge, there are no serious games for cybersecurity awareness focusing on the threats faced by smartphone users based on FBM and constructive learning theory. This research used hope along with a fear appeal to motivate smartphone users to adopt recommended security controls.

The human factor is the most important defense asset against cyberattacks. To ensure that the human factor stays strong, a cybersecurity culture must be established and cultivated in a company to guide the attitudes and behaviors of employees. Many cybersecurity culture frameworks exist; however, their practical application is difficult. This paper aims to demonstrate how an established framework can be applied to determine and improve the cybersecurity culture of a company.

Two surveys were conducted within eight months in the internal IT department of a global software company to analyze the cybersecurity culture and the applied improvement measures. Both surveys comprised the same 23 questions to measure cybersecurity culture according to six dimensions: cybersecurity accountability, cybersecurity commitment, cybersecurity necessity and importance, cybersecurity policy effectiveness, information usage perception and management buy-in.

Results demonstrate that cybersecurity culture maturity can be determined and improved if accurate measures are derived from the results of the survey. The first survey showed potential for improving the dimensions of cybersecurity accountability, cybersecurity commitment and cybersecurity policy effectiveness, while the second survey proved that these dimensions have been improved.

This paper proves that practical application of cybersecurity culture frameworks is possible if they are appropriately tailored to a given organization. In this regard, scientific research and practical application combine to offer real value to researchers and cybersecurity executives.

Cyberattacks are becoming increasingly widespread, and cybersecurity is therefore increasingly important. Although the technological aspects of cybersecurity are its best-known characteristics, the cybersecurity phenomenon goes beyond the detection of technological impacts, and encompasses all the dimensions of an organization. This study thus focusses on an additional set of organizational elements. The key elements of cybersecurity organizational readiness depicted here are cybersecurity awareness, cybersecurity culture and cybersecurity organizational resilience (OR). This study aims to qualitatively assess small and medium enterprises’ (SMEs) overall level of organizational cybersecurity readiness.

This study focused on conducting a cybersecurity organizational readiness assessment using a sample of 53 Italian SMEs from the information and communication technology sector. Informed mixed method research, this study was conducted consistent with the principles of the explanatory sequential mixed method design, and adopting a quanti-qualitative methodology. The quantitative data were collected through a questionnaire. Qualitative data were subsequently collected through semi-structured interviews.

Although many elements of the technical aspects of cybersecurity OR have yielded very encouraging results, there are still some areas that require improvement. These include those facets that constitute the foundation of cybersecurity awareness, and, thus, a cybersecurity culture. This result highlights that the areas in need of improvement are exactly those that are most important in fighting against cyber threats via organizational cybersecurity readiness.

Although the importance of SMEs is obvious, evidence of such organizations’ attitudes to cybersecurity are still limited. This research is an attempt to depict the organizational issue related to cybersecurity, i.e. overall cybersecurity organizational readiness.

Malicious hackers are increasingly evolving with technology by developing advanced tools to infiltrate. They are looking at micro laundering via sites like PayPal or using job advertising sites, to avoid exposure. Micro laundering makes it possible to launder a large amount of money in small amounts through thousands of electronic transactions. Therefore, the purpose of this paper is to examine whether the ethical hacking pedagogy is both a feasible and effective approach to prepare information security professionals of the future to combat black hat hacking and other forms of unethical conduct in the cyberspace.

The paper will specifically explore the ethics and implications of teaching students how to hack. It examines the strengths and limitations of the ethical hacking pedagogy. The discussion will then form the basis for exploring whether ethical hacking pedagogy is logical and justifiable.

The research has examined whether the ethical hacking pedagogy is an initiative-taking and effective approach to preparing information security professionals. Teaching students to hack is the only feasible approach to preparing future cybersecurity professionals because such training will allow them to master technical skills necessary for penetration testing.

A dominant theme that emerged from the research is the inability to evaluate students’ intention and provide oversight after their graduation. Thus, professional networks and peer groups will play an instrumental role in sustaining students in an environment that fosters ethical conduct.

Cybersecurity competitions can effectively develop skills, but engaging a wide learner spectrum is challenging. This study aims to investigate the perceptions of cybersecurity competitions among Reddit users. These users constitute a substantial demographic of young individuals, often participating in communities oriented towards college students or cybersecurity enthusiasts. The authors specifically focus on novice learners who showed an interest in cybersecurity but have not participated in competitions. By understanding their views and concerns, the authors aim to devise strategies to encourage their continuous involvement in cybersecurity learning. The Reddit platform provides unique access to this significant demographic, contributing to enhancing and diversifying the cybersecurity workforce.

The authors propose to mine Reddit posts for information about learners’ attitudes, interests and experiences with cybersecurity competitions. To mine Reddit posts, the authors developed a text mining approach that integrates computational text mining and qualitative content analysis techniques, and the authors discussed the advantages of the integrated approach.

The authors' text mining approach was successful in extracting the major themes from the collected posts. The authors found that motivated learners would want to form a strategic way to facilitate their learning. In addition, hope and fear collide, which exposes the learners’ interests and challenges.

The authors discussed the findings to provide education and training experts with a thorough understanding of novice learners, allowing them to engage them in the cybersecurity industry.

The purpose of this study is to investigate the extent to which a sample of the Australian cybersecurity industry is impacted by burnout.

Based on the review of the literature, this research investigates the following three hypotheses. Gender will significantly predict burnout scores. Those who identify as women will score higher on average than those who identify as men (because of being in a male-dominated industry). Self-reported burnout will differ across job roles. In addition, the authors expect these relationships to hold across the three dimensions of burnout, namely, emotional exhaustion, depersonalisation and professional efficacy. Sleep quality will be associated with burnout.

Gender and job role were significant predictors of emotional exhaustion, but not depersonalisation or professional efficacy. The interaction between gender and job role was also significant. Senior managers experienced poorer quality sleep, and poorer sleep quality was associated with greater reported emotional exhaustion at work. For emotional exhaustion, female respondents who worked in security consultant roles tended to score higher than their male counterparts.

Left unaddressed, the high level of workplace burnout may add to the well-being and retention problems developing within the cybersecurity community. These results indicate that organisations should look to measure the well-being of their own cyber workforce and implement meaningful changes if they wish to keep their cyber talent and enable them to thrive at work.

This research paper is an extension of a previous paper by the same authors which is titled “Is Your CISO Burnt Out Yet”. This paper examined the demographic differences in workplace burnout among cybersecurity professionals.

This paper aims to investigate the relationship of female participation in labor force with the cybersecurity maturity of nations and the enabling role of e-government development in moderating the same.

The authors have conducted fixed-effects regression using archival data for 149 countries taken from secondary sources. Furthermore, the authors have grouped the sample countries into four levels of cybersecurity maturity (unprepared, reactive, anticipatory and innovative) using clustering techniques, and studied the influence of their interest variables for individual groups.

Results show that female participation in labor force positively influences national cybersecurity maturity, and e-government development positively moderates the said relationship, thereby enabling the empowerment of women.

Encouraging broader participation of women in the labor force and prioritizing investments in e-government development are essential steps that organizations and governments may take to enhance a country’s cybersecurity maturity level.

This study empirically demonstrates the impact of the nuanced interplay between female participation in labor force and the e-government development of a nation on its cybersecurity maturity.

Social engineering is crucial in today’s digital landscape. As technology advances, malicious individuals exploit human judgment and trust. This study explores how age, education and occupation affect individuals’ awareness, skills and perceptions of social engineering.

A quantitative research approach was used to survey a diverse demographic of Egyptian society. The survey was conducted in February 2023, and the participants were sourced from various Egyptian social media pages covering different topics. The collected data was analyzed using descriptive and inferential statistics, including independent samples t-test and ANOVA, to compare awareness and skills across different groups.

The study revealed that younger individuals and those with higher education tend to research social engineering more frequently. Males display a higher level of awareness but score lower in terms of social and psychological consequences as well as types of attacks when compared to females. The type of attack cannot be predicted based on age. Higher education is linked to greater awareness and ability to defend against attacks. Different occupations have varying levels of awareness, skills, and psychosocial consequences. The study emphasizes the importance of increasing awareness, education and implementing cybersecurity measures.

This study’s originality lies in its focus on diverse Egyptian demographics, innovative recruitment via social media, comprehensive exploration of variables, statistical rigor, practical insights for cybersecurity education and diversity in educational and occupational backgrounds.

This paper explores the convergence of Education 4.0 and Industry 4.0 and presents a Twin Peaks model for their seamless integration.

A high-level literature review is conducted to identify and discuss the important challenges and opportunities offered by both Education 4.0 and Industry 4.0. A novel Twin Peaks model is devised for the convergence of these domains and to cope with the challenges effectively.

The proposed Twin Peak model for the convergence of Education 4.0 and Industry 4.0 suggests that the development of these two domains is interdependent. It emphasizes ethical considerations, inclusivity and understanding the concerns of stakeholders from both education and industry. We have also explained how continuous incremental adaptation within the proposed Twin Peaks model might assist in addressing concerns of one sector with the opportunities of the other.

First, Education 4.0 and Industry 4.0 are reviewed in terms of opportunities and challenges they present. Second, a novel Twin Peaks model for the convergence of Education 4.0 and Industry 4.0 is presented. The proposed discovers that the convergence is adaptive, iterative and must be ethically sound while considering the broader societal implications of the digital transformation. Third, this study also acts as a torch-bearer for the necessity for more research of this kind to guarantee that our educational ecosystem is adaptable and capable of producing the skills required for success in the era of IR4.0.