THE RELATIONSHIP BETWEEN ENGAGMENT LEVELS AND PLAYERS’ INTENDED BEHAVIORS IN GAME-BASED TRAINING FOR CYBERSECURITY.

Salameh, Rana

01 December 2019

The purpose of this quantitative exploratory experimental design study was to examine the effects of end-user’s multi-dimension engagement (cognitive, affective, and behavioral) on their cybersecurity intended behaviors (coping and threat appraisals). Additionally, this study is an effort to understand how end-users’ engagement levels changed over multiple playing sessions. There were two research questions: (1) “Do engagement levels have a relationship with the players’ intended behaviors in a cybersecurity serious game?” and (2) “Does playing more sessions of cybersecurity serious game affect players’ engagement?” The protection motivation theory (PMT) was used to assess users’ intended behaviors for two factors: (a) coping appraisal, and (b) threat appraisal. While, the multi-dimension factors of engagement (MDFE) instrument was used to assess users’ multi-dimensions engagement levels (cognitive, affective, and behavior).A total of 122 participants fully completed the (a) pre_knowledge initial survey, (b) assigned training sessions, and (c) post-training surveys (MDFE and PMT). Descriptive analysis was used to assess participants’ background as age, gender, and pre-knowledge. A multiple linear regression analysis was conducted to determine whether a linear combination of the multi-dimensional engagement factors: cognitive, affective, and behavior (as predictors) could predict coping appraisal and threat appraisal as factors of intended behaviors. Also, an independent samples t-test was used to determine whether there would be statistically significant differences in the engagement levels (cognitive, affective, and behavior) between group A and group B that underwent three and five training sessions of gameplay, respectively.The result showed cognitive engagement (i.e., challenge, graphics, and attainable goals) was as significant predictor for end-users’ intended behaviors for both coping and threat appraisals. However, affective and behavioral engagement were not significant predictors for end-users’ intended behaviors (for both coping and threat appraisals). Moreover, the analysis showed that end-users’ engagement levels changed over multiple playing sessions. Group B, who underwent more training sessions, showed more engagement levels. These results have implications on cybersecurity serious game design to include cognitive activities (i.e., challenge, graphics, attainable goals) to assure participants’ engagement levels remain high. Similarly, incorporate activities to enhance players’ confidence and autonomy to assure participants are affectively engaged. And finally, multiple-players game design is recommended to achieve social engagement. Also, findings would be helpful in implementing how often to prescribe the training session. Finally, several implications have been suggested to serious games designers.

Cybersecurity intended behavior

Cybersecurity training

Engagement

Game-based learning

DEVELOPING TRAINING MATERIALS TO SUPPLEMENT THE INDIANA CYBERSECURITY SCORECARD

Madison Renae Thomas (11226636)

20 July 2022

<p> Cybersecurity is an important aspect of all businesses as well as the public sector. As information technology becomes more interconnected with our everyday lives, it opens more opportunities for network vulnerabilities and therefore more breach opportunities. Previous work within the State of Indiana has produced a cybersecurity scorecard but leaves those using the scorecard with no way to improve their scores. This research is conducted to help Indiana counties improve their cybersecurity practices with a limited budget. As well, this research and implementation guide will be accessible in a way that any employee at the county level, despite their cybersecurity knowledge, will have a solid foundation on where to begin to improve their score. The goal of this study is to develop a framework that identifies the weaknesses in an Indiana county's response to the Cybersecurity Scorecard and provides resources to improve their scores. The framework should identify the specific issues and give definitions or resources for the counties to use to improve their score. </p>

cybersecurity

information technology

cybersecurity education

computer science education

training

computer science training

cybersecurity training