Gamification of Information Security Awareness and Training

被引：22

作者：

Gjertsen, Eyvind Garder B. ^{[1
]}

Gjaere, Erlend Andreas ^{[2
]}

Bartnes, Maria ^{[1
,2
]}

Flores, Waldo Rocha ^{[3
]}

机构：

[1] Norwegian Univ Sci & Technol, Dept Telemat, N-7491 Trondheim, Norway

[2] SINTEF, POB 4760, N-7465 Trondheim, Norway

[3] EY, POB 20, N-0051 Oslo, Norway

来源：

ICISSP: PROCEEDINGS OF THE 3RD INTERNATIONAL CONFERENCE ON INFORMATION SYSTEMS SECURITY AND PRIVACY | 2017年

基金：

欧盟地平线“2020”;

关键词：

Information Security; Security Awareness; Gamification;

D O I：

10.5220/0006128500590070

中图分类号：

TP [自动化技术、计算机技术];

学科分类号：

0812 ;

摘要：

Security Awareness and Training (SAT) programs are commonly put in place to reduce risk related to insecure behaviour among employees. There are however studies questioning how effective SAT programs are in terms of improving end-user behaviours. In this context, we have explored the potential of applying the concept of gamification -i. e. using game mechanics - to increase motivation and learning outcomes. An interactive SAT prototype application was developed, based on interviews with security experts and a workshop with regular employees at two companies. The prototype was tested by employees in a second workshop. Our results indicate that gamification has potential for use in SAT programs, in terms of potential strengths in areas where current SAT efforts are believed to fail. There are however significant pitfalls one must avoid when designing such applications, and more research is needed on long-term effects of a gamified SAT application.

引用

页码：59 / 70

页数：12

共 50 条

[1] Gamification – can it be applied to security awareness training?
Emm, David
[J]. Network Security, 2021, 2021 (04): : 16 - 18
[2] Gamification of MOOCs and Security Awareness in Corporate Training
Triantafyllou, Serafeim A.
Georgiadis, Christos K.
[J]. CSEDU: PROCEEDINGS OF THE 14TH INTERNATIONAL CONFERENCE ON COMPUTER SUPPORTED EDUCATION - VOL 1, 2022, : 547 - 555
[3] A Review on Gamification for Information Security Training
Sharif, Karzan Hussein
Ameen, Siddeeq Yousif
[J]. 2021 INTERNATIONAL CONFERENCE OF MODERN TRENDS IN INFORMATION AND COMMUNICATION TECHNOLOGY INDUSTRY (MTICTI 2021), 2021, : 123 - 130
[4] Assessing the Effects of Gamification on Enhancing Information Security Awareness Knowledge
Wu, Tienhua
Tien, Kuang-You
Hsu, Wei-Chih
Wen, Fu-Hsiang
[J]. APPLIED SCIENCES-BASEL, 2021, 11 (19):
[5] A Conceptual Analysis of Information Security Education, Information Security Training and Information Security Awareness Definitions
Amankwa, Eric
Loock, Marianne
Kritzinger, Elmarie
[J]. 2014 9TH INTERNATIONAL CONFERENCE FOR INTERNET TECHNOLOGY AND SECURED TRANSACTIONS (ICITST), 2014, : 248 - 252
[6] TRAINING IN SHAPING EMPLOYEE INFORMATION SECURITY AWARENESS
Stefaniuk, Tomasz
[J]. ENTREPRENEURSHIP AND SUSTAINABILITY ISSUES, 2020, 7 (03): : 1832 - 1846
[7] The impact of information richness on information security awareness training effectiveness
Shaw, R. S.
Chen, Charlie C.
Harris, Albert L.
Huang, Hui-Jou
[J]. COMPUTERS & EDUCATION, 2009, 52 (01) : 92 - 100
[8] A Framework for Integrating Gamification in Information Security Awareness Programmes for Higher Education Students
Kapery, Ghafsa
Snyman, Dirk
[J]. INFORMATION SECURITY EDUCATION-CHALLENGES IN THE DIGITAL AGE, WISE 2024, 2024, 707 : 50 - 64
[9] A Design Theory-Based Gamification Approach for Information Security Training
Tuan Anh Nguyen
Hiep Pham
[J]. 2020 RIVF INTERNATIONAL CONFERENCE ON COMPUTING & COMMUNICATION TECHNOLOGIES (RIVF 2020), 2020, : 360 - 363
[10] Information Security Awareness: Comparing Perceptions and Training Preferences
Farooq, Ali
Kakakhel, Syed Rameez Ullah
[J]. 2013 2ND NATIONAL CONFERENCE ON INFORMATION ASSURANCE (NCIA), 2013, : 53 - 57

← 1 2 3 4 5 →