Computer-supported learning technologies are essential for conducting hands-on cybersecurity training. These technologies create environments that emulate a realistic IT infrastructure for the training. Within the environment, training participants use various software tools to perform offensive or defensive actions. Usage of these tools generates…

Personal data protection is an ethical issue. In this study we analyzed how research ethics committees (RECs) and data protection officers (DPOs) handle personal data protection issues in research protocols. We conducted a mixed-methods study. We included heads (or delegated representatives) of RECs and DPOs from universities and public research…

This study investigated the relationship between information security training and awareness and employees' compliance with information security policy in the U.S. retail industry. Using a quantitative non-experimental research design, this study examined and quantified the significance of the relationship between information security training and…

Purpose: The growth of the internet, access to technology and rapid digital transformations have paved the way for developing attack surfaces for individuals and organizations. There is a dire need to provide cybersecurity awareness most effectively. Gamification-based platforms have evolved to make cybersecurity education more engaging and…

Organizations must ensure that employees maintain information security policy (ISP) compliance intentions with respect to published policies to improve their information security (IS) posture. Employees' noncompliance behaviors make them the weakest link in organizations' IS. Although IS researchers exert enormous amounts of effort on finding…

Private higher educational institutions are at a high risk of cyber-attacks based on the amount of data they consume about students, their families, donors, faculty, and employees. I determined that there was a gap in the body of knowledge concerning how IT leaders in private higher education secure their information assets. The purpose of this…

Cybersecurity remains a critical concern for school systems nationwide, showing a consistent increase in publicly disclosed K-12 cyber incidents over the past 5 years. The U.S. Department of Homeland Security's 2024 Homeland Threat Assessment underscores this trend, predicting ongoing targeting of K-12 school networks by cyber actors who will…

The purpose of this generic qualitative inquiry research study is to examine the features that need to be improved in self-paced cybersecurity awareness training to educate retail employees to identify phishing attacks. Malicious phishing attacks are a significant threat to retail corporations' business operations and confidential data. Employees'…

This dissertation addresses the problem of practice of the high rate of employees in financial organizations clicking on phishing links, positioning their companies at risk of a data incident or breach. The financial sector was the most breached industry in 2022 (Schwartz, 2022) and was impacted the most by malicious phishing emails (Trellix…

Cybersecurity professionals need hands-on training to prepare for managing the current advanced cyber threats. To practice cybersecurity skills, training participants use numerous software tools in computer-supported interactive learning environments to perform offensive or defensive actions. The interaction involves typing commands, communicating…

Purpose: This research investigates mobile security awareness among university students in Hong Kong, who increasingly rely on mobile devices for their daily activities and academic needs. This research seeks to inform targeted educational strategies and policies to enhance mobile security practices among young adults, particularly in regions…

There is an ever-pressing need for cybersecurity awareness and implementation of learning strategies in the workplace to mitigate the increased threat posed by cyber-attacks and exacerbated by an untrained workforce. The lack of cybersecurity knowledge amongst government employees has increased to critical levels due to the amount of sensitive…

Phishing emails pose a serious threat to individuals and organizations. Users' ability to identify phishing emails is critical to avoid becoming victims of these attacks. The current study examined the effectiveness of a short online phishing training program designed to help users identify phishing emails. Half of the participants were in the…

Cybersecurity best practices were the focus of this work and their use within the public school system. The problem of this study centered on the cybersecurity barriers Texas Independent School Districts faced during implementation. The educational system saw ransomware spread across the state, and without the implementation of best practices,…

Hands-on computing education requires a realistic learning environment that enables students to gain and deepen their skills. Available learning environments, including virtual and physical laboratories, provide students with real-world computer systems but rarely adapt the learning environment to individual students of various proficiency and…