This study examines the effect of a gamified information security education system (ISES) on developing users' information security awareness and protection behavioral intention. We developed a research model based on affordance theory and means-end chain theory. Using a scenario-based experimental survey approach, we obtained 220 valid samples…

This study investigated the relationship between information security training and awareness and employees' compliance with information security policy in the U.S. retail industry. Using a quantitative non-experimental research design, this study examined and quantified the significance of the relationship between information security training and…

The focus of this research was to look into the information security awareness of Chinese university students during the COVID-19 pandemic and make recommendations based on the survey's findings and research literature. The quantitative method is applied in this study. 111 Chinese college students were randomly sampled and requested to answer a…

Evidence suggests that adherence to information security policies is one of the best and most cost-effective ways to protect an organization. Much of the current research suggests that user behavior is often to blame for vulnerabilities being exploited. Employees that have a high level of information security awareness appear to perform well…

The rapid technological developments associated with the decrease in the cost of smartphones made the latter more accessible and convenient to be used. In an educational setting, students are increasingly bringing their smartphones to classrooms, this could have serious security implications, particularly when students are less aware of smartphone…

In this role-playing teaching case, students impersonate Selective Consulting, a fictitious, Australian-based company tasked with assessing the information security practices of SkillPlat, a provider of apprenticeship and traineeship services. The case develops around the one-week visit paid by Selective Consulting to SkillPlat's headquarters,…

In 2021, EDUCAUSE is publishing a second edition of the "Horizon Report." With this inaugural issue of the Information Security edition of the "Horizon Report," EDUCAUSE has sought to expand their series of Teaching and Learning "Horizon Reports" to focus on a new area of critical importance to the future of higher…

The analysis of the results of scientific research has revealed the necessity to track the level of anxiety of a student while studying aspects of information security in a particular subject area. And in accordance with the results, it was necessary to justify the choice of methods for management and content of information security training in…

This paper aims at reviewing Information Security Awareness (ISA) practices in general and at Omani Government Agencies (OGA) in particular. It also explores the concerns and challenges that may affect their implementation, and the reasons why ISA practices remained problematic for more than a decade at the OGAs. To inform the aim of this…

The objective of this audit was to determine whether the U.S. Department of Education's (Department) overall information technology (IT) security programs and practices were effective as they relate to Federal information security requirements. To answer this objective, the Department's performance was rated in accordance with Fiscal Year (FY)…

Purpose: The information security field requires standardised education. This could be based on generic job profiles and a standard competence framework. The question is whether this is possible and feasible. To find out, the author did a case study: developing an information security master curriculum based on a generic PVIB job profile and the…

An increase in information technology has caused and increased in threats towards information security. Threats are malware, viruses, sabotage from employees, and hacking into computer systems. Organizations have to find new ways to combat vulnerabilities and threats of internal and external threats to protect their information security and…

The objective of this audit was to determine whether the U.S. Department of Education's (Department) overall information technology (IT) security programs and practices were effective as they relate to Federal information security requirements. In fiscal year (FY) 2020, the focus of the audit was solely on Departmental Systems. This year the focus…

Although postgraduate students are required to be self-directed, this is not always the case. The aims of this study were twofold. Firstly, we investigated whether the use of problem-based projects supported students in implementing different cryptography algorithms as part of a group assignment. Secondly, we determined to which extent the use of…

School systems collect and maintain increasingly significant amounts of data and information on students, faculty, and staff and have a duty of care to ensure that sensitive information remains secure. Therefore, sitting and/or aspiring school leaders need to develop at least a basic understanding of data privacy and information security…