Abstract
Cybersecurity capabilities in organizations and governmental agencies continue to lag behind the threats. Given the current environment, these entities have placed renewed emphasis on cybersecurity education. However, education appears to lack its full potential in most settings. Few empirical studies have systematically tested the efficacy of various training methods and modes, and those that have been conducted have yielded inconsistent findings. Recent literature on the use of gamified simulations have suggested that they may improve cybersecurity behaviors. Similarly, live activities such as hackathons and capture the flag events have been surmised to augment learning and capabilities. We conducted an exploratory study of these compared to a traditional classroom/laboratory approach to assess the applied behavioral contribution of each. We found that a combination of simulations with live activities in conjunction with classroom study produced the best outcomes.
Included in
Adult and Continuing Education Commons, Information Security Commons, Management Information Systems Commons