Talking about Talking about Cybersecurity Games

The recent explosion of cybersecurity games not only reflects a growing interest in the discipline broadly, but a recognition that these types of games can be entertaining as well as useful tools for outreach and education. However, cybersecurity game terminology—those terms used to describe or communicate a game’s format, goals, and intended audience— can be confusing or, at worst, misleading. The result being a potential to disappoint some players, or worse, misrepresent the discipline and discourage the same populations we intend to attract. The year 2015 marked the second USENIX Summit on Gaming, Games, and Gamification in Security Education (3GSE), co-located again with the USENIX Security Symposium. At the event, we invited a community conversation about terminology for cybersecurity games. The conversation was the seed of a draft vocabulary report to be presented to the Cybersecurity Competition Federation for comment and possible adoption. In this article, we summarize some of the issues arising from that discussion.National Science Foundation, #1140561 and #1419318National Science Foundation, #1140561 and #141931

Spartan Daily, November 8, 2018

Volume 151, Issue 35https://scholarworks.sjsu.edu/spartan_daily_2018/1077/thumbnail.jp

Game Based Learning for Safety and Security Education

Safety and security education are important part of technology related education, because of recent number of increase in safety and security related incidents. Game based learning is an emerging and rapidly advancing forms of computer-assisted instruction. Game based learning for safety and security education enables students to learn concepts and skills without the risk of physical injury and security breach. In this paper, a pedestal grinder safety game and physical security game have been developed using industrial standard modeling and game development software. The average score of the knowledge test of grinder safety game was 82%, which is higher than traditional lecture only instruction method. In addition, the survey of physical security game shows 84% average satisfaction ratio from high school students who played the game during the summer camp. The results of these studies indicated that game based learning method can enhance students' learning without potential harm to the students

Spartan Daily, October 15, 2015

Volume 145, Issue 23https://scholarworks.sjsu.edu/spartandaily/9074/thumbnail.jp

An Assessment of Internet Use and Cyber-risk Prevalence among Students in Selected Nigerian Secondary Schools

The use of the Internet has become highly pervasive among adolescents. While these people derive numerous benefits from their use of this technology, they are also faced with a challenge of being exposed to many cyber risks. Nigeria is a developing country with a teeming population of adolescents who are regular users of the Internet, but with inadequate research on adolescent Internet safety. There is therefore, a need to conduct studies on child online risks in Nigeria, to help evaluate the enormity of child online abuses. The present study investigated Internet use and cyber-risk prevalence among four hundred secondary school students from a Nigerian state capital. This study employed a survey research method. The findings reveal that students in selected secondary schools in Ibadan metropolis are regular users of the Internet with considerable exposure to different cyber-risk behaviours. Male students are significantly more susceptible to cyberbullying than female students while public school students are more susceptible to cyberbullying and sexual solicitation risks than private school students. The study amongst others, recommends that Information Technology professionals and educators should intentionally get involved in enlightening students on the importance and means of ensuring safety while they use the Internet

Gamificação aplicada à formação em cibersegurança de profissionais de saúde: uma prova de conceito

Mestrado em Gestão e Avaliação de Tecnologias em SaúdeIntrodução: O sector da saúde é fortemente afetado pelo cibercrime, com as principais técnicas de ataque a serem direcionadas para os utilizadores. Por isso, os profissionais de saúde têm um papel fundamental na minimização destes ataques, quando devidamente treinados. As estratégias de formação gamificada em cibersegurança têm resultados bastante positivos ao nível da aquisição e retenção de conhecimento, tendo vantagens ao nível da gestão dos recursos e do tempo. Objetivos: Descrever o estado da arte relacionado com o impacto da cibersegurança no sector da saúde e com a gamificação; identificar os componentes associados ao desenvolvimento de soluções de gamificação; comparar as plataformas de gamificação existentes; definir uma metodologia de gamificação adequada para a formação em cibersegurança de profissionais de saúde e desenvolver uma ferramenta de gamificação para a sensibilização em cibersegurança de profissionais de saúde. Metodologia: Desenvolveu-se uma metodologia de gamificação para a formação em cibersegurança dos profissionais de saúde. Foi igualmente desenvolvido um protótipo da estratégia de formação gamificada, específica para o setor da saúde, onde consta um piloto da aplicação (Health-Cy-Game). Resultados: Desenvolvimento do protótipo da estratégia de formação gamificada – Health-Cy-Game – de acordo com o perfil de conhecimentos estabelecido: conhecimento geral de tecnologia; autenticação e gestão de palavras-passe; técnicas de ciberataques dirigidas ao sector da saúde; gestão da informação; manutenção e atualização de software, e procedimentos e regulamentos em cibersegurança das instituições de saúde. Disposições finais: No setor da saúde, a cibersegurança deverá constituir uma preocupação central dos planos estratégicos de segurança e qualidade dos cuidados. Para atingir este estado de segurança, é preciso munir os utilizadores da tecnologia de conhecimento adequados. “Health-Cy-Game” foi construído tendo em conta o perfil de competências destes profissionais e as especificidades deste sector, de acordo com o Referencial de Competências e Conhecimentos do Centro Nacional de Cibersegurança e as escalas Risky Cybersecurity Behaviours Scale (RsCB) e Security Behaviour Intentions Scale (SeBIS).ABSTRACT - Introduction: The healthcare sector is heavily affected by cybercrime, with the majority of techniques used being addressed to its users. Health professionals have a key role in minimizing these attacks when properly trained. Gamified training strategies in cybersecurity have very positive results in terms of knowledge acquisition and retention, with advantages in terms of resources and time management. Objectives: To describe the state-of-the-art related to the impact of cybersecurity in the health sector and with gamification; identify the components associated with the development of gamification solutions; compare existing gamification platforms; define an appropriate gamification methodology for training health professionals in cybersecurity and develop a gamification tool to raise awareness of cybersecurity among health professionals. Methodology: A gamification methodology was developed for training health professionals in cybersecurity. A prototype of the gamified training strategy, specific for the health sector, was also developed, which contains a pilot application (Health-Cy-Game). Results: Development of the prototype of the gamified training strategy – Health-Cy-Game – according to the knowledge profile established: general knowledge of technology; authentication and password management; cyberattack techniques targeting the health sector; information management; maintenance and updating of software, and procedures and regulations in cybersecurity of health institutions. Final Provisions: In the healthcare sector, cybersecurity must be a central concern of strategic plans addressed to safety and quality of care. To achieve this state of security, it is necessary to provide adequate training to healthcare professionals. “Health-Cy-Game” was built taking into account the skills profile of these professionals and the specificities of this sector, in accordance with Centro Nacional de Cibersegurança’s roadmap “Competências e Conhecimentos”, the Risky Cybersecurity Behaviours Scale (RsCB) and Security Behaviour Intentions Scale (SeBIS).N/

Introduction to the special issue on the 50th anniversary of IJHCS

This special issue celebrates the 50th anniversary of the International Journal of Human-Computer Studies (IJHCS), which published its first volume in January 1969. The special issue comprises 15 contributions from a number of experts in Human-Computer Interaction (HCI) and other areas relevant to IJHCS. These contributions are best characterized as ‘landscape papers’, providing insightful analyses about the evolution (i.e., the past, the present and the future) of research areas relevant to IJHCS. The areas covered in this special issue include: the history and scope of the journal; foundational concerns in HCI; critical discussions about the issues surrounding digital living in a variety of areas, from healthcare and cybersecurity to digital games and art; the making of interactive products and services, as seen through the viewpoints defined by research in psychology of programming, end-user development and participatory design; and, finally, the issues associated with adapting to various novel emerging technologies, including automated systems, online personalisation, human augmentations, mixed reality, and sonic interfaces. In this short essay, we introduce the special issue, reflecting on the nature and evolution of the journal, before providing short outlines of each of the contributions to this special issue

Parents’ Awareness on Online Predators: Cyber Grooming Deterrence

The rapid increase of information and communications technology is manifested by its tremendous positive outcomes on the economy, business, and society. However, online application use by adolescents, especially mobile technology, has caused uneasiness among parents owing to cyber grooming incidents. This study reflects on the current cyber grooming situation. Investigating the current state of online grooming and the means through which parents can ensure the online safety of their adolescents from adults offering “candy” or wanting to start a relationship is necessary. Teen behavior related scholars believe that parents play a vital role in building safe environments. We conducted a qualitative study by interviewing 19 parents with children between the ages of 13 and 17 years in an urban setting to determine the level of the parents’ awareness. Interviews were conducted based on five key components, namely, social media, unknown friends, sex education, private chats, and family time. The results present the actual situations of the parents and highlight related challenges as well as adolescents’ ignorance and vulnerability to cyber grooming. Results are mapped to three main determinants of cyber grooming, namely, parental factors, self-efficacy, and self-regulation. We conclude with insights and recommendations for parents, schools, and the government to be vigilant for online predators by increasing awareness of cyber grooming

Introduction to the Special Issue on the 50th Anniversary of IJHCS

This special issue celebrates the 50th anniversary of the International Journal of Human-Computer Studies (IJHCS), which published its first volume in January 1969. The special issue comprises 15 contributions from a number of experts in Human-Computer Interaction (HCI) and other areas relevant to IJHCS. These contributions are best characterized as ‘landscape papers’, providing insightful analyses about the evolution (i.e., the past, the present and the future) of research areas relevant to IJHCS. The areas covered in this special issue include: the history and scope of the journal; foundational concerns in HCI; critical discussions about the issues surrounding digital living in a variety of areas, from healthcare and cybersecurity to digital games and art; the making of interactive products and services, as seen through the viewpoints defined by research in psychology of programming, end-user development and participatory design; and, finally, the issues associated with adapting to various novel emerging technologies, including automated systems, online personalisation, human augmentations, mixed reality, and sonic interfaces. In this short essay, we introduce the special issue, reflecting on the nature and evolution of the journal, before providing short outlines of each of the contributions to this special issue