Assessment of cybersecurity awareness program on personal data protection among youngsters in Malaysia / Noor Hayani Abd Rahim

Abstract

Youngsters aged 12 to 19 years old are among the highest number of Internet users in Malaysia. Characteristically, they have a high degree of enthusiasm. They tend to overshare information, and perceive everything on the Internet as the truth. They also lack security knowledge on how to protect their personal data, do not restrict themselves from sharing it on the Internet. Thus, efforts have been made in Malaysia to educate youngsters regarding the importance of protecting personal data. However, the current cybersecurity awareness module posed few challenges such as on understanding, acceptance of message and effective ways of giving awareness which require an assessment to be conducted. A literature review was thoroughly conducted to justify the lacking elements on assessment of cybersecurity awareness programs, and found that there is little attempt to use program evaluation technique, a lack of focus on youngsters and a lack of assessment on the understanding of personal data protection. Based on the aforementioned limitations, this study aims to identify the assessment criteria’s for cybersecurity awareness program based on theories and component of personal data protection, to propose the assessment framework for cybersecurity awareness program, to employ and verify the proposed assessment framework for assessing cybersecurity awareness program among youngsters. This study used a mixed method research design, where the data collections were conducted over four distinct in sequential phases. In Phase 1, a survey of 384 youngsters was conducted. In Phase 2, a pre-test and post-test survey was conducted on 397 and 391 youngsters respectively. In Phase 3, three focus group interviews were conducted. Finally, in Phase 4, observation of web recording was conducted using Camtasia Studio to record the youngsters’ online activities. Phase 3 and 4 were made up of 12 youngsters divided into 3 focus groups. All were held at two OUTREACH CyberSAFE programs conducted by Cybersecurity Malaysia. Firstly, at Bahagian Teknologi Pendidikan Negeri Johor which involved youngsters from all over Malaysia, and secondly at Sekolah Seri Puteri Kuala Lumpur. Analyses were done using SPSS and thematic analysis. The findings show that the current module has a positive degree of favourability in terms of the youngsters’ reaction and raised their knowledge and skills on personal data protection. Besides, this study also proposed four effective ways to enhance the current module of cybersecurity awareness. This includes the element of decision making in using personal data, the management of online applications, online content, usernames and passwords. From the theoretical contributions perspective, this study identified assessment criteria’s based on ARCS Model of Motivational Design Theory, SLT and TRA that used to nominate Kirkpatrick’s Four Learning Evaluation Model that used as the assessment guideline. From the practical contribution perspective, this study facilitates stakeholders such as Cybersecurity Malaysia, parents and school management to decide for a better module to convey the message on personal data protection

    Similar works