Business Commons^™

Turnstile File Transfer: A Unidirectional System For Medium-Security Isolated Clusters, Mark Monnin, Lori L. Sussman

Journal of Cybersecurity Education, Research and Practice

Data transfer between isolated clusters is imperative for cybersecurity education, research, and testing. Such techniques facilitate hands-on cybersecurity learning in isolated clusters, allow cybersecurity students to practice with various hacking tools, and develop professional cybersecurity technical skills. Educators often use these remote learning environments for research as well. Researchers and students use these isolated environments to test sophisticated hardware, software, and procedures using full-fledged operating systems, networks, and applications. Virus and malware researchers may wish to release suspected malicious software in a controlled environment to observe their behavior better or gain the information needed to assist their reverse engineering processes. …

Preparing Uk Students For The Workplace: The Acceptability Of A Gamified Cybersecurity Training, Oliver J. Mason, Siobhan Collman, Stella Kazamia, Ioana Boureanu

Journal of Cybersecurity Education, Research and Practice

This pilot study aims to assess the acceptability of Open University’s training platform called Gamified Intelligent Cyber Aptitude and Skills Training course (GICAST), as a means of improving cybersecurity knowledge, attitudes, and behaviours in undergraduate students using both quantitative and qualitative methods. A mixed-methods, pre-post experimental design was employed. 43 self-selected participants were recruited via an online register and posters at the university (excluding IT related courses). Participants completed the Human Aspects of Information Security Questionnaire (HAIS-Q) and Fear of Missing Out (FoMO) Scale. They then completed all games and quizzes in the GICAST course before repeating the HAIS-Q and …

The Technology, Organization, And Environment Framework For Social Media Analytics In Government: The Cases Of South Africa And Germany, Brenda M. Scholtz, Khulekani Yakobi

The African Journal of Information Systems

This paper investigates factors influencing the adoption of social media analytics (SMA) for citizen relationship management (CzRM). Three real-world cases of government departments, two in South Africa and one in Germany, were investigated, and focus group discussions were conducted. The technological, organizational, and environmental (TOE) theory and qualitative content analysis guided the data analysis. The findings revealed that in all cases, staff usually conducted a manual analysis of social media and SMA had not been implemented sufficiently to realize its full potential. Insights were obtained from TOE and factors were identified that should be considered for improving the planning of …

Integrity, Confidentiality, And Equity: Using Inquiry-Based Labs To Help Students Understand Ai And Cybersecurity, Richard C. Alexander, Liran Ma, Ze-Li Dou, Zhipeng Cai, Yan Huang

Journal of Cybersecurity Education, Research and Practice

Recent advances in Artificial Intelligence (AI) have brought society closer to the long-held dream of creating machines to help with both common and complex tasks and functions. From recommending movies to detecting disease in its earliest stages, AI has become an aspect of daily life many people accept without scrutiny. Despite its functionality and promise, AI has inherent security risks that users should understand and programmers must be trained to address. The ICE (integrity, confidentiality, and equity) cybersecurity labs developed by a team of cybersecurity researchers addresses these vulnerabilities to AI models through a series of hands-on, inquiry-based labs. Through …

Building A Diverse Cybersecurity Workforce: A Study On Attracting Learners With Varied Educational Backgrounds, Mubashrah Saddiqa, Kristian Helmer Kjær Larsen1 Helmer Kjær Larsen, Robert Nedergaard Nielsen, Jens Myrup Pedersen

Journal of Cybersecurity Education, Research and Practice

Cybersecurity has traditionally been perceived as a highly technical field, centered around hacking, programming, and network defense. However, this article contends that the scope of cybersecurity must transcend its technical confines to embrace a more inclusive approach. By incorporating various concepts such as privacy, data sharing, and ethics, cybersecurity can foster diversity among audiences with varying educational backgrounds, thereby cultivating a richer and more resilient security landscape. A more diverse cybersecurity workforce can provide a broader range of perspectives, experiences, and skills to address the complex and ever-evolving threats of the digital age. The research focuses on enhancing cybersecurity education …

Modeling Identity Disclosure Risk Estimation Using Kenyan Situation, Peter N. Muturi, Andrew M. Kahonge, Christopher K. Chepken, Evans K. Miriti

The African Journal of Information Systems

Identity disclosure risk is an essential consideration in data anonymization aimed at preserving privacy and utility. The risk is regionally dependent. Therefore, there is a need for a regional empirical approach in addition to a theoretical approach in modeling disclosure risk estimation. Reviewed literature pointed to three influencers of the risk. However, we did not find literature on the combined effects of the three influencers and their predictive power. To fill the gap, this study modeled the risk estimation predicated on the combined effect of the three predictors using the Kenyan situation. The study validated the model by conducting an …

A Developed Framework For Studying Cyberethical Behaviour In North Central Nigeria, Aderinola Ololade Dunmade, Adeyinka Tella, Uloma Doris Onuoha

Journal of Cybersecurity Education, Research and Practice

ICT advancements have enabled more online activities, resulting in several cyberethical behaviours. Literature documents prevalence of plagiarism, and online fraud, among other misbehaviours. While behaviour has been explained by several theories, as scholarship and research advances, frameworks are modified to include more constructs. The researchers modified Fishbein and Ajzen (2011)'s Reasoned Action Approach to study female postgraduate students' perspectives toward cyberethical behaviour in North Central Nigerian universities.

The study focused on four variables, which were adequately captured by the model: perception, awareness, and attitude.

An adapted questionnaire collected quantitative data. This study used multistage sampling. A sample size of 989 …

Assessing Employees’ Cybersecurity Attitude Based On Working And Cybersecurity Threat Experience, Norshima Humaidi, Melissa Shahrom

The African Journal of Information Systems

Many cybersecurity problems are caused by human error, which is a worry in the commercial sector. Due to their attitude towards cybersecurity, many employees in the firm do not work in a way that safeguards data. This study seeks to examine employees' cybersecurity attitudes with a focus on their work experience and exposure to cybersecurity threats. Data were gathered through a survey conducted in targeted business firms located in the Klang Valley area, Malaysia. Utilizing ANOVA and two-sample tests, the study analysed 245 data samples to evaluate the hypotheses. The results show significant distinctions in employees' cybersecurity attitudes in relation …

Leveraging Vr/Ar/Mr/Xr Technologies To Improve Cybersecurity Education, Training, And Operations, Paul Wagner, Dalal Alharthi

Journal of Cybersecurity Education, Research and Practice

The United States faces persistent threats conducting malicious cyber campaigns that threaten critical infrastructure, companies and their intellectual property, and the privacy of its citizens. Additionally, there are millions of unfilled cybersecurity positions, and the cybersecurity skills gap continues to widen. Most companies believe that this problem has not improved and nearly 44% believe it has gotten worse over the past 10 years. Threat actors are continuing to evolve their tactics, techniques, and procedures for conducting attacks on public and private targets. Education institutions and companies must adopt emerging technologies to develop security professionals and to increase cybersecurity awareness holistically. …

Integrating Nist And Iso Cybersecurity Audit And Risk Assessment Frameworks Into Cameroonian Law, Bernard Ngalim

Journal of Cybersecurity Education, Research and Practice

This paper reviews cybersecurity laws and regulations in Cameroon, focusing on cybersecurity and information security audits and risk assessments. The importance of cybersecurity risk assessment and the implementation of security controls to cure deficiencies noted during risk assessments or audits is a critical step in developing cybersecurity resilience. Cameroon's cybersecurity legal framework provides for audits but does not explicitly enumerate controls. Consequently, integrating relevant controls from the NIST frameworks and ISO Standards can improve the cybersecurity posture in Cameroon while waiting for a comprehensive revision of the legal framework. NIST and ISO are internationally recognized as best practices in information …

Infrastructure As Code For Cybersecurity Training, Rui Pinto, Rolando Martins, Carlos Novo

Journal of Cybersecurity Education, Research and Practice

An organization's infrastructure rests upon the premise that cybersecurity professionals have specific knowledge in administrating and protecting it against outside threats. Without this expertise, sensitive information could be leaked to malicious actors and cause damage to critical systems. These attacks tend to become increasingly specialized, meaning cybersecurity professionals must ensure proficiency in specific areas. Naturally, recommendations include creating advanced practical training scenarios considering realistic situations to help trainees gain detailed knowledge. However, the caveats of high-cost infrastructure and difficulties in the deployment process of this kind of system, primarily due to the manual process of pre-configuring software needed for the …

Building The Operational Technology (Ot) Cybersecurity Workforce: What Are Employers Looking For?, Christopher A. Ramezan, Paul M. Coffy, Jared Lemons

Journal of Cybersecurity Education, Research and Practice

A trained workforce is needed to protect operational technology (OT) and industrial control systems (ICS) within national critical infrastructure and critical industries. However, what knowledge, skills, and credentials are employers looking for in OT cybersecurity professionals? To best train the next generation of OT cybersecurity professionals, an understanding of current OT cybersecurity position requirements is needed. Thus, this work analyzes 100 OT cybersecurity positions to provide insights on key prerequisite requirements such as prior professional experience, education, industry certifications, security clearances, programming expertise, soft verbal and written communication skills, knowledge of OT frameworks, standards, and network communication protocols, and position …

Leading K-12 Community Responsiveness To Cyber Threats Via Education Of School Community, Michele Kielty, A. Renee Staton

Journal of Cybersecurity Education, Research and Practice

Cyber threats have escalated in recent years. Many of these threats have been direct and vicious attacks on K-12 systems. Educators are rarely trained on how to address cyber threats from a systemic and educational perspective when such challenges arise in their school buildings. This article explains the cyber threats that are looming large for K-12 systems and provides concrete tools for school leaders to employ in order to provide preventive education to their school communities.

An Interdisciplinary Approach To Experiential Learning In Cyberbiosecurity And Agriculture Through Workforce Development, Kellie Johnson, Tiffany Drape, Joseph Oakes, Joseph Simpson, Ann Brown, Donna M. Westfall-Rudd, Susan Duncan

Journal of Cybersecurity Education, Research and Practice

Cyberbiosecurity and workforce development in agriculture and the life sciences (ALS) is a growing area of need in the curriculum in higher education. Students that pursue majors related to ALS often do not include training in cyber-related concepts or expose the ‘hidden curriculum’ of seeking internships and jobs. Exposing students through workforce development training and hands-on engagement with industry professionals can provide learning opportunities to bridge the two and is an area of growth and demand as the workforce evolves. The objectives of this work were 1) to learn key concepts in cybersecurity, including data security, visualization, and analysis, to …

Privacy Harm And Non-Compliance From A Legal Perspective, Suvineetha Herath, Haywood Gelman, Lisa Mckee

Journal of Cybersecurity Education, Research and Practice

In today's data-sharing paradigm, personal data has become a valuable resource that intensifies the risk of unauthorized access and data breach. Increased data mining techniques used to analyze big data have posed significant risks to data security and privacy. Consequently, data breaches are a significant threat to individual privacy. Privacy is a multifaceted concept covering many areas, including the right to access, erasure, and rectify personal data. This paper explores the legal aspects of privacy harm and how they transform into legal action. Privacy harm is the negative impact to an individual as a result of the unauthorized release, gathering, …

Integrating Certifications Into The Cybersecurity College Curriculum: The Efficacy Of Education With Certifications To Increase The Cybersecurity Workforce, Binh Tran, Karen C. Benson, Lorraine Jonassen

Journal of Cybersecurity Education, Research and Practice

One only needs to listen to the news reports to recognize that the gap between securing the enterprise and cybersecurity threats, breaches, and vulnerabilities appears to be widening at an alarming rate. An un-tapped resource to combat these attacks lies in the students of the secondary educational system. Necessary in the cybersecurity education is a 3-tiered approach to quickly escalate the student into a workplace-ready graduate. The analogy used is a three-legged-stool, where curriculum content, hands-on skills, and certifications are equal instruments in the edification of the cybersecurity student. This paper endeavors to delve into the 3^rd leg of …

What You See Is Not What You Know: Studying Deception In Deepfake Video Manipulation, Cathryn Allen, Bryson R. Payne, Tamirat Abegaz, Chuck Robertson

Journal of Cybersecurity Education, Research and Practice

Research indicates that deceitful videos tend to spread rapidly online and influence people’s opinions and ideas. Because of this, video misinformation via deepfake video manipulation poses a significant online threat. This study aims to discover what factors can influence viewers’ capability to distinguish deepfake videos from genuine video footage. This work focuses on exploring deepfake videos’ potential use for deception and misinformation by exploring people’s ability to determine whether videos are deepfakes in a survey consisting of deepfake videos and original unedited videos. The participants viewed a set of four videos and were asked to judge whether the videos shown …

Like Treating The Symptom Rather Than The Cause - The Omission Of Courses Over Terrorism In Nsa Designated Institutions, Ida L. Oesteraas

Journal of Cybersecurity Education, Research and Practice

The National Security Agency (NSA) awards Center of Academic Excellence (CAE) designations to institutions that commit to producing cybersecurity professionals who will work in careers that reduce vulnerabilities in our national infrastructure. A review of the curricula in the 327 institutions and their degree programs reveal that only two programs offer a required course about terrorism. Given the fluid nature of terrorism and its threat to national infrastructure, the omission is concerning. It is recommended that NSA-certified cybersecurity programs begin implementing educational content that aim to teach about this emerging crime and justice issue. One suggestion is to embrace the …

Editorial, Michael E. Whitman, Herbert J. Mattord

Journal of Cybersecurity Education, Research and Practice

Editorial for Volume 2023, Issue 2

Service-Oriented Framework For Developing Interoperable E-Health Systems In A Low-Income Country, Bonface Abima, Agnes Nakakawa, Geoffrey Mayoka Kituyi

The African Journal of Information Systems

e-Health solutions in low-income countries are fragmented, address institution-specific needs, and do little to address the strategic need for inter-institutional exchange of health data. Although various e-health interoperability frameworks exist, contextual factors often hinder their effective adoption in low-income countries. This underlines the need to investigate such factors and to use findings to adapt existing e-health interoperability models. Following a design science approach, this research involved conducting an exploratory survey among 90 medical and Information Technology personnel from 67 health facilities in Uganda. Findings were used to derive requirements for e-health interoperability, and to orchestrate elements of a service oriented …

Phishing Attacks: A Security Challenge For University Students Studying Remotely, Blessing Nyasvisvo, Joel M. Chigada

The African Journal of Information Systems

The emergence of the deadly global respiratory coronavirus disease (COVID-19) in 2019 claimed many lives and altered the way people live and behave as well as how companies operated. Considerable pressure was exerted on Institutions of Higher Learning (universities) to salvage the academic projects through the process of business model reconfiguration. Students were required to study remotely and were, therefore, exposed to phishing and scamming cyber-attacks. The effects of these attacks were examined in this study with the support of literature and empirical research leading to appropriate recommendations being proposed. Data were obtained through semi-structured interviews from students at a …

Exploring The Role Of An Organization In Implementing A Work-From-Home Strategy, Ryan Tripod, Sumarie Roodt

African Conference on Information Systems and Technology

Organizations are trying to move quickly to adopt remote working policies into their organizations as to attract and retain top talent, reduce office space costs, and increase productivity. As many of these strategies were quickly adopted by South African ICT organizations during the COIVD-19 pandemic, organizations are still somewhat unclear on what their role is with regards to ensuring long term adoption of remote working. Thus, this study explored the role of the organization with regards to a work-from-home strategy. It was found that the organization is responsible for formalizing the chosen strategy, creating supportive policies, and adapting its management …

Developing An Integrative Theoretical Framework For Electronic Business Value Optimisation In Botswana, Meduduetso Tsumake-Tsiang, Adheesh Budree

African Conference on Information Systems and Technology

Organizations are trying to move quickly to adopt remote working policies into their organizations as to attract and retain top talent, reduce office space costs, and increase productivity. As many of these strategies were quickly adopted by South African ICT organizations during the COIVD-19 pandemic, organizations are still somewhat unclear on what their role is with regards to ensuring long term adoption of remote working. Thus, this study explored the role of the organization with regards to a work-from-home strategy. It was found that the organization is responsible for formalizing the chosen strategy, creating supportive policies, and adapting its management …

The Sharing Economy: Understanding The Affordances Of And Barriers To The Use Of Digital Platforms, Phaswana Malatjie, Lisa F. Seymour

African Conference on Information Systems and Technology

Studies exploring sharing economy services such as automotive, house-sharing, and bike rentals have predicted that these services will add billions of dollars to the global economy by 2025. Sharing economy services could reduce unemployment in Africa. Hence, there is a need to understand the affordance and the barriers to sharing economy platforms. This paper presents a literature review that helps answer the question: What are the affordances of and barriers to the use of sharing platforms? A literature review following a synthesis approach, reveals gaps around the sharing economy services relating to load-shedding, regulations and social exclusion. Potential future directions …

Social Media & Privacy: Understanding Privacy In The Age Of Content Creator Culture, Robert Tagoe, Raphael Amponsah, Emmanuel Awuni Kolog, Eric Afful-Dadzie

African Conference on Information Systems and Technology

In today's digital age, content creators are gaining public attention and becoming highly influential. With that increased influence, it is important to acknowledge the privacy concerns within this culture. This interpretive research study seeks to identify and understand the dynamics of privacy within the content creator culture. This research will leverage information from interviews with content creators from various social media platforms such as YouTube, Instagram, Facebook, and TikTok. Using theories to understand the phenomena, theories of privacy calculus, privacy paradox and self-disclosure, will be used to view how content creators define and navigate privacy, strategies employed to control personal …

The State Of The Digital Skills Ecosystem In Zimbabwe: An Exploratory Analysis, Annette Mangena, Gwamaka Mwalemba

African Conference on Information Systems and Technology

There are many ongoing efforts globally to address the skills requirements gaps created by the high pace of technological changes often referred to as the 4IR. The challenge is particularly acute in developing countries grappling with many high-priority socioeconomic challenges, including low levels of digital literacy. This study represents initial efforts to understand a developing country's local digital skills landscape, explicitly focusing on Zimbabwe. The study was conducted through a literature analysis to explore the digital skills discourse in Zimbabwe based on published academic papers. The findings point to a discourse focused on applied digital skills within specific fields and …

The Impact Of Digital Transformation On Institutional Growth. A Case Of Zimbabwean Universities, Vusumuzi Maphosa

African Conference on Information Systems and Technology

The pressure for institutions to digitally transform has been building, and COVID-19 accelerated the transition in developing countries. The study evaluated the impact of digital transformation on Zimbabwean universities. The Microsoft digital transformation framework guided the study. Thematic analysis was used to extract meaning and generate themes from qualitative data from university ICT Directors. Results show that digital transformation positively impacted institutional growth and efficiency. Most universities invest in digital technology to increase service reliability and availability. Digital transformation teams were bolstered to support student processes and create personalised learning journeys. The digital transformation led to the adoption of several …

Digital Transformation Of Smes Through Social Media, Georgette Eugenia Otoo, Raphael Amponsah, Eric Afful-Dadzie, Emmanuel Awuni Kolog

African Conference on Information Systems and Technology

This research paper explores the strategic integration of social media platforms by Small and Medium-sized Enterprises (SMEs) in Low- and Middle-Income Countries (LMICs) beyond marketing. Drawing from Resource-Based View and Dynamic Capabilities theories, the study investigates how social media enhances management, coordination, and control functions. Through five diverse case studies from Ghana, findings reveal SMEs’ innovative use of platforms like Instagram, WhatsApp, Slack, and Trello. These platforms foster efficient internal communication, customer engagement, project management, and talent acquisition. Challenges such as technical expertise and dynamic digital landscapes are identified.

Benefits Of Adopting Micro-Credentials For Skills Development, Oyena Nokulunga Mahlasela, Adriana A. Steyn

African Conference on Information Systems and Technology

Micro-credential providers are increasing both in diversity and volume. However, employers are still concerned about their role in skill development. This study aimed to understand how micro-credentials can assist employees in skills development. A systematic literature review was conducted for studies published between (2016 to 2023). Thirty-two sources were included in the final review. After that, five recommendations for employers when adopting micro-credentials were constructed first by (1) defining the value of formal and informal education. (2) exploring micro-credentials as a tool for skills development. (3) encouraging organisations to collaborate with other institutions. (4) encouraging continuous personalised learning, known as …

Factors Influencing The Establishment Of Technology Innovation Hubs - A Structured Literature Review, Oluwaseun Alexander Dada, Jean-Paul Van Belle

African Conference on Information Systems and Technology

The research context focuses on the establishment of innovation hubs within specific geographical locations, aiming to drive innovation and economic development. The research scope encompassed a thorough examination of existing literature to uncover the diverse range of factors influencing AI hub creation and success. Our research was prompted by the need to address the lack of a comprehensive understanding of these factors. With the aim of examining, we adopted the Structured Literature Review (SLR) methodology. Through our comprehensive analysis, we identified a multitude of critical factors. Based on the number of sources in which they were reported, the factors are …