Management Information Systems Commons^™

How State Universities Are Addressing The Shortage Of Cybersecurity Professionals In The United States, Gary Harris

Journal of Cybersecurity Education, Research and Practice

Cybersecurity threats have been a serious and growing problem for decades. In addition, a severe shortage of cybersecurity professionals has been proliferating for nearly as long. These problems exist in the United States and globally and are well documented in literature. This study examined what state universities are doing to help address the shortage of cybersecurity professionals since higher education institutions are a primary source to the workforce pipeline. It is suggested that the number of cybersecurity professionals entering the workforce is related to the number of available programs. Thus increasing the number of programs will increase the number of …

The Use Of Selected Social Media Platforms By South African-Listed Companies For Stakeholder Engagement, Kashmira Hansjee, Zakiyyah Varachia, Dannielle Cerbone

The African Journal of Information Systems

This study aimed to determine whether South African-listed companies use social media to engage with stakeholders. Emerging economies are experiencing rapid growth, which increases the need for transparent communication to build trust with investors to facilitate resource exchange. Social media has changed many aspects of communication by offering instant, interactive channels that can reach numerous stakeholders. However, there is limited research into the utilization of social media for stakeholder communication within emerging economies. This study aimed to address that topic and examined the social media practices of listed entities to determine whether companies use Facebook, Twitter, Instagram, and LinkedIn for …

Leveraging Propagation Delay For Wormhole Detection In Wireless Networks, Harry May, Travis Atkison

Journal of Cybersecurity Education, Research and Practice

Detecting and mitigating wormhole attacks in wireless networks remains a critical challenge due to their deceptive nature and potential to compromise network integrity. This paper proposes a novel approach to wormhole detection by leveraging propagation delay analysis between network nodes. Unlike traditional methods that rely on signature-based detection or specialized hardware, our method focuses on analyzing propagation delay timings to identify anomalous behavior indicative of wormhole attacks. The proposed methodology involves collecting propagation delay data in both normal network scenarios and scenarios with inserted malicious wormhole nodes. By comparing these delay timings, our approach aims to differentiate between legitimate network …

Privacy Perceptions On Personal Data And Data Breaches In South Africa, Phillip Nyoni, Mthulisi Velempini, Nehemiah Mavetera

The African Journal of Information Systems

Research shows that data breaches often occur when organizations fail to protect users’ personal data sufficiently well. Many devices are connected to the Internet such as mobile phones, smart cars, wearables and ‘Things’ which increase the number of potential entry points into data stores. This paper discusses the potential data privacy risks that users face online. The study used online content analysis and surveys to establish the privacy perceptions of users and trends of data breaches in South Africa. The findings reveal that users have a positive perception of data managers and view them as knowledgeable in data protection. Nevertheless, …

Using Gamification To Enhance Mastery Of Network Security Concepts, Kevin Hilliard, Xiaohong Yuan, Kelvin Bryant, Jinsheng Xu, Jinghua Zhang

Journal of Cybersecurity Education, Research and Practice

Gamification has proven to be effective in engaging and encouraging people to work towards and achieve goals. Many students struggle to focus on schoolwork, due to a lack of interest, lack of understanding, or other factors unique to the student. Applying gamification elements to education can help engage these students in learning their course material and help them excel academically. This study examines the effectiveness of using gamification techniques to enhance the learning experience in college Computer Science courses. A video game application is utilized to review and reinforce cybersecurity concepts that students have already been taught in class. Previous …

Development Of Cyber Security Platform For Experiential Learning, Abhishek Vaish, Ravindra Kumar, Samo Bobek, Simona Sternad

Journal of Cybersecurity Education, Research and Practice

The cyber security education market has grown-up exponentially, with a CAGR of 13.9 % as reported by Data Intelo. The report published by the World Economic Fo- rum 2023 indicates a shortfall of 2.27 million cyber security experts in 2021 across different roles and hence manifest that Skill-based cyber security education is the need of the hour. Cybersecurity as a field has evolved as a multi-discipline, multi-stakeholder and multi-role discipline. Therefore, the need to address formal education with an outcome-based philosophy is imperative to address for a wider audience with varied past training in their formal education. With the Internet …

Digital Technology Affordances Reshaping Entrepreneurship Development Process: A Systematic Review, Emmanuel Okoro Ajah

The African Journal of Information Systems

Digital technology has brought about the emergence of digital entrepreneurship, which has significantly disrupted existing products and services and the way that they are marketed. This new wave of entrepreneurship has piqued the interest of scholars from various disciplines, including Information Systems. However, in the literature, there are insufficient theoretical explanations of digital technology's role in the processes involved in digital entrepreneurship development. To address this, a systematic review was conducted to comprehensively explore digital technology affordances in digital entrepreneurship development. Such affordances are the factors that cause the digitalization of the events that characterize digital entrepreneurship development. The outcome …

Crisis Management: Unveiling Information And Communication Technologies’ Revamped Role Through The Lens Of Sub-Saharan African Countries During Covid-19, Ruthbetha Kateule, Egidius Kamanyi, Mahadia Tunga

The African Journal of Information Systems

The management of COVID-19 pandemic has revealed inefficiencies in coordinating global response, particularly in African countries. Therefore, creating an urgent need to examine the literature on Information and Communication Technologies (ICT) in crisis management to appreciate its contextual role. Employing a systematic review, using the Preferred Reporting Items for Systematic Reviews and Meta-Analysis (PRISMA), this paper critically assessed the extent of the use of ICT in crisis management in Africa’s response to COVID-19 to reconstruct its resilience against future crises. Findings indicate that while countries with limited ICT infrastructure faced considerable challenges in utilizing ICT solutions in COVID-19 management, countries …

Factors Influencing The Perceptions Of Human-Computer Interaction Curriculum Developers In Higher Education Institutions During Curriculum Design And Delivery, Cynthia Augustine, Salah Kabanda

The African Journal of Information Systems

Computer science (CS) and information systems students seeking to work as software developers upon graduating are often required to create software that has a sound user experience (UX) and meets the needs of its users. This includes addressing unique user, context, and infrastructural requirements. This study sought to identify the factors that influence the perceptions of human-computer interaction (HCI) curriculum developers in higher education institutions (HEIs) in developing economies of Africa when it comes to curriculum design and delivery. A qualitative enquiry was conducted and consisted of fourteen interviews with HCI curriculum developers and UX practitioners in four African countries. …

Comparing Cognitive Theories Of Learning Transfer To Advance Cybersecurity Instruction, Assessment, And Testing, Daniel T. Hickey Ph.D., Ronald J. Kantor

Journal of Cybersecurity Education, Research and Practice

The cybersecurity threat landscape evolves quickly, continually, and consequentially. This means that the transfer of cybersecurity learning is crucial. We compared how different recognized “cognitive” transfer theories might help explain and synergize three aspects of cybersecurity education. These include teaching and training in diverse settings, assessing learning formatively & summatively, and testing & measuring achievement, proficiency, & readiness. We excluded newer sociocultural theories and their implications for inclusion as we explore those theories elsewhere. We first summarized the history of cybersecurity education and proficiency standards considering transfer theories. We then explored each theory and reviewed the most relevant cybersecurity education …

It Deployment And Integration – An Assessment Of Enabling And Inhibiting Factors, Lesley Matshwane, Carl Marnewick

The African Journal of Information Systems

Although delivery of services in South Africa is the responsibility of all spheres of government, the provision of basic services lies at the doorstep of local municipalities. Local municipalities have, for many reasons, frequently been unable to live up to this mandate despite the fact that some of the challenges that they face can be addressed by using IT. This paper assesses factors enabling and inhibiting the efficient deployment and integration of IT in local municipalities. The technological, organizational and environmental (TOE) framework was deployed to assess the factors. A multiple case study in which semi-structured interviews were conducted produced …

Blockchain Applications In Higher Education Based On The Nist Cybersecurity Framework, Brady Lund Ph.D.

Journal of Cybersecurity Education, Research and Practice

This paper investigates the integration of blockchain technology into core systems within institutions of higher education, utilizing the National Institute of Standards and Technology’s (NIST) Cybersecurity Framework as a guiding framework. It supplies definitions of key terminology including blockchain, consensus mechanisms, decentralized identity, and smart contracts, and examines the application of secure blockchain across various educational functions such as enrollment management, degree auditing, and award processing. Each facet of the NIST Framework is utilized to explore the integration of blockchain technology and address persistent security concerns. The paper contributes to the literature by defining blockchain technology applications and opportunities within …

Improving Belonging And Connectedness In The Cybersecurity Workforce: From College To The Profession, Mary Beth Klinger

Journal of Cybersecurity Education, Research and Practice

This article explores the results of a project aimed at supporting community college students in their academic pursuit of an Associate of Applied Science (AAS) degree in Cybersecurity through mentorship, collaboration, skill preparation, and other activities and touch points to increase students’ sense of belonging and connectedness in the cybersecurity profession. The goal of the project was focused on developing diverse, educated, and skilled cybersecurity personnel for employment within local industry and government to help curtail the current regional cybersecurity workforce gap that is emblematic of the lack of qualified cybersecurity personnel that presently exists nationwide. Emphasis throughout the project …

University Of Johannesburg Institutional Repository Cybersecurity Output: 2015-2021 Interdisciplinary Study, Mancha J. Sekgololo

Journal of Cybersecurity Education, Research and Practice

This study examines cybersecurity awareness in universities by analyzing related research output across different disciplines at the University of Johannesburg. The diffusion of innovation theory is used in this study as a theoretical framework to explain how cybersecurity awareness diffuses across disciplines. The University of Johannesburg Institutional Repository database was the data source for this study. Variations in cybersecurity keyword searches and topic modeling techniques were used to identify the frequency and distribution of research output across different disciplines. The study reveals that cybersecurity awareness has diffused across various disciplines, including non-computer science disciplines such as business, accounting, and social …

Privacy Principles And Harms: Balancing Protection And Innovation, Samuel Aiello

Journal of Cybersecurity Education, Research and Practice

In today's digitally connected world, privacy has transformed from a fundamental human right into a multifaceted challenge. As technology enables the seamless exchange of information, the need to protect personal data has grown exponentially. Privacy has emerged as a critical concern in the digital age, as technological advancements continue to reshape how personal information is collected, stored, and utilized. This paper delves into the fundamental principles of privacy and explores the potential harm that can arise from the mishandling of personal data. It emphasizes the delicate balance between safeguarding individuals' privacy rights and fostering innovation in a data-driven society. By …

Board Of Directors Role In Data Privacy Governance: Making The Transition From Compliance Driven To Good Business Stewardship, David Warner, Lisa Mckee

Journal of Cybersecurity Education, Research and Practice

Data collection, use, leveraging, and sharing as a business practice and advantage has proliferated over the past decade. Along with this proliferation of data collection is the increase in regulatory activity which continues to morph exponentially around the globe. Adding to this complexity are the increasing business disruptions, productivity and revenue losses, settlements, fines, and penalties which can amount to over $15 million, with many penalties now being ascribed to the organization’s leadership, to include the Board of Directors (BoD), the CEO and members of the senior leadership team (SLT). Thus, boards of directors can no longer ignore and in …

Towards Assessing Cybersecurity Posture Of Manufacturing Companies: Review And Recommendations, John Del Vecchio, Yair Levy, Ling Wang, Ajoy Kumar

KSU Proceedings on Cybersecurity Education, Research and Practice

With the continued changes in the way businesses work, cyber-attack targets are in a constant state of flux between organizations, individuals, as well as various aspects of the supply chain of interconnected goods and services. As one of the 16 critical infrastructure sectors, the manufacturing sector is known for complex integrated Information Systems (ISs) that are incorporated heavily into production operations. Many of these ISs are procured and supported by third parties, also referred to as interconnected entities in the supply chain. Disruptions to manufacturing companies would not only have significant financial losses but would also have economic and safety …

Quantum Computing: Computing Of The Future Made Reality, Janelle Mathis

KSU Proceedings on Cybersecurity Education, Research and Practice

Abstract—Quantum computing is an emerging new area focused on technology consisting of quantum theory aspects such as electrons, sub-atomic particles, and other materials engineered using quantum mechanics. Through quantum mechanics, these computers can solve problems that classical computers deem too complex. Today the closest computing technology compared to quantum computers are supercomputers, but similarly to classical computers, supercomputers also have faults. With supercomputers, when a problem is deemed too complex, it is due to the classical machinery components within the computer, thus causing a halt in solving the task or problem. In contrast, these problems could be solved with a …

Rfid Key Fobs In Vehicles: Unmasking Vulnerabilities & Strengthening Security, Devon Magda, Bryson R. Payne

KSU Proceedings on Cybersecurity Education, Research and Practice

No abstract provided.

The Impact Of Individual Techno-Characteristics On Information Privacy Concerns In The Diffusion Of Mobile Contact Tracing, Jiesen Lin, Dapeng Liu, Lemuria Carter

KSU Proceedings on Cybersecurity Education, Research and Practice

In the wake of the global health crisis, mobile contact tracing applications have emerged as important tools in managing disease spread. However, their effectiveness heavily relies on mass adoption, significantly influenced by the public's information privacy concerns. To date, systematic examination of how these privacy concerns relate to the innovation adopter categories in mobile contact tracing remains sparse. Furthermore, the influence of individual techno-characteristics on these concerns is to be explored. This research seeks to fill these gaps. Drawing on the diffusion of innovation theory, we examine the impact of the key techno-characteristics—adopter category, propensity for identification misrepresentation, and exposure …

Exploring Information Privacy Concerns During The Covid-19 Pandemic: A Juxtaposition Of Three Models, Dapeng Liu, Lemuria Carter, Jiesen Lin

KSU Proceedings on Cybersecurity Education, Research and Practice

Government agencies across the globe utilize mobile applications to interact with constituents. In response to the global pandemic, several nations have employed contact tracing services to manage the spread of COVID-19. Extent literature includes various models that explore information privacy. Several researchers have highlighted the need to compare the effectiveness of diverse information privacy models. To fill this gap, we explore the impact of information privacy concerns on citizens’ willingness to download a federal contact tracing app. In particular, we compare three types of prevalent information privacy concerns: global information privacy concerns (GIPC), concern for information privacy (CFIP), and internet …

Turnstile File Transfer: A Unidirectional System For Medium-Security Isolated Clusters, Mark Monnin, Lori L. Sussman

Journal of Cybersecurity Education, Research and Practice

Data transfer between isolated clusters is imperative for cybersecurity education, research, and testing. Such techniques facilitate hands-on cybersecurity learning in isolated clusters, allow cybersecurity students to practice with various hacking tools, and develop professional cybersecurity technical skills. Educators often use these remote learning environments for research as well. Researchers and students use these isolated environments to test sophisticated hardware, software, and procedures using full-fledged operating systems, networks, and applications. Virus and malware researchers may wish to release suspected malicious software in a controlled environment to observe their behavior better or gain the information needed to assist their reverse engineering processes. …

Preparing Uk Students For The Workplace: The Acceptability Of A Gamified Cybersecurity Training, Oliver J. Mason, Siobhan Collman, Stella Kazamia, Ioana Boureanu

Journal of Cybersecurity Education, Research and Practice

This pilot study aims to assess the acceptability of Open University’s training platform called Gamified Intelligent Cyber Aptitude and Skills Training course (GICAST), as a means of improving cybersecurity knowledge, attitudes, and behaviours in undergraduate students using both quantitative and qualitative methods. A mixed-methods, pre-post experimental design was employed. 43 self-selected participants were recruited via an online register and posters at the university (excluding IT related courses). Participants completed the Human Aspects of Information Security Questionnaire (HAIS-Q) and Fear of Missing Out (FoMO) Scale. They then completed all games and quizzes in the GICAST course before repeating the HAIS-Q and …

The Technology, Organization, And Environment Framework For Social Media Analytics In Government: The Cases Of South Africa And Germany, Brenda M. Scholtz, Khulekani Yakobi

The African Journal of Information Systems

This paper investigates factors influencing the adoption of social media analytics (SMA) for citizen relationship management (CzRM). Three real-world cases of government departments, two in South Africa and one in Germany, were investigated, and focus group discussions were conducted. The technological, organizational, and environmental (TOE) theory and qualitative content analysis guided the data analysis. The findings revealed that in all cases, staff usually conducted a manual analysis of social media and SMA had not been implemented sufficiently to realize its full potential. Insights were obtained from TOE and factors were identified that should be considered for improving the planning of …

Integrity, Confidentiality, And Equity: Using Inquiry-Based Labs To Help Students Understand Ai And Cybersecurity, Richard C. Alexander, Liran Ma, Ze-Li Dou, Zhipeng Cai, Yan Huang

Journal of Cybersecurity Education, Research and Practice

Recent advances in Artificial Intelligence (AI) have brought society closer to the long-held dream of creating machines to help with both common and complex tasks and functions. From recommending movies to detecting disease in its earliest stages, AI has become an aspect of daily life many people accept without scrutiny. Despite its functionality and promise, AI has inherent security risks that users should understand and programmers must be trained to address. The ICE (integrity, confidentiality, and equity) cybersecurity labs developed by a team of cybersecurity researchers addresses these vulnerabilities to AI models through a series of hands-on, inquiry-based labs. Through …

Building A Diverse Cybersecurity Workforce: A Study On Attracting Learners With Varied Educational Backgrounds, Mubashrah Saddiqa, Kristian Helmer Kjær Larsen1 Helmer Kjær Larsen, Robert Nedergaard Nielsen, Jens Myrup Pedersen

Journal of Cybersecurity Education, Research and Practice

Cybersecurity has traditionally been perceived as a highly technical field, centered around hacking, programming, and network defense. However, this article contends that the scope of cybersecurity must transcend its technical confines to embrace a more inclusive approach. By incorporating various concepts such as privacy, data sharing, and ethics, cybersecurity can foster diversity among audiences with varying educational backgrounds, thereby cultivating a richer and more resilient security landscape. A more diverse cybersecurity workforce can provide a broader range of perspectives, experiences, and skills to address the complex and ever-evolving threats of the digital age. The research focuses on enhancing cybersecurity education …

Modeling Identity Disclosure Risk Estimation Using Kenyan Situation, Peter N. Muturi, Andrew M. Kahonge, Christopher K. Chepken, Evans K. Miriti

The African Journal of Information Systems

Identity disclosure risk is an essential consideration in data anonymization aimed at preserving privacy and utility. The risk is regionally dependent. Therefore, there is a need for a regional empirical approach in addition to a theoretical approach in modeling disclosure risk estimation. Reviewed literature pointed to three influencers of the risk. However, we did not find literature on the combined effects of the three influencers and their predictive power. To fill the gap, this study modeled the risk estimation predicated on the combined effect of the three predictors using the Kenyan situation. The study validated the model by conducting an …

A Developed Framework For Studying Cyberethical Behaviour In North Central Nigeria, Aderinola Ololade Dunmade, Adeyinka Tella, Uloma Doris Onuoha

Journal of Cybersecurity Education, Research and Practice

ICT advancements have enabled more online activities, resulting in several cyberethical behaviours. Literature documents prevalence of plagiarism, and online fraud, among other misbehaviours. While behaviour has been explained by several theories, as scholarship and research advances, frameworks are modified to include more constructs. The researchers modified Fishbein and Ajzen (2011)'s Reasoned Action Approach to study female postgraduate students' perspectives toward cyberethical behaviour in North Central Nigerian universities.

The study focused on four variables, which were adequately captured by the model: perception, awareness, and attitude.

An adapted questionnaire collected quantitative data. This study used multistage sampling. A sample size of 989 …

Assessing Employees’ Cybersecurity Attitude Based On Working And Cybersecurity Threat Experience, Norshima Humaidi, Melissa Shahrom

The African Journal of Information Systems

Many cybersecurity problems are caused by human error, which is a worry in the commercial sector. Due to their attitude towards cybersecurity, many employees in the firm do not work in a way that safeguards data. This study seeks to examine employees' cybersecurity attitudes with a focus on their work experience and exposure to cybersecurity threats. Data were gathered through a survey conducted in targeted business firms located in the Klang Valley area, Malaysia. Utilizing ANOVA and two-sample tests, the study analysed 245 data samples to evaluate the hypotheses. The results show significant distinctions in employees' cybersecurity attitudes in relation …

Leveraging Vr/Ar/Mr/Xr Technologies To Improve Cybersecurity Education, Training, And Operations, Paul Wagner, Dalal Alharthi

Journal of Cybersecurity Education, Research and Practice

The United States faces persistent threats conducting malicious cyber campaigns that threaten critical infrastructure, companies and their intellectual property, and the privacy of its citizens. Additionally, there are millions of unfilled cybersecurity positions, and the cybersecurity skills gap continues to widen. Most companies believe that this problem has not improved and nearly 44% believe it has gotten worse over the past 10 years. Threat actors are continuing to evolve their tactics, techniques, and procedures for conducting attacks on public and private targets. Education institutions and companies must adopt emerging technologies to develop security professionals and to increase cybersecurity awareness holistically. …