A Social Engineering Research Partnership in Higher Education to Improve Information Security Education, Training, and Awareness (SETA) Programs

Presenter Information

Joseph Nwankpa, Miami UniversityFollow
(Jay) Zhe Shan, Miami UniversityFollow
Jeffrey Merhout, Miami UniversityFollow
John Benamati, Miami UniversityFollow
Maria Weese, Miami UniversityFollow

Paper Type

ERF

Description

The education sector continues to be challenged by phishing attacks. A simulation study of phishing response behavior across four industries found that the education sector had the highest number of employees opening and clicking a phishing email. Understanding the factors contributing to the high phishing susceptibility within the education sector would help develop more comprehensive information security education, training, and awareness (SETA) programs. This would allow universities to become better protected from attempts at using social engineering to gain access to sensitive personal and university data. However, despite the increased levels of phishing attacks within educational institutions, limited research has systematically examined how conditions unique to the sector can influence user engagement and phishing susceptibility. Against this backdrop, our research collaborates with the IT department of a large public university to examine how certain attributes within educational institutions influence phishing susceptibility.

Paper Number

1522

Comments

SIG SEC

Recommended Citation

Nwankpa, Joseph; Shan, (Jay) Zhe; Merhout, Jeffrey; Benamati, John; and Weese, Maria, "A Social Engineering Research Partnership in Higher Education to Improve Information Security Education, Training, and Awareness (SETA) Programs" (2023). AMCIS 2023 Proceedings. 18.
https://aisel.aisnet.org/amcis2023/sig_sec/sig_sec/18