Loading...
Paper Type
ERF
Description
The education sector continues to be challenged by phishing attacks. A simulation study of phishing response behavior across four industries found that the education sector had the highest number of employees opening and clicking a phishing email. Understanding the factors contributing to the high phishing susceptibility within the education sector would help develop more comprehensive information security education, training, and awareness (SETA) programs. This would allow universities to become better protected from attempts at using social engineering to gain access to sensitive personal and university data. However, despite the increased levels of phishing attacks within educational institutions, limited research has systematically examined how conditions unique to the sector can influence user engagement and phishing susceptibility. Against this backdrop, our research collaborates with the IT department of a large public university to examine how certain attributes within educational institutions influence phishing susceptibility.
Paper Number
1522
Recommended Citation
Nwankpa, Joseph; Shan, (Jay) Zhe; Merhout, Jeffrey; Benamati, John; and Weese, Maria, "A Social Engineering Research Partnership in Higher Education to Improve Information Security Education, Training, and Awareness (SETA) Programs" (2023). AMCIS 2023 Proceedings. 18.
https://aisel.aisnet.org/amcis2023/sig_sec/sig_sec/18
A Social Engineering Research Partnership in Higher Education to Improve Information Security Education, Training, and Awareness (SETA) Programs
The education sector continues to be challenged by phishing attacks. A simulation study of phishing response behavior across four industries found that the education sector had the highest number of employees opening and clicking a phishing email. Understanding the factors contributing to the high phishing susceptibility within the education sector would help develop more comprehensive information security education, training, and awareness (SETA) programs. This would allow universities to become better protected from attempts at using social engineering to gain access to sensitive personal and university data. However, despite the increased levels of phishing attacks within educational institutions, limited research has systematically examined how conditions unique to the sector can influence user engagement and phishing susceptibility. Against this backdrop, our research collaborates with the IT department of a large public university to examine how certain attributes within educational institutions influence phishing susceptibility.
When commenting on articles, please be friendly, welcoming, respectful and abide by the AIS eLibrary Discussion Thread Code of Conduct posted here.
Comments
SIG SEC