Cybersecurity has become an essential topic in introductory information systems (IS) core courses. As an aid to course design, the exploratory research in this paper uses a social representations lens to elucidate the perceptions of cybersecurity and cybersecurity threats held by students. Analysis of qualitative survey data from 152 students at a university in the Western U.S. identified 23 concepts forming the students’ collective understanding of cybersecurity. Presented in the form of a social representations map, the findings reveal student perspectives that can be used to motivate and enhance learning about cybersecurity threats and mitigation strategies. Interpretation of the map indicates that students’ sensemaking about cybersecurity places the strongest emphasis on technological concepts and socio-political concerns. In contrast, potential cybersecurity threats to national critical infrastructure are only minimally represented. The survey also examined students’: a) level of concern about different cybersecurity threats, b) perceived likelihood they will experience given computer security incidents, and c) incidents they have already experienced. Instructors of introductory IS courses can utilize the study findings to motivate student interest by building upon topics currently evident in the representation/frame of reference and increase student awareness and attention to cybersecurity threats that are missing. Suggested instructional design approaches, tailored to the level of awareness/prior knowledge and concern indicated include: 1) a problem-centered approach for topics related to personal cybersecurity, 2) demonstrating relevance and utilizing case studies for topics on organizational cybersecurity, and 3) collaborative, guided discovery to raise awareness about national security/critical infrastructure cybersecurity threats and protections.
Pawlowski, Suzanne D. and Jung, Yoonhyuk
"Social Representations of Cybersecurity by University Students and Implications for Instructional Design,"
Journal of Information Systems Education: Vol. 26
, Article 3.
Available at: https://aisel.aisnet.org/jise/vol26/iss4/3