This paper investigates the impact of gamification in teaching and learning cybersecurity awareness. The increasing rate of cyber-attacks and data breaches in recent times, have made cybersecurity awareness a critical learning objective in Information Systems (IS) curriculum globally. However, teaching and learning cybersecurity awareness can be challenging, especially to smaller colleges and universities who have meagre resources. Moreover, learning cybersecurity principles requires understanding of concepts that are usually unfamiliar to students in the IS major. In order to effectively deliver the desired learning objectives in cybersecurity awareness, IS educators can adopt pedagogical approaches, e.g., gamification, that are interactive, fun and appealing to students. Gamification which has been defined as the use of game components to deliver learning objectives in a given area, offer an alternative that is affordable, easy to learn and requires very little to no overhead cost. Currently, the authors are designing 3 gamified activities that can be used to teach and learn cyber security awareness. We intend to validate the effectiveness of these activities using experimental approaches. Students will be randomly selected from universities in Northern Pennsylvania, USA, and divided into experimental and control group. Experimental group will be asked to complete the gamified activities. Data will be collected using questionnaire. Data analysis will be by means of statistical approaches such as ANOVA, paired t-test of factor analysis. We hope that the results of our study will support the use of gamification in teaching and learning cybersecurity awareness.

Abstract Only