Cyber Security Games: A New Line of Risk
Behaviour change is difficult to achieve and there are many models identifying the factors to affect such change but few have been applied in the security domain. This paper discusses the use of serious games to improve the security behaviour of end-users. A new framework, based upon literature findings, is proposed for future game design. The trust and privacy issues related to using serious games for improving security awareness and behaviour are highlighted.
KeywordsInformation security Behaviour change Security games
- 1.Internet World Stats, Internet usage statistics: the internet big picture (December 2011), http://www.internetworldstats.com/stats.htm (retrieved June 22, 2012)
- 2.Puhakainen, P., Siponen, M.: Improving Employees’ Compliance Through Information Systems Security Training: An Action Research Study. MIS Quart 34, 757–778 (2010)Google Scholar
- 8.Thompson, M.F., Irvine, C.E.: Active Learning with the CyberCIEGE Video Game. In: 4th CSET Workshop, San Francisco, CA (2011)Google Scholar
- 10.Florencio, D., Herley, C.: A large-scale study of web password habits. In: Proceedings of the 16th WWW 2007, pp. 657–666 (2007)Google Scholar
- 11.Labuschagne, W.A., Burke, I., Veerasamy, N., Eloff, M.M.: Design of cyber security awareness game utilizing a social media framework. In: 10th Annual ISSA Conference ISSA 15-17 (2011)Google Scholar