International Journal of STEM Education for Sustainability

This study aimed to address the challenges of cybersecurity in education. As kindergarten through twelfth-grade education shifts to online and remote learning, educators and governments are increasingly vulnerable to the risks of cyberattacks and cybercrimes. This study focused on the strategies that institutions can employ to increase their students’ cybersecurity awareness and simultaneously motivate them to pursue cybersecurity as a career. To achieve the research objectives, a systematic review of ten studies was performed, and the results showed that game-based strategies were effective in increasing students’ awareness about cybersecurity and their interest in pursuing cybersecurity as a career. The study’s implications suggest that game designers and developers may want to develop advanced games that gauge students’ cybersecurity skills and ability to respond to aggressive forms of cyberattacks in addition to enhancing their knowledge of cybersecurity.

Ahn, E. J., & Kang, H. (2018). Introduction to systematic review and meta-analysis. Korean Journal of Anesthesiology, 71(2), 103–112. https://doi.org/10.4097/kjae.2018.71.2.103

Alqahtani, H., & Kavakli-Thorne, M. (2020). Design and evaluation of an augmented reality game for cybersecurity awareness (CybAR). Information, 11(2), 121. https://doi.org/10.3390/info11020121

Alrabaee, S., Al-Kfairy, M., & Barka, E. (2022). Efforts and suggestions for improving cybersecurity education. 2022 IEEE Global Engineering Education Conference (EDUCON), 1161-1168. https://doi.org/10.1109/educon52537.2022.9766653

Angafor, G. N., Yevseyeva, I., & He, Y. (2020). Bridging the cyber security skills gap: Using tabletop exercises to solve the CSSG crisis. In M. Ma, B. Fletcher, S. Göbel, J. Baalsrud Hauge, & T. Marsh (Eds.), Serious games (pp. 117–131). Springer. https://doi.org/10.1007/978-3-030-61814-8_10

Armstrong, M. E., Jones, K. S., Namin, A. S., & Newton, D. C. (2018). The knowledge, skills, and abilities used by penetration testers: Results of interviews with cybersecurity professionals in vulnerability assessment and management. Proceedings of the Human Factors and Ergonomics Society Annual Meeting, 62(1), 709–713. https://doi.org/10.1177/1541931218621161

Bordel, B., Alcarria, R., & Robles, T. (2022). A cybersecurity competition to support the autonomous, collaborative, and personalized learning in computer engineering. 2022 IEEE Global Engineering Education Conference (EDUCON), 1346-1354. https://doi.org/10.1109/educon52537.2022.9766611

Burrell, D. N. (2020). An exploration of the cybersecurity workforce shortage. In Management Association, Information Resources (Eds.), Cyber warfare and terrorism (pp. 1072–1081). IGI Global. https://doi.org/10.4018/978-1-7998-2466-4.ch063

Caspary, K., & Warner, M. (2016). What it takes to create linked learning: A report on lessons learned from evaluating the approach in practice. SRI International.

Choudhury, M. D. (2022, January 12). Shortage of cybersecurity professionals a key worry for firms in '22. Mint. https://www.livemint.com/technology/shortage-of-cybersecurity-professionals-a-key-worry-for-firms-in-22-11642015098080.html

Coenraad, M., Pellicone, A., Ketelhut, D. J., Cukier, M., Plane, J., & Weintrop, D. (2020). Experiencing cybersecurity one game at a Time: A systematic review of cybersecurity digital games. Simulation & Gaming, 51(5), 586–611. https://doi.org/10.1177/1046878120933312

Coleman, C. D., & Reeder, E. (2018). Three reasons for improving cybersecurity instruction and practice in schools. In E. Langran & J. Borup (Eds.), Proceedings of Society for Information Technology & Teacher Education International Conference (pp. 1020-1025). Association for the Advancement of Computing in Education. http://www.learntechlib.org/p/182648/

Domeij, T. (2019). K-12 cybersecurity program evaluation and its application [Bachelor’s project, Bridgewater State University]. Virtual Commons. https://vc.bridgew.edu/honors_proj/366

Drmola, J., Kasl, F., Loutocký, P., Mareš, M., Pitner, T., & Vostoupal, J. (2021). The matter of cybersecurity expert workforce scarcity in the Czech Republic and its alleviation through the proposed qualifications framework. The 16th International Conference on Availability, Reliability and Security, 143, 1-6. https://doi.org/10.1145/3465481.3469186

Dunn, M. H., & Merkle, L. D. (2018, February). Assessing the impact of a national cybersecurity competition on students' career interests. Proceedings of the 49th ACM Technical Symposium on Computer Science Education (pp. 62-67). https://doi.org/10.1145/3159450.3159462

Filipczuk, D., Mason, C., & Snow, S. (2019). Using a game to explore notions of responsibility for cyber security in organisations. Extended Abstracts of the 2019 CHI Conference on Human Factors in Computing Systems, 1-6. https://doi.org/10.1145/3290607.3312846

Finch, A., Burrell, D. N., Lu, S., Dawson, M., Springs, D., Bilberry, K., Anderson, D. P., & Modeste, R. (2020). Cybersecurity workforce development in minority, low income, and native American reservation communities. International Journal of Smart Education and Urban Society, 11(4), 35–52. https://doi.org/10.4018/IJSEUS.2020100103

Fourie, L., Sarrafzadeh, A., Pang, S., Kingston, T., Hettema, H., & Watters, P. (2014). The global cyber security workforce – An ongoing human capital crisis. Global Business and Technology Association, 173-184. http://citeseerx.ist.psu.edu/viewdoc/download?doi=10.1.1.940.6951&rep=rep1&type=pdf

Garba, A., Maheyzah, B. S., Siti, H., & Ibrahim, B. D. (2020). Cyber security awareness among university students: A case study. Science Proceedings Series, 2(1), 82–86. https://doi.org/10.31580/sps.v2i1.1320

Giboney, J. S., McDonald, J. K., Balzotti, J., Hansen, D. L., Winters, D. M., & Bonsignore, E. (2021). Increasing cybersecurity career interest through playable case studies. TechTrends, 65, 496-510. https://doi.org/10.1007/s11528-021-00585-w

Hart, S., Margheri, A., Paci, F., & Sassone, V. (2020). Riskio: A serious game for cyber security awareness and education. Computers & Security, 95, 101827. https://doi.org/10.1016/j.cose.2020.101827

Hasib, M. (2018). Cybersecurity as people powered perpetual innovation. In Information technology-New generations (pp. 7-10). Springer, Cham.

Hodhod, R., Khan, S., & Wang, S. (2019). CyberMaster: An expert system to guide the development of cybersecurity curricula. International Journal of Online and Biomedical Engineering (IJOE), 15(03), 70-81. https://doi.org/10.3991/ijoe.v15i03.9890

Javidi, G., & Sheybani, E. (2018). K-12 cybersecurity education, research, and outreach. 2018 IEEE Frontiers in Education Conference (FIE), 1-5. https://doi.org/10.1109/FIE.2018.8659021

Jayakumar, P., Brohi, S. N., & Zaman, N. (2020). Top 7 lessons learned from COVID-19 pandemic. TechRxiv. (Preprint). https://doi.org/10.36227/techrxiv.12264722.v1

Jin, G., Tu, M., Kim, T.-H., Heffron, J., & White, J. (2018). Evaluation of game-based learning in cybersecurity education for high school students. Journal of Education and Learning, 12(1), 150–158. https://doi.org/10.11591/edulearn.v12i1.7736

Khan, N. A., Brohi, S. N., & Zaman, N. (2020). Ten deadly cyber security threats amid COVID-19 pandemic. TechRxiv. (Preprint). https://doi.org/10.36227/techrxiv.12278792.v1

Moallem, A. (2019). Cyber security awareness among college students. In T. Ahram & D. Nicholson (Eds.), Advances in Human factors in cybersecurity (pp. 79–87). Springer. https://doi.org/10.1007/978-3-319-94782-2_8

Mountrouidou, X., Vosen, D., Kari, C., Azhar, M. Q., Bhatia, S., Gagne, G., Maguire, J., Tudor, L., & Yuen, T. T. (2019). Securing the human. Proceedings of the Working Group Reports on Innovation and Technology in Computer Science Education, 157–176. https://doi.org/10.1145/3344429.3372507

Nobles, C. (2018). The cyber talent gap and cybersecurity professionalizing. International Journal of Hyperconnectivity and the Internet of Things, 2(1), 42–51. https://doi.org/10.4018/ijhiot.2018010104

Oyedotun, T. D. (2020). Sudden change of pedagogy in education driven by COVID-19: Perspectives and evaluation from a developing country. Research in Globalization, 2, 100029. https://doi.org/10.1016/j.resglo.2020.100029

Pati, D., & Lorusso, L. N. (2018). How to write a systematic review of the literature. Health Environments Research & Design Journal, 11(1), 15–30. https://doi.org/10.1177/1937586717747384

Pinchot, J., Cellante, D., Mishra, S., & Paullet, K. (2020). Student perceptions of challenges and role of mentorship in cybersecurity careers: addressing the gender gap. Information Systems Education Journal, 18(3), 44–53. https://files.eric.ed.gov/fulltext/EJ1258205.pdf

Sanzo, K. L., Paredes Scribner, J., & Wu, H. (2021). Designing a K-16 cybersecurity collaborative: Cipher. IEEE Security & Privacy, 19(2), 56–59. https://doi.org/10.1109/msec.2021.3050246

Smith, D. T., & Ali, A. I. (2019). You've been hacked: A technique for raising cyber security awareness. Issues In Information Systems, 20(1), 186–194. https://doi.org/10.48009/1_iis_2019_186-194

Smith, G. (2018). The intelligent solution: Automation, the skills shortage and cyber-security. Computer Fraud & Security, 2018(8), 6–9. https://doi.org/10.1016/s1361-3723(18)30073-3

Srivatanakul, T., & Annansingh, F. (2021). Incorporating active learning activities to the design and development of an undergraduate software and web security course. Journal of Computers in Education, 9(1), 25–50. https://doi.org/10.1007/s40692-021-00194-9

Stoker, G., Clark, U., Vanajakumari, M., & Wetherill, W. (2021). Building a cybersecurity apprenticeship program: early-stage success and some lessons learned. Information Systems Education Journal, 19(2), 35–44. https://files.eric.ed.gov/fulltext/EJ1297604.pdf

Tobarra, L., Utrilla, A., Robles-Gómez, A., Pastor-Vargas, R., & Hernández, R. (2021). A cloud game-based educative platform architecture: The cyberscratch project. Applied Sciences, 11(2), 807. https://doi.org/10.3390/app11020807

Wolfenden, B. (2019). Gamification as a winning cyber security strategy. Computer Fraud & Security, 2019(5), 9–12. https://doi.org/10.1016/s1361-3723(19)30052-1

Wright, M. A. (2016). Improving cybersecurity workforce capacity and capability. ISSA Journal, 14–20. https://cupdf.com/document/improving-cybersecurity-workforce-capacity-and-capability.html

Yasin, A., Liu, L., Li, T., Fatima, R., & Jianmin, W. (2019). Improving software security awareness using a serious game. IET Software, 13(2), 159-169. https://doi.org/10.1049/iet-sen.2018.5095