Métodos y efectos de la educación en ciberseguridaduna revisión sistemática
- Alberto Beltrán 1
- Manuel G. Jiménez-Torres 1
- Sara Sampayo 2
-
1
Universidad de Granada
info
-
2
Universidad Miguel Hernández de Elche
info
ISSN: 2695-2882
Any de publicació: 2023
Volum: 7
Tipus: Article
Altres publicacions en: REC: Revista Electrónica de Criminología
Resum
The aim of this study was to analyze educational techniques in the area of cybersecurity and cybercrime, specifically those aimed at non-technical population. A systematic review of the scientific literature was carried out using the Scopus, Web of Science and Proquest databases. After analyzing 79 articles, it was found that gamification, training, simulation, multimethod and audiovisual media are the most common techniques with the best results in terms of effectiveness. It was also found that studies focus more on cybersecurity and protection tools than on educating on cyber threats and awareness. On the other hand, we found an even distribution of studies according to the age criterion, with the exception of education aimed at the elderly, which was found to be scarce. Finally, it was found that there is a strong predominance of STEAM sciences, such as computer science and informatics, as opposed to social sciences (psychology, criminology or educational sciences), with a serious lack of interdisciplinarity in the area of study.
Referències bibliogràfiques
- Al-Daeef, M.M., Basir, N., & Saudi, M.M. (2017). Security awareness training: A review. Lecture Notes in Engineering and Computer Science, 2229, 446–451
- Al-Hamar, Y., & Kolivand, H. (2020). A New Email Phishing Training Website. Proceedings - International Conference on Developments in eSystems Engineering, DeSE, 2020-December, 263-268. https://doi.org/10.1109/DeSE51703.2020.9450238
- Aldawood, H., & Skinner, G. (2018). Educating and Raising Awareness on Cyber Security Social Engineering: A Literature Review. In Lee, MJW and Nikolic, S and Shen, J and Lei, LCU and Wong, GKW and Venkatarayalu, N (Ed.), PROCEEDINGS OF 2018 IEEE INTERNATIONAL CONFERENCE ON TALE, (pp. 62–68).
- Alencar, G. D., de Lima, M. F., & Firmo, A. C. A. (2013). Behavioral analysis as a means to prevent social engineering and phishing. RESI Revista Electronica de Sistemas de Informacao, 12(3), 1. Advanced Technologies & Aerospace Collection.
- Alqahtani, H., & Kavakli-Thorne, M. (2020). Design and evaluation of an augmented reality game for cybersecurity awareness (CybAR). Information (Switzerland), 11(2). https://doi.org/10.3390/info11020121
- Althobaiti, K., Vaniea, K., & Zheng, S. (2018). Faheem: Explaining URLs to people using a Slack bot. Proceedings of AISB Annual Convention 2018, 1-8. https://www.scopus.com/inward/record.uri?eid=2-s2.0- 85051426851&partnerID=40&md5=c56d6bb6162bb263e3b6 9498131e3c8a
- Alwanain, M., I. (2020). Phishing Awareness and Elderly Users in Social Media. International Journal of Computer Science and Network Security, 20(9), 114-119. https://doi.org/10.22937/IJCSNS.2020.20.09.14
- Alwanain, M., I. (2021). How Do Children Interact with Phishing Attacks? International Journal of Computer Science and Network Security, 21(3), 127-133. https://doi.org/10.22937/IJCSNS.2021.21.3.17
- Amo, L. C., Liao, R., Frank, E., Rao, H. R., & Upadhyaya, S. (2019). Cybersecurity Interventions for Teens: Two Time-Based Approaches. IEEE Transactions on Education, 62(2), 134-140. Social Science Premium Collection. https://doi.org/10.1109/TE.2018.2877182
- Baillon, A., de Bruin, J., Emirmahmutoglu, A., van de Veer, E., & van Dijk, B. (2019). Informing, simulating experience, or both: A field experiment on phishing risks. PLOS ONE, 14(12). https://doi.org/10.1371/journal.pone.0224216
- Baslyman, M., & Chiasson, S. (2016). «smells Phishy?»: An educational game about online phishing scams. eCrime Researchers Summit, eCrime, 2016-June, 91-101. https://doi.org/10.1109/ECRIME.2016.7487946
- Beckers, K., Pape, S., & Fries, V. (2016). HATCH: Hack and trick capricious humans – A serious game on social engineering. Proceedings of the 30th International BCS Human Computer Interaction Conference, HCI 2016, 2016-July. https://doi.org/10.14236/ewic/hci2016.94
- Bosch-Capblanch X., Lavis, J.N., Lewin, S., Atun, R., Røttingen, J.A., Dröschel D., Beck, L., Abalos, E., El-Jardali, F., Gilson, L., Oliver, S., Wyss, K., Tugwell, P., Kulier, R., Pang, T., & Haines, A. (2012). Guidance for evidence-informed policies about health systems: rationale for and challenges of guidance development. PLoS Med, 9(3), e1001185. https://doi.org/10.1371/journal.pmed.1001185
- Burris, J., Deneke, W., & Maulding, B. (2018). Activity simulation for experiential learning in cybersecurity workforce development. Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics), 10923 LNCS, 17-25. https://doi.org/10.1007/978-3-319-91716-0_2
- Chadee, D., & Ng Ying, N.K. (2013). Predictors of fear of crime: general fear verses perceived risk. Journal of Applied Psychology, 43(1), 1896-1904.
- Chattopadhyay, A., Christian, D., Oeder, A., & Budul, I. (2019). A Novel Visual-Privacy Themed Experiential- Learning Tool for Human-Privacy Societal-Security Awareness in MiddleSchool and High-School Youth. Proceedings - Frontiers in Education Conference, FIE, 2019-October. https://doi.org/10.1109/FIE43999.2019.9028375
- Chen, T., Stewart, M., Bai, Z., Chen, E., Dabbish, L., & Hammer, J. (2020). Hacked time: Design and evaluation of a selfefficacy based cybersecurity game. DIS 2020 - Proceedings of the 2020 ACM Designing Interactive Systems Conference, 1737- 1749. https://doi.org/10.1145/3357236.3395522
- Choi, K. (2008). Computer Crime Victimization and Integrated Theory: An Empirical Assessment. International Journal of Cyber Criminology 2 (1): 308–333. Recuperado de: https://www.researchgate.net/publication/238621672_Computer_Crime_Victimization_and_Integrated_Theory_A n_Empirical_Assessment
- Coenraad, M., Pellicone, A., Ketelhut, D. J., Cukier, M., Plane, J., & Weintrop, D. (2020). Experiencing Cybersecurity One Game at a Time: A Systematic Review of Cybersecurity Digital Games. Simulation and Gaming, 51(5), 586–611. https://doi.org/10.1177/1046878120933312
- Cornel, C., Cornel, C. M., Rowe, D. C., & Moses, S. (2016). A cybersecurity camp for girls. ASEE Annual Conference and Exposition, Conference Proceedings, 2016-June. Recuperado de: https://www.scopus.com/inward/record.uri?eid=2- s2.0- 84983347749&partnerID=40&md5=bd701a49eabb23972b48 d3b95806f211
- Cuchta, T., Blackwood, B., Devine, T. R., Niichel, R. J., Daniels, K. M., Lutjens, C. H., Maibach, S., & Stephenson, R. J. (2019). Human risk factors in cybersecurity. SIGITE 2019 - Proceedings of the 20th Annual Conference on Information Technology Education, 87-92. https://doi.org/10.1145/3349266.3351407
- Davinson, N., & Sillence, E. (2010). It won’t happen to me: Promoting secure behaviour among internet users. Computers in Human Behavior, 26(6), 1739-1747. APA PsycInfo. https://doi.org/10.1016/j.chb.2010.06.023
- De Bona, M., & Paci, F. (2020). A real world study on employees’ susceptibility to phishing attacks. ACM International Conference Proceeding Series. https://doi.org/10.1145/3407023.3409179
- Deterding, S., Dixon, D., Khaled, R., & Nacke, L. (2011). From game design elements to gamefulness: defining gamification. 15th international academic MindTrek conference: Envisioning future media environments. pp. 9-15.
- Decusatis, C., Gormanly, B., Alvarico, E., Dirahoui, O., McDonough, J., Sprague, B., Maloney, M., Avitable, D., & Mah, B. (2022). A Cybersecurity Awareness Escape Room using Gamification Design Principles. 2022 IEEE 12th Annual Computing and Communication Workshop and Conference, CCWC 2022, 765-770. https://doi.org/10.1109/CCWC54503.2022.9720748
- Dodge, R., Coronges, K., & Rovira, E. (2012). Empirical benefits of training to phishing susceptibility. IFIP Advances in Information and Communication Technology, 376 AICT, 457- 464. https://doi.org/10.1007/978-3-642-30436-1_37
- Ganesh, A., Ndulue, C., & Orji, R. (2022). Smartphone Security and Privacy – A Gamified Persuasive Approach with Protection Motivation Theory. Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics), 13213 LNCS, 89-100. https://doi.org/10.1007/978-3-030-98438-0_7
- Ghernaouti-Helie, S. (2009). An Inclusive Information Society Needs a Global Approach of Information Security. 2009 International Conference on Availability, Reliability and Security, 658-662. DOI: 10.1109/ARES.2009.127
- Giannakas, F., Kambourakis, G., & Gritzalis, S. (2015). CyberAware: A mobile game-based app for cybersecurity education and awareness. Proceedings of 2015 International Conference on Interactive Mobile Communication Technologies and Learning, IMCL 2015, 54-58. https://doi.org/10.1109/IMCTL.2015.7359553
- Giannakas, F., Kambourakis, G., Papasalouros, A., & Gritzalis, S. (2016). Security education and awareness for K-6 going mobile. International Journal of Interactive Mobile Technologies, 10(2), 41-48. https://doi.org/10.3991/ijim.v10i2.5473
- Giannakas, F., Papasalouros, A., Kambourakis, G., & Gritzalis, S. (2019). A comprehensive cybersecurity learning platform for elementary education. Information Security Journal, 28(3), 81-106. https://doi.org/10.1080/19393555.2019.1657527
- Gokul, C. J., Pandit, S., Vaddepalli, S., Tupsamudre, H., Banahatti, V., & Lodha, S. (2018). Phishy—A serious game to train enterprise users on phishing awareness. CHI PLAY 2018 - Proceedings of the 2018 Annual Symposium on ComputerHuman Interaction in Play Companion Extended Abstracts, 169- 181. https://doi.org/10.1145/3270316.3273042
- González, J., Buñuel, J.C., & González, P. (2012). Listas guía de comprobación de estudios observacionales: declaración STROBE. Evid Pediatr. 8:65
- Grant, M.J., & Booth, A. (2009). A typology of reviews: an analysis of 14 review types and associated methodologies. Health Information and Libraries Journal, 26(2), 91-108. https://doi.org/10.1111/j.1471-1842.2009.00848.x
- Hadlington, L., & Chivers, S. (2018). Segmentation analysis of susceptibility to cybercrime: Exploring individual differences in information security awareness and personality factors. Policing: A Journal of Policy and Practice, April, 1-14.
- Herzberg, A., & Margulies, R. (2011). Forcing Johnny to login safely: Long-term user study of forcing and training login mechanisms. Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics), 6879 LNCS, 452-471. https://doi.org/10.1007/978-3-642-23822-2_25
- Hutton, B., Catalá-López, F., & Moher, D. (2016). La extensión de la declaración PRISMA para revisiones sistemáticas que incorporan metaanálisis en red: PRISMA-NMA. Medicina Clinica, 147(6), 262–266. https://doi.org/10.1016/j.medcli.2016.02.025
- Huynh, D., Luong, P., Iida, H., & Beuran, R. (2017). Design and evaluation of a cybersecurity awareness training game. Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics), 10507 LNCS, 183-188. https://doi.org/10.1007/978-3-319-66715-7_19
- Jampen, D., Gür, G., Sutter, T., & Tellenbach, B. (2020). Don’t click: towards an effective anti-phishing training. A comparative literature review. In Human-centric Computing and Information Sciences (Vol. 10, Issue 1). Springer Berlin Heidelberg. https://doi.org/10.1186/s13673-020-00237-7
- Jin, G., Tu, M., Kim, T.-H., Heffron, J., & White, J. (2018). Game based cybersecurity training for High School Students. SIGCSE 2018 - Proceedings of the 49th ACM Technical Symposium on Computer Science Education, 2018-January, 68-73. https://doi.org/10.1145/3159450.3159591
- Kaabi, L. A., Ketbi, W. A., Khoori, A. A., Shamsi, M. A., & Alrabaee, S. (2022). Safe: Cryptographic Algorithms and Security Principles Gamification. IEEE Global Engineering Education Conference, EDUCON, 2022-March, 1169-1178. https://doi.org/10.1109/EDUCON52537.2022.9766526
- Kolb, C., Strouse, J., Palmer, J., Ford, V., & Turygina, V. (2022). Cyber Securing the Future. AIP Conference Proceedings, 2425. https://doi.org/10.1063/5.0081419
- Kovačević, A., & Radenković, S. D. (2020). SAWIT—Security Awareness Improvement Tool in the Workplace. Applied Sciences, 10(9), 3065. Advanced Technologies & Aerospace Collection; Earth, Atmospheric & Aquatic Science Collection; ProQuest One Academic; Publicly Available Content Database. https://doi.org/10.3390/app10093065
- Kunz, A., Volkamer, M., Stockhardt, S., Palberg, S., Lottermann, T., & Piegert, E. (2016). NoPhish: Evaluation of a web application that teaches people being aware of phishing attacks. Lecture Notes in Informatics (LNI), Proceedings - Series of the Gesellschaft fur Informatik (GI), P-259, 509-518. Recuperado de: https://www.scopus.com/inward/record.uri?eid=2- s2.0- 85020702971&partnerID=40&md5=4e91989eb224aacf8f160 041c1eb053e
- Kumaraguru, P., Rhee, Y., Acquisti, A., Cranor, L. F., Hong, J., & Nunge, E. (2007). Protecting people from phishing: The design and evaluation of an embedded training email system. Conference on Human Factors in Computing Systems - Proceedings, 905-914. https://doi.org/10.1145/1240624.1240760
- Kumaraguru, P., Rhee, Y., Sheng, S., Hasan, S., Acquisti, A., Cranor, L. F., & Hong, J. (2007). Getting users to pay attention to anti-phishing education: Evaluation of retention and transfer. ACM International Conference Proceeding Series, 269, 70-81. https://doi.org/10.1145/1299015.1299022
- Kumaraguru, P., Sheng, S., Acquisti, A., Cranor, L. F., & Hong, J. (2008). Lessons from a real world evaluation of antiphishing training. eCrime Researchers Summit, eCrime 2008. https://doi.org/10.1109/ECRIME.2008.4696970
- Kumaraguru, P., Cranshaw, J., Acquisti, A., Cranor, L., Hong, J., Blair, M. A., & Pham, T. (2009). School of phish: A real-world evaluation of anti-phishing training. SOUPS 2009 - Proceedings of the 5th Symposium On Usable Privacy and Security. https://doi.org/10.1145/1572532.1572536
- Lastdrager, E., Gallardo, I. C., Hartel, P., & Junger, M. (2019). How effective is anti-phishing training for children? Proceedings of the 13th Symposium on Usable Privacy and Security, SOUPS 2017, 229-239. Recuperado de: https://www.scopus.com/inward/record.uri?eid=2-s2.0- 85075917140&partnerID=40&md5=c509892b8cff514dd540a 70a3f0bffd2
- Liberati, A., Altman, D. G., Tetzlaff, J., Mulrow, C., Gotzsche, P. C., Ioannidis, J. P. A., & Moher, D. (2009). The PRISMA statement for reporting systematic reviews and metaanalyses of studies that evaluate healthcare interventions: Explanation and elaboration. British Medical Journal, 339, b2700. doi: https://doi.org/10.1136/bmj. b2700
- Lim, I., Park, Y.-G., & Lee, J.-K. (2016). Design of Security Training System for Individual Users. Wireless Personal Communications, 90(3), 1105-1120. Advanced Technologies & Aerospace Collection. https://doi.org/10.1007/s11277- 016-3380-z
- López, J., Sánchez, F., Herrera, D., Martínez, F., Rubio, M., Gil, V., Santiago, A.M., & Gómez, M.A . (2021). Informe sobre la Cibercriminalidad en España. Dirección General de Coordinación y Estudios Secretaría de Estado de Seguridad . Ministerio del Interior, España. Recuperado de https://www.interior.gob.es/opencms/pdf/archivos-ydocumentacion/documentacion-ypublicaciones/publicaciones-descargables/publicacionesperiodicas/informe-sobre-la-cibercriminalidad-enEspana/Informe_cibercriminalidad_Espana_2021_1262002 12.pdf
- Maqsood, S., & Chiasson, S. (2021). Design, Development, and Evaluation of a Cybersecurity, Privacy, and Digital Literacy Game for Tweens. ACM Transactions on Privacy and Security, 24(4). https://doi.org/10.1145/3469821
- Mikka-Muntuumo, J., & Peters, A. N. (2021). Designing an Interactive Game for Preventing Online Abuse in Namibia. 2021 3rd International Multidisciplinary Information Technology and Engineering Conference, IMITEC 2021. https://doi.org/10.1109/IMITEC52926.2021.9714592
- Moreno-Fernández, M. M., Blanco, F., Garaizar, P., & Matute, H. (2017). Fishing for phishers. Improving Internet users’ sensitivity to visual deception cues to prevent electronic fraud. Computers in Human Behavior, 69, 421. Advanced Technologies & Aerospace Collection.
- Mugayitoglu, B., Borowczak, M., Burrows, A., Carson, A., Person, C., Finch, A., & Kennedy, C. (2021). A university’s developmental framework: Creating, implementing, and evaluating a K-12 teacher cybersecurity micro-credential course. ICSIT 2021 - 12th International Conference on Society and Information Technologies, Proceedings, 35-40. Recuperado de https://www.scopus.com/inward/record.uri?eid=2- s2.0- 85105867054&partnerID=40&md5=4d3140888267c6189eb1 d76ae1c896ad
- Neo, H.F., Teo, C.C., & Peng, C. L. (2021). Safe Internet: An Edutainment Tool for Teenagers. Lecture Notes in Electrical Engineering, 739 LNEE, 53-70. https://doi.org/10.1007/978-981-33-6385-4_6
- Newbould, M., & Furnell, S. (2009). Playing safe: A prototype game for raising awareness of social engineering. Proceedings of the 7th Australian Information Security Management Conference, 24-30. https://www.scopus.com/inward/record.uri?eid=2-s2.0- 84864552106&partnerID=40&md5=c35c02b54b3c5929bc9c db6fffd4c843
- Olano, M., Sherman, A., Oliva, L., Cox, R., Firestone, D., Kubik, O., Patil, M., Seymour, J., Sohn, I., & Thomas, D. (2014). SecurityEmpire: Development and evaluation of a digital game to promote cybersecurity education. 2014 USENIX Summit on Gaming, Games, and Gamification in Security Education, 3GSE 2014. https://www.scopus.com/inward/record.uri?eid=2-s2.0- 85040226944&partnerID=40&md5=78b3676884e4e3fb2e7c4 ecbfe3d4725
- ONTSI (Observatorio Nacional de Tecnología y Sociedad). (2022). Cómo se protege a la ciudadanía ante los ciberriesgos. Estudio sobre percepción y nivel de confianza en España. Observaciber. Recuperado de https://www.observaciber.es/sites/observaciber/files/m edia/documents/ciudadaniaciberriesgos_abril2022_1.pdf
- Peker, Y. K., Ray, L., da Silva, S., & IEEE. (2018). Online Cybersecurity Awareness Modules for College and High School Students (WOS:000463185700004). 24-33. https://doi.org/10.1109/NCS.2018.00009
- Perestelo-Pérez, L. (2013). Standards on how to develop and report systematic reviews in Psychology and Health. International Journal of Clinical and Health Psychology, 13, 49–57.
- Pittman, J. M., & Pike, R. E. (2016). An Observational Study of Peer Learning for High School Students at a Cybersecurity Camp. Information Systems Education Journal, 14(3), 4-13. ERIC.
- Plachkinova, M., & Menard, P. (2019). An Examination of Gain- and Loss-Framed Messaging on Smart Home Security Training Programs. Information Systems Frontiers. https://doi.org/10.1007/s10796-019-09970-6
- Quinkert, F., Degeling, M., & Holz, T. (2021). Spotlight on Phishing: A Longitudinal Study on Phishing Awareness Trainings. Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics), 12756 LNCS, 341-360. https://doi.org/10.1007/978-3-030-80825-9_17
- Qusa, H., & Tarazi, J. (2021). Cyber-Hero: A Gamification framework for Cyber Security Awareness for High Schools Students. 2021 IEEE 11th Annual Computing and Communication Workshop and Conference, CCWC 2021, 677-682. https://doi.org/10.1109/CCWC51732.2021.9375847
- Rastenis, J., Ramanauskaitė, S., Janulevičius, J., & Čenys, A. (2020). Impact of information security training on recognition of phishing attacks: A case study of vilnius gediminas technical university. Communications in Computer and Information Science, 1243 CCIS, 311-324. https://doi.org/10.1007/978-3-030-57672-1_23
- Reid, R., & Van Niekerk, J. (2014). Snakes and ladders for digital natives: Information security education for the youth. Information Management & Computer Security, 22(2), 179-190. Advanced Technologies & Aerospace Collection; ProQuest One Academic; ProQuest One Business; Social Science Premium Collection. https://doi.org/10.1108/IMCS-09- 2013-0063
- Reid, R., & Van Niekerk, J. (2015). A cyber security culture fostering campaign through the lens of active audience theory. Proceedings of the 9th International Symposium on Human Aspects of Information Security and Assurance, HAISA 2015, 34-44. https://www.scopus.com/inward/record.uri?eid=2-s2.0- 85026347994&partnerID=40&md5=90f8bac7ab485818b426 5a118ea60ba0
- Reinheimer, B., Aldag, L., Mayer, P., Mossano, M., Duezguen, R., Lofthouse, B., von Landesberger, T., & Volkamer, M. (2020). An investigation of phishing awareness and education over time: When and how to best remind users. Proceedings of the 16th Symposium on Usable Privacy and Security, SOUPS 2020, 259-284. https://www.scopus.com/inward/record.uri?eid=2-s2.0- 85091852889&partnerID=40&md5=6643e561a062c2513600 23104af547b7
- Saito, T., Yashiro, S., Tanabe, K., & Saito, Y. (2019). A Proposal and the Evaluation of a Hands-On Training System for Cyber Security. En Barolli, L and Leu, FY and Enokido, T and Chen, HC (Ed.), Advances on broadband and wireless computing, communication and applications, BWCCA-2018 (Vol. 25, pp. 339-349). https://doi.org/10.1007/978-3-030- 02613-4_30
- Salazar, M., Gaviria, J., Laorden, C., & Bringas, P. G. (2013). Enhancing cybersecurity learning through an augmented reality-based serious game. IEEE Global Engineering Education Conference, EDUCON, 602-607. https://doi.org/10.1109/EduCon.2013.6530167
- Schoebel, S., Roepke, R., & Schroeder, U. (2021). Phishing Academy: Evaluation of a Digital Educational Game on URLs and Phishing. Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics), 13134 LNCS, 44-53. https://doi.org/10.1007/978-3-030-92182-8_5
- Scholefield, S., & Shepherd, L. A. (2019). Gamification Techniques for Raising Cyber Security Awareness. Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics), 11594 LNCS, 191-203. https://doi.org/10.1007/978-3-030- 22351-9_13
- Sercombe, A. A., & Papadaki, M. (2012). Education in the «virtual» community: Can beating Malware Man teach users about social networking security? Proceedings of the 6th International Symposium on Human Aspects of Information Security and Assurance, HAISA 2012, 33-39. https://www.scopus.com/inward/record.uri?eid=2-s2.0- 84926306106&partnerID=40&md5=f1644a3a54a362b2832d 3bbb04d16e84
- Septiana, R., & Julian, R. K. (2020). Design of Phishing Simulation Dashboard Using Analytic Data Concepts. Journal of Physics: Conference Series, 1577(1). Advanced Technologies & Aerospace Collection; ProQuest One Academic; Publicly Available Content Database. https://doi.org/10.1088/1742-6596/1577/1/012041
- Shen, L. W., Mammi, H. K., & Din, M. M. (2021). Cyber Security Awareness Game (CSAG) for Secondary School Students. 2021 International Conference on Data Science and Its Applications, ICoDSA 2021, 48-53. https://doi.org/10.1109/ICoDSA53588.2021.9617548
- Sheng, S., Magnien, B., Kumaraguru, P., Acquisti, A., Cranor, L. F., Hong, J., & Nunge, E. (2007). Anti-Phishing Phil: The design and evaluation of a game that teaches people not to fall for phish. ACM International Conference Proceeding Series, 229, 88-99. https://doi.org/10.1145/1280680.1280692
- Silic, M., & Lowry, P. B. (2020). Using Design-Science Based Gamification to Improve Organizational Security Training and Compliance: JMIS. Journal of Management Information Systems, 37(1), 129-161. Advanced Technologies & Aerospace Collection; ProQuest One Academic; ProQuest One Business; Social Science Premium Collection. https://doi.org/10.1080/07421222.2019.1705512
- Sookhanaphibarn, K., & Choensawat, W. (2020). Educational games for cybersecurity awareness. 2020 IEEE 9th Global Conference on Consumer Electronics, GCCE 2020, 424-428. https://doi.org/10.1109/GCCE50665.2020.9291723
- Streiff, J., Justice, C., & Camp, J. (2019). Escaping to cybersecurity education: Using manipulative challenges to engage and educate. Proceedings of the European Conference on Gamesbased Learning, 2019-October, 1046-1050. https://doi.org/10.34190/GBL.19.183
- Sucharew, H., & Macaluso, M. (2019). Methods for Research Evidence Synthesis: The Scoping Review Approach. Journal of Hospital Medicine 14, 416-418. https://doi.org/10.12788/jhm.3248
- Sun, J. C.-Y., & Chen, A. Y.-Z. (2016). Effects of integrating dynamic concept maps with Interactive Response System on elementary school students’ motivation and learning outcome: The case of anti-phishing education. COMPUTERS & EDUCATION, 102, 117-127. https://doi.org/10.1016/j.compedu.2016.08.002
- Svabensky, V., Vykopal, J., & Celeda, P. (2020). What Are Cybersecurity Education Papers About? A Systematic Literature Review of SIGCSE and ITiCSE Conferences. SIGCSE 2020 - Proceedings of the 51st ACM Technical Symposium on Computer Science Education, 2–8. https://doi.org/10.1145/3328778.3366816
- Thackray, H., McAlaney, J., Dogan, H., Taylor, J., & Richardson, C. (2016). Social psychology: An under-used tool in cybersecurity. Proceedings of the 30th International BCS Human Computer Interaction Conference, HCI 2016, 2016-July. https://doi.org/10.14236/ewic/HCI2016.64
- Tricco, A.C., Antony, J., Zarin, W., Strifler, L., Ghassemi, M., Ivory, J., Perrier, L., Hutton, B., Moher, D., & Straus, S.E. (2015). A scoping review of rapid review methods. BMC Medicine, 13(224). Recuperado de: https://bit.ly/2ZT1PUN
- Tschakert, K. F., & Ngamsuriyaroj, S. (2019). Effectiveness of and user preferences for security awareness training methodologies. Heliyon, 5(6), 1. MEDLINE. https://doi.org/10.1016/j.heliyon.2019.e02010
- Tsokkis, P., & Stavrou, E. (2018). A password generator tool to increase users’ awareness on bad password construction strategies. 2018 International Symposium on Networks, Computers and Communications, ISNCC 2018. https://doi.org/10.1109/ISNCC.2018.8531061
- Veneruso, S. V., Ferro, L. S., Marrella, A., Mecella, M., & Catarci, T. (2020). CyberVR: An Interactive Learning Experience in Virtual Reality for Cybersecurity Related Issues. ACM International Conference Proceeding Series. https://doi.org/10.1145/3399715.3399860
- Villasís-Keever, M.A., Rendón-Macías, M.E., García, H., MirandaNovales., M.G., & Escamilla-Núñez, A. (2020). La revisión sistemática y el metaanálisis como herramienta de apoyo para la clínica y la investigación. Rev Alerg Mex.; 67(1):62- 72.
- Visoottiviseth, V., Sainont, R., Boonnak, T., & Thammakulkrajang, V. (2018). POMEGA: Security game for building security awareness. Proceeding of 2018 7th ICT International Student Project Conference, ICT-ISPC 2018. https://doi.org/10.1109/ICT-ISPC.2018.8523965
- Volkamer, M., Renaud, K., Reinheimer, B., Rack, P., Ghiglieri, M., Mayer, P., Kunz, A., & Gerber, N. (2018). Developing and evaluating a five minute phishing awareness video. Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics), 11033 LNCS, 119-134. https://doi.org/10.1007/978-3-319- 98385-1_9
- Wang, Y.-J., Tseng, S.-S., Yang, T.-Y., & Weng, J.-F. (2018). Building a frame-based cyber security learning game. Communications in Computer and Information Science, 797, 32-41. https://doi.org/10.1007/978-981-10-7850-7_4
- Wash, R., & Cooper, M. M. (2018). Who provides phishing training? Facts, stories, and people like me. Conference on Human Factors in Computing Systems - Proceedings, 2018-April. https://doi.org/10.1145/3173574.3174066
- Weaver, B. W., Braly, A. M., & Lane, D. M. (2021). Training Users to Identify Phishing Emails. Journal of Educational Computing Research, 59(6), 1169-1183. https://doi.org/10.1177/0735633121992516
- Wen, Z. A., Lin, Z., Chen, R., & Andersen, E. (2019). What.Hack: Engaging Anti-Phishing Training through a Role-playing Phishing Simulation Game. Conference on Human Factors in Computing Systems - Proceedings. https://doi.org/10.1145/3290605.3300338
- Wolf, S., Burrows, A. C., Borowczak, M., Johnson, M., Cooley, R., & Mogenson, K. (2020). Integrated outreach: Increasing engagement in computer science and cybersecurity. Education Sciences, 10(12), 1-23. https://doi.org/10.3390/educsci10120353
- Wolf, S., Cooley, R., Johnson, M., Burrows, A. C., & Borowczak, M. (2020). Constructing and refining engaging computer science outreach. ASEE Annual Conference and Exposition, Conference Proceedings, 2020-June. Recuperado de https://www.scopus.com/inward/record.uri?eid=2-s2.0- 85095780473&partnerID=40&md5=05052e69cca875c069c9f 7b96122cb68
- Yett, B., Hutchins, N., Stein, G., Zare, H., Snyder, C., Biswas, G., Metelko, M., & Ledeczi, A. (2020). A hands-on cybersecurity curriculum using a robotics platform. SIGCSE 2020 - Proceedings of the 51st ACM Technical Symposium on Computer Science Education, 1040-1046. https://doi.org/10.1145/3328778.3366878
- Zhang-Kennedy, L., Chiasson, S., & Biddle, R. (2016). The role of instructional design in persuasion: A comics approach for improving cybersecurity. International Journal of HumanComputer Interaction, 32(3), 215-257. APA PsycInfo®. https://doi.org/10.1080/10447318.2016.1136177
- Zhang-Kennedy, L., & Chiasson, S. (2021). A Systematic Review of Multimedia Tools for Cybersecurity Awareness and Education. ACM Computing Surveys, 54(1), 1–39. https://doi.org/10.1145/3427920
- Zielinska, O. A., Tembe, R., Hong, K. W., Ge, X., Murphy-Hill, E., & Mayhorn, C. B. (2014). One phish, two phish, how to avoid the internet phish: Analysis of training strategies to detect phishing emails. Proceedings of the Human Factors and Ergonomics Society, 2014-January, 1466-1470. https://doi.org/10.1177/1541931214581306