Cybersecurity Awareness Among Students and Faculty
eBook - ePub

Cybersecurity Awareness Among Students and Faculty

Abbas Moallem

  1. 88 pages
  2. English
  3. ePUB (mobile friendly)
  4. Available on iOS & Android
eBook - ePub

Cybersecurity Awareness Among Students and Faculty

Abbas Moallem

Book details
Book preview
Table of contents
Citations

About This Book

Recipient of the SJSU San Jose State University Annual Author & Artist Awards 2019

In modern times, all individuals need to be knowledgeable about cybersecurity. They must have practical skills and abilities to protect themselves in cyberspace. What is the level of awareness among college students and faculty, who represent the most technologically active portion of the population in any society? According to the Federal Trade Commission's 2016 Consumer Sentinel Network report, 19 percent of identity theft complaints came from people under the age of 29. About 74, 400 young adults fell victim to identity theft in 2016.

This book reports the results of several studies that investigate student and faculty awareness and attitudes toward cybersecurity and the resulting risks. It proposes a plan of action that can help 26, 000 higher education institutions worldwide with over 207 million college students, create security policies and educational programs that improve security awareness and protection.

Features



  • Offers an understanding of the state of privacy awareness
  • Includes the state of identity theft awareness
  • Covers mobile phone protection
  • Discusses ransomware protection
  • Discloses a plan of action to improve security awareness

Frequently asked questions

How do I cancel my subscription?
Simply head over to the account section in settings and click on “Cancel Subscription” - it’s as simple as that. After you cancel, your membership will stay active for the remainder of the time you’ve paid for. Learn more here.
Can/how do I download books?
At the moment all of our mobile-responsive ePub books are available to download via the app. Most of our PDFs are also available to download and we're working on making the final remaining ones downloadable now. Learn more here.
What is the difference between the pricing plans?
Both plans give you full access to the library and all of Perlego’s features. The only differences are the price and subscription period: With the annual plan you’ll save around 30% compared to 12 months on the monthly plan.
What is Perlego?
We are an online textbook subscription service, where you can get access to an entire online library for less than the price of a single book per month. With over 1 million books across 1000+ topics, we’ve got you covered! Learn more here.
Do you support text-to-speech?
Look out for the read-aloud symbol on your next book to see if you can listen to it. The read-aloud tool reads text aloud for you, highlighting the text as it is being read. You can pause it, speed it up and slow it down. Learn more here.
Is Cybersecurity Awareness Among Students and Faculty an online PDF/ePUB?
Yes, you can access Cybersecurity Awareness Among Students and Faculty by Abbas Moallem in PDF and/or ePUB format, as well as other popular books in Informatica & Sicurezza informatica. We have over one million books available in our catalogue for you to explore.

Information

Publisher
CRC Press
Year
2019
ISBN
9780429626944
Edition
1
Topic
Informatica
Subtopic
Sicurezza informatica

Introduction

1

1.1 EXTENT OF CYBERATTACKS

In November 2018, the personal data (including credit card details, passport numbers, and dates of birth) of up to 500 million people were stolen in a “colossal” hack of Marriott International, the parent company of hotel chains including W, Westin, Le MĂ©ridien, and Sheraton [1]. Two months earlier, in September 2018, press reports surfaced that British Airways had suffered an enormous data breach affecting almost 400,000 customers and including personal and financial details [2]. A month earlier, in August 2018, T-Mobile was hacked and hackers swiped the data of 2 million subscribers [3]. In March 2018, the New York Times reported that Cambridge Analytica, a political data firm, gained access to the private information of more than 50 million Facebook users. The firm offered tools that could identify the personalities of American voters and influence their behaviour [4]. Almost a year earlier in September 2017, Equifax, one of three major credit-reporting agencies in the United States, revealed that highly sensitive personal and financial information for about 143 million American consumers was compromised in a cybersecurity breach that began in late spring that year [5].
Every day, cyber-criminals exploit a variety of threat vectors, including email, network traffic, user behaviour, and application traffic to insert ransomware [6]. For example, cyber-criminals use email wiretapping to create an hypertext markup language (HTML) email that, each time it is read, can send back a copy of the email’s contents to the originator. It gives the author of the email an opportunity to see to whom the email was subsequently forwarded and any forwarded messages.
Today, technology facilitates communication to the extent that one can chat with someone else in the next room or as far as another country with ease, via a variety of technologies. This ease of communication also prepares the ground for cyber-stalking. Cyber-stalking is defined as the use of technology, particularly the Internet, to harass someone. Typical characteristics include false accusations, monitoring, threats, identity theft, and data destruction or manipulation. Cyber-stalking also includes exploitation of minors, be it sexual or otherwise. Reyns [7] reports that approximately 4.9% of students had perpetrated cyber-stalking in 2009.
Consequently, cybersecurity, or information technology (IT) security, has become one of the major concerns of organizations, communities, and individuals. Cyberspace has become a new site of crime and illegal behaviour. While a wide range of acts of crime and criminality—including robbery, identity theft, ransom, spying, subterfuge, deception, and black markets—have been parts of the experience of social life, globalization and the expansion of new media technologies have presented us with new changes and challenges. With the expansion of digital media, these activities have taken unique forms requiring specific, and sometimes fundamentally distinct, ways of understanding.

1.2 REVIEW OF THE LITERATURE

The cases of cyber-attacks show the extent to which any individual using the Internet and computers is vulnerable to cyber-attacks, which affect not just businesses or organizations but also individuals.
In the following sections, some of the recent studies on students’ cybersecurity awareness and privacy will be briefly reviewed.

1.2.1 Cybersecurity Awareness of College Students

User understanding of privacy and security risks, and how to protect themselves from cyber-attacks is a fundamental need in modern life. After all, from banking and e-commerce to pictures of private information and documents, so much can be compromised. Also, information breaches of companies containing user information can easily subject users to identity theft. What users can do to protect themselves and what actions they should take depend on their awareness and knowledge of the risks. The Federal Trade Commission’s Consumer Sentinel Network, which collects data about consumer complaints, including identity theft, found that 18% of people who experienced identity theft in 2014 were between the ages of 20 and 29 [8,9].
In recent years, several studies have been conducted to measure the level of awareness among college students concerning information security issues. For example, Slusky and Partow-Navid [10] surveyed students at the College of Business and Economics at California State University, Los Angeles, Los Angeles, California. The results suggested that the major problem with security awareness is not due to a lack of security knowledge but somewhat in the way that students apply that knowledge in real-world situations. Simply put, according to the results of this study, compliance with information security knowledge is lower than the understanding or awareness of it.
Another study conducted by Al-Janabi and Al-Shourbaji [11] analysed cybersecurity awareness among academic staff, researchers, undergraduate students, and employees in the education sector in the Middle East. The results revealed that the participants did not have the requisite knowledge and understanding of the importance of information security principles and their practical applications in day-to-day work.
Hussein and Zhang [12] designed a survey to study the awareness of privacy among a group of users (92% of between 21 and 35, and 76% either engineers or students) who use social media. Their study included 377 participants who use social media services such as Facebook, Twitter, LinkedIn, and Google. The researchers found that 44% of the respondents showed a lack of knowledge of privacy policy and the mechanisms governing it on the online social networks they used. In addition, 34% were gravely concerned, and 41% were somewhat concerned about their privacy online. A staggering 80% indicated that they were not satisfied enough with the level of privacy provided by online social networks.
In a study, Senthilkumar et al. [13] aimed to analyse cybersecurity awareness among college students in Tamil Nadu (a state in India) about various security threats. Five hundred students in five major cities took the online survey. The result showed that 70% of these students were more conscious of basic virus attacks and using antivirus software (updating frequently) or Linux platforms to safeguard their system from virus attacks. The remaining students were not using any antivirus and were the victims of virus attacks. It was also reported that 11% of them were using antivirus but not updating their antivirus software. More than 97% of them did not know the source of the virus.
A study by Grainne et al. [14] was conducted among Malaysian undergraduate students in which 295 took part. The objective was to understand the awareness of risks related to social networking sites (SNSs). The study reported that more than one-third of participants had fallen victim to SNS scams.

1.2.2 Privacy and Self-Disclosure

The Internet and a multitude of social networking applications have massively increased the possibility of the disclosure of personal information. Despite users’ concerns and awareness about privacy, their behaviours do not mirror those concerns [15].
Chen et al. [16] discussed a new type of privacy concern, called Information Privacy Control about Peer Disclosure (IPCPD). They studied the decisional control to alleviate such a privacy concern by taking certain factors into consideration. “Decisional control” is defined as the availability of technical options to stop the disclosure of private information, which could potentially cause privacy violations. Since most social network users are in the habit of sharing pictures with other people online, the privacy of those in the photographs may be unwittingly compromised. This phenomenon is described as IPCPD. Their findings reveal that decisional control is generally a vital privacy protection tool in online social networks. Moreover, the importance of decisional control stems from different contextual situations specified by the “what” and “whom” aspects of information privacy.
Liang et al. [17] discussed another type of privacy concern online called deletion delay of photo sharing. They explored the possible access to a user’s image even after deleting the image from social media platforms. They found that by using the Uniform Resource Locator (URL) of the image, it was possible to access the image anywhere from 7 to 30 days after the image was deleted. Popular social media platforms were also not immune to this problem. For example, on Facebook, it took up to 7 days for the image to entirely disappear. Also, it was observed that in cross-platform sharing, the original image from the source platform could still be accessed on the destination platform using the image URL on the destination platform.
Li et al. [18] investigated Amazon Wishlist and possible privacy exposures. They collected complete Amazon Wishlists of over 30,000 users and were able to make interesting observations based on the shopping preferences of users. To access the Wishlists, they constructed a crawler in Python (a programming language) that crawled through the search results for Amazon Wishlist search. They were able to predict shopping preferences based on gender, demographic groups, geolocation, and so on. Using machine learning and semantic analysis on Wishlist descriptions, they were able to extract users’ private information. In their observation, they found that users tend to expose their activities, affiliations, educational backgrounds, and spouse names the most, thus compromising their privacy through the information provided about themselves.
Will et al. [19] proposed a system that would ensure that vendors would not be able to hold the personal information of users and store it for future use or sell it to other third-party vendors. In the proposed model, personal information is stored on the users’ mobile device and requested by vendors when needed. In this centralized model, a relay service is used to hide data from vendors or websites, encrypt cache response, authorize vendors, filter unwanted requests, and provide features automatically like anonymous email. The authors proposed a model where personal information is stored on the users’ mobile devices and requested by vendors when needed. Information can then be given in either a private or a trusted manner, and encrypted responses can be cached by a relay service. Vendors should only use the data inflight and never store personal information. This provides the user with data provenance and access control, while providing the vendor with accountability and enhanced security.
Harikant et al. [20] designed a study in which they modelled the behaviours of Facebook users based on their engagement with other users. They categorized these behaviours as anomalous and non-anomalous. If the users, based on their behavioural features, were showing anomalous behaviour, they were classified into different types of attacks invading the privacy of the said users. The behavioural features such as friend rate, comment rate, post-rate, and post-feedback rate determined the types of attacks on users. Based on some or all threshold values for these features, the attacks were categorized as compromised account attacks, sybil attacks, software attacks, identity clone attacks, creepers attacks, cyberbullying attacks, and clickjacking attacks.

1.2.3 Cybersecurity Awareness among College Students and Faculty

To investigate student and faculty members’ awareness and attitudes towards cybersecurity, students and faculties in public universities in the San Francisco Bay Area of California were surveyed. The Bay Area is recognized for its most advanced community regarding wealth, technology, progress, and the diversity of the population [21]. For example, according to the San Jose State University website, 51% of its students are male and 49% are female. The diversity of students by ethnicity is 41% Asian, 26% Hispanic, 19% white, and 14% other. The average age of undergraduate students in fall 2017 was 22.6 years [22].
As part of this investigation, several surveys were administered. The first survey included ten general questions about cybersecurity awareness. The objectives were to understand students’ awareness in such a tech-savvy environment of cyber-attacks (Silicon Valley) and to explore how they protected themselves against cyber-attacks. It is important to underline that the results of this study which are reported in this book are to show trends and cannot be generalized.

1.3 CONCLUSION

The review of the literature points to a few trends in student awareness in cybersecurity is as follows:
  • Students do not have the requisite knowledge and understanding of the importance of information security principles and their practical applications.
  • Security awareness is not due to a lack of security knowledge but in the way that students apply that knowledge in real-world situations.
  • Students have a lack of knowledge of privacy policy and governing on the online social networks they used.
  • Users tend to expose their activities, aff...

Table of contents

Citation styles for Cybersecurity Awareness Among Students and Faculty

APA 6 Citation

Moallem, A. (2019). Cybersecurity Awareness Among Students and Faculty (1st ed.). CRC Press. Retrieved from https://www.perlego.com/book/1471905/cybersecurity-awareness-among-students-and-faculty-pdf (Original work published 2019)

Chicago Citation

Moallem, Abbas. (2019) 2019. Cybersecurity Awareness Among Students and Faculty. 1st ed. CRC Press. https://www.perlego.com/book/1471905/cybersecurity-awareness-among-students-and-faculty-pdf.

Harvard Citation

Moallem, A. (2019) Cybersecurity Awareness Among Students and Faculty. 1st edn. CRC Press. Available at: https://www.perlego.com/book/1471905/cybersecurity-awareness-among-students-and-faculty-pdf (Accessed: 14 October 2022).

MLA 7 Citation

Moallem, Abbas. Cybersecurity Awareness Among Students and Faculty. 1st ed. CRC Press, 2019. Web. 14 Oct. 2022.