Sage Journals: Discover world-class research

Abstract

Combatting cyber-attacks relies on the users of the system being properly educated on how to recognize and respond to the attack. Evaluating a user’s cyber awareness knowledge through testing allows for the ability to certify that users are prepared for possible threats they may face online. This study examines the validity of currently available tests of cyber awareness on three criteria: readability, taxonomy type, and relevancy. By using the chosen criteria, the sampled tests can be assessed on whether they are accessible for the average reader, whether the questions require a response that demonstrates the ability to apply the knowledge, and if the questions cover relevant cyber threats. The sampled tests were shown to be mostly above average U.S. reading level. The taxonomy of the test questions was shown to rely mostly on the remembering and understanding dimensions. The content of the tests was shown to overall cover questions pertaining to relevant cyber-attack threats. Readability of the tests was shown to be the most prevalent issue with the currently used tests making accessibility for the average reader a concern.

Keywords

cybersecurity knowledge training evaluation transfer of training

Get full access to this article

View all access options for this article.

References

Ajayi

(2024). Blooms taxonomy. Structural Optimization.

Baraković

Baraković Husić

(2022). Cyber hygiene knowledge, awareness, and behavioral practices of university students. Information Security Journal: A Global Perspective, 32(5), 347–370. https://doi.org/10.1080/19393555.2022.2088428

Cain

A. A.

Edwards

M. E.

Still

J. D.

(2018). An exploratory study of cyber hygiene behaviors and knowledge. Journal of Information Security and Applications, 42, 36–45. https://doi.org/10.1016/j.jisa.2018.08.002

Daraz

Morrow

A. S.

Ponce

O. J.

Farah

Katabi

Majzoub

Seisa

M. O.

Benkhadra

Alsawas

Larry

Murad

M. H.

(2018) Readability of online health information: A meta-narrative systematic review. American Journal of Medical Quality, 33(5), 487–492. https://doi.org/10.1177/1062860617751639

Huijts

N. M. A.

Haans

Budimir

Fontaine

Loukas

Bezemskij

Oostveen

Filippoupolitis

Ras

IJsselsteijn

W. A.

Roesch

E. B.

(2023). User experiences with simulated cyber-physical attacks on smart home IoT. Personal and Ubiquitous Computing, 27(6), 2243–2266. https://doi.org/10.1007/s00779-023-01774-5

Jindal

MacDermid

J. C.

(2017). Assessing reading levels of health information: Uses and limitations of flesch formula. Education for Health (Abingdon, England), 30(1), 84–88. https://doi.org/10.4103/1357-6283.210517

Krathwohl

D. R.

(2002). A revision of bloom’s taxonomy: An overview. Theory Into Practice, 41(4), 212–218. https://doi.org/10.1207/s15430421tip4104_2

Maennel

Mäses

Maennel

(2018). Cyber hygiene: The big picture. In Gruschka

(Ed.), Secure IT Systems. NordSec 2018. Lecture Notes in Computer Science (pp. 28–30). Springer.

Prümmer

Steen

Berg

(2024). Assessing the effect of cybersecurity training on end-users: A meta-analysis. Computers & Security, 150, Article 104206. https://doi.org/10.2139/ssrn.4965566

10.

Still

J. D.

(2016). Cybersecurity needs you! Interactions, 23(3), 54–58. https://doi.org/10.1145/2899383

11.

Verizon. (2024). 2024 Data Breach Investigations Report. https://www.verizon.com/business/resources/T988/reports/2024-dbir-data-breach-investigations-report.pdf

12.

Zimmermann

Schöni

Schaltegger

Ambuehl

Knieps

Ebert

(2024). Human-centered cybersecurity revisited: From enemies to partners. Communications of the ACM, 67(11), 72–81. https://doi.org/10.1145/3665665

Cybersecurity Quizzes: A Call for Better Tests

Abstract

Keywords

Get full access to this article

References