Engagement and Players' Intended Behaviors in a Cybersecurity Serious Game

Abstract

Serious games have been shown to be effective in engaging end-users for various types of training. However, the research in cybersecurity awareness training with serious games is scarce. The authors are interested in (1) the engagement factors that could predict users' intended behavior after learning and (2) whether or not playing a game repeatedly can affect engagement. They assessed players' coping and threat appraisal and measured their multidimensional (i.e., cognitive, affective, behavioral) engagement in cybersecurity awareness. The participants (N=122) in this experiment were randomly assigned to either three or five rounds of gameplay of a commercial cybersecurity awareness serious game. The findings revealed that users' engagement levels were significantly better sustained through five sessions of gameplay with cognitive (but not affective or behavioral) engagement. Serious game developers should include more activities in the cognitive dimension, rather than the affective or behavioral dimensions to assure high engagement and influence the intended cybersecurity awareness behaviors.