Mandatory Gamified Security Awareness Training Impacts on Texas Public Middle School Students: A Qualitative Study

Abstract

Aim/Purpose. The problem statement in the proposed study focuses on that, despite the growing recognition that teenagers need to undergo security awareness training, little is known about the impacts security training experts believe implementing a mandatory gamified security awareness training curriculum in public middle schools will have on the long-term security behavior of students in Texas. Background. This study was guided by the research question: What are the impacts security training experts believe implementing a mandatory gamified security awareness training curriculum in public middle schools will have on the long-term security behaviors of students in Texas? The study gathers opinions from experts on the impacts of security awareness training on students. Methodology. Our research used semi-structured interviews with twelve experts chosen through the use of purposive sampling. The population for the study consisted of experts in the fields of security awareness training for and teaching middle school-aged children. Candidates were recruited through the Cyber-Texas Foundation and snowball sampling techniques. Contribution. The research contributed to the body of knowledge by using interviews to explore the impacts of security awareness training on middle school students based on the opinions and views of the teachers and instructors who work with middle school students. Findings. The findings of this study demonstrate that middle school is an ideal time to provide cybersecurity training and will impact student behaviors by making them more conscious of cyber threats and preparing them to be more tech-savvy professionals. The research also showed that well-designed cybersecurity games with real-world application combined with traditional teaching techniques can help students develop positive habits. The research also suggests that teachers possess the skills to teach cybersecurity classes and the classes can be integrated into the current school day without the need for any significant changes to existing daily schedules. Recommendations for Practitioners. A well-design gamification-based curriculum implemented in Texas Middle Schools, combined with traditional teaching techniques and repeated over an extended time period, will impact students’ behaviors by making them more able to recognize and respond to cyber risks and will transform them into more secure and tech-savvy members of society. Recommendations for Researchers. The research shows middle school instructors and technology experts believe the implementation of a security awareness training program in middle schools is both possible and practical, while also beneficial to the students. The recommendation is to encourage researchers to explore ways to build curricula and games capable of appealing to students and implementing the instruction into school programs. Impact on Society. Demonstrating that training provided in middle school will make lasting impacts and improvements to student behaviors benefits children and their families in the short-term and workplaces in the long-term. The development of a more security-conscious workforce can reduce the significant number of data breaches and cyber attacks resulting from the poor security habits of companies’ users. Future Research. Future research that will add significant value to the body of knowledge includes testing the effectiveness of habit-shaping games to determine whether existing long-term games maintain student interest. Qualitative studies could interview parents of teenagers using habit-shaping games to determine the effectiveness of the applications. Another qualitative study could interview teachers to determine how teachers’ ages affect their comfort level teaching technology classes. Both studies could provide valuable insights into how to implement security awareness training in schools.