An analysis of home user security awareness & education

The human factor is a major consideration in securing systems. People use an increasingly wide range of digital devices such as smartphones, tablets, laptops and smart TVs, with each device having a different operating system, security configurations and threats. This presents users with an unenviable and potentially insurmountable task of securing them. This paper presents an analysis of efforts being made in providing suitable awareness and education with home users. The analysis shows that whilst significant efforts are made, a focus upon a “one-fits-all” solution that does not take into account individual users — their needs, prior knowledge, learning styles and security priorities — results in unnecessary information overload and a need to spend an excessive amount of time reading web-based content that may have little relevance to them specifically. This review indicates that there is a need for an approach that can provide the users with bespoke awareness information. It is recommended that a holistic information security management system for home users can be proposed and designed which can provide users with bespoke awareness information based on the technologies, applications and services that users use in a manner that is acceptable and timely.

[1]  Georgios Kambourakis,et al.  CyberAware: A mobile game-based app for cybersecurity education and awareness , 2015, 2015 International Conference on Interactive Mobile Communication Technologies and Learning (IMCL).

[2]  Mohammed Serrhini,et al.  Home Users Security and the Web Browser Inbuilt Settings, Framework to setup IT Automatically , 2013, J. Comput. Sci..

[3]  Ofcom,et al.  Children and parents: media use and attitudes report , 2015 .

[4]  Michael Netter,et al.  Friend Inspector: A Serious Game to Enhance Privacy Awareness in Social Networks , 2014, ArXiv.

[5]  Nalin Asanka Gamagedara Arachchilage,et al.  Design a mobile game for home computer users to prevent from “phishing attacks” , 2011, International Conference on Information Society (i-Society 2011).

[6]  Shivani Goel,et al.  CSAAES: An expert system for cyber security attack awareness , 2015, International Conference on Computing, Communication & Automation.

[7]  Jana Dittmann,et al.  E-Learning of IT Security Threats: A Game Prototype for Children , 2013, Communications and Multimedia Security.

[8]  Umesh Hodeghatta Rao Xavier,et al.  Study of internet security threats among home users , 2012, 2012 Fourth International Conference on Computational Aspects of Social Networks (CASoN).

[9]  Mariana Gerber,et al.  Fostering Content Relevant Information Security Awareness through Browser Extensions , 2013, World Conference on Information Security Education.

[10]  Hossein Jahankhani,et al.  Improved Awareness on Fake Websites and Detecting Techniques , 2011, ICGS3/e-Democracy.

[11]  Alexander De Luca,et al.  Using data type based security alert dialogs to raise online security awareness , 2011, SOUPS.

[12]  Elmarie Kritzinger,et al.  Cyber security for home users: A new way of protection through awareness enforcement , 2010, Comput. Secur..

[13]  Aubrey Labuschagne,et al.  Design of cyber security awareness game utilizing a social media framework , 2011, 2011 Information Security for South Africa.

[14]  John Kelly UK Safer Internet Centre , 2017 .

[15]  Eugene Fink,et al.  SmartNotes: Application of crowdsourcing to the detection of web threats , 2011, 2011 IEEE International Conference on Systems, Man, and Cybernetics.

[16]  Maria Papadaki,et al.  Improving Awareness of Social Engineering Attacks , 2009, World Conference on Information Security Education.

[17]  Mariki M. Eloff,et al.  Towards an automated security awareness system in a virtualized environment , 2012 .

[18]  Yoshimi Teshigawara,et al.  Security Guideline Tool for Home Users Based on International Standards , 2010, Inf. Manag. Comput. Secur..

[19]  Sebastiaan H. von Solms,et al.  Solving security issues using Information Security Awareness Portal , 2009, 2009 International Conference for Internet Technology and Secured Transactions, (ICITST).

[20]  Nathan Clarke,et al.  Web-Based Risk Analysis for Home Users , 2012 .

[21]  Zinta S. Byrne,et al.  The Psychology of Security for the Home Computer User , 2012, 2012 IEEE Symposium on Security and Privacy.

[22]  Melanie Volkamer,et al.  Design and Field Evaluation of PassSec: Raising and Sustaining Web Surfer Risk Awareness , 2015, TRUST.

[23]  Rose F. Gamble,et al.  CyberPhishing: A Game-Based Platform for Phishing Awareness Testing , 2015, 2015 48th Hawaii International Conference on System Sciences.