Public cybersecurity awareness good practices on government-led websites

Authors

DOI:

https://doi.org/10.20525/ijrbs.v12i7.2840

Keywords:

Cybersecurity Awareness, Cybersecurity Websites, Government, Global Cybersecurity Index, Public

Abstract

Globally, governments should prioritise and lead cybersecurity awareness as they have a duty to inform their citizens about responsible online behavior. This study aims to search for government-led cybersecurity awareness practices followed by the four world-leading countries (the United States of America (USA), the United Kingdom (UK), Saudi Arabia and Estonia) as evident on their websites. This qualitative study employs content analysis by performing a review of the four world-leading countries’ websites, with a specific focus on support materials and other relevant activities as part of cybersecurity awareness. Analysis of the websites found that cybersecurity awareness practices had a wide reach. Firstly, a host of multimedia content (videos, readings, infographics, memes, games, and quizzes) was used in addition to social media platforms. Secondly, the content was categorized for a range of users, with parents and children being favored. Lastly, for countries where the first language was not English, websites were in the official language in addition to English. The study contributes to the literature on cybersecurity awareness. The good practices employed by these countries could serve as a benchmark globally for other countries seeking to formulate or update their websites. Furthermore, showcasing the four world-leading countries serves to assist countries which have a lower Global Cybersecurity Index organizational measure can improve their cybersecurity awareness websites.

Downloads

Download data is not yet available.

References

Akdemir, N., & Yenal, S. (2021). How phishers exploit the coronavirus pandemic: A content analysis of COVID-19 themed phishing emails. Sage Open, 1-14. http://doi.org/10.1177/21582440211031879 DOI: https://doi.org/10.1177/21582440211031879

Aljabri, S. (2021). Cybersecurity awareness in Saudi Arabia. International Journal of Research Publication and Reviews, 2(2), 320-330. http://doi.org/10.14569/IJACSA.2021.0120334 DOI: https://doi.org/10.14569/IJACSA.2021.0120334

Al-Janabi, S., & Al-Shourbaji, I. (2016). A study of cyber security awareness in educational environment in the middle east. Journal of Information and Knowledge Management, 15(01). http://doi.org/10.1142/s0219649216500076 DOI: https://doi.org/10.1142/S0219649216500076

Altwairqi, A. F., Alzain, M. A., Son, B., Masud, M., & Al-Amri, J. (2019). Four most famous cyber attacks for financial gains. International Journal of Engineering and Advanced Technology, 9(2), 2131-2139. http://doi.org/10.35940/ijeat.B3601.129219 DOI: https://doi.org/10.35940/ijeat.B3601.129219

Amanowicz, M. (2020). Towards building national cybersecurity awareness. International Journal of Electronics and Telecommunications, 66(2), 321-326. http://doi.org/10.24425/ijet.2020.131881 DOI: https://doi.org/10.24425/ijet.2020.131881

Bada, M., Sasse, A. M., & Nurse, J. R. C. (2019). Cyber security awareness campaigns: Why do they fail to change behaviour? arXiv:1901.02672. http://doi.org/10.48550/arXiv.1901.02672

Bada, M., von Solms, B., & Agrafiotis, I. (2018). Reviewing national cybersecurity awareness in Africa: An empirical study. The 3rd International Conference on Cyber-Technologies and Cyber-Systems. http://doi.org/10.17863/CAM.40856

Bahl, A., Sharma, A., & Asghar, M. R. (2021). Vulnerability disclosure and cybersecurity awareness campaigns on Twitter during COVID-19. Security and Privacy, 4(6). http://doi.org/10.1002/spy2.180 DOI: https://doi.org/10.1002/spy2.180

Bishop, L. M., Morgan, P. L., Asquith, P. M., Raywood-Burke, G., Wedgbury, A., & Jones, K. (2020). Examining human individual differences in cyber security and possible implications for human-machine interface design. International Conference on Human-computer Interaction (pp. 51-66). Springer, Cham. http://doi.org/10.1007/978-3-030-50309-3_4 DOI: https://doi.org/10.1007/978-3-030-50309-3_4

Broeders, D. (2021). Private active cyber defense and (international) cyber security – pushing the line? Journal of Cybersecurity, 7(1), 1-14. http://doi.org/10.1093/cybsec/tyab010 DOI: https://doi.org/10.1093/cybsec/tyab010

Bruggemann, R., Koppatz, P., Scholl, M., & Schuktomow, R. (2022). Global cybersecurity index (GCI) and the role of its 5 pillars. Social Indicators Research, 159, 125–143. https://doi.org/10.1007/s11205-021-02739-y DOI: https://doi.org/10.1007/s11205-021-02739-y

Chang, L. Y. C., & Coppel, N. (2020). Building cyber security awareness in a developing country: Lessons from Myanmar. Computers and Security, 97, 1-10. http://doi.org/10.1016/j.cose.2020.101959 DOI: https://doi.org/10.1016/j.cose.2020.101959

Choo, K. K. R. (2011). The cyber threat landscape: Challenges and future research directions. Computers & Security, 30(8), 719-731. http://doi.org/10.1016/j.cose.2011.08.004 DOI: https://doi.org/10.1016/j.cose.2011.08.004

Corallo, A., Lazoi, M., Lezzi, M., & Luperto, A. (2022). Cybersecurity awareness in the context of the Industrial Internet of Things: A systematic literature review. Computers in Industry, 37, 1-16. https://doi.org/10.1016/j.compind.2022.103614 DOI: https://doi.org/10.1016/j.compind.2022.103614

Czosseck, C., Ottis, R., & Talihärm, A. (2011). Estonia after the 2007 cyber attacks: Legal, strategic and organisational changes in cyber security. International Journal of Cyber Warfare and Terrorism, 1, 24-34. http://doi.org/10.4018/ijcwt.2011010103 DOI: https://doi.org/10.4018/ijcwt.2011010103

Dahabiyeh, L. (2021). Factors affecting organizational adoption and acceptance of computer-based security awareness training tools. Information & Computer Security, 29(5), 836–849. http://doi.org/10.1108/ICS-12-2020-0200 DOI: https://doi.org/10.1108/ICS-12-2020-0200

de Bruijn, H., & Janssen, M. (2017). Building cybersecurity awareness: The need for evidence-based framing strategies. Government Information Quarterly, 34(1), 1-7. http://doi.org/10.1016/j.giq.2017.02.007 DOI: https://doi.org/10.1016/j.giq.2017.02.007

Flak, L. S., & Rose, J. (2005). Stakeholder governance: Adapting stakeholder theory to E-government. Communications of the Association for Information Systems, 16, 642-664. https://doi.org/10.17705/1CAIS.01631 DOI: https://doi.org/10.17705/1CAIS.01631

Furnell, S., & Vasileiou, I. (2017). Security education and awareness: Just let them burn? Network Security, 12, 5-9. https://doi.org/10.1016/S1353-4858(17)30122-8 DOI: https://doi.org/10.1016/S1353-4858(17)30122-8

Gav?nait?-Sirvydien?, J., & Mie?inskien?, A. (2021). Forecasting costs of cyber attacks using estimation the global cost of cyber risk calculator. International Scientific Conference, Contemporary Issues in Business, Management and Economics Engineering, (13-14 May 2021), Vilnius, Lithuania: Vilnius Gediminas Technical University. https://doi.org/10.3846/cibmee.2021.618 DOI: https://doi.org/10.3846/cibmee.2021.618

Gcaza, N., & von Solms, R. (2017). A strategy for a cybersecurity culture: A South African perspective. The Electronic Journal of Information Systems in Developing Countries, 80(1), 1-17. https://doi.org/10.1002/j.1681-4835.2017.tb00590.x DOI: https://doi.org/10.1002/j.1681-4835.2017.tb00590.x

International Telecommunications Union (ITU). (2020). Global cybersecurity index 2020. [Online] https://www.itu.int/dms_pub/itu-d/opb/str/D-STR-GCI.01-2021-PDF-E.pdf

Kangas, J., Harju-Luukkainen, H., Brotherus, A., Gearon, L. F., & Kuusisto, A. (2022). Outlining play and playful learning in Finland and Brazil: A content analysis of early childhood education policy documents. Contemporary Issues in Early Childhood, 23(2), 153-165. https://doi.org/10.1177/1463949120966104 DOI: https://doi.org/10.1177/1463949120966104

Khalifa, S. K. H., & Al-Kumaim, N. H. S. (2021). A conceptual model for prevention of e-financial crimes in UAE: A review paper. Academy of Strategic Management Journal, 20(6), 1-10.

Kim, I., & Kuljis, J. (2010). Applying content analysis to Web-based content. Journal of computing and information technology, 18(4), 369-375. https://doi.org/10.2498/cit.1001924 DOI: https://doi.org/10.2498/cit.1001924

Kortjan, N., & von Solms, R. (2014). A conceptual framework for cyber security awareness and education in SA. South African Computer Journal, 52(1), 29-41. https://doi.org/10.18489/sacj.v52i0.201 DOI: https://doi.org/10.18489/sacj.v52i0.201

Kritzinger, E. (2017). Growing a cyber-safety culture amongst school learners in South Africa through gaming. South African Computer Journal, 29(2), 16-35. https://doi.org/10.18489/sacj.v29i2.471 DOI: https://doi.org/10.18489/sacj.v29i2.471

Lee, C. S., & Kim, D. (2022). Pathways to cybersecurity awareness and protection behaviors in South Korea. Journal of Computer Information Systems, 1-13. https://doi.org/10.1080/08874417.2022.2031347 DOI: https://doi.org/10.1080/08874417.2022.2031347

Mashiane, T., Dlamini, Z., & Mahlangu, T. (2019). February. A rollout strategy for cybersecurity awareness campaigns. Proceedings of the 14th International Conference on Cyber Warfare and Security (ICCWS 2019), Stellenbosch, South Africa, 28 February – 1 March 2019. (pp. 242-250).

Nagyfejeo, E., & von Solms, B. (2020). Why do national cybersecurity awareness programmes often fail? International Journal of Information Security and Cybercrime, 9(2). DOI: https://doi.org/10.19107/IJISC.2020.02.03

National Cybersecurity Alliance. (2023). Stay Safe Online. [Online]. https://staysafeonline.org/about-us/

National Cyber Security Centre (NCSC). (2023). Cyber Aware. [Online]. https://www.ncsc.gov.uk/cyberaware/home

Ngoma, M. L., Keevy, M., & Rama, P. (2021). Cyber-security awareness of South African state-mandated public sector organisations. Southern African Journal of Accountability and Auditing Research, 23, 53-63. https://doi.org/10.54483/sajaar.2021.23.1.4 DOI: https://doi.org/10.54483/sajaar.2021.23.1.4

Ole IT-vaatlik. (2023). Be protected from a cyber attack. [Online]. https://www.itvaatlik.ee/kontrolli/#juhend-pdf

Rama, P., & Keevy. M. (2022). A comparative review of South Africa’s government-led cybersecurity awareness measures to those of world-leading countries. Southern African Journal of Accountability and Auditing Research, 24, 117-127.

Reid, R., & Van Niekerk, J. (2014). Towards an education campaign for fostering a societal cyber security culture. Proceedings of the Eighth International Symposium on Human Aspects of Information and Security and Assurance (pp. 174-184).

Republic of Estonia. (2022). Estonia and Japan signed digital cooperation agreement. [Online] https://www.mkm.ee/en/news/estonia-and-japan-signed-digital-cooperation-agreement

Saudi Computer Emergency Response Team. (2023). CERT. [Online]. https://cert.gov.sa

Scholl, H. J. (2001). Applying stakeholder theory to E-government. In: B. Schmid., K. Stanoevska-Slabeva., & V. Tschammer (Eds.), Towards the E-Society: E-Commerce, E-business and E-Government. (pp. 735-747), Zürich, Switzerland: Kluwer Academic Publishers. DOI: https://doi.org/10.1007/0-306-47009-8_54

Sharma, P., Dash, B., & Ansari, M. F. (2022). Anti-phishing techniques – A review of cyber defense mechanisms. International Journal of Advanced Research in Computer and Communication Engineering, 11(7), 153-160. https://doi.org/10.17148/IJARCCE.2022.11728 DOI: https://doi.org/10.17148/IJARCCE.2022.11728

Smith, D. T., & Ali, A. I. (2019). You've been hacked: A technique for raising cyber security awareness. Issues in Information Systems, 20(1), 186-194. https://doi.org/10.48009/1_iis_2019_186-194 DOI: https://doi.org/10.48009/1_iis_2019_186-194

Stemler, S. (2000). An overview of content analysis. Practical Assessment, Research, and Evaluation, 7(17), 1-6. https://doi.org/10.7275/z6fm-2e34

Stop.Think.Connect. (2023). About Stop.Think.Connect. [Online]. https://www.stopthinkconnect.org/about

Ulven, J. B., & Wangen, G. (2021). A systematic review of cybersecurity risks in higher education. Future Internet, 13(39), 1-40. https://doi.org/10.3390/FI13020039 DOI: https://doi.org/10.3390/fi13020039

Valentinov, V., Roth, S., & Will, M. G. (2018). Stakeholder Theory: A Luhmannian perspective. Administration & Society, 51(5), 826-849. https://doi.org/10.1177/0095399718789076 DOI: https://doi.org/10.1177/0095399718789076

van Steen, T., Norris, E., Atha, K., & Joinson, A. (2020). What (if any) behaviour change techniques do government-led cybersecurity awareness campaigns use? Journal of Cybersecurity, 6(1), 1-8. https://doi.org/10.1093/cybsec/tyaa019 DOI: https://doi.org/10.1093/cybsec/tyaa019

Whitty, M., Doodson, J., Creese, S., & Hodges, D. (2015). Individual differences in cyber security behaviors: An examination of who is sharing passwords. Cyberpsychology, Behavior, and Social Networking, 18(1), 3-7. https://doi.org/10.1089/cyber.2014.0179 DOI: https://doi.org/10.1089/cyber.2014.0179

Wongkrachang, S. (2023). Cybersecurity awareness and training programs for racial and sexual minority populations: An examination of effectiveness and best practices. Contemporary Issues in Behavioral and Social Sciences, 7(1), 35-53.

Yeoh, W., Huang, H., Lee, W.S., Al Jafari, F., & Mansson, R. (2022). Simulated phishing attack and embedded training campaign. Journal of Computer Information Systems, 62(4), 802-821. https://doi.org/10.1080/08874417.2021.1919941 DOI: https://doi.org/10.1080/08874417.2021.1919941

Zhang-Kennedy, L., & Chiasson, S. (2021). A systematic review of multimedia tools for cybersecurity awareness and education. ACM Computing Surveys, 54(1), 1-39 https://doi.org/10.1145/3427920 DOI: https://doi.org/10.1145/3427920

Zick, C. J. (2022). US, UK, Australia, Canada and New Zealand issue advisory on Russian state-sponsored and criminal cyber threats to critical infrastructure. [Online]. https://www.mondaq.com/unitedstates/security/1186288/us-uk-australia-canada-and-new-zealand-issue-advisory-on-russian-state-sponsored-and-criminal-cyber-threats-to-critical-infrastructure

Downloads

Published

2023-10-28

How to Cite

Rama, P., & Keevy, M. (2023). Public cybersecurity awareness good practices on government-led websites . International Journal of Research in Business and Social Science (2147- 4478), 12(7), 94–104. https://doi.org/10.20525/ijrbs.v12i7.2840

Issue

Section

Strategic Approach to Business Ecosystem and Organizational Development