Gamifying cyber security training for improved employee engagement in the South African banking industry
Date
2023
Authors
Journal Title
Journal ISSN
Volume Title
Publisher
University of the Witwatersrand, Johannesburg
Abstract
Based on the South African banking cyber threat landscape, cybercriminals have exploited the Covid-19 pandemic to carry out malicious activities and fulfil their nefarious intentions. Contrary to popular belief, cyber criminals primarily target humans because humans are the weakest targets and the first barrier to breakthrough to extract confidential data or bypass systems. Consequently, human error emerges as the primary cause of cyber-attacks, underscoring the critical role of cyber security training in mitigating such risks. Therefore, cyber security training becomes the foremost line of defence in safeguarding employees and organisations against the loss of personal information, financial loss, and reputational damage. For cyber security training to be effective, employee engagement with the training content is of utmost importance. Equipping employees with recommended cyber security tools to protect themselves and their organisations assumes a crucial role within the training framework. In the South African banking industry, organisations must prioritise creating cyber security awareness by identifying the most interactive training methodology to enhance employee engagement. This study focuses on investigating the level of training engagement among South African bank employees concerning critical cyber threats, considering both traditional and modern cyber security training programmes. Additionally, the research explores modern cyber security training tools and techniques, with a specific emphasis on gamification, to empower employees. Adopting a quantitative research methodology, the study employs a questionnaire to analyse employee training engagement in critical cyber threat scenario games, encompassing threats such as phishing and malware. The findings of this research highlight that modern training methods, compared to traditional methodologies, incorporate positive reinforcement techniques that significantly improve cyber security training engagement across the South African banking industry
Description
A research report submitted to the Faculty of Commerce, Law and Management, University of the Witwatersrand, in partial fulfillment of the requirements for the degree of Master of Management in the field of Digital Business Johannesburg, 2023
Keywords
Cyber security, Modern training methods, Awareness, Traditional training methods, Gamification, Gamification methodologies, Phishing, Malware, Training programme, UCTD
Citation
Bava, Aashika. (2023). Gamifying cyber security training for improved employee engagement in the South African banking industry [Master’s dissertation, University of the Witwatersrand, Johannesburg]. WireDSpace.https://hdl.handle.net/10539/40144