Skip to main content
Fachgebiete
Automobil + Motoren Bauwesen + Immobilien Business IT + Informatik Elektrotechnik + Elektronik Energie + Nachhaltigkeit Finance + Banking Management + Führung Marketing + Vertrieb Maschinenbau + Werkstoffe Versicherung + Risiko
DE
EN
Bücher
Zeitschriften
Themenseiten
Organisationspsychologie Projektmanagement Marketing Smart Manufacturing
Weitere Formate
Podcasts Webinare Technik Webinare Wirtschaft Kongresse Veranstaltungskalender Awards
Jetzt Einzelzugang starten
Zugang für Unternehmen
Referenzkunden
SLX-Digitalkonferenz: Zukunftswerkstatt 2024

Mehr Umsatz mit Top-Kontakten

Am 7. Mai erfahren Sie, wie Vertriebsteams Leadgenerierung, Leadnurturing und Leadstrategien effizient steuern können.
Erweiterte Suche
Anmelden
nach oben
Business & Information Systems Engineering

12.02.2024 | Research Paper

Designing Game-based Learning Artefacts for Cybersecurity Processes Using Action Design Research

Nascent Design Theory Implications

verfasst von: Dixon Prem Daniel Rajendran, Rangaraja P. Sundarraj

Erschienen in: Business & Information Systems Engineering

Einloggen

Aktivieren Sie unsere intelligente Suche, um passende Fachinhalte oder Patente zu finden.

search-config
loading …

Abstract

Cybersecurity threats faced by organizations are growing in volume and sophistication, with human issues being a significant reason underlying these threats. Organizations report the need for skills development to face these challenges. This need is addressed in this study by developing game-based learning (GBL) artefacts for process-related cybersecurity issues. The artefacts are developed using ADR (Action Design Research). These artefacts employ procedures prescribed by NIST (National Institute of Standards and Technology) and CCMP (Cyber Crisis Management Plan) to teach users cybersecurity concepts such as cyber crisis management, malware incident forensics, incident handling and password management. The paper details the artefacts and design process, highlights the implications for practitioners and academicians in GBL, and also describes a nascent theory for Design Science Research (DSR).

Sie haben noch keine Lizenz? Dann Informieren Sie sich jetzt über unsere Produkte:

Springer Professional "Wirtschaft"

Online-Abonnement

Mit Springer Professional "Wirtschaft" erhalten Sie Zugriff auf:

  • über 67.000 Bücher
  • über 340 Zeitschriften

aus folgenden Fachgebieten:

  • Bauwesen + Immobilien
  • Business IT + Informatik
  • Finance + Banking
  • Management + Führung
  • Marketing + Vertrieb
  • Versicherung + Risiko




Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Technik"

Online-Abonnement

Mit Springer Professional "Technik" erhalten Sie Zugriff auf:

  • über 67.000 Bücher
  • über 390 Zeitschriften

aus folgenden Fachgebieten:

  • Automobil + Motoren
  • Bauwesen + Immobilien
  • Business IT + Informatik
  • Elektrotechnik + Elektronik
  • Energie + Nachhaltigkeit
  • Maschinenbau + Werkstoffe




 

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Wirtschaft+Technik"

Online-Abonnement

Mit Springer Professional "Wirtschaft+Technik" erhalten Sie Zugriff auf:

  • über 102.000 Bücher
  • über 537 Zeitschriften

aus folgenden Fachgebieten:

  • Automobil + Motoren
  • Bauwesen + Immobilien
  • Business IT + Informatik
  • Elektrotechnik + Elektronik
  • Energie + Nachhaltigkeit
  • Finance + Banking
  • Management + Führung
  • Marketing + Vertrieb
  • Maschinenbau + Werkstoffe
  • Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

Jetzt informieren
Weitere Produktempfehlungen anzeigen
Anhänge
Nur mit Berechtigung zugänglich
Fußnoten
1
We discuss the implications of these design principles in Sect. 5.2
 
2
Feedback from experts is presented as quotes in italicized font in this article.
 
Literatur
Aleem S, Capretz LF, Ahmed F (2016) Critical success factors to improve the game development process from a developer’s perspective. J Comput Sci Technol 31(5):925–950CrossRef
Baskerville R (2008) What design science is not. Eur J Inf Syst 17(5):441–443CrossRef
Burley D, Bishop M, Kaza S, Gibson DS, Hawthorne E, Buck S (2017) ACM Joint task force on cybersecurity education. In: Proceedings of the 2017 ACM SIGCSE technical symposium on computer science education, pp 683–684
Chandler P, Sweller J (1991) Cognitive load theory and the format of instruction. Cogn Instr 8(4):293–332CrossRef
Chapman P, Burket J, Brumley D (2014) PicoCTF: a game-based computer security competition for high school students. In: 2014 USENIX summit on gaming, games, and gamification in security education, San Diego
Clark DB, Tanner-Smith EE, Killingsworth SS (2016) Digital games, design, and learning: a systematic review and meta-analysis. Rev Edu Res 86(1):79–122CrossRef
Coenraad M, Pellicone A, Ketelhut DJ, Cukier M, Plane J, Weintrop D (2020) Experiencing cybersecurity one game at a time: a systematic review of cybersecurity digital games. Simul Gaming 51(5):586–611CrossRef
Cone BD, Irvine CE, Thompson MF, Nguyen TD (2007) A video game for cyber security training and awareness. Comput Secur 26(1):63–72CrossRef
Davis A, Leek T, Zhivich M, Gwinnup K, Leonard W (2014) The fun and future of CTF. In: 2014 USENIX summit on gaming, games, and gamification in security education, San Diego
de Vries M, Gerber A, van der Merwe A (2013) A framework for the identification of reusable processes. Enterp Inf Syst 7(4):424–469CrossRef
Deal J, Sambasivam S (2022) Security control techniques: cybersecurity & medical wearable devices. J Inf Syst Appl Res 15(1):2–10
Deci E, Ryan R (2004) Handbook of self-determination research. Rochester Press, Rochester
Denning T, Lerner A, Shostack A, Kohno T (2013) Control-Alt-Hack: the design and evaluation of a card game for computer security awareness and education. In: Proceedings of the 2013 ACM SIGSAC conference on computer and communications security, pp 915–928
Dincelli E, Chengalur-Smith I (2020) Choose your own training adventure: designing a gamified SETA artefact for improving information security and privacy through interactive storytelling. Eur J Inf Syst 29(6):669–687CrossRef
Gao F, Li L, Sun Y (2020) A systematic review of mobile game-based learning in STEM education. Edu Technol Res Dev 68(4):1791–1827CrossRef
Garba A, Sirat MB, Hajar S, Dauda IB (2020) Cyber security awareness among university students: a case study. Sci Proc Ser 2(1):82–86CrossRef
Graafland M, Schraagen JM, Schijven MP (2012) Systematic review of serious games for medical education and surgical skills training. J Br Surg 99(10):1322–1330CrossRef
Gregor S, Hevner AR (2013) Positioning and presenting design science research for maximum impact. MIS Q 37(2):337–355CrossRef
Gregor S, Kruse LC, Seidel S (2020) Research perspectives: the anatomy of a design principle. J Assoc Inf Syst 21(6):2
Grund CK, Schelkle M (2020) Developing serious games with integrated debriefing: findings from a business intelligence context. Bus Inf Syst Eng 62:87–101CrossRef
Han T, Purao S, Storey VC (2008) Generating large-scale repositories of reusable artifacts for conceptual design of information systems. Decis Support Syst 45(4):665–680CrossRef
Hart SB, Sassone V (2022) CIST: a serious game for hardware supply chain. Comput Secur 122:102912CrossRef
Hart S, Margheri A, Paci F, Sassone V (2020) Riskio: A serious game for cyber security awareness and education. Comput Secur 95:101827CrossRef
Hendrix M, Al-Sherbaz A, Bloom V (2016) Game based cyber security training: Are serious games suitable for cyber security training? Int J Serious Games 3(1):53–61CrossRef
Hevner AR, March ST, Park J, Ram S (2004) Design science in information systems research. MIS Q 28(1):75–105CrossRef
Hoffmann G, Pfeiffer J (2022) Gameful learning for a more sustainable world: measuring the effect of design elements on long-term learning outcomes in correct waste sorting. Bus Inf Syst Eng 64:459–482CrossRef
Jaramillo LES (2018) Malware detection and mitigation techniques: lessons learned from Mirai DDOS attack. J Inf Syst Eng Manag 3(3):19
Kadena E, Gupi M (2021) Human factors in cybersecurity: risks and impacts. Secur Sci J 2(2):51–64CrossRef
Kappelman L, Johnson V, Torres R, Maurer C, McLean E (2019) A study of information systems issues, practices, and leadership in Europe. Eur J Inf Syst 28(1):26–42CrossRef
Katsantonis MN, Mavridis I, Gritzalis D (2021) Design and evaluation of cofelet-based approaches for cyber security learning and training. Comput Secur 105:102263CrossRef
Koivisto J, Hamari J (2019) The rise of motivational information systems: a review of gamification research. Int J Inf Manag 45:191–210CrossRef
Landwehr JP, Kühl N, Walk J, Gnädig M (2022) Design knowledge for deep-learning-enabled image-based decision support systems: evidence from power line maintenance decision-making. Bus Inf Syst Eng 64:707–728CrossRef
Lipusch N, Dellermann D, Bretschneider U, Ebel P, Leimeister JM (2020) Designing for crowdfunding co-creation: how to leverage the potential of backers for product development. Bus Inf Syst Eng 62:483–499CrossRef
Longo G, Soto AM (2016) Why do we need theories? Progr Biophys Molec Biol 122(1):4–10CrossRef
Marsh T (2010) Activity-based scenario design, development and assessment in serious games. In: Gaming and cognition: theories and practice from the learning sciences, IGI Global, pp 213–226
Mell P, Kent K, Nusbaum J (2005) Guide to malware incident prevention and handling. NIST Special Publication, Gaithersburg, pp 800–883CrossRef
Miehle D, Häckel B, Pfosser S, Übelhör J (2020) Modeling IT availability risks in smart factories: a stochastic Petri nets approach. Bus Inf Syst Eng 62:323–345CrossRef
Molleman E, Emans B, Turusbekova N (2012) How to control self-promotion among performance-oriented employees: the roles of task clarity and personalized responsibility. Pers Rev 41(1):88–105CrossRef
Novak E (2015) A critical review of digital storyline-enhanced learning. Educ Technol Res Dev 63(3):431–453CrossRef
Novak E, Johnson T, Tenenbaum G, Shute V (2016) Effects of an instructional gaming characteristic on learning effectiveness, efficiency, and engagement: using a storyline for teaching basic statistical skills. Interact Learn Environ 24(3):523–538CrossRef
Peffers K, Tuunanen T, Rothenberger MA, Chatterjee S (2007) A design science research methodology for information systems research. J Manag Inf Syst 24(3):45–77CrossRef
Qian M, Clark KR (2016) Game-based learning and 21st century skills: a review of recent research. Comput Hum Behav 63:50–58CrossRef
Rajendran DP, Sundarraj PR (2020) An e-ADR (elaborated Action Design Research) approach towards game-based learning in cybersecurity incident detection and handling. In: Proceedings of the 53rd Hawaii international conference on system sciences, Hawaii. https://​doi.​org/​10.​24251/​HICSS.​2020.​623
Scarfone K, Souppaya M (2009) Guide to enterprise password management, Draft. NIST Special Publication 800-118
Schneider J, Seidel S, Basalla M, vom Brocke J (2023) Reuse reduce, support: Design principles for green data mining. Bus Inf Syst Eng 65(1):65–83CrossRef
Scholefield S, Shepherd LA (2019) Gamification techniques for raising cyber security awareness. International conference on human-computer interaction. Springer, Cham, pp 191–203
Schrader C, Bastiaens TJ (2012) The influence of virtual presence: effects on experienced cognitive load and learning outcomes in educational computer games. Comput Hum Behav 28(2):648–658CrossRef
Sein M, Henfridsson O, Purao S, Rossi M, Lindgren R (2011) Action design research. MIS Q 35(1):37–56CrossRef
Serpa YR, Nogueira MB, Rocha H, Macedo DV, Rodrigues MA (2020) An interactive simulation-based game of a manufacturing process in heavy industry. Entertain Comput 34:100343CrossRef
Simons A, Wohlgenannt I, Weinmann M, Fleischer S (2021) Good gamers, good managers? A proof-of-concept study with Sid Meier’s civilization. Rev Manag Sci 15:957–990CrossRef
Sousa MJ, Rocha Á (2019) Leadership styles and skills developed through game-based learning. J Bus Res 94:360–366CrossRef
Švábenský V, Čeleda P, Vykopal J, Brišáková S (2021) Cybersecurity knowledge and skills taught in capture the flag challenges. Comput Secur 102:102154CrossRef
Sweller J, Merriënboer JJ, Paas F (2019) Cognitive architecture and instructional design: 20 years later. Edu Psychol Rev 31(2):261–292CrossRef
Vadla S, Parakh A, Chundi P, Surbamaniam M (2019) Quasim: a multi-dimensional quantum cryptography game for cyber security. J Colloquium Inf Syst Secur Educ 6(2):19
Visoottiviseth V, Sainont R, Boonnak T, Thammakulkrajang V (2018) POMEGA: security game for building security awareness. In: 7th ICT international student project conference. IEEE
Wang R, DeMaria S Jr, Goldberg A, Katz D (2016) A systematic review of serious games in training health care professionals. Simul Healthc 11(1):41–51PubMedCrossRef
Weanquoi P, Johnson J, Zhang J (2018) Using a game to improve phishing awareness. J Cybersecur Educ Res Pract 2:2
Wen ZA, Lin Z, Chen R, Andersen E (2019) What hack: engaging anti-phishing training through a role-playing phishing simulation game. In: Proceedings of the 2019 CHI conference on human factors in computing systems, pp 1–12
Xi N, Hamari J (2019) Does gamification satisfy needs? A study on the relationship between gamification features and intrinsic need satisfaction. Int J Inf Manag 46:210–221CrossRef
Yamin MM, Katt B, Nowostawski M (2021) Serious games as a tool to model attack and defense scenarios for cyber-security exercises. Comput Secur 110:102450CrossRef
Yasin A, Liu L, Li T, Wang J, Zowghi D (2018) Design and preliminary evaluation of a cyber Security Requirements Education Game (SREG). Inf Softw Technol 95:179–200CrossRef
Zin NA, Elaklouk AM (2017) Design science paradigm in the development of serious game for cognitive rehabilitation. Int J Adv Sci Eng Inf Technol 7(1):118–124CrossRef
Metadaten
Titel
Designing Game-based Learning Artefacts for Cybersecurity Processes Using Action Design Research
Nascent Design Theory Implications
verfasst von
Dixon Prem Daniel Rajendran
Rangaraja P. Sundarraj
Publikationsdatum
12.02.2024
Verlag
Springer Fachmedien Wiesbaden
Erschienen in
Business & Information Systems Engineering
Print ISSN: 2363-7005
Elektronische ISSN: 1867-0202
DOI
https://doi.org/10.1007/s12599-024-00852-z