Advanced search
Publication Cover
Computers in the Schools
Interdisciplinary Journal of Practice, Theory, and Applied Research
Latest Articles
Submit an article Journal homepage
25
Views
0
CrossRef citations to date
0
Altmetric
Research Article

Lived Experiences, Challenges, and Coping Mechanisms of Undergraduate Students on Cybersecurity in Digital Environments

G. S. Prakashaa Christ University, Bangalore, IndiaCorrespondence[email protected]
ORCID Iconhttps://orcid.org/0000-0002-1287-7606
ORCID Icon,
Juan José Leiva-Olivenciab University of Málaga, Málaga, Spain
,
Amber Simpsonc Binghamton University, Vestal, New York, USAORCID Iconhttps://orcid.org/0000-0001-5467-4885
ORCID Icon,
Trent Grundmeyerd Buena Vista University, Storm Lake, Iowa, USA
&
Anthony Kennetha Christ University, Bangalore, India
Published online: 09 Jul 2024

Abstract

Higher education students use digital devices for learning, entertainment, and financial transactions. The present study examines undergraduate (UG) students’ challenges faced in cyber security space amid digital environments. The study employed a qualitative research design with a narrative inquiry method to capture the lived experiences, challenges, and coping mechanism of UG students through semi structured interviews. The researchers analyzed the qualitative data of ten UG students using the inductive thematic analysis method. UG students shared overall that they face varied experiences, multiple challenges, and cope with cyber security issues in multiple ways. Findings from the study led to recommendations for stakeholders, which includes designing higher education classes in a more secure way. This may offer students orientation on cybersecurity knowledge which keeps them safe and helps them understand the digital environment overall.

1. Introduction

Currently, we are experiencing what is often referred to as the new “normal” for digitalization (De Laat & Dohn, Citation2019). This has resulted in an increase in the number of individuals using internet services and digital devices in their day-to-day lives. As of 2023, there are more than 692 million active internet users in India, with more than 460 million social media users (Kemp, Citation2023). While there are numerous benefits associated with these developments, they may also lead students into vulnerable situations, especially those with limited understanding of cyber security and digital literacy. Cyber-attackers are constantly looking at ways to infiltrate systems with a ‘lack of awareness’ and with flaws in application security (Jones & Chin, Citation2015). Cybercriminals utilize software and other means to hack into computers, mobile phones, and networks, making our cyber security vulnerable (Abawajy, Citation2014).

In recent years, there has been an increase in the use of mobile phones, which has positioned them as a common tool for communication, teaching, and learning in students’ lives (Siapera, Citation2017; Vanden Abeele, Citation2016). This trend is accompanied by an increasing demand for smartphone usage among the younger generation, who often overlook the importance of security on their devices (Alothman et al., Citation2017; Mi et al., Citation2020). This leaves the data on these devices vulnerable to hacking (Allam et al., Citation2014). Students frequently use publicly-accessible WI-FI through their mobile devices, including at their university, which makes the network more prone to risk and cyber-attacks regarding sensitive data (Yuan et al., Citation2016). Moreover, students are also frequently negligent in logging out of their devices and applications, refrain from adding passwords to their devices, and download applications from unknown sources (Jorgensen et al., Citation2015; Yuan et al., Citation2016). These practices put students at risk of cyber-attacks, and further suggest a lack of cyber security awareness (Jones & Heinrichs, Citation2012).

The contemporary cyber risks faced by emerging adults in the twenty first century are cyberbullying, social media, sexting, cyber-dating violence, scams, catfishing, and revenge porn (Paat & Markham, Citation2021). Bullying is another problem that must be addressed (Eyuboglu et al., Citation2021), necessitating the need for constant policies to mitigate its effect (Hatzenbuehler & Keyes, Citation2013), given its association with various health-related issues (Wolke & Lereya, Citation2015). While bullying is often seen in the traditional classroom setting (Hemphill et al., Citation2014), it can also manifest in virtual setting. This is known as cyberbullying (Canty et al., Citation2016). Lower levels of digital literacy results in failure to differentiate between digital scams and legitimate messages (Sarno & Black, Citation2024). Between the research and lived experience of youth, there is no doubt that they are at risk for cyberbullying attacks, which can lead to psychosocial distress, emphasizing the need for impactful training and awareness initiatives to mitigate these risks. Given the current reality and risks to students, there is a need for digital citizenship education, especially with a particular focus on cyberbullying (Prakasha et al., Citation2024). Although cyberbullying has existed over the last two decades, it has significantly increased in the post-pandemic times (Barlett et al., Citation2021; Zhu et al., Citation2021). Students are learning in digital environments and facing cyber security issues almost every day (Ulven & Wangen, Citation2021).

As such, a recent longitudinal study has also shown that regular digital literacy trainings is more effective in preventing falling prey to phishing attacks (Nguyen et al., Citation2023). Students often perceive the digitalized environment has coerced them into regularly engaging in digital processes (Dutt, Citation2023), and schools too can be a target of cyber-attacks (Langreo, Citation2023; Waldman, Citation2023). Internet consumption is an everyday occurrence for most youth; who consume social media and digital technologies at an early age (Livingstone et al., Citation2011; Winther, Citation2017), often without realizing the potential threats (Corradini & Nardelli, Citation2018). This includes sharing images and personal data, highlighting the need for cyber security awareness in schools (Schilder et al., Citation2016). A meta-analysis from Quayyum et al. (Citation2021) analyzed 53 articles addressing privacy, cyberbullying, and inappropriate display of content as some of the potential risks faced by children (Paat & Markham, Citation2021). Therefore, creating awareness at an early age would greatly benefit students; this can be achieved by using text-based, video, or game-based pedagogy in classrooms (Alharbi & Tassaddiq, Citation2021). For example, Hart et al. (Citation2020) suggested gaming as a tool to promote cyber security awareness. As another example, Al-Tawil (Citation2024) advocated ethical hacking be taught to students to combat cyber security, alongside gaming for students to learn and engage in developing their cyber security skills and mastering the concepts (Trickel et al., Citation2017). Thus, we contend that ‘cybersecurity’ awareness and training against cyber threats should be implemented within institution (Green, Citation2015). Often, individuals within organizations contribute to its vulnerability to threats, with many concluding that ‘people’ are the most vulnerable factor in cybersecurity or posing the greatest threat (Safa et al., Citation2016). Cybersecurity awareness programs are necessary to bridge the gap between people and digital technology (Isabella Corradini, Citation2020). While many software options are employed to prevent cybersecurity breaches, they do not provide complete protection from all threats (Furnell et al., Citation2006; Parsons et al., Citation2014; Schultz, Citation2005). Additionally, new tools like ChatGPT raise concerns about malpractices in education (Lodge et al., Citation2023), which continue to create challenges in the academic sector (Hsiao et al., Citation2023). But in some cases, AI integrated into different fields has also created solutions to cybersecurity (Hammad et al., Citation2019; Sarker et al., Citation2021), such as using machine learning and deep learning to prevent cyberattacks (Al-Hawawreh et al., Citation2024; Farah et al., Citation2022; Xin et al., Citation2018). In addition, Khader et al. (Citation2021) has proposed a cybersecurity awareness framework that colleges and universities can use to improve awareness.

Cybersecurity behavior is explained by scholars mainly using three theories: deterrence theory, protection motivation theory (PMT), and the theory of planned behavior (TBP) (An et al., Citation2023; Rogers, Citation1975). Deterrence theory suggests that negative interactions, in the form of punishments, can control cybersecurity behaviors (Ameen et al., Citation2021). TPB with three domains, including individual attitudes, subjective norms and perceived behavioral control, is also used for cybersecurity-related behavior (Dinev et al., 2007). PMT considers that motivation to protect comes from one’s perception of threat and one’s assessment to cope with such threats to ensure minimal harm from the threat (Hong et al., Citation2024). PMT is also widely used in the area of cybersecurity behavior (Chen et al., 2016) that considers that the protecting motivation is generated from threat appraisal and coping appraisal (Hong et al., Citation2024).

De Kimpe et al. (Citation2021) highlighted the inverse relationship between feeling well informed about online safety and the inclination to adopt security measures, alongside the positive association with perceptions of cybercrime severity. Moreover, Tsai et al. (Citation2016) emphasized the importance of coping appraisal variables and security coping factors, respectively, in predicting intentions to engage in protective behaviors. Furthermore, van Bavel et al. (Citation2019) underscore the effectiveness of coping messages in promoting secure behavior, suggesting their prioritization in interventions. Compliance Theory can be applied to understanding individuals’ behaviors regarding online security practices such as complying (or not) with policies pertaining to cyber security at an individual level, organizational level, or at government deployed regulations (Salifu & Abdul, Citation2023).

A study conducted by Alsiddig et al., Citation2020 showed that students generally exhibit lower levels of security awareness compared to faculty members. Despite recognizing the importance of cybersecurity, students often fail to apply the same level of awareness when creating passwords (Alqahtani, Citation2022). Studies have shown that insufficient awareness can make users more vulnerable to potential threats (Al-Khater et al., Citation2020; Garba et al., Citation2020; Griffin, Citation2019). Additionally, a study by Matyokurehwa et al., Citation2021 highlighted the importance of cybersecurity in combating social engineering malware, social engineering, malware attacks, and the IoT (Internet of Things) attacks. Initiatives to create awareness among college students to better detect malware and promote cybersecurity awareness are crucial as digitalization continues to expand.

Due to the current threats highlighted above, this study aims to understand the positive and negative cyber experiences among UG students and the challenges they face while engaging in learning in a digital environment. The study further attempts to describe the coping mechanisms used by students to effectively manage the cyber security threats.

2. Method

Since there are both positive and negative experiences of cybersecurity phenomenon affecting the psychosocial wellbeing of people (Clandinin & Connelly, Citation2000; DeJonckheere & Vaughn, Citation2019), researchers have qualitative study design involving narrative inquiry. Narrative inquiry, as a method, elicits the lived experiences of participants through semi-structured interviews (Caine et al., Citation2013; Figgou & Pavlopoulos, Citation2015). Additionally, given that the cybersecurity phenomenon has affected the primary care (mental health) of individuals, in-depth interviews will help better understand the context (DeJonckheere & Vaughn, Citation2019). Accordingly, this approach was used in the study with narrative interviews undertaken to garner information on positive, and negative cyber experiences of UG students and the coping mechanisms they employed while in a digital environment. Thematic analysis of interview data captured the experiences and perceptions of the participants.

2.1. Participants

Researchers utilized the snowball sampling technique to invite ten undergraduate students to participate in this study (Wright & Stein, Citation2005). The participants were from eight different University colleges located across Bangalore, India. Out of the ten participants, five are male and five are female. The participants are studying mostly in their second year or final year with various subject streams from sciences, commerce, and Humanities. The participants’ age ranged from 20 to 23 years. below summarizes the demographic details of the participants who agreed to participate in the study. Participants were assigned with pseudonyms P1, P2, P3, to P10 to ensure data privacy.

Table 1. Participants’ demographic details.

2.2. Data collection procedure

Researchers employed a semi-structured interview technique to gather data. At the outset of the face-to-face interview, the interviewer explained the purpose of the research and sought oral consent before asking any questions. Next, to establish rapport, the interviews were conducted in a free and fair setting, with participants given the option to withdraw from the interview if they felt socially uncomfortable sharing information at any time. The interviewer also gathered the demographic characteristics of each participant during the interview. below outlines the interview questions used to elicit in-depth responses from each participant, each asked in a sequential manner. Responses were digitally recorded. Researchers transcribed the audio files for the purpose of data analysis and stored both audio files and transcript in a password-protected file.

Table 2. Semi-structured interview items.

2.3. Ethical considerations

Researchers obtained institutional review board (IRB) permission from the University before conducting the study. Informed consent was also obtained from each participant before conducting the interviews. Further, the researchers assured each participant that the data collected would be kept confidential and only used for the research and publication purposes.

2.4. Data analysis procedure

The present study adopted the procedures of narrative thematic analysis for the collected interview data. Narrative inquiry provides an opportunity to express the lived experiences of participants through semi-structured interview techniques (Caine et al., Citation2013). When narratives take a dialogic form and emphasize the why, who, and what of a phenomenon (Rodriguez, Citation2016), they offer valuable insights. Inductive thematic analysis is well suited for the present study, as the themes and sub-themes emerge directly from coding procedures rather than from a theoretical background (Mihas, Citation2023). In addition, thematic analysis of interview data captured th experiences and perceptions of the participants.

We carried out the data analysis through the following steps.

  • Researchers read the interview transcripts several times to become familiar with the content. This helped them to understand participants’ thought process and impressions.

  • Researchers produced a few initial code words directly from the data transcripts that represented significant ideas, concepts or patterns.

  • Researchers started to search for connections between the code words with similarities, overarching ideas, implicit ideas, and differences. This exercise uncovered the main themes from the data.

  • Researchers revisited the main themes several times to confirm whether it truly emerged from the data transcripts, and modified, merged, or split into sub-themes wherever necessary.

  • Researchers defined the main themes and sub-themes accurately with consideration to the main concepts and ideas captured in the data.

  • Researchers organized the themes and sub-themes in logical order. in the result section of this paper presents the themes and sub-themes.

  • Researchers carefully selected excerpts from the transcripts that were connected to the main and sub- themes.

  • Researchers ensured rigor and trustworthiness of the evolved themes, sub-themes, and excerpts via peer feedback and member checking methods.

  • Researchers’ selected two participants randomly to member check the descriptions.

  • Lastly, the researchers wrote the findings and discussion sections of the paper connecting valid supporting evidence from the earlier research, excerpts, and theoretical frameworks.

Table 3. Showing interview parts and the emerged themes and subordinate themes.

3. Results

As planned, researchers addressed the research questions; (i) what are the positive and negative cyber experiences among UG students, (ii) the challenges they faced while engaging in learning in a digital environment, and (iii) the coping mechanisms they used to manage the cyber security threats through qualitative approach and analyzed the qualitative data using the narrative thematic analysis. below presents the results from the narrative thematic analysis in terms of major themes and subordinate themes.

Researchers conducted the interview in three sections sequentially since the research questions included questions on lived experiences in the first part, the second part was focused on challenges, and the third part was focused on coping mechanisms. The detailed explanation of the themes, subordinate themes, and relevant excerpts from the interview transcripts are presented below.

3.1. Lived experiences of UG students

3.1.1. Main-theme 1: Navigation, awareness, and incidents

Participants shared that navigating privacy concerns has been a challenge for them. Many shared that they do not understand whether they should accept cookies, partially accept them, or reject all cookies. Most participants were not even aware of what cookies are. Additionally, many participants reported instances where their private data was available, yet they lack an awareness on how to protect it. For instance, they expressed uncertainty regarding Facebook’s privacy policies, including managing their public profile, locking the profile, and understanding the privileges of the account holder.

P6: Why almost for every new web page I am trying to browse I must accept cookies…

3.1.2. Sub-theme 1.1: Balancing security vs. inconvenience

Most participants mentioned the inconvenience of identifying the risks associated with various online websites and social media platforms. They expressed difficulties in managing their personal information online while protecting it from malicious actors, handling online account credentials, and managing social media accounts. Some participants mentioned that while verification processes used by many online sites seemed good, they could also be annoying at times.

P2: my computers log out and ask for SSL certificate authentication…

P9: […] …on you tube I get this message keep the ads, remove add…Skip and selecting any of these still force me watch an ad…

3.1.3. Sub-theme 1.2: Lack of orientation on cyber security

Participants shared that they began using email, social media, and online websites without receiving any orientation on cyber security. As their subscriptions to various apps, software, and web pages increased, they began receiving multiple verification, authentication, and fraudulent emails. They expressed uncertainty about whether they should agree to the terms and conditions outlined by various social media accounts, or if it was acceptable to deny them. The majority of participants accepted every condition put forth by a website or webpage without knowing their prerogatives or understanding the implications of what they had agreed to.

P6: I am annoyed, why is this asking OTP and verification code…

P3: […] …how many passwords I must remember, omg…

3.1.4. Sub-theme 1.3: Cyber security threats in academic settings

Participants shared that they regularly get received phishing emails to their college email address. Further, they stated that AI enabled social media platforms or webpages often seem to know exactly what they want to buy, search for, or even consider purchasing online. Consequently, they feel their personal data has been stolen without their permission, and they unsure how this occurred. Some participants recounted personal experiences of ransomware attacks and financial losses. They further expressed concerns about widespread cyberbullying affecting them and others, admitting they are unsure how to protect themselves from such harassment. This includes how to protect themselves from loan lending information, online-dating scam, fraudulent work from home opportunities, coercion into gambling, human trafficking, and many more threats.

P2: I feel something fishy here, what is in my mind is appearing on my mobile screen…

P8: I am getting online work from home job offers everyday…are they even real? […].

3.1.5. Sub-theme 1.4: Psychological impact of cybersecurity incidents

Most of the participant shared that privacy concerns and the fear of identity theft have led to experiences of anxiety and stress, leading to constantly living with a sense of insecurity. Many even resorted to antidepressant medication to with depression resulting from these negative emotional states. Additionally, some participants mentioned instances where their friends are being blackmailed due to various forms of online victimization, leaving them fearful that they too could become victims at any time.

P1: I feel I am forced…even though I am not interested…

P6: I am unable to focus on any work nor on my studies…

One participant mentioned an experience where an anonymous user threatened to share manipulated photos unless they paid money and performed a humiliating task. The participant felt tremendous emotional distress and demanded secrecy over the fear of social consequences.

3.2. Challenges faced by UG students in cyber security

3.2.1. Main-theme 2: Addressing and managing cyber security issues

One of the greatest challenges for college students in the twenty first century is managing their presence online without breaching any personal data. Most students have a presence on various social media platforms, application software, and mobile apps, and maintain multiple online accounts for different interests and needs. While most participants cited the importance of verification systems to protect their personal information and safeguarding against bullying, thy also found these systems to be annoying and hindering their efficiency in completing tasks. Many participants expressed the sentiment that while security checks are good, they can sometimes be excessive. A few participants mentioned inconvenient instances where they were forced to sign-up for several unwanted webpages and mandatory apps downloads just to access reading materials and to download a reading material.

P1: I feel I am forced…even though I am not interested…

P6: …I am wasting my time verifying these checks…

3.2.2. Sub-theme 2.1: Limited access to resources and tools

Most participants mentioned that they never received any opportunities to learn online-safety skills and competencies needed to protect themselves on online platforms. Many participants talked about using various application software, social media platforms, and online-learning platforms without much knowledge on their origins, authenticity, and overall trustworthiness. They also admitted to lacking knowledge about incognito mode, safe-mode, malware, firewall, Captcha, and anti-theft protection features. Most participants had never used tools related to cybersecurity. However, four participants were aware of specific software they could use to protect their personal information, such as Wireshark, Metasploit, Aircrack, Hashcat, Burpsuite, Nessus Professional, Snort etc.

P3: …why is my browser asking use Incognito mode…what is it? …

P8: …I know Aircrack…my dad uses it…

3.2.3. Sub-theme 2.2: Cyber security skills

Participants shared that they would benefit from a course in learning cybersecurity fundamentals, which could include topics such as creating safe passwords, implementing safe login protocols, understanding web cookies and encryption protocols, principles of network security, and adopting secure coding practices. In addition, they emphasized the need for knowledge in areas like online banking, identification of financial-scams, recognize swindlers, and understand embezzlement.

P5: …why my password must be 8 characters in length and must have…alpha numeric?

P10: …I really need someone to teach me on cyber safety skills…

3.2.4. Sub-theme 2.3: Navigating complex regulatory compliance requirements

Participants are not aware of cyber compliance policies at their institutions, which are intended to safeguard their privacy. Most participants found the multiple verification systems annoying, reporting that these systems slow them down when using online platforms. Students in India are not aware of digital personal data protection act (DPDPA) passed by Government of India. None of the interview participants was familiar with the Health Insurance Portability and Accountability Act (HIPAA). Even when installing banking apps, participants admitted to clicking “continue” and agreeing to everything asked of them. Yet, they continued to use both online banking and mobile banking services.

P2: …I do not know what HIPA act is…nor any policy…

P9: …I use pirated version of the window…thus… it asks for certificate verification…

3.2.5. Sub-theme 2.4: Managing cybersecurity threats and responses

Most participants in the study expressed their inability to identify what is cyber security breaches, necessary security compliances, and credible threats. They struggled with responding to timely verifications such as OTPs, CAPTCHA, etc. Many participants reported to having no understanding of concepts like two-factor verification or multifactor verification, despite spending many hours online every day. Related to this, adolescents’ personal data is at significant risk, with reported suicide incidents attributed to online activities, and much of the cybercrimes going unreported. Parents and teachers have limited knowledge of how students are using their devices and how to protect those (Alharbi & Tassaddiq, Citation2021).

P7: …My parents don’t understand computers…social media…

P4: …once I almost lost my money…luckily escaped…thanks to my friends…

3.2.6. Sub-theme 2.5: Balancing academics and cyber security responsibilities

Most participants mentioned that resources for learning about technology integration, online safety, and cyberbullying are available. However, accessing the contents is tedious and takes considerable time to find valuable resources. Some students also admitted they would rather spend their time on social media than learning about online safety.

Furthermore, participants generally lack awareness of copyrights and creative commons licensing. Many of them shared that they prioritize access to content and material over ensuring they are obtained legally or through institutional IDs. Some websites trick users into downloading unwanted software and application apps, leading participants to lose precious study time as they navigate through new tabs without understanding why they lost track of their original search

P3: …how do I know, which is the authentic learning material…

P6: …what is creative commons… […] …I don’t know where I am redirected to…

3.3. Coping mechanism employed by the UG students

3.3.1. Main-theme 3: Safe browsing skills and patience

Participants mentioned that they have never received any professional training on how to handle cybersecurity issues if they occur. If they are a victim of a cybersecurity threat, they reported dealing with it through trial and error. Most shared that they searched for information to determine the best way to address a cybersecurity issue when it arose. They (students) frequently stated that people need patience to proactively navigate security compliance and to ‘de-bug’ themselves from an unhealthy cyber security incident. However, when they took the time, they admitted to acquiring several skills, such as knowing when to accept cookies or verification codes on mobile devices.

P1: …I did not go to institute to learn browsing on the net…

3.3.2. Sub-theme 3.1: Seeking social or peer support

Most participants indicated that they would turn to their friends to understand a specific cybersecurity issue, as many had similar experiences and could offer some guidance on how to resolve it. Peer support seemed to work well for those that had experienced a cybersecurity issue. This included how to best navigate through cybersecurity compliance steps, as well as social and emotional issues, cyber bullying, cyber frauds, malicious emails, etc.

P8: I just ask my friends to trouble shoot…

3.3.3. Sub-theme 3.2: Continuous learning and skill development

Another coping strategy shared by participants was ongoing learning aimed at being proactive against cybersecurity threats. Participants reported learning frequently from resources such as Google Chrome help center and Microsoft Edge support. Specific resources from these sites included how to avoid subscribing to malicious application software and avoiding phishing emails. Some participants offered that after online training, they began implementing practices such as cleaning their desktop occasionally, clearing browsing history, setting up cookies, blocking and allowing certain websites, addressing certificate issues, dealing with piracy issues and illegal sites, navigating creative commons licensing, accessing open educational resources, and managing spam options.

P6: I read up as and when I face issues…

3.3.4. Sub-theme 3.3: Utilizing technology tools

Several participants mentioned that they have subscribed to antimalware to protect themselves from breaches of personal data. Many were using free antimalware programs such as Norton, Avira etc. However, many purchased antimalware such as Kaspersky, McAfee, etc. They further shared that there are several open resources available to support cybersecurity, such as Aircrack and Burp Suite.

P3: my computer has windows defender by default…I do not buy any…

3.3.5. Sub-theme 3.4: Exercise self-control

Another simple coping mechanism recognized by most participants was exercising self-control. It is they acknowledged that it is within an individual to understand whether a particular online source subscription is necessary or not. If needed, they must comply with cybersecurity credentials. Some participants admitted to being careless about sharing their personal information or account details. Others expressed innocence and confusion regarding what, how much, to whom, and where to share such information. The reason for rampant online theft, swindling, and fraud, is due to lack of knowledge about these fundamental questions among millions of people.

P8: …I believe in prevention is better than cure…

P6…omg…I just gave all my details to an account, and now it shows 404 error…

3.3.6. Sub-theme 3.5: Engaging in relaxation techniques

Participants offered that many UG students are addicted to several social media sites such as Instagram, Facebook, Snapchat, YouTube reels, etc. Thus, they tend to be careless about their data privacy and cybersecurity compliance on these platforms. Some mentioned that when they or their peers become frustrated or caught up with security issues and cyber bullying, they resort to relaxation techniques such as listening to soothing music, performing yoga exercises, meditation, breathing exercises, going for a walk, = swimming, or a Tea break. A recent study by Prakasha et al. (Citation2023) supports this view and offers similar coping strategies.

P4: …I just go for a walk…after working more hours on the net…

P6: I do meditate regularly…however physical exercise not much…

4. Discussion

In this study, researchers highlighted both the positive and negative lived experiences of cybersecurity issues among UG students. The findings are transferable to other undergraduate students and university settings. The main theme that evolved from the lived experiences of UG students was the lack of navigation skills and lack of awareness about potential cybersecurity issues, leading to vulnerability to cyber bullying incidents (Craig et al., Citation2020).

Many studies have shown that cyber bullying often originates in primary school (Rodríguez-Álvarez et al., Citation2019). This study confirmed that it remains a negative lived experience for undergraduate students as well. The themes identified in this study confirm the challenge of balancing safety needs while accepting the inconveniences associated with cybersecurity compliance. Participants expressed how these efforts were often stressful. A recent study by Saeed A Alqahtani, & Erfani et al. (2021) further substantiates this observation among college students more widely.

The findings of this study clearly emphasize the need for orientation programs for all students to address cybersecurity threats and their nuances. A study by Aderibigbe and Ocholla (Citation2020) found similar outcomes to those uncovered in this study. One program that may be useful is the respect, educate, and protect (REP) model, which highlights ways to include elements of digital citizenship within college-level classes (Curran & Ribble, Citation2017; Marinho & Carneiro, Citation2018; Ribble, Citation2015). The narratives shared by participants validate the increasing cases of phishing emails and instances of data theft. The recent study by Dharmavaram (Citation2023) also found a rise in ransomware attacks on educational campuses, highlighting the imperative for universities to implement strong antimalware software tools to safeguard student data.

This study further revealed the psychological effects of cyber bullying and victimization on students. This often led to higher feelings of anxiety, stress, and depression. A recent study supported this phenomenon (Gohal et al., Citation2023). On the positive note, participants expressed a growing need for cybersecurity professionals and future job opportunities in the field. Alzahrani (Citation2021) echoes this idea of future job opportunities in cybersecurity in a recent study. Upon graduation, undergraduates may play a role in improving cybersecurity programs for future generations of students.

Undergraduate students face several challenges with respect to cybersecurity within a digital learning environment. One of the major ongoing challenges unveiled in the study was students struggle to cope up with the constantly evolving nature of cyber security threats. Malicious actors create new ways to invade privacy every day, and even updated antimalware cannot always detect them. A study by Radhika et al. (Citation2023) confirmed that regular threats have become a common experience for undergraduate student experience at most institutions.

Another major challenge unveiled from this study is the limited access to cybersecurity resources, technology tools, and training opportunities that could offset some risks and be proactive in developing key skills among undergraduate students. Recently Khamzina et al. (Citation2022) expressed a similar argument, providing data on the resources available to increase cybersecurity.

Further, navigating through complex regulatory compliance requirements poses a challenge for many UG students. They lack an awareness of related policies, and therefore are unaware of compliance standards. A study by Stewart (Citation2022) reveals the same is true for most undergraduate students. Students struggle to understand the subtle differences among secure coding practices, encryption protocols, and network security principles. Students regularly fail to recognize true cybersecurity breaches and struggle to trouble shoot such instances if they occur. Hewitt and White (Citation2022) pointed out similar security incidents and the lack of awareness in how to deal with them. To complicate the issue, students pointed out that adhering to security compliances takes considerable time, detracting from valuable time to study. Participants recommended the need for efficient cybersecurity resources to comply with the regulatory bodies and networks. Duzenci et al. (Citation2023) made similar observations in their study, outlining the ongoing issues and confirming the need for efficient resources to understand how to be safe in a digital environment.

The study revealed that students usually turn to their friends for help when trouble shooting cybersecurity compliance issues or dealing with malicious actors and fraudulent calls. Participants from this study offered five to six distinct coping mechanisms to manage cybersecurity issues that others may face. The first approach to dealing with cybersecurity issues is to stay current with the ongoing changes in digital learning environments and the resources available to combat cybersecurity threats. Further, participants recommended specific technology tools to handle the cyber issues if or when they arise. However, to avoid being a victim altogether, participants emphasized the importance of individual self-control and mindfulness for safe browsing. The latest book by Jarjoui (Citation2023) also discusses similar coping mechanisms as those stated by participants in this study.

Many participants shared coping mechanisms that worked for them in addressing the ongoing stress that comes with working online. Relaxation techniques was the most commonly cited coping mechanism. Lodha (Citation2022) mentions similar techniques in her study. Lifestyle management is key to maintaining a hygienic digital environment. A recent study also suggests that keeping devices safe with supporting apps, VPNs, updated credentials, and antivirus software are other ways to manage a safe and secure online workspace (Chakraborty et al., Citation2022).

5. Conclusion

This study captured participants’ lived experiences to understand the positive and negative cyber experiences they encounter as undergraduate students. The study further explored participants’ cybersecurity challenges while engaging in a digital learning environment. The findings emphasize the need for cybersecurity awareness, skill development and more efficient cybersecurity technologies to address threats. By addressing these key areas, undergraduate students could potentially have more time to devote to their studies and experience improved mental health. Findings from the study also offered some coping mechanisms students leveraged to navigate the cybersecurity space.

However, it is important to note that the present study was limited to exploring cybersecurity experiences among undergraduate students in India. Cyber insecurity experiences and incidents are too diverse, thus capturing all aspects in a single study proved challenge. Further, these experiences can be deeply personal and difficult to share, leading to an unintentional bias affecting the findings of the study. As technology continuous to play an increasing role in digital learning environments, and with the increase in fraudulent activities, incentivizing participants may yield more nuanced experiences and insights, thus aiding in addressing cybersecurity threats. Interdisciplinary studies are needed to understand the growing concern of cybersecurity issues. Further, this study gathered data through interviews to explore the research questions. Researchers suggest future research could explore in-depth case studies pertaining to cyberbullying, ransomware attacks in universities, and fraudulent activities on social media platforms to gain deeper insights into these specific areas of concern.

Acknowledgements

Sincere thanks to all the participants for their participation and cooperation throughout the study.

Disclosure statement

Authors have no competing interest.

References

  • Abawajy, J. (2014). User preference of cyber security awareness delivery methods. Behaviour & Information Technology, 33(3), 237–248. https://doi.org/10.1080/0144929X.2012.708787
  • Aderibigbe, N., & Ocholla, D. (2020). Insight into ethical cyber behaviour of undergraduate students at selected African universities. SA Journal of Information Management, 22(1), 1–8. https://doi.org/10.4102/sajim.v22i1.1131
  • Alharbi, T., & Tassaddiq, A. (2021). Assessment of cybersecurity awareness among students of Majmaah University. Big Data and Cognitive Computing, 5(2), 23. https://doi.org/10.3390/bdcc5020023
  • Al-Hawawreh, M., Moustafa, N., & Slay, J. (2024). A threat intelligence framework for protecting smart satellite-based healthcare networks. Neural Computing & Applications, 36(1), 1–21. https://doi.org/10.1007/s00521-021-06441-5
  • Al-Khater, W. A., Al-Maadeed, S., Ahmed, A. A., Sadiq, A. S., & Khan, M. K. (2020). Comprehensive review of cybercrime detection techniques. IEEE Access., 8, 137293–137311. https://doi.org/10.1109/ACCESS.2020.3011259
  • Allam, S., Flowerday, S. V., & Flowerday, E. (2014). Smartphone information security awareness: A victim of operational pressures. Computers & Security, 42, 56–65. https://doi.org/10.1016/j.cose.2014.01.005
  • Alothman, M., Robertson, J., & Michaelson, G. (2017). Computer usage and attitudes among Saudi Arabian undergraduate students. Computers & Education, 110, 127–142. https://doi.org/10.1016/j.compedu.2017.02.010
  • Alqahtani, M. A. (2022). Factors affecting cybersecurity awareness among university students. Applied Sciences, 12(5), 2589. https://doi.org/10.3390/app12052589
  • Alsiddig, M. D. E., Badwi, A. A., Alraheem, A., & Idriss, O. I. A. (2020). Cyber security awareness among students and faculty members in a Sudanese College. Electrical Science & Engineering, 2(2), 24–28. https://doi.org/10.30564/ese.v2i2.2477
  • Al-Tawil, T. N. (2024). Ethical implications for teaching students to hack to combat cybercrime and money laundering. Journal of Money Laundering Control, 27(1), 21–33. https://doi.org/10.1108/JMLC-01-2023-0014
  • Alzahrani, L. (2021). Statistical analysis of cybersecurity awareness issues in higher education institutes. International Journal of Advanced Computer Science and Applications, 12(11), 630–637. https://doi.org/10.14569/IJACSA.2021.0121172
  • Ameen, N., Tarhini, A., Shah, M. H., Madichie, N., Paul, J., & Choudrie, J. (2021). Keeping customers’ data secure: A cross-cultural study of cybersecurity compliance among the Gen-Mobile workforce. Computers in Human Behavior, 114, 106531. https://doi.org/10.1016/j.chb.2020.106531
  • An, Q., Hong, W. C. H., Xu, X., Zhang, Y., & Kolletar-Zhu, K. (2023). How education level influences internet security knowledge, behaviour, and attitude: A comparison among undergraduates, postgraduates and working graduates. International Journal of Information Security, 22(2), 305–317. https://doi.org/10.1007/s10207-022-00637-z
  • Barlett, C. P., Simmers, M. M., Roth, B., & Gentile, D. (2021). Comparing cyberbullying prevalence and process before and during the COVID-19 pandemic. The Journal of Social Psychology, 161(4), 408–418. https://doi.org/10.1016/j.copsyc.2022.101314
  • Caine, V., Estefan, A., & Clandinin, D. J. (2013). A return to methodological commitment: Reflections on narrative inquiry. Scandinavian Journal of Educational Research, 57(6), 574–586. https://doi.org/10.1080/00313831.2013.798833
  • Canty, J., Stubbe, M., Steers, D., & Collings, S. (2016). The trouble with bullying – deconstructing the conventional definition of bullying for a child-centred investigation into children’s use of social media. Children & Society, 30(1), 48–58. https://doi.org/10.1111/chso.12103
  • Chakraborty, R., Prakasha, G. S., & Sripavithra, C. K. (2022). Factors affecting data-privacy protection and promotion of safe digital usage. In Fabrizio d’Amore, Maria Lapina, & Vyacheslav Zolotarev (Eds.), International workshop on advanced in information security management and applications (AISMA 2021) 3094, (pp.48–59). CEUR-WS. http://ceur-ws.org/Vol-3094/paper_5.pdf
  • Chen, Y., & Zahedi, F. M. (2016). Individuals’ internet security perceptions and behaviors: Polycontextual contrasts between the United States and China. MIS Quarterly, 40(1), 205–222. https://doi.org/10.25300/MISQ/2016/40.1.09
  • Clandinin, D. J., & Connelly, F. M. (2000). Narrative inquiry: Experience and story in qualitative research. Jossey-Bass. https://www.wiley.com/en-us/Narrative+Inquiry%3A+Experience+and+Story+in+Qualitative+Research-p-9780787972769
  • Corradini, I., & Nardelli, E. (2018). Awareness in the online use of digital technologies of Italian students [Paper presentation]. 11th Annual International Conference of Education, Research and Innovation (ICERI 2018 Proceedings) (pp. 7036–7042). IATED. https://doi.org/10.21125/iceri.2018.2680
  • Corradini, I. (2020). Building a cybersecurity culture in organizations: How to bridge the gap between people and digital technology (Vol. 284). Springer Cham. https://doi.org/10.1007/978-3-030-43999-6
  • Craig, W., Boniel-Nissim, M., King, N., Walsh, S. D., Boer, M., Donnelly, P. D., Harel-Fisch, Y., Malinowska-Cieślik, M., Gaspar de Matos, M., Cosma, A., Van den Eijnden, R., Vieno, A., Elgar, F. J., Molcho, M., Bjereld, Y., & Pickett, W. (2020). Social media use and cyber-bullying: A cross-national analysis of young people in 42 countries. The Journal of Adolescent Health: Official Publication of the Society for Adolescent Medicine, 66(6S), S100–S108. https://doi.org/10.1016/j.jadohealth.2020.03.006
  • Curran, M. B. F. X., & Ribble, M. (2017). P-20 model of digital citizenship. New Directions for Student Leadership, 2017(153), 35–46. https://doi.org/10.1002/yd.20228
  • De Laat, M., & Dohn, N. B. (2019). Is networked learning postdigital education? Postdigital Science and Education, 1(1), 17–20. https://doi.org/10.1007/s42438-019-00034-1
  • DeJonckheere, M., & Vaughn, L. M. (2019). Semi-structured interviewing in primary care research: A balance of relationship and rigour. Family Medicine and Community Health, 7(2), e000057. https://doi.org/10.1136/fmch-2018-000057
  • De Kimpe, L., Walrave, M., Verdegem, P., & Ponnet, K.. (2021). What we think we know about cybersecurity: an investigation of the relationship between perceived knowledge, internet trust, and protection motivation in a cybercrime context. Behaviour and Information Technology, 41(8), 1796–1808.
  • Dharmavaram, V. G. (2023). Data privacy in education sector – issues and measures. EDPACS, 68(2), 1–12. https://doi.org/10.1080/07366981.2023.2242130
  • Dinev, T., & Hu, Q. (2007). The centrality of awareness in the formation of user behavioral intention toward protective information technologies. Journal of the Association for Information Systems, 8(7), 386–408. https://doi.org/10.17705/1jais.00133
  • Dutt, B. (2023). Wellbeing amid digital risks: Implications of digital risks, threats, and scams on users’ wellbeing. Media and Communication, 11(2), 355–366. https://doi.org/10.17645/mac.v11i2.6480
  • Duzenci, A., Kitapci, H., & Gok, M. S. (2023). The role of decision-making styles in shaping cybersecurity compliance behavior. Applied Sciences, 13(15), 8731. https://doi.org/10.3390/app13158731
  • Eyuboglu, M., Eyuboglu, D., Pala, S. C., Oktar, D., Demirtas, Z., Arslantas, D., & Unsal, A. (2021). Traditional school bullying and cyberbullying: Prevalence, the effect on mental health problems and self-harm behavior. Psychiatry Research, 297, 113730. https://doi.org/10.1016/j.psychres.2021.113730
  • Farah, J. C., Spaenlehauer, B., Sharma, V., Rodríguez-Triana, M. J., Ingram, S., & Gillet, D. (2022). Impersonating chatbots in a code review exercise to teach software engineering best practices [Paper presentation]. 2022 IEEE Global Engineering Education Conference (EDUCON) (pp. 1634–1642). IEEEXplore. https://doi.org/10.1109/EDUCON52537.2022.9766793
  • Figgou, L., & Pavlopoulos, V. (2015). Social psychology: Research methods. In Wright, J. D. International encyclopedia of the social and behavioral sciences (2nd ed.). Elsevier. https://doi.org/10.1016/c2010-1-67141-6
  • Furnell, S. M., Jusoh, A., & Katsabas, D. (2006). The challenges of understanding and using security: A survey of end-users. Computers & Security, 25(1), 27–35. https://doi.org/10.1016/j.cose.2005.12.004
  • Garba, A. A., Siraj, M. M., Othman, S. H., & Musa, M. A. (2020). A study on cybersecurity awareness among students in Yobe state University, Nigeria: A quantitative approach. International Journal on Emerging Technologies, 11(5), 41–49. https://www.researchtrend.net/ijet/pdf/
  • Gohal, G., Alqassim, A., Eltyeb, E., Rayyani, A., Hakami, B., Al Faqih, A., Hakami, A., Qadri, A., & Mahfouz, M. (2023). Prevalence and related risks of cyberbullying and its effects on adolescent. BMC Psychiatry, 23(1), 39. https://doi.org/10.1186/s12888-023-04542-0
  • Green, J. S. (2015). Cyber security: An introduction for non-technical managers. Ashgate Publishing Limited. https://books.google.co.in/books?id=AHFxCgAAQBAJ
  • Griffin, P. H. (2019). Advances in human factors in cybersecurity. In Tareq Z. Ahram & Denise Nicholson (Eds.), Advances in intelligent systems and computing 782(January), (pp. 15–22). Springer. https://doi.org/10.1007/978-3-319-94782-2
  • Hammad, M., Bsoul, M., Hammad, M., & Al-Hawawreh, M. (2019). An efficient approach for representing and sending data in wireless sensor networks. Journal of Communications, 14(2), 104–109. https://doi.org/10.12720/jcm.14.2.104-109
  • Hart, S., Margheri, A., Paci, F., & Sassone, V. (2020). Riskio: A serious game for cyber security awareness and education. Computers & Security, 95, 101827. https://doi.org/10.1016/j.cose.2020.101827
  • Hatzenbuehler, M. L., & Keyes, K. M. (2013). Inclusive anti-bullying policies and reduced risk of suicide attempts in lesbian and gay youth. The Journal of Adolescent Health: Official Publication of the Society for Adolescent Medicine, 53(1 Suppl), S21–S26. https://doi.org/10.1016/j.jadohealth.2012.08.010
  • Hemphill, S. A., Tollit, M., & Herrenkohl, T. I. (2014). Protective factors against the impact of school bullying perpetration and victimization on young adult externalizing and internalizing problems. Journal of School Violence, 13(1), 125–145. https://doi.org/10.1080/15388220.2013.844072
  • Hewitt, B., & White, G. L. (2022). Optimistic bias and exposure affect security incidents on home computer. Journal of Computer Information Systems, 62(1), 50–60. https://doi.org/10.1080/08874417.2019.1697860
  • Hong, Y., Xu, M., & Furnell, S. (2024). Situational support and information security behavioural intention: A comparative study using conservation of resources theory. Behaviour & Information Technology, 43(3), 523–539. https://doi.org/10.1080/0144929X.2023.2177825
  • Hsiao, Y. P., Klijn, N., & Chiu, M. S. (2023). Developing a framework to re-design writing assignment assessment for the era of large language models. Learning: Research and Practice, 9(2), 148–158. https://doi.org/10.1080/23735082.2023.2257234
  • Jarjoui, S. (2023). Mindfulness: The first line of defense in cyberspace. In Rohit Raja & Amit Kumar Dewangan (Eds.), Online identity – An essential guide. In-tech Open. https://doi.org/10.5772/intechopen.1003086
  • Jones, B. H., & Chin, A. G. (2015). On the efficacy of smartphone security: A critical analysis of modifications in business students’ practices over time. International Journal of Information Management, 35(5), 561–571. https://doi.org/10.1016/j.ijinfomgt.2015.06.003
  • Jones, B. H., & Heinrichs, L. R. (2012). Do business students practice smartphone security? Journal of Computer Information Systems, 53(2), 22–30. https://www.tandfonline.com/toc/ucis20/53/2
  • Jorgensen, Z., Chen, J., Gates, C. S., Li, N., Proctor, R. W., & Yu, T. (2015). Dimensions of risk in mobile applications: A user study. Proceedings of the 5th ACM Conference on Data and Application Security and Privacy (pp. 49–60). Association for Computing Machinery. https://dl.acm.org/doi/proceedings/10.1145/2699026
  • Kemp, S. (2023). Digital 2023: India. Datareportal. https://datareportal.com/reports/digital-2023-india#:∼:text=The%20state%20of%20digital%20in%20India%20in%202023&text=There%20were%20692.0%20million%20internet, percent%20of%20the%20total%20population.
  • Khader, M., Karam, M., & Fares, H. (2021). Cybersecurity awareness framework for academia. Information, 12(10), 417. https://doi.org/10.3390/info12100417
  • Khamzina, B., Roza, N., Zhussupbekova, G., Shaizhanova, K., Aten, A., & Aigerim., & Meirkhanovna, B. (2022). Determination of cyber security issues and awareness training for university students. International Journal of Emerging Technologies in Learning (iJET), 17(18), 177–190. https://doi.org/10.3991/ijet.v17i18.32193
  • Langreo, L. (2023). Schools are a top target of ransomware attacks, and it’s getting worse. EducationWeek. https://www.edweek.org/technology/schools-are-a-top-target-of-ransomware-attacks-and-its-getting-worse/2023/08
  • Livingstone, S., Haddon, L., Görzig, A., & Ólafsson, K. (2011). Risks and safety on the internet: The perspective of European children: Full findings and policy implications from the EU kids online survey of 9–16 year olds and their parents in 25 countries. EU Kids Online, The London School of Economics and Political Science. http://www.eukidsonline.net/
  • Lodge, J. M., Thompson, K., & Corrin, L. (2023). Mapping out a research agenda for generative artificial intelligence in tertiary education. Australasian Journal of Educational Technology, 39(1), 1–8. https://doi.org/10.14742/ajet.8695
  • Lodha, P. (2022). The challenges of online dating and digital relationships during COVID-19. Global Bioethics Enquiry Journal, 10(2), 80–86. https://doi.org/10.38020/GBE.10.2.2022.80-86
  • Marinho, S. P. P., & Carneiro, F. C. (2018). Digital citizenship in schools: Nine elements all students should know, in Mike Ribble. EccoS – Revista Científica, 47(47), 472–476. https://doi.org/10.5585/eccos.n47.10778
  • Matyokurehwa, K., Rudhumbu, N., Gombiro, C., & Mlambo, C. (2021). Cybersecurity awareness in Zimbabwean universities: Perspectives from the students. Security and Privacy, 4(2), e141. https://doi.org/10.1002/spy2.141
  • Mi, T., Gou, M., Zhou, G., Gan, Y., & Schwarzer, R. (2020). Effects of planning and action control on smartphone security behavior. Computers & Security, 97, 101954. https://doi.org/10.1016/j.cose.2020.101954
  • Mihas, P. (2023). Qualitative, multimethod, and mixed methods research. In Tierney, R. J., Rizvi F., & Ercikan, K. International encyclopedia of education (4th ed.). Elsevier. https://doi.org/10.1016/b978-0-12-818630-5.12001-9
  • Nguyen, C., Jensen, M., & Day, E. (2023). Learning not to take the bait: A longitudinal examination of digital training methods and overlearning on phishing susceptibility. European Journal of Information Systems, 32(2), 238–262. https://doi.org/10.1080/0960085X.2021.1931494
  • Paat, Y. F., & Markham, C. (2021). Digital crime, trauma, and abuse: Internet safety and cyber risks for adolescents and emerging adults in the 21st century. Social Work in Mental Health, 19(1), 18–40. https://doi.org/10.1080/15332985.2020.1845281
  • Parsons, K., McCormac, A., Butavicius, M., Pattinson, M., & Jerram, C. (2014). Determining employee awareness using the human aspects of information security questionnaire (HAIS-Q). Computers & Security, 42, 165–176. https://doi.org/10.1016/j.cose.2013.12.003
  • Prakasha, G. S., Kenneth, A., & Lapina, M. (2023). Social media disorder in relation to device screen time and autosuggested social media content engagement. Kontakt, 25(2), 117–123. https://doi.org/10.32725/kont.2023.021
  • Prakasha, G. S., Lapina, M., Balakrishnan, D., & Sajid, M. (2024). Educational perspectives on digital technologies in modeling and management. IGI Global. https://doi.org/10.4018/979-8-3693-2314-4
  • Quayyum, F., Cruzes, D. S., & Jaccheri, L. (2021). Cybersecurity awareness for children: A systematic literature review. International Journal of Child-Computer Interaction, 30, 100343. https://doi.org/10.1016/j.ijcci.2021.100343
  • Radhika, K., Sundar, G., Kumar, V. S., & Srinivasan, T. (2023). A study of cyber security challenges and its emerging trends on latest technologies. International Journal of Innovative Research in Advanced Engineering, 10(6), 379–382. https://doi.org/10.26562/ijirae
  • Ribble, M. (2015). Digital citizenship in schools: Nine elements all students should know (3rd ed.). International Society of Technology in Education.
  • Rodriguez, M. C. G. (2016). The stories we tell each other. In Tettegah S. Y., & Garcia, Y. E. (Eds.), Emotions, technology, and health. Elsevier. https://doi.org/10.1016/C2014-0-00811-8
  • Rodríguez-Álvarez, J. M., Cabrera Herrera, M. C., & Jiménez, S. Y. (2019). The risks of ICT in the relationships among peers. Cyberbullying in the primary and secondary education. INNOEDUCA, 4(2), 185–192. https://doi.org/10.24310/innoeduca.2019.v5i1.3505
  • Rogers, R. W. (1975). A protection motivation theory of fear appeals and attitude change. The Journal of Psychology, 91(1), 93–114. https://doi.org/10.1080/00223980.1975.9915803
  • Saeed A Alqahtani, M., & Erfani, E. (2021). Exploring the relationship between technology adoption and cyber security compliance: A quantitative study of UTAUT2 model. International Journal of Electronic Government Research, 17(4), 40–62. https://doi.org/10.4018/IJEGR.2021100103
  • Safa, N. S., Solms, R. V., & Futcher, L. (2016). Human aspects of information security in organisations. Computer Fraud & Security, 2016(2), 15–18. https://doi.org/10.1016/S1361-3723(16)30017-3
  • Salifu, Y., & Abdul, H. (2023). Cybersecurity policy compliance in higher education: A theoretical framework Journal of Applied Security Research, 18(2), 267–288. https://doi.org/10.1080/19361610.2021.1989271
  • Sarker, I. H., Furhad, M. H., & Nowrozy, R. (2021). Ai-driven cybersecurity: An overview, security intelligence modeling and research directions. SN Computer Science, 2(3), 1–18. https://doi.org/10.1007/s42979-021-00557-0
  • Sarno, D. M., & Black, J. (2024). Who gets caught in the web of lies? Understanding susceptibility to phishing emails, fake news headlines, and scam text messages. Human Factors, 66(6), 1742–1753. https://doi.org/10.1177/00187208231173263
  • Schilder, J. D., Brusselaers, M. B., & Bogaerts, S. (2016). The effectiveness of an intervention to promote awareness and reduce online risk behavior in early adolescence. Journal of Youth and Adolescence, 45(2), 286–300. https://doi.org/10.1007/s10964-015-0401-2
  • Schultz, E. (2005). The human factor in security. Computers & Security, 24(6), 425–426. https://doi.org/10.1016/j.cose.2005.07.002
  • Siapera, E. (2017). Understanding new media (2nd ed.). Sage. https://www.perlego.com/book/1431836/understanding-new-media-pdf
  • Stewart, H. (2022). Security versus compliance: An empirical study of the impact of industry standards compliance on application security. International Journal of Software Engineering and Knowledge Engineering, 32(03), 363–393. https://doi.org/10.1142/S0218194022500152
  • Trickel, E., Disperati, F., Gustafson, E., Kalantari, F., Mabey, M., Tiwari, N., Safaei, Y., Doupé, A., & Vigna, G. (2017). Shell We Play A Game? CTF-as-a-service for Security Education [Paper presentation]. Paper Presented at 2017 USENIX Workshop on Advances in Security Education, ASE 2017, co-Located with USENIX Security 2017, Vancouver, Canada. https://asu.elsevierpure.com/en/publications/shell-we-play-a-game-ctf-as-a-service-for-security-education
  • Tsai, H. S., Jiang, M., Alhabash, S., LaRose, R., Rifon, N., & Cotton, S. R. (2016). Understanding online safety behaviors: a protection motivation theory perspective, Computers Security, 59, 138–150. https://doi.org/10.1016/j.cose.2016.02.009
  • Ulven, J. B., & Wangen, G. (2021). A systematic review of cybersecurity risks in higher education. Future Internet, 13(2), 39. https://doi.org/10.3390/fi13020039
  • Van Bavel, R., Rodriguez Priego, N. R., Vila, J., & Briggs, P. (2019). Using protection motivation theory in the design of nudges to improve online security behaviour, International Journal of Human-computer studies, 123, 29–39. https://doi.org/10.1016/j.ijhcs.2018.11.003
  • Vanden Abeele, M. M. P. (2016). Mobile youth culture: A conceptual development. Mobile Media & Communication, 4(1), 85–101. https://doi.org/10.1177/2050157915601455
  • Waldman, A. (2023). Ransomware attacks on education sector spike in August. TeachTarget. https://www.techtarget.com/searchsecurity/news/366550896/Ransomware-attacks-on-education-sector-spike-in-August
  • Winther, D. K. (2017). How does the time children spend using digital technology impact their mental well-being, social relationships and physical activity? An evidence-focused literature review. Innocenti Discussion Papers, no. 2017-02, UNICEF Office of Research - Innocenti, Florence. https://www.unicef-irc.org/publications/925-how-does-the-time-children-spend-using-digital-technology-impact-their-mental-well.html
  • Wolke, D., & Lereya, S. T. (2015). Long-term effects of bullying. Archives of Disease in Childhood, 100(9), 879–885. https://doi.org/10.1136/archdischild-2014-306667
  • Wright, R., & Stein, M. (2005). Snowball sampling. In Kempf-Leonard, K. (Ed.), Encyclopedia of social measurement (pp. 495–500). Elsevier. https://doi.org/10.1016/B0-12-369398-5/00087-6
  • Xin, Y., Kong, L., Liu, Z., Chen, Y., Li, Y., Zhu, H., Gao, M., Hou, H., & Wang, C. (2018). Machine learning and deep learning methods for cybersecurity. IEEE Access., 6, 35365–35381. https://doi.org/10.1109/ACCESS.2018.2836950
  • Yuan, X., He, W., Yang, L., & Simpkins, L. (2016). Teaching security management for mobile devices [Paper presentation]. In Boisvert & Zilora (Eds.), Proceedings of the 17th Annual Conference on Information Technology Education 2016 (pp. 14–19). Association for Computing Machinery. https://doi.org/10.1145/2978192.2978227
  • Yuan, X., He, W., Yang, L., & Simpkins, L., (2016). TeacEyuboglu, M., Eyuboglu, D., Pala, S. C., Oktar, D., Demirtas, Z., Arslantas, D., & Unsal, A. (2021). Traditional school bullying and cyberbullying: Prevalence, the effect on mental health problems and self-harm behavior. Psychiatry rResearch, 297, 113730. https://doi.org/10.1016/j.psychres.2021.113730
  • Zhu, C., Huang, S., Evans, R., & Zhang, W. (2021). Cyberbullying among adolescents and children: A comprehensive review of the global situation, risk factors, and preventive measures. Frontiers in Public Health, 9, 634909. https://doi.org/10.3389/fpubh.2021.634909

Reprints and Corporate Permissions

Please note: Selecting permissions does not provide access to the full text of the article, please see our help page How do I view content?

To request a reprint or corporate permissions for this article, please click on the relevant link below:

Order Reprints Request Corporate Permissions

Academic Permissions

Please note: Selecting permissions does not provide access to the full text of the article, please see our help page How do I view content?

Obtain permissions instantly via Rightslink by clicking on the button below:

Request Academic Permissions

If you are unable to obtain permissions via Rightslink, please complete and submit this Permissions form. For more information, please visit our Permissions help page.

Download PDF

Related research

People also read lists articles that other readers of this article have read.

Recommended articles lists articles that we recommend and is powered by our AI driven recommendation engine.

Cited by lists all citing articles based on Crossref citations.
Articles with the Crossref icon will open in a new tab.