Abstract
The primary theme regarding both of my works relates to cybersecurity. The motivation for these works stems from attempting to understand and improve how Gen Z adapts cybersecurity in their everyday lives. To this end, the research paper focuses more on trying to understand Gen Z’s cybersecurity behaviors. More specifically, it provides more detail on the effect that prioritizing convenience has on shaping cybersecurity behavior among Gen Z. I chose to research this in order to expand why certain behaviors are exhibited beyond lack of awareness or education. For that portion, my technical work addresses those by providing an online platform that gamifies the learning process. Through gamification, the website provides a more engaging way to understand certain cybersecurity concepts, especially towards younger audiences. In this way, the research paper aims at gaining a deeper understanding as to why certain behaviors exist, and my technical work aims at improving those behaviors through the gamification of learning.
Cybersecurity is a major challenge in the modern age, requiring the use of effective education resources to improve public awareness. Existing cybersecurity training and education programs are often dry presentations of facts or regulations that lack user engagement, as a result, it has been observed that the users do not learn the material well. This capstone project seeks to improve upon existing educational approaches to introducing cybersecurity concepts. To this end, a web application with a suite of minigames that incorporates important security practices and ideas to address common cybersecurity problems was developed. This website is called “Cybersecurity Minigames” and it features 4 different minigames which each address a cybersecurity topic. The first minigame is a password tester that asks the user to input a password of their choice. It then grades the password they entered on a numerical score based on its strength. The second game is a phishing detection simulator, where the user is asked to identify potential phishing emails based on context clues (name of sender, email address, spelling mistakes, etc.). In a similar vein, the third minigame involves detecting suspicious links, where the user is given a link in an email and are asked to flag it if they deem it to be suspicious or dangerous. Both of these games require the user to recognize different types of online scams that pose a threat to security, whether that be through phishing or by clicking on a link. The final minigame is an OSINT game, which essentially cautions the user about what they post online. All of these games have a scoring system that contributes towards a total leaderboard score. This leaderboard system was implemented to further encourage engagement through competition, contributing towards a better learning experience.
My research seeks to answer this question: “How do Gen Z’s attitudes towards convenience shape their cybersecurity behaviors?”. Firstly, a literature review is conducted to identify existing research surrounding the topic. This review identifies that a large portion of Gen Z exhibits unsafe cybersecurity practices through various statistics involving VPN usage and passwords. It further reveals a gap in understanding the role convenience plays in cybersecurity behaviors compared to other aspects like awareness and cost. This is used as the justification for pursuing this topic. To conduct this research, I used reddit as my primary source of evidence, where I gathered a set of posts from technical subreddits that discussed convenience with regard to certain cybersecurity features. This included posts involving multi-factor authentication and password creation. Through this, it was evident that there were a few key reasons as to why certain security features were deemed more annoying and inconvenient. Namely, needing to physically move or alter one’s focus proved very inconvenient. In addition, the paper also provides an analysis on the perception of low probability but high risk events as a potential explanation for exhibiting certain behaviors like using weaker passwords. I conclude by highlighting the limitations of my research, as well as some implications of my work and future improvements that could be made.
By completing both the capstone project and research paper simultaneously, I have gained invaluable insight into how research can inform the design of technical applications. Although the capstone project was created first, my research gave insights towards future improvements that could be made, including potential new minigames involving multi-factor authentication or a hacking simulation. I believe that currently, the website does not feature enough information regarding the detrimental effects of having an account breached, so including that would be a major improvement. In addition, because the capstone project included a technical writing portion, I gained greater technical writing ability for explaining more complex topics. This aided me in explaining concepts like the mathematics behind a strong password.
