Adaptive Cybersecurity Training Framework for Social Media Risks

Abstract

Social media has become embedded in our everyday lives, personal activities, and the workplace. Thus, educating users on emerging cybersecurity challenges for social media has become imperative. In this project, a systematic literature review (SLR) was conducted and a mix of approach analyses to derive a framework that identifies the activities involved in adapting cybersecurity training for social media risks. I collected answers from 641 Kuwaiti employees in various sectors: education, healthcare, leadership and management, arts, entertainment, the police, and military, and interviewed 25 people who serve as policymakers, cybersecurity trainers, and those who have experienced cybersecurity training before. The study found that a one-fits-all training approach is highly ineffective, as people’s understanding and knowledge can vary greatly. Features such as gender, age, educational level, job roles, and the trainees’ training preferences and perceptions are essential considerations for developing a robust training system. Additionally, the study found that job role and age constitute the main factors associated with social media cybersecurity risks. The findings reveal that employees working in the business and financial sectors are the riskiest group, as far as cybersecurity is concerned. Female employees are more vulnerable to cyberattacks than male employees, and the youngest employees are the most risk prone, employees with less than two years of experience, and those who are 55 years old or more, need more cybersecurity training, due to their lack of awareness on the subject. This work has led to formulate a risk equation that can assist policymakers and training providers in defining countermeasures against risks and prioritize the training for those who need it the most. The framework and its process were validated through several strategies involving 38 case studies, surveys, and interviews. The novel contribution of this research is the proposal of the framework, which is a high-level, holistic framework that can support and promote organizations in mitigating social media risks.