Cybersecurity Awareness Development A Systematic Literature Review on Training Models and Educational Strategies in the Digital Era.pdf
Keywords:
Cybersecurity Awareness, training models, Educational StrategyAbstract
In an increasingly digital world, cybersecurity awareness plays a critical role in protecting individuals, organizations, and information systems. Despite advancements in technical defenses, human factors remain a major vulnerability, often exploited through social engineering and other user-targeted attacks. This paper presents a systematic literature review (SLR) of 15 peer-reviewed scientific articles published between 2020 and 2024, focusing on training models and educational strategies designed to enhance cybersecurity awareness. The study classifies awareness programs into five categories: attack simulation models, gamified and interactive learning, curriculum-based education, framework-guided programs, and AI-driven adaptive training. Results indicate that interactive and context-specific training methods are more effective in changing user behavior and reducing risk than traditional one-way instruction. However, challenges such as limited user engagement, resource constraints, outdated content, and lack of organizational support hinder the implementation of effective programs. This review provides comprehensive insights into current best practices, barriers, and future directions to support the development of adaptive and impactful cybersecurity awareness initiatives.
References
S. Taherdoost, “A Critical Review on Cybersecurity Awareness Frameworks and Training Models,” Procedia Computer Science, vol. 235, pp. 1649–1663, 2024. doi: 10.1016/j.procs.2024.04.156)
A. M. Alshaikh, S. B. Maynard, and A. Ahmad, “Applying Social Marketing to Evaluate Current Security Education Training and Awareness Initiatives in Organizations,” Computers & Security, vol. 100, 2021. doi: 10.1016/j.cose.2021.102090
M. A. Fauzi et al., “Assessment of the Impact of Information Security Awareness Training Methods on User Behavior,” IEEE Access, vol. 10, pp. 132132–132143, 2022. doi: 10.1109/ACCESS.2022.3230286
S. Akter et al., “Reconceptualizing Cybersecurity Awareness Capability in the Data-Driven Digital Economy,” Annals of Operations Research, 2022. doi: 10.1007/s10479-022-04844-8
F. Alshaikh, S. B. Maynard, and A. Ahmad, “Information Security Education Training and Awareness (SETA): A Review,” Sensors, vol. 22, no. 22, 2022. doi: 10.3390/sensors22228663
F. Quayyum, D. S. Cruzes, and L. Jaccheri, “Cybersecurity Awareness for Children: A Systematic Literature Review,” International Journal of Child–Computer Interaction, vol. 30, 2021. doi:10.1016/j.ijcci.2021.100343
M. K. Al-Hamar, “A Systematic Review of Current Cybersecurity Training Methods,” Computers & Security, vol. 126, 2023. doi:10.1016/j.cose.2023.103585
S. Khando et al., “Enhancing Employees’ Information Security Awareness: A Systematic Literature Review,” Computers & Security, vol. 106, 2021. doi: 10.1016/j.cose.2021.102267
M. Yamin, B. Katt, and V. Gkioulos, “Cyber Ranges and Security Testbeds: Scenarios, Functions, Tools and Architecture,” Computers & Security, vol. 88, 2020. doi: 10.1016/j.cose.2019.101636
M. Ansari et al., “Prevention of Phishing Attacks Using AI-Based Cybersecurity Awareness Training,” International Journal of Smart Sensor and Ad Hoc Network, vol. 3, no. 3, 2022. doi:10.47893/IJSSAN.2022.1212
A. M. Alnajim et al., “Exploring Cybersecurity Education and Training Techniques: A Comprehensive Review,” Symmetry, vol. 15, no. 12, 2023. doi: 10.3390/sym15122175
J. Khader et al., “Conceptual Cybersecurity Awareness Framework for Academics,” Applied Sciences, vol. 10, no. 16, 2020. doi:10.3390/app10165702
N. Uchendu et al., “Developing a Cyber Security Culture: Current Practices and Future Needs,” arXiv preprint, arXiv:2107.08027, 2021. [Online]. Available: https://arxiv.org/abs/2107.08027
A. Zhang, “Cybersecurity Awareness Training Programs: A Cost–Benefit Analysis Framework,” Industrial Management & Data Systems, vol. 121, no. 3, 2021. doi: 10.1108/IMDS-08-2020-0462
M. Yamin et al., “Designing Effective Security Education, Training, and Awareness Programs: A Systematic Review,” Computers & Security, vol. 103, 2021. doi: 10.1016/j.cose.2021.102162
Helmiawan, M. A., & Wiharko, T. (2018). Application of Fingerprint Security System on Motorcycles using Arduino Microcontroller. J-Tin’s-Jurnal Teknik Informatika, 2(1).
Helmiawan, M. A., Juna, D. I., & Ramdhani, B. (2018). Pengamanan Sistem Dan Data E-Voting Berbasis Network. INTERNAL (Information System Journal), 1(1), 1–10.
Helmiawan, M. A., Firmansyah, E., Fadil, I., Sofivan, Y., Mahardika, F., & Guntara, A. (2020). Analysis of web security using open web application security project 10. 2020 8th International Conference on Cyber and IT Service Management
Helmiawan, M. A., Julian, E., Cahyan, Y., & Saeppani, A. (2021). Experimental evaluation of security monitoring and notification on network intrusion detection system for server security. 2021 9th International Conference on Cyber and IT Service Management (CITSM ….
Helmiawan, M. A., Fadil, I., Sofiyan, Y., & Firmansyah, E. (2021). Security model using intrusion detection system on cloud computing security management. 2021 9th International Conference on Cyber and IT Service Management (CITSM ….
Helmiawan, M. A., & Nasution, A. I. (2022). The Effect of Internet Banking Use and Customer Protection Against Cyber Crime at Bank Rakyat Indonesia. Journal of Islamic Economics and Business, 2(2), 170–183.