PERCEPTIONS OF CYBER RISK HELD AMONG UNDERGRADUATE STUDENTS PURSUING A SECURITY AND RISK ANALYSIS OR AN INFORMATION SCIENCES AND TECHNOLOGY MAJOR OR MINOR

Open Access
- Author:
- Weirman, Samantha S
- Area of Honors:
- Security and Risk Analysis
- Degree:
- Bachelor of Science
- Document Type:
- Thesis
- Thesis Supervisors:
- William Benjamin Gill, Thesis Supervisor
William Benjamin Gill, Thesis Supervisor
Dr. Edward J Glantz, Faculty Reader
William Benjamin Gill, Thesis Honors Advisor - Keywords:
- CyberLinkIT
risk perception
cyber security - Abstract:
- Every year, the College of Information Sciences and Technology (IST) at the Pennsylvania State University, University Park Campus graduates a number of Information Sciences and Technology (IST) and Security and Risk Analysis (SRA) majors to move on to careers in government and industry as cyber security professionals. As new hires, students are expected to be leaders in technological performance and solutions. Through education and student research, the College of IST aims to meet these expectations by providing its undergraduate students with basic principles and fundamental knowledge needed to effectively utilize such technologies at a higher level. To measure student comprehension of such concepts, the College of IST must currently rely on student grades and course marks. However, the development of a more conclusive method to determine student comprehension would benefit the College in its vision to become a leader in the field of information technology and higher education (The College of Information Sciences and Technology). This thesis documents a study that seeks to compare how student understanding of risk varies among all levels of undergraduate SRA and IST students in an attempt to show that the College of IST cultivates in its undergraduate students a coherent understanding of cyber risk over the course of the degree program. To do this, we developed a novel instrument for gauging participant understanding of risk; CyberLinkIT is an educational game designed to collect individual perceptions of cyber risk by challenging two players to agree in their assignment of causation and correlation associations between two given terms concerning cyber security and privacy. Research performed in this study collected cyber risk perceptions of all levels of undergraduate IST and SRA students through use of this online game. The hypothesis being as student advance in their IST or SRA education, their perceptions of cyber risk would converge to more accurately reflect the reality of the risk. Observations of the collected data did support the notion of a trend of perception convergence with the increase of IST or SRA education. Association between nodes made by first and second year students were more random and less linked than those made by third and fourth year students who showed more agreement in their assignment of nodal relationship. Statistical analysis of the data collected in this research study, however, failed to disprove the null hypotheses of the research questions due to a lack of sufficient total sample size, and a significant variance in sample size of the examined groups.