Cybersecurity on the Move: Investigating the Efficacy of a Movable Escape Room as an Educational Tool for Healthcare Employees

Authors

  • Jan-Willem Bullee University of Twente.
  • Luka Koning

DOI:

https://doi.org/10.34190/ecgbl.18.1.2631

Keywords:

Cybersecurity, Educational intervention, Escape room, HAIS-Q, Healthcare

Abstract

This research investigates the effectiveness of a cybersecurity escape room as an educational intervention to increase awareness of cybersecurity risks towards a safer work environment. The escape room aims to educate participants and cybersecurity and to make them more resilient against various cyberthreats. Method: To validate the effectiveness, a pre-test-post-test design with 96 participants was conducted, 42 also completing a delayed post-test and 29 participants served as a control group. All participants were healthcare professionals. Using the HAIS-Q, six themes were investigated (namely email usage, passwords, ransomware, social engineering, incident reporting, and software updates) using the three constructs from the Knowledge, Attitude and Behaviour model. Results: The escape room had an overall immediate positive effect on participants (t(95) = -6.259, p < 0.001), and this effect persisted after 1 month (t(25) = -2.946, p = .006). Zooming in on individual themes, the immediate scores improved for email usage, passwords, social engineering and software updates, whereas the delayed scores improved specifically for email usage and passwords. Conclusion: The results show that the cybersecurity escape room may be a promising way to enable employees to resist cybersecurity threats. Nonetheless, the results need to be interpreted with caution. The research design experienced some dropout, meaning that results could differ with increased participation. Furthermore, it is not entirely evident which aspects of the escape room caused the observed effect; this is subject to future research. 

Author Biographies

Jan-Willem Bullee, University of Twente.

dr. Jan-Willem Bullée is an Assistant Professor of Evidence-Based Cybersecurity at the University of Twente. With a background in both psychology (MSc) and computer science (MSc), he focuses on reducing cybercrime victimization. Jan-Willem's research revolves around the human element's impact, and on evaluating countermeasures such as interactive lessons programs for young learners, games for organisational staff members and easy implementable nudges.

Luka Koning

Luka Koning is a Researcher/PhD Candidate at the University of Twente. His research focuses on victimization of fraud and cybercrime, in particular the prevalence, risk factors, impact, and willingness to report. His work includes victim studies and experiments, aimed at how victimization arises and how it could be prevented.

Downloads

Published

2024-10-07