Cybersecurity on the Move: Investigating the Efficacy of a Movable Escape Room as an Educational Tool for Healthcare Employees
DOI:
https://doi.org/10.34190/ecgbl.18.1.2631Keywords:
Cybersecurity, Educational intervention, Escape room, HAIS-Q, HealthcareAbstract
This research investigates the effectiveness of a cybersecurity escape room as an educational intervention to increase awareness of cybersecurity risks towards a safer work environment. The escape room aims to educate participants and cybersecurity and to make them more resilient against various cyberthreats. Method: To validate the effectiveness, a pre-test-post-test design with 96 participants was conducted, 42 also completing a delayed post-test and 29 participants served as a control group. All participants were healthcare professionals. Using the HAIS-Q, six themes were investigated (namely email usage, passwords, ransomware, social engineering, incident reporting, and software updates) using the three constructs from the Knowledge, Attitude and Behaviour model. Results: The escape room had an overall immediate positive effect on participants (t(95) = -6.259, p < 0.001), and this effect persisted after 1 month (t(25) = -2.946, p = .006). Zooming in on individual themes, the immediate scores improved for email usage, passwords, social engineering and software updates, whereas the delayed scores improved specifically for email usage and passwords. Conclusion: The results show that the cybersecurity escape room may be a promising way to enable employees to resist cybersecurity threats. Nonetheless, the results need to be interpreted with caution. The research design experienced some dropout, meaning that results could differ with increased participation. Furthermore, it is not entirely evident which aspects of the escape room caused the observed effect; this is subject to future research.