Cybersecurity is a growing problem in today’s technological innovation and new digital economy. Threat actors cause a danger to people’s safety or lead to the compromise of intellectual property, either sold on the dark web or used as leverage for ransom. Many executives believe cybersecurity is the responsibility of Information Technologies (IT). It is everyone’s responsibility. Countering cyber threats requires focusing on people and behaviors and cognitive models; the mere technicalities are not enough to face the issue. With this in mind, the following research analyzes existing frameworks in the literature for developing serious games for cybersecurity. They are developed to train and educate individuals in various aspects of cybersecurity, including threat detection, incident response, and risk management. Moreover, combining serious games and Explainable Artificial Intelligence (AI) can be a powerful approach to cybersecurity training and education. By integrating Explainable AI techniques into serious games, users can better understand the decision-making processes within the game environment. Players can learn how to interpret the explanations provided by AI models, identify potential limitations or errors, and make decisions based on both AI-generated insights and their own domain knowledge. This combination equips individuals with the skills to improve perception and human factors in cybersecurity.
Serious Games for Cybersecurity: How to Improve Perception and Human Factors
Vita Santa Barletta;Miriana Calvano;Antonio Curci;Antonio Piccinno
2023-01-01
Abstract
Cybersecurity is a growing problem in today’s technological innovation and new digital economy. Threat actors cause a danger to people’s safety or lead to the compromise of intellectual property, either sold on the dark web or used as leverage for ransom. Many executives believe cybersecurity is the responsibility of Information Technologies (IT). It is everyone’s responsibility. Countering cyber threats requires focusing on people and behaviors and cognitive models; the mere technicalities are not enough to face the issue. With this in mind, the following research analyzes existing frameworks in the literature for developing serious games for cybersecurity. They are developed to train and educate individuals in various aspects of cybersecurity, including threat detection, incident response, and risk management. Moreover, combining serious games and Explainable Artificial Intelligence (AI) can be a powerful approach to cybersecurity training and education. By integrating Explainable AI techniques into serious games, users can better understand the decision-making processes within the game environment. Players can learn how to interpret the explanations provided by AI models, identify potential limitations or errors, and make decisions based on both AI-generated insights and their own domain knowledge. This combination equips individuals with the skills to improve perception and human factors in cybersecurity.I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.
