Cybersecurity awareness framework for academia

Mohammed Khader, Marcel Karam, Hanna Fares

Research output: Contribution to journalArticlepeer-review

20 Scopus citations


Cybersecurity is a multifaceted global phenomenon representing complex socio-technical challenges for governments and private sectors. With technology constantly evolving, the types and numbers of cyberattacks affect different users in different ways. The majority of recorded cyberat-tacks can be traced to human errors. Despite being both knowledge-and environment-dependent, studies show that increasing users’ cybersecurity awareness is found to be one of the most effective protective approaches. However, the intangible nature, socio-technical dependencies, constant technological evolutions, and ambiguous impact make it challenging to offer comprehensive strategies for better communicating and combatting cyberattacks. Research in the industrial sector focused on creating institutional proprietary risk-aware cultures. In contrast, in academia, where cybersecurity awareness should be at the core of an academic institution’s mission to ensure all graduates are equipped with the skills to combat cyberattacks, most of the research focused on understanding students’ attitudes and behaviors after infusing cybersecurity awareness topics into some courses in a program. This work proposes a conceptual Cybersecurity Awareness Framework to guide the implementation of systems to improve the cybersecurity awareness of graduates in any academic institution. This framework comprises constituents designed to continuously improve the development, integration, delivery, and assessment of cybersecurity knowledge into the curriculum of a university across different disciplines and majors; this framework would thus lead to a better awareness among all university graduates, the future workforce. This framework may be adjusted to serve as a blueprint that, once adjusted by academic institutions to accommodate their missions, guides institutions in developing or amending their policies and procedures for the design and assessment of cybersecurity awareness.

Original languageEnglish (US)
Article number417
JournalInformation (Switzerland)
Issue number10
StatePublished - Oct 2021


  • Awareness
  • Computer science
  • Content design
  • Courses
  • Curriculum
  • Cybersecurity
  • Education
  • Framework
  • Information technology

ASJC Scopus subject areas

  • Information Systems


Dive into the research topics of 'Cybersecurity awareness framework for academia'. Together they form a unique fingerprint.

Cite this