Cyber Security

Awareness
Among
University
Students: A Case
Study
01 Introduction
02 Literature Review
03 Methodology
04 Results and Findings
05 Conclusion
Introduction
Today's global connectivity enables
seamless communication across regions,
but it also exposes organizations to
cyber threats, potentially leading to
economic downturns. Nigeria, as a
prominent African nation, faces
heightened cybercrime risks due to its
large population and inadequate
cybersecurity awareness. This study
aims to assess cybersecurity knowledge
among Nigerian university students,
examine its inclusion in academic
curricula, and determine the necessity of
awareness programs.
The
objectives
The objectives of this paper are to
survey Nigerian Universities to
investigate the following:

01
To identify the level
of basic knowledge
of cybersecurity
among university
students in Nigeria

02 03
To identify if To identify if the
cybersecurity is among cybersecurity
their curriculum or a awareness program is
seminar class needed or not.
Literature Review
Research underscores the prevalence of
cybercriminal tactics like email, network
traffic exploitation, and user profiling.
With 4.9% of students engaging in
cyberstalking, it's evident that
individuals, particularly those lacking
cybersecurity awareness, are at risk.
Heightened cybersecurity education can
mitigate basic attacks, emphasizing the
importance of awareness in reducing
successful cyber incidents.

Youth Vulnerability
Young people face heightened
vulnerability to cyber-attacks
due to their extensive use of
technology for education and
communication.
Educational Exposure
The availability of online and
offline educational resources
exposes university students to
potential cyber risks.
Preventive Measures and
Awareness
Implementing preventive
01 02 measures and increasing
information security
awareness directly enhance
security performance.
Behavioral Impact
04 03 Knowledge of information
security significantly
influences individuals'
behavior, reducing the
success rate of cyberattacks.
A survey conducted among students at
New England University's business
department revealed a positive perception
of Information Security Awareness
Training (ISAT), highlighting its
significance in bolstering cybersecurity
(Kim, 2014). Conversely, research in the
Middle East highlighted a lack of clarity
regarding effective training methods to
mitigate cyber-attacks (Aloul, 2012).
Given the susceptibility of universities to
cyber threats, integrating cybersecurity
training into security management plans is
imperative. Effective awareness programs
and training are essential for fortifying
cybersecurity measures and minimizing
risks.
Simulation tools like CyberCIEGE
enhance information security awareness
for students, staff, and professionals
(Pastor, Díaz, & Castro, 2010), while
surveys reveal challenges in applying
security knowledge in real life (Slusky
& Partow-Navid, 2012). Studies in
regions like Tamil Nadu, India,
Malaysia, and the US Pacific Northwest
show varied awareness levels,
emphasizing the need for
Simulation Tools for Security
Awareness

researchers have emphasized the need for

simulation tools to enhance information
security awareness among students, staff, and
professionals. Tools like CyberCIEGE have
demonstrated effectiveness in improving
cybersecurity awareness programs
Challenges in
Security Awareness
A survey conducted at California State
University revealed that the primary issue
with security awareness lies not in basic
knowledge but in how students apply it in
real-life situations
Student
Awareness Levels
In a study among college
students in Tamil Nadu, India,
70% were aware of basic virus
attacks and used antivirus
software. However, 11% still
used outdated antivirus, and
over 97% were unaware of
virus sources
Methodology
This research employs a quantitative
approach, utilizing a questionnaire-based
survey distributed online. The targeted
participants are university students in Nigeria,
chosen for their daily interaction with
information and their future roles as
employees. The questionnaire, comprising 19
main questions and five demographic
inquiries, aims to assess participants'
cybersecurity awareness. The estimated
completion time for the survey is 15 to 20
minutes.
The questionnaire focuses on various aspects,
including basic cybersecurity knowledge, trust,
privacy, password management, the willingness
to learn cybersecurity, and the integration of
cybersecurity awareness programs into the
curriculum. The question protocol is derived
from previous studies by Moallem (2018) and
Al-Janabi & Al Shourbaji (2016), ensuring
alignment with established research
methodologies.
Results and Findings
The questionnaire link was distributed and takes one
month for respondents to answer the
questions before the link is disabled. A total number
of 408 students have filled the questions and
out this 408, filtration was made to see of some
questions were not answered or left blank. A
total number of 41 were identified and are deleted
from the results due to not completing one
question among the questions given. A total number
of 367 are identified to be valid and the
analysis will be conducted using these samples.
Demography
The completed survey consists of
demography data which include age and
gender were collected. Out of 367
responders, 18- 20 ages are 50 students, 21-
25 are 200 students, and 26 – 30 are 117
respectively and in gender, males are 308,
and females are 53 and those that answered
prefer not to say are 4. From this analysis is
shown most responders are male and
between the age of 21 to 25.
do you consider yourself
knowledgeable about the concept
of cybersecurity, to determine the
basic knowledge of cybersecurity ?

approximately half are uncertain about the concept.

When combining the "No" and "Maybe" responses,
totaling 172, it becomes evident that there is a significant
need for educating students on cybersecurity concepts.
For instance, when asked about Two-Factor
Authentication (2FA), only 162 out of 367 students
reported knowing and using it, indicating a lack of
familiarity among the majority. Similarly, a substantial
number of students (219 out of 367) admitted to opening
emails from unfamiliar senders, suggesting a lack of
awareness regarding phishing attacks. Furthermore, the
survey highlights concerning behaviors, such as sharing
credential information via email, emphasizing the urgent
need for cybersecurity awareness initiatives to mitigate
potential risks to student information and university
security.
The survey findings reveal that the vast majority of
students are aware of 419 scams, with 306 out of 367
respondents stating they do not send personal
information to unknown individuals. This suggests
heightened awareness, particularly regarding financial
security matters. Additionally, when asked about
rejecting app permissions, 210 students responded
affirmatively, indicating a cautious approach towards
granting access to sensitive information. However,
regarding understanding the distinction between HTTP
and HTTPS, only 197 students answered positively,
highlighting a need for further awareness efforts.
Similarly, a significant number of students (276 out of
367) reported a lack of understanding regarding the
concept of phishing, emphasizing the importance of
enhancing both theoretical knowledge and practical
skills in cybersecurity awareness initiatives.
do you use debit or credit
cards at an outdoor payment
machine?

• 234 respondents said yes to using debit/credit

cards for payments.
• 111 respondents said no, while 20 were unsure.

Majority of students utilize cards for payments,

indicating a lesser need for awareness on cashless
transactions. However, awareness on identifying
legitimate and fake sites during payments is
crucial.
What about Shopping from
Social Networks/Email Ads?

• 177 students admitted to shopping from

products advertised on social networks or
private emails.
• 168 students said no, with 20 unsure.
Although most students refrain from purchasing
products recommended via the recommender
system, a significant number still engage in such
transactions, posing a potential phishing threat.
Awareness on safe online shopping practices is
necessary.
What about Importance of
Reading User Agreements ?

• 274 respondents believe it is important to

read user agreements before clicking "I
accept.“

• 62 respondents disagreed, while 29 were

uncertain.
 The question asked was
when using the computer
system and the Internet, what
do you feel secure?
• 169 respondents out of 367 expressed concerns
about privacy.
• 111 respondents disagreed, while 85 were
unsure.
• Combining the "No" and "Maybe" responses, a
total of 199 students were uncertain about their
online security.
• This highlights students' discomfort with
internet usage and underscores the necessity
for educating them on secure internet
practices.
have you 195 student answerd
ever rejected
153 disagreed
a mobile app
request for 17 uncertain.
accessing
your
contacts,
camera, or
location?
do you have Out of 367
respondents out of
reason to 367 expressed
believe that confidence when
online.
you are
143 student
being respondents
observed disagreed, with 35
uncertain.
online
without your While the majority trust the
internet, nearly half expressed
consent? distrust or uncertainty, indicating
varied levels of trust among
students.
do you use a harder-to-guess
password to access your bank account
than to access your social networking
accounts ?
• Out of 367 respondents, 204 stated they do not
use hard-to-guess passwords.
• 139 respondents reported using such
passwords, while 22 were uncertain.
• Majority of students are not using secure
passwords, indicating a lack of awareness
regarding password management best
practices.
if students want to learn more about
Cybersecurity ?

• Out of 365 respondents, 346 expressed a desire

to learn more about cybersecurity.
• Only 12 students disagreed, with 7 uncertain.
• This overwhelming majority indicates a strong
desire and need among students to enhance
their knowledge of cybersecurity.
• The results underscore the critical importance
of awareness initiatives to meet the educational
needs of students in cybersecurity.
if students are willing to take a
cybersecurity course when made as a
curriculum

• 328 out of 367 respondents expressed a strong

willingness to include cybersecurity as a
course in their curriculum.
• This overwhelming consensus highlights a
significant gap in university offerings,
indicating a need for awareness among
university management regarding the demand
for cybersecurity education.
Importance of Information
Security Officer :

• When asked about the importance of having an

information security officer in academic
institutions:
• 325 out of 367 students agreed on the necessity
of such a role.
• This suggests a lack of security officers
currently present in universities, emphasizing
the importance of raising awareness among
academic institutions about the need for
dedicated personnel to address information
security concerns.
 Conclusion
The survey results indicate a concerning lack of basic
cybersecurity knowledge among university students in Nigeria.
Despite initial indications of some awareness, subsequent
questions revealed significant gaps in understanding, particularly
regarding password management and phishing attacks. There is a
clear absence of cybersecurity programs within Nigerian tertiary
institutions, yet there is strong student demand for such education,
as evidenced by the majority expressing a desire to learn more
about cybersecurity and support for its inclusion in university
curricula. These findings highlight the urgent need for
cybersecurity awareness initiatives to address the knowledge gaps
and meet students' educational needs effectively.
 Mohamed Aymen Safy
Mohamed Hussein Nasary
Abdallah Abdo Ahmed
Mohamed Atta Ahmed
TEAM Ahmed Abdelkareem Fadel
THANK YOU