Designing Effective Cybersecurity Awareness Program for Elderly

Project Overview

Section 1: Project Overview
1.1 Problem definition - use one sentence to summarise the problem:
According to (Szewczyk and Furnell 2009), security awareness programs for the elderly are not appropriate for them as their designs don’t consider neurocognitive changes in aging and psychological aspects in triggering and adopting a behaviour change online

1.2 Project description - briefly explain your project:
the project is to produce a security awareness material for the elderly (65+). The artefact will be to create a website and include the awareness material based on security awareness techniques, considering the neurocognitive changes in aging and psychological aspects on how to change behaviours online. 
The security awareness program will be tailored to the 3 Most Common Cyber Attacks Used Against Older People (Sayak Boral 2018). These are;
1.Phishing attacks
2.consumer fraud
3.identity theft

1.3 Background - please provide brief background information, e.g., client, problem domain:
My target audience will be elderly people (65+). According to (Office for National Statistics 2018) adults aged 65 and over were more likely than any other age group to be a victim of either fraud or computer misuse.
According to age UK, it is quite challenging to encourage behaviour change for awareness programs they make. So, I will take into consideration theories of changing behaviour before designing a security awareness material for the elderly

1.4 Aims and objectives – what are the aims and objectives of your project?
The aim will be to design and develop a better security awareness program for the elderly (65+) to improve awareness. This will take into consideration the neurocognitive changes in aging and the psychological aspects of changing and adopting a secure behaviour online

Objectives 
To produce an artefact which is an effective awareness material, I will need to;

1)Focus on the literature review on the review stage, the research will include existing security awareness material for the elderly people.
2)Review different theories of behaviour, changing behaviour through books and journals.
3)Identify neurocognitive changes that occur when aging.
4)Develop an understanding of individuals’ behaviour when faced with the threat of cyber-attacks is a valuable part of addressing cyber security and mitigating such attacks.
5)Identify the best way for people to retain information and change their behaviour to have a successful awareness campaign
6)Create a website to improve individual Internet users’ cyber security actions online and to reduce the amount of people in the UK who fall victim of cybercrime
7)To measure and evaluate the success rate of the Cybersecurity Awareness campaign to understand the overall effectiveness.

Problem Definition

Below is section 1 and section 3
Section 1
Billions of dollars in losses accrued to Internet users due to cyber-attacks that exploit human vulnerabilities (Abawajy, 2014). According to Yar and Steinmetz (2019), society increasing dependence on computer technology makes us more vulnerable to the exploitation of these systems by hackers. In our digital age, the issues for cybersecurity are no longer just for the technology companies, they matter to us all. The younger generations today are digital natives, having grown up in a world where the internet and computer are natural features (Singer and Friedman, 2013). On the other hand, we have the older generation who majority of them find the internet and all its issues new and confusing. Although the problem is not solely age as some young people still don’t know the key threats and issues online and some older people would have a better understanding of the dangers online. The UK has an ageing population with the age group 85+ being the fastest growing age group (Age UK, 2019 ; Office for National Statistics, 2018). With this, we would continue to see an increase on the number of older people who now use the internet. In a report by the Office for National Statistics (2019), recent internet use in the 65 to 74 years age group increased from 52% in 2011 to 83% in 2019, closing the gap on younger age groups and since 2011, the percentage of adults aged 65 years and over who had never used the internet has declined by 29 percentage points to 29%. This only means the potential risk of disclosure of data and security incidents are high as cyber criminals will take advantage of their lack of awareness.
With the implementation of the general public using the Internet of Things (IoT) in daily life, there is now an increasing number of physical objects feature an IP (Internet Protocol) address for internet connectivity and use the Internet for communication (Hernández-Ramos et al., 2013). This increasing dependence on the internet from the public and the increasing number of IP addresses online should also involve a strong implementation of cybersecurity to keep people safe online but guaranteeing security often proves to be difficult. According to de Bruijn and Janssen (2017), the issue of security is not limited to organisations but also relevant to the public as cybercrimes can be said to impact everyone in our society. This is seen in a survey by Age UK that found that 53% of older people (aged 65+) believe they have been targeted by fraudsters. While that many do not respond - of those who do, 70% of all age groups said that they had personally lost money. The survey of over 1000 people by Age UK also revealed that a third of older people who responded to a scam may have lost £1,000 or more (Action Fraud, 2015). Because organisations and businesses are constantly attacked by cybercriminals for many reasons which include things like espionage and the huge potential for financial rewards, cyber security awareness programs are mostly focused on them (Bada and Sasse, 2014). But, the general public specifically the elderly adults still need more awareness programs provided for them as cybercriminals tend to  take advantage of their lack of awareness (Trend Micro, 2014). 
The main purpose of cyber security-awareness campaigns is to influence the adoption of secure behaviour online. However, effective influencing requires more than simply informing people about what they should and should not do (Bada and Sasse, 2014).
For it to be successful, people need, first of all, accept that the information is relevant, secondly, understand how they should to respond, and thirdly, be willing to do this in the face of many other demands (Rogers, 1985 ; Witte, 1993)

Proposed solution
According to (Szewczyk and Furnell, 2009), security awareness programs for the elderly are not appropriate for them as their designs don’t consider neurocognitive changes in aging and psychological aspects in triggering and adopting a behaviour change online. Background research will be done on the study, acquiring information from books, academic journals and conferences to determine the best approaches when it comes to developing project artefact. To measure and evaluate the success of the artefact, quantitative and qualitative research methods like feedback forms and quizzes will be used.
Project Rationale 
The UK has an ageing population (Age UK, 2019 ; Office for National Statistics, 2018). By 2030, one in five people in the UK (21.8%) and the fastest growing age group is 85+ (Age UK, 2019). In a report by the Office for National Statistics , there has been an exponential growth on the number of people who now use the internet in the age group 65+. This only means the potential risk of disclosure of data and security incidents are high as cyber criminals will take advantage of their lack of awareness.
Project Artefact 
The artefact is going to be a website created using WordPress. The security awareness program will be tailored to the 3 Most Common Cyber Attacks Used Against Older People listed below.