Figure - uploaded by Saleh Aldaajeh
Content may be subject to copyright.
GQO+Strateiges Application using NICE Lexicon Cybersecurity Curricula Alignment Framework
Source publication
Digital information and telecommunication technologies have not only become essential to individuals’ daily lives but also to a nation’s sustained economic growth, societal well-being, critical infrastructure resilience, and national security. Consequently, the protection of a nation’s cyber sovereignty from malicious acts is a major concern. This...
Similar publications
Cybersecurity systems are crucial for safeguarding information assets across various sectors, including government, military, and commercial domains. In Saudi Arabia, cybersecurity has gained significant importance within the national security strategy, resulting in substantial investments in technologies to protect information assets, combat cyber...
In today's hyper-connected world, implementing security in cyberspace has become a global strategic priority. As technology’s role in society increases, cybersecurity becomes an increasingly bigger challenge. In addition, the cyber threat landscape is evolving, with the emergence of new risks and the sophistication of existing threats. Cybercrimina...
This paper explores the dual role of artificial intelligence (AI) technologies in Ukraine’s post-war economic recovery and cybersecurity using Agent-Based Modeling (ABM). The simulation reveals that sectors like manufacturing and banking rapidly adopt AI due to clear productivity and security benefits, leading to positive spillover effects across t...
Veteran-owned small businesses (VOSBs) play a crucial role in the economic landscape, offering unique perspectives and fostering innovation. However, they face distinct security challenges due to limited resources, evolving cyber threats, and vulnerabilities associated with rapidly digitizing business operations. Risk-based security models provide...
Citations
... En el caso de España, el 34 % de las pequeñas y medianas empresas no tiene previsto invertir en digitalización, al menos en los próximos tres años (BEI, 2022 Esta alarmante desconfianza ha hecho que la ciberseguridad se convierta en uno de los elementos de estudio e investigación de mayor relevancia en el área de las TIC, y el mayor problema del uso de Internet en las escuelas (Gamito y Olasolo, 2017;Duque y Jódar, 2024;Bailén, 2024). No solamente se necesita mejorar las tecnologías hacia este ámbito sino las políticas, los procedimientos y la formación de las personas relacionadas con estas tecnologías de modo coordinado (Florackis et al., 2023;Pillajo y Ávila, 2023;AlDaajeh et al., 2022;Mendivil et al. 2022;Soletic et al., 2020;Aguilar, 2019;Sabillón y Cano, 2019;Pons, 2017;Santiago y Sánchez, 2017;Joyanes, 2017;Carlini, 2016;Maroto, 2009). Nuevamente, la pregunta es otro corolario necesario: ¿debemos digitalizar la escuela cuando la sociedad desconfía de la digitalización? ...
... Reflecting on the likely, ongoing weaknesses to govern hacking tools should create an appropriate level of expectation that offensive and pro-active strategies to manage hacking tools will have limited impacts on the long-term future of cyber insecurity and instead emphasise the importance of defensive cyber-security efforts. On balance, harm minimisation strategies for dealing with the multitude of threats created by a multi-layered ecosystem of hacking tools should have a preponderance for building suitable defence that includes national and international cybersecurity strategies (Sabillon et al. 2016), wider cybersecurity education (Cabaj et al. 2018;Al Daajah et al. 2022), suitable investment in security (see e.g., Paul and Wang 2019; Gordon et al. 2015), amongst other policies to pursue optimal security postures. Such efforts should take notable effort to conceive widely the full variety of potential victims that are impacted by the multitude of hacking tools from victims of domestic violence, to schools, hospitals, in addition to high-end political actors and major critical infrastructure. ...
Tools developed for the purpose of unilaterally exploiting computer systems and their communications will pose a persistent policy and regulatory problem. Regulation of hacking tools to date, however, has been piecemeal, inconsistent and often incoherent. Some of this incoherence is a result of semantic uncertainty about how to define hacking tools with scholarship, commentary, and regulatory efforts using a variety of terminology to refer to a related set of items that have no clear definitional boundaries or technical coherence. This paper attempts to reconcile these semantic issues with the need to take productive regulatory steps by articulating how hacking tools emerge from multiple sources that have different ecologies of production and distribution creating unique regulatory challenges and dynamics. Reflecting on these challenges can inform better governance of hacking capabilities whilst also identifying clear regulatory constraints that will persist over the long‐term.
... 4 of 34 Effective design in both approaches requires alignment between the chosen strategy (gamification or DGBL), the developmental stage of the target users (primary school children), and the specific health promotion objectives. This alignment ensures that the intervention addresses both the cognitive capabilities and motivational factors relevant to the target age group [66][67][68][69]. ...
Background and Objectives: This study examines the distinction between gamification and Digital Game-Based Learning (DGBL) in health education, introducing the iLearn4Health platform designed to enhance health literacy among primary school students aged 6-12. The research investigates how DGBL's integration of educational content into gameplay mechanics affects user engagement and learning outcomes compared to superficial gami-fication approaches. Materials and Methods: Developed through international collaboration across five European countries, the iLearn4Health platform features six health-focused modules with age-appropriate content and multilingual support. The study analyzed platform usage data from 337 teachers across 24 schools, tracking engagement metrics, including complete steps, progress ratios, and time spent. Multiple statistical approach-es—descriptive analysis, correlation analysis, ANOVA, regression modeling, and cluster analysis—were employed to identify engagement patterns and their predictors. Results: Analysis revealed a distinctive bimodal distribution of user progress, with 52.8% showing low engagement (progress ratio 0.0-0.2) and 35.3% demonstrating high engagement (pro-gress ratio 0.8-1.0). A strong positive correlation (r=.95, p< .001) between time spent and steps completed indicated that sustained engagement predicted educational progression. Multiple regression analysis identified initial engagement as the strongest predictor of overall progress (β=0.479, p< .001), followed by country effects (Romania vs. Cyprus, β=0.183, p=.001) and age (β=0.108, p=.049). Cluster analysis revealed three distinct user profiles: high engagers (35.3%, n=119), early dropouts (52.8%, n=178), and selective en-gagers (11.9%, n=40). Cross-country analysis showed significant variations in platform engagement, with Romania demonstrating 53% higher average progress ratios than Cy-prus (0.460 vs. 0.301, p< .01). Conclusions: The iLearn4Health platform reflects the effec-tiveness of DGBL—distinct from gamification—for health education in primary schools. The platform supports knowledge acquisition and behavioral change by integrating health concepts directly into age-appropriate game environments rather than merely adding game elements to existing content. Identifying initial engagement as the strongest predictor of overall progress highlights the critical importance of early user experience in determining educational outcomes. The platform's comprehensive approach to DGBL in primary health education establishes a framework for creating effective digital interven-tions that recognize the unique developmental needs of primary school children while adapting to diverse educational contexts.
... Conversely, men, particularly those scoring high on extraversion, were more likely to engage in risky online behaviors, such as sharing sensitive information on social media platforms. Educational attainment emerges as a critical determinant of cybercrime awareness, with individuals possessing higher levels of education exhibiting greater proficiency in recognizing and mitigating cyber threats (AlDaajeh et al., 2022). Power & Bello (2022) found that individuals with a college degree were 50% more likely to employ advanced cybersecurity measures, such as two-factor authentication, compared to those with only a high school diploma, underscoring the pivotal role of education in fostering cyber resilience. ...
The inexorable proliferation of digital technologies has precipitated an unparalleled escalation in cybercrime, necessitating a profound and multifaceted understanding of the latent interrelationship between cybercrime awareness and personality traits. This scholarly review paper synthesizes empirical evidence to elucidate the intricate dynamics underpinning this relationship. Employing a multidisciplinary lens, this paper scrutinizes how individual differences in personality traits, as delineated by the Five-Factor Model (FFM), influence cybercrime awareness and susceptibility. Furthermore, the review integrates trend analyses and data visualizations to underscore the evolving nature of cybercrime and its psychological correlates. The findings reveal a nuanced interplay between conscientiousness, neuroticism, and openness to experience in shaping cybercrime awareness, while also highlighting the mediating role of socio-demographic factors. This paper concludes with a clarion call for interdisciplinary research to develop targeted interventions that mitigate cybercrime vulnerability.
... [27], [11], [5], [8], [9], [45], [46], [47], [48], [49] ...
As the utilization of digital learning applications is increasing rapidly, cybersecurity has become an emerging concern all over the world. Since everything is going online, so, it becomes important to be aware of cybersecurity assaults. Various studies have been undertaken to determine the extent of cybersecurity awareness among students. During the contemporary pedagogical epoch of the COVID pandemic, diverse learning strategies and protocols have been developed to enlighten students about cybersecurity. The current work aims to gather and assemble assorted methods along with some approaches in a single distribution. An in-depth study of these learning strategies paves the way for further planning and creating new technologies by merging already existing techniques. Moreover, new IoT, as well as machine learning tools and techniques, can be further embedded in the above strategies.
... Cyber science education includes learning about essential topics, including network security, data protection, digital forensics, and ethical hacking. The necessity of cyber education within computer science continues to increase because cybersecurity advances rapidly, thereby creating an urgent need for skilled professionals (AlDaajeh et al., 2022). Cyber science education relies heavily on the effective connection between theoretical knowledge and practical implementation. ...
... We will conduct data analysis to discover useful information about the best teaching practices for curriculum creation in this field. This section focuses on finding value in the data through a methodical assessment that uncovers both the advantages and disadvantages of computer science cyber education (AlDaajeh et al., 2022). The connection between education needs and industry requirements gets strengthened through cyber education because of its vital role. ...
... The education offers students keys to acquire essential knowledge that matches industry standards. Cyber science education reveals two key benefits by teaching students to think critically and solve problems that cybersecurity demands as essential for success (AlDaajeh et al., 2022). The rapid and constant changes in cybersecurity create obstacles that impact the delivery of cyber education. ...
The growing demand for cybersecurity specialists motivates employers to find job candidates with relevant expertise and practical cybersecurity experience. Educational institutions can develop successful cybersecurity professionals through complete cyber science programs that merge theoretical knowledge with practical training. This trained workforce stream helps organizations develop professionals who deal professionally with digital landscape challenges that shift over time. Through excellent cyber education, computer science graduates secure better career prospects. The teaching profession requires teachers to adopt creative learning techniques and practical educational activities because students need proper preparation for the latest cybersecurity developments. The need for cyber education funding investments requires policymakers to understand the immediate importance along with implementing projects that advance academic-industry collaborations.
... In the aspect of education, educational institutions in the UAE can play a significant role in shaping the extent of knowledge and awareness among graduates about cybersecurity and the challenges associated with working in a digital work environment. This role can be guided by the national strategies launched to promote cyber security in the country (AlDaajeh et al., 2022). Based on this, graduates could be prepared to be equipped with the necessary knowledge and capabilities that positively contribute to the motivation of employees to adhere to the best practices related to maintaining cyber security and preventing its attacks and managing its challenges (AlDaajeh et al., 2022;UAE, 2022;Aliebrahimi and Miller, 2023). ...
... This role can be guided by the national strategies launched to promote cyber security in the country (AlDaajeh et al., 2022). Based on this, graduates could be prepared to be equipped with the necessary knowledge and capabilities that positively contribute to the motivation of employees to adhere to the best practices related to maintaining cyber security and preventing its attacks and managing its challenges (AlDaajeh et al., 2022;UAE, 2022;Aliebrahimi and Miller, 2023). ...
... Improving the capabilities of managers in the digital aspect in the UAE context is essential to avoid the negative effects of cybersecurity threat. When considering the aspect of the organisational that have already experienced cybersecurity attacks, the role of managers skills and capabilities should be considered in a more serious extent due to the role that can be played by utilizing the skills and capabilities among managers in implementing the guidelines and recommendations highlighted in the national strategies and initiatives targeting the promotion of cyber security awareness and best practices associated with maintaining safety and productivity in the public sector (AlDaajeh et al., 2022;UAE, 2022;Aliebrahimi and Miller, 2023). ...
Technological developments have seen a rapid evolution in the last decade. The complexity and cyber-attacks increase within the advancement of technology and artificial intelligence, this creates pressures for corporations to adopt the necessary methods to ensure they function in a safe environment. This study attempts to assess the role of managers’ informational security intelligence (MISI) along with procedural information security countermeasure awareness (PCM) and cybersecurity protection motivation in promoting cybersecurity protective behaviour among employees in the public sector within the context of UAE. The study employs quantitative cross-sectional design with primary data collected from 520 employees in nine listed organisations in the public sector of Abu Dhabi, UAE. The data is analysed using Partial Least Square Structural Equation Modelling (PLS-SEM). The findings indicated that perceived threat susceptibility, self-efficacy, information security problem-solving, and social competence significantly affect cybersecurity protective behaviour. Additionally, MISI positively influences PCM, which in turn affects cybersecurity protection motivation. Finally, attitude moderates the relationship between self-efficacy and cybersecurity protective behaviour. The study extended the protection motivation theory by investigating the capabilities and competences of managers related to information security in addition to adding the attitude as a moderating variable. The findings offer valuable insights for policy makers in the aspect of ensuring the implementation of cyber security national strategies; for managers in organisations in the aspect of promoting awareness and capabilities among themselves and among their employees through educational and training programs to enhance their cybersecurity practices and mitigate risks.
... In 2022, Sunwing Airlines were forced to cancel 188 flights and leave passengers stranded at airports for over three days, all due to a cyber attack on their supplier's systems. These are just a few of an ever-growing list of cyberattacks that are altering different spheres of daily life, making cybersecurity one of the core foundational issues of modern global security concern [9]. ...
With the rapid development of technology and the acceleration of digitalisation, the frequency and complexity of cyber security threats are increasing. Traditional cybersecurity approaches, often based on static rules and predefined scenarios, are struggling to adapt to the rapidly evolving nature of modern cyberattacks. There is an urgent need for more adaptive and intelligent defence strategies. The emergence of Large Language Model (LLM) provides an innovative solution to cope with the increasingly severe cyber threats, and its potential in analysing complex attack patterns, predicting threats and assisting real-time response has attracted a lot of attention in the field of cybersecurity, and exploring how to effectively use LLM to defend against cyberattacks has become a hot topic in the current research field. This survey examines the applications of LLM from the perspective of the cyber attack lifecycle, focusing on the three phases of defense reconnaissance, foothold establishment, and lateral movement, and it analyzes the potential of LLMs in Cyber Threat Intelligence (CTI) tasks. Meanwhile, we investigate how LLM-based security solutions are deployed and applied in different network scenarios. It also summarizes the internal and external risk issues faced by LLM during its application. Finally, this survey also points out the facing risk issues and possible future research directions in this domain.
... In exploring these vulnerabilities, we consider a range of factors. Firstly, we examine technical weaknesses such as injection flaws, broken authentication, and insecure coding practices, which are identified through research and leave applications susceptible to exploitation [9] [10]. Secondly, we analyze platform variations, acknowledging how vulnerabilities manifest differently on web and mobile platforms due to factors like server-side security and API access [11] [12] [13] [14]. ...
... AlDaajeh's study [9] examines SQL injection vulnerabilities in mobile banking apps, a prevalent cyber threat. SQL injection involves inserting malicious SQL statements into entry fields, risking user data and financial security. ...
... Examining the prevalent vulnerabilities, platform variations, and potential consequences, several critical findings emerged. Based on the included studies, SQL injection emerged as a significant threat, especially in mobile apps, as highlighted by AlDaajeh and Yuan [9]. This attack technique allows malicious actors to inject malicious code into database queries, potentially leading to unauthorized data access, manipulation, or theft. ...
... Example 5 (Hyperfuzzy Set in Cybersecurity: Intrusion Suspicion Levels). Cybersecurity is the practice of protecting systems, networks, and data from cyber threats, unauthorized access, attacks, or damage using policies, technologies, and monitoring [19,7]. Network Intrusion is unauthorized access, exploitation, or compromise of a network's resources, data, or services by attackers using malicious techniques, requiring detection and prevention [99,96,91,147]. ...
Rough Sets approximate subsets by defining lower and upper bounds, effectively capturing uncertainty through equivalence classes or indiscernibility relations. Additionally, concepts such as Fuzzy Sets, Neutrosophic Sets, and Soft Sets are well-known for addressing uncertainty, with numerous applications explored in various fields. This paper extends these foundational concepts by introducing six advanced frameworks: the Hyperfuzzy Rough Set, Hyperfuzzy Hyperrough Set, HyperNeutrosophic Rough Set, HyperNeutrosophic Hyperrough Set, Hypersoft Hyperrough Set, and Multigranulation Hyperrough Set. These new models aim to enhance the theoretical understanding and practical handling of uncertainty.
