Loss Aversion and Fixed Reward in Gamified Cyber Security Training
摘要
Cyber threats continue to evolve yet research indicates that existing cyber security training programmes are often ineffective, leaving users feeling discouraged rather than empowered. As a result, there is a pressing need to redesign these programmes to enhance both engagement and learning outcomes. This study investigates the impact of two points-based gamification mechanisms, loss aversion (LA) and fixed reward (FR), on cyber security knowledge and user engagement. We developed two gamified web applications to implement LA or FR respectively, while incorporating identical core content alongside additional gamification elements, such as scenario-based learning and exploration. A total of 27 participants completed the training and evaluated the applications through an initial and end cyber security knowledge assessment, and a user engagement survey. Findings indicate that while LA was more effective in improving cyber security knowledge, FR received higher scores for user engagement. These results suggest that both LA and FR offer distinct advantages, with suitability depending on the specific training context.