Entrepreneurship in Cybersecurity
“This course is designed to help students enhance their personal and professional development through innovation guided by faculty members and professionals. It offers students an opportunity to integrate disciplinary theory and knowledge through developing a nonprofit program, product, business, or other initiative. The real-world experiences that entrepreneurships provide will help students understand how academic knowledge leads to transformations, innovations, and solutions to different types of problems. The course can be delivered either as an independent project for individual students or as group projects similar to those sometimes offered in topics courses.” ODU catalog 2023
The following Is a collection of the images, reflections, and papers I generated for my groups capstone project. The images were generated using TaleSpire software. Our Idea was to create an interactive video game to engage young children with cybersecurity concepts.
Group Project Proposal: (This was our groups initial thought process)
1: What is the problem you are addressing? (problem)
The lack of educational options for K-5 students in regard to Cybersecurity related best practices. Unlike children of my generation, today’s children are born into a digital reality. From before they even start their educational journey they are exposed to the digital realm. The digital realm comes with its own unique threats and challenges. Much as we have taught children of the past not to touch the hot stove or concepts such as “stranger danger”; we have an obligation to today’s youth in teaching them how to be safe in their digital reality, same as their physical one. Digital children are “born with a smart phone in hand” and like the proverbial hot stove, must be taught to handle it safely.
2: How do you know it’s a problem? (context)
The federal government has enacted programs to advance the United States’s proficiency within the digital world. In many ways we are playing catch up with our peer nations and criminal elements alike. As our education system has been exposed to digital threats, misinformation, and theft of student data; it has become even more crucial than before to educate US citizens in the best practices when engaging in the cyber realm. These threats are not limited to any age category and given that today’s youth are born directly into the cyber realm, it is imperative that they are instructed on how to interact safely within it.
3: What are going to do about the problem? (solution)
Setting aside the “doom and gloom” narrative that is often encountered from media sources across the country, educating the person to the reality of socially engineered cyber attacks has proven to be one of the best avenues to countering cybersecurity threats. There already exist educational initiatives to address educational goals among 6-12th grade students. Our solution is to expand upon this foundation in order to instill the basic concepts of cybersecurity in the formidable k-5th grade years. This would be done through an application of educational technology with an associated focus of age-appropriate presentation. This is not a reimagining of the present initiatives but simply a refinement of the subject matter into a digestible form for a younger audience. Many of the educational tools currently in use, such as puzzle solving, escape room games, and capture the flag games, readily lend themselves to the use of “play” as an educational tool for young children.
4: What barriers do you expect to confront? (barriers)
The primary barriers that we expect to encounter would be in the realm of administrative oversite and funding. There could also be the possibility of resistance from parent groups or educational unions. The later resistance could come as religious reservations on the parent’s part or profit concerns on the part of unions. Since the pandemic, there have been many reactions on the part of educator unions regarding the role of digital learning and it effects on their clients and representatives. However, the primary barrier is still considered funding. Hence, we are targeting our program towards the Federal level as the funding for the advancement of cybersecurity education has already been identified as a need and funding set aside to address it. This will help mitigate the case of local school districts prioritizing educational goals based on booster club members administrators individual desires.
5: How will you know if you are successful? (assessment)
The primary way we would know that our initiative was successful would be the adoption of the educational program across the country. A staple curriculum of cybersecurity education becoming a permanent part of our youth’s education would be the pinnacle of success. We as cybersecurity professionals are readily aware of the risks associated with “the use through ignorance” that has led to many people falling victim to socially engineered attacks by hackers around the world. It is our desire to see our children educated in the threats that the cyber realm presents for them so that they may enjoy its enormous benefits in spite of the efforts of criminal hackers.
Group Meeting One Reflection:
In this initial meeting, our group 6 members were introduced to each other, with our group consisting of Rebecca Badu, Michael Gray, Molly Revak, and me. Once the initial ice breakers and introduction were handled, we jumped straight into discussing our individual thoughts for what our project innovation would be. We took the time to allow everyone to pitch their initial idea and then discussed which we as a group leaned more towards. In our case, we took a combination of Molly’s and Rebecca’s educational game and application suggestions. I must admit that in hindsight, my initial concept may have been a bit too technical and expansive for a one semester group endeavor. There was an elegance to the simplicity of the child educational video game approach that simply had not occurred to me. This is one of the obvious benefits of having a brainstorming session with more than oneself. By the end of our meeting, it was decided that we would target K-12 education of children utilizing a game-based format to teach cybersecurity concepts. The cybersecurity aspect was an easy sell for all involved as it was our collective Major at the university. Planning ahead, we intend to meet again next week to share research into our innovation and plan the next steps of our group endeavor.
Group Meeting Two Reflection:
Today was the follow up meeting to our first brainstorming session on the idea of our cybersecurity educational video game. We met up to share our initial research results and provide one another with references to the research we reviewed. Everyone seemed to be on task with the innovation. It was interesting to see how, even though we all were researching the exact same concept, we managed to come up with completely different research on the topic. We had not a single repeat of research papers reviewed. This also informed us that we were still lacking in a concrete direction. Some of the research gave game ideas such as capture the flag, physical escape room games and similar concepts that have been tried primarily at the High School level. We were still leaning towards a computer game, but these additional concepts gave us a lot to consider and discuss at our next meeting. The good news is that we have sufficient peer reviewed research to meet the requirements of the formal paper’s rubric. Now we simply need to further flesh out the concept and solidify the genre and other aspects of the game specifics. Our initial pitches are due soon and we plan to reconvene after we have feed back from our professor on our individual pitches.
Group Meeting Three Reflection:
So, our individual proposals went about as well as trying to eat a soup sandwich and not make a mess. Meeting three fell to simply going over each of our individual feedback from our professor. The group was very concerned about the grades and worried that we had totally misunderstood the directions. This fear is common when dealing with classes in an online format, so we decided to pause until we could have a group meeting with the professor and hash out where exactly we were going wrong.
Group Meeting Four Reflection:
Meeting four went far better as everyone’s concerns for our innovation direction were greatly soothed by our group/professor meeting. With direction from our professor, we simplified our concept more, focusing more narrowly on scope and moved our thinking from the educational system to the commercial market. We had not started our marketing research yet and were unaware of the narrow ban that educational products were forced into within the public school system. So, we have decided to move ahead with a commercial game release that targets children for the purpose of teaching proper cybersecurity hygiene concepts. We plan to meet weekly from now till the end of the project deadline.
Cosmic Intrusion: Escape the Alien Hackers
Introduction:
In today’s digital world there persists a constant stream of threats that touch on all aspects of our lives. Some threats may be benign in nature while others are pursued with an almost viral tenacity by hackers and other threat actors. This is the reality of living within the digital age. An even starker reality is that the human condition is not keeping up with that of our silicone based digital environment. From the basic concepts of password management to much more sophisticated topics such as data permission and integrated software marketing, there is a growing disconnect between the ever-changing technological landscape and the human understanding of its pitfalls. In the physical realm there is almost immediate negative feedback for poor decisions. The classic “Don’t touch the stove, it’s hot!” comes to mind. But when discussing digital harm, this feedback may come but it is far from immediate and so removed from the initial catalyst that it is hard to track what exactly inflicted the harm.
There is a vested interest on the part of the government and commercial entities to get ahead of digital threats. For working age adults, this issue is tackled through business initiatives designed to protect profit margins and government protocols to protect data integrity. However, this is a “cart before the horse” approach at best. Many of todays workforce are much like me, digital immigrants. They did not grow within a digitally dependent environment and therefore were educated, for the most part, on the job. Yet now, people growing up today are bathed in the digital reality from birth. They are digital citizens and as such exist within its boundaries. The older generation learned to navigate the digital realm and its pitfalls as adults; younger generations do not have that luxury. We must find ways to teach the younger generation that the digital stove is hot before they burn themselves, and interactive gaming is a steppingstone in the right direction for that.
We propose to tackle this issue through the introduction of a survival game title called “Cosmic Intrusion: Escape the Alien Hackers.” This title will introduce the gamer to basic cybersecurity concepts and threats through an entertaining medium. Spyware, malware, worms and trojans are the evil forces sent by the Alien hackers who are bent on the destruction of humankind as they escape from a dying earth on the Arc like spaceship the Nebula Voyager. The gameplay utilizes escape room challenges, interactive environments, and collaborative play to engage players and teach the educational goal of cyber awareness. The storyline is progressed using fantasized instructional videos to provide context and advance the narrative. As the player works their way through the storyline, they will uncover the truth of the hacker’s motives and will come to understand the urgency in safeguarding the Nebula Voyagers mainframe from this imminent cosmic threat. Will our heroes save the day, or will they falter and fall along the wayside, relegating humanity to the dustbin of history? Join us on the Nebula and ensure that humanity is propelled to the stars!
Review:
Cybersecurity elements are still growing within the context of education and comprehension of the threats the digital landscape presents. In this review we will be looking at some of the research into cybersecurity and education with a focus on the younger generation still in school.
According to Elias Chachak of the Cyber research databank (CyberDB) in his article “Cybersecurity Games for Students” he states that “cybersecurity for students is about protecting their personal information and digital assets.” (Chachak, 2017) Personal data is increasingly becoming a form of revenue for both illicit and legitimate business practices around the world. The younger generations, as digital natives, have shown a better understanding of digital concerns than their predecessors. Being born into the digital world, experience has taught them a lot of the lessons that older generations had learned the hard way. Many school age children have experiences of helping older family members program their phone, work with applications or maybe setting up WIFI. This represents a natural generational transition. As technology changes so too does the way in which we as humans interact with it. But this also creates a natural generational pitfall. “My parents are stupid.” This calls back to the trope of children, especially teenage children, thinking they know everything. Though they may have more experience in the digital world, so do the threat actors that will target them specifically, where they are and in a way that is savvy enough to take advantage of an immature attitude. That is where the responsibility of the adults must step in and ensure that our youth protect themselves adequately from digital threats. Though they may still be in school, they are by no means safe online. Afterall, today’s youth live within the cyber realm as much as they do the classroom.
“The risks children face online are growing, and the current responses aren’t nearly enough. Fixing the problem will require a comprehensive global strategy.” (David Panhans, 2022) says David Panhans in his article “Why Children are Unsafe in Cyberspace.” As he points out, the reality of our children’s world is rife with digital concerns. According to Panhans’s research, 93% of children are online by age 12, and 40% are online as young as age 8. Coupled with his findings that around 72% of children have experienced at least one cyber threat, the scope of the issue begins to come into focus. This is not a US problem alone either. This is an international issue with the Middle East, Africa and Latin American children fairing even worse than their US or EU counterparts.
The scale of threats facing our children is broad and multifaceted as well. Unwanted pop-up advertisements, age-inappropriate images, or content, bullying and harassment, unwanted sexual interactions, hacking, phishing, viruses, worms, malware, spyware, propaganda, and the list goes on. When taken within the context of the amount of time children spend online, and from early ages, it is easy to see exactly how big a target a small child can present on the world wide web. Criminals are not looking for hard targets, they prefer to do as little work as possible, so there target of choice is often the softest. We must help our children harden their armor, and control how big of a digital footprint they provide. The bigger the footprint, the easier it is for a criminal to stalk them. Children tend to be trusting, so interacting with an adult online who is pretending to be a child, is made all the more convincing because of the personal information they can glean from a child’s digital presence. From school websites to parent teacher sites or any of the social media platforms, everyone’s lives are on full display for the world. Unfortunately for us all, not everyone in the world has our best interests at heart.
The need for education and situational awareness is not the only concern when it comes to cybersecurity issues as they relate to children. We must also engage children on their level and in a way that generates interest, on their part, in cybersecurity concepts. Information Technologies (IT) are often thought to be only a math curriculum, or some far off tech class that you must be an AP student to even grasp. According to Joshua Strieff, et al in his article “Escaping to Cybersecurity Education: Using Manipulative Challenges to Engage and Educate.” Presented in the “Proceedings of the European Conference on Games Based Learning.”, “Today far too many students self-select out of a cybersecurity future due to a wide range of perceptions that are not actual impediments.” (Joshua Streiff, 2019) This illustrates the need to enhance our educational methods to captivate the younger generation and bring their experience and value forefront in the fight against online criminals. Cybersecurity is a multidiscipline field that is rooted in STEM fields and the Social Sciences alike. As a matter of fact, social engineering is at the forefront of cyber-attacks. Therefore, having a generation self-select out of cybersecurity will weaken our overall ability to handle online threats.
To garner more interest from the younger generation, we will have to target them in their space. Gaming continues to grow and the days in which gamers were considered to be the archetype school nerd hiding in his mom’s basement are long gone. Today gaming and gamers have gone mainstream, with young girls rallying to game night with a level of enthusiasm that was once considered the sole domain of young boys. If this level of interest can be captured and channeled into a positive educational format (without it seeming like an educational format) we would be able to start and close the gap of cyber-awareness as well as the negative self-selection that has been observed in school children.
The need to change the view of students on the value of STEM education or the supporting social sciences cannot be understated. Especially here in the US where student participation rates continue to decline. According to Ahmad Hazig Ashrofe Hanafi, et all in the article “A Scenario CTF-Based Approach in Cybersecurity Education for Secondary School Students.” In the “Electronic Journal of Computer Science and Information Technology”, “However, statistics show a steady drop in student enrolment in the Science stream at the secondary school.” (Hanafi, 2021) This, again, is not a US only phenomenon, it is international with world powers vying for talent out of an ever-shrinking pool of young people. According to Hanafi’s research, by engaging with students in capture the flag style digital games, we can tap into the competitive nature of online gaming to appeal to a much larger demographic. They used a scenario-based approach and their target school for the research was a Malaysian secondary school. Engagement levels, in similar US studies, have also shown a buy-in, or enhanced participation rate when the games tap into a competitive or cooperative format. With young boys gravitating to the former and young girls gravitating to the later.
Survival Genre games, as an example, utilize two different gaming aspects to cover a wider demographic. PVE or player vs environment is players playing solo or in groups and working together to “win” against their environment. PVP or player vs player is a direct competition that puts single players or groups of players into a battle royale where the winner takes all. There is also a hybrid game format where PVE and PVP elements are incorporated for the widest audience appeal and it is this format that survival games use, in contrast, the Capture the Flag game as put forth in Hanafi, et al. research would fall within the single aspect of a PVP battle royale.
The buy-in with the widest number of students is important for more than just the expansion of the STEM fields and the strengthening of the cybersecurity work force of tomorrow. It is first and foremost a reality of the modern educational landscape. In his article “Out of Crisis, Opportunity” Eyragon Eldam reflected on the reality that California schools, and schools around the globe, face, and the necessity to take an offensive posture when protecting the data that educational bodies maintain on their students. Ransomware is often used by threat actors to lock down an institution’s data in order to force them into paying to gain their access back. Eidam states “Protect yourself and avoid paying the ransom, that was the lesson No. 1 we learned from the FBI, from CISA and everybody else. No matter what, your data is going to leak on the dark web, one way or another. Never trust a bad actor.” (Eidam, 2023) The never trust a bad actor issue is where our children are most vulnerable. If the attacker is going to gain access to the school’s resources, it will most likely be in the form of a socially engineered attack. The teachers and administrators are trained as a biproduct of their employment with the school system and yet they make up the minority of gatekeepers within a school districts digital realm. The students far outnumber the educational staff and represent the largest target on the digital battlefield. Because of this, it is important that the students are engaged in proper cybersecurity Hygiene. This requires us to take proactive steps to ensure that students are given the knowledge and the tools to react appropriately to social scenarios where someone may or may not have bad intentions. As Eidam points out, the data, if stored in a digital medium, is going to eventually be leaked onto the dark web and into the hands of criminals. That does not; however, negate our responsibility in educating the youth to protect themselves and present a harder target in the digital world.
This does suggest that we take a more proactive departure from the current statis quo as it relates to a cybersecurity attack response. In his article “Blaine Burnham: Why ‘Best Practices Fail” in the journal “The Educator” Marcus J. Ranum states “All of the technology of today, as near as I can tell, is in the ‘sweep it up after its happens’ mode.” (Ranum, 2017) This illustrates how cybersecurity issues of the past have been approached from a reactive stance rather than a proactive one. In order to gain a better understanding of threats and how we should plan for them, we as a nation must begin to address them before the fact. This type of proactive drive would require that our society take a shift from the adult only approach and focus in more on a comprehensive, all hands-on deck approach that makes everyone aware of the socially engineered threats that exist in the digital age. To a large extent children have a head start over their parents in this regard. From the earliest of ages, American children are exposed to digital media from a young age. This exposure helps them navigate a continually expanding digital realm, and from the research studies reviewed for this paper, the youth of today are showing to be quite resolute against most forms of cyber-attacks. The breakdown, however, comes in the form of social attacks. Where attackers take advantage of the child’s lack of maturity and trusting nature. If we wait to deal with these issues until after a security breach happens, we will see an exaggerated increase in these forms of attacks. Ransomware attacks have been on the increase over the past few years and show no signs of slowing. The proverbial sweeping it under the rug as Ranum eludes too is the wrong approach for addressing this. According to Ranum many schools lean heavily on their Anti-virus software as the end all solution to cyber-threats, yet this does not take into account any of the social engineering aspects of cybersecurity. That is the purpose of social engineering, to bypass software.
Keeping your network protected by a trusted antivirus program is crucial to an effective security policy, yet it should not be considered the begin all end all of it. Good password practices, physical security, cyber awareness, and an understanding of basic security principles are needed to form the best bulwark against intrusion. “Just like reading, writing and arithmetic, cyber security should be a part of basic education.” (Witsenboer, 2022) says Jacob Willem Abraham Wistenboer, Klass Sijtsma, and Fedde Scheele in their article “Measuring cyber secure behavior of elementary and high school students in the Netherlands.” Published in the journal Computers & Education. Though it would be ideal if cybersecurity were taught as a regular part of K-12 education, and in smaller demographics such as the Netherlands it may be possible to; Yet, here in the US our school systems are already burdened with so many competing education and social topics, that with the limited funds schools have it is not a reasonable expectation to add yet another topic onto the curriculum. This requires an innovative solution that operates outside the school system. One that will garner student buy in but under the guise of entertainment. Organized capture the flag events, science fairs and the like still have their established places in education. But their audiences only represent a small portion of today’s youth, and with the decline in STEM participation, this is on track to get worse. By targeting outside the school, adding Hybrid gameplay modes, and appealing to children in a non-academic setting, we stand to garner their attention and participation at rates that are not currently demonstrated by traditional training formats.
Overview:
As the concept relates to the business world, though it cannot be separated from the hinge of cybersecurity that it revolves around, there is an emerging market that is being powered by the investments of the private sector and government alike. As an example, in March 2023, the US Government issued the National Cybersecurity Strategy. The new strategy defines five pillars:
- Defend critical infrastructure.
- Disrupt and dismantle threat actors.
- Shape market forces to drive security and resilience.
- Invest in a resilient future.
- Forge international partnerships.
The new guidance, from a government standpoint, is to further strengthen our country against cyber related incidents. From an entrepreneurial standpoint this opens an avenue to create a working venture. Our children are our future and if we do not invest in them today it will be our woe tomorrow. The target of our innovation is to address shortcomings in the realm of cybersecurity but at its heart it is a concept of entrepreneurial spirit. This is all new ground. There are some products that are trying to address the short comings in our cyber awareness training as a society, yet we are still far from attaining the necessary skill sets we need to thwart foreign actors. The innovation that can address some of these challenges, and do so in a dynamic way, will be propelled into the English vernacular much as Facebook and Twitter has. Opportunities are there, and it will be thrilling to see who rises to the top to address these societal issues going forward.
For its part, our group project was to come up with an entrepreneurial idea that could address a need (in our case cybersecurity education) and be successful as either a non-profit or for-profit entity. Though from an organizational perspective, one would think that such a program would fall under the auspices of a governing body. From our research we came to the conclusion that given the limited educational funds available and the business and government focus on college level education and some high school training, we would be better able to provide the needed services in a commercial format rather than a .gov or .org. For these reasons we decided to go with a limited liability corporation or LLC. Because our end product would be that of a game it would also require us to meet digital publishing standards. Though “Cosmic Intrusion: Escape the Alien Hackers” is intended to help educate young children on proper cybersecurity hygiene, the core of the exercise is a mix of entrepreneurship, computer programming, business structures, math, legal considerations, and marketing. As an example, preparing for this group project required delving into the US and EU ratings systems for video game publications, ESRB and Pegi respectively. This is not a subject matter covered by my major, but it does clearly illustrate the multidisciplinary nature of taking on an entrepreneurial project.
Effectiveness Rubric:
To address the concerns of how to measure the effectiveness of “Cosmic Intrusion: Escape the Alien Hackers” our group decided to use the Steam game hosting platform. We chose this platform for several reasons:
- Built in Marketing:
By launching a title on the Steam platform, advertisement, promotion, and suggested title preferences were ready built in. This is an indirect metric, but it does help ensure that our product is seen. - Biometrics:
We not only wanted to reach as large of a demographic as possible but to also ensure that we are reaching a representative group that reflects our US society. Meaning girls, boys, and everything in-between. The built-in gamer info does not give data specifics, but it does report on the overall demographics of the player base. - Player Feedback:
The review feature on Steam allows players to give honest feedback on the game titles they play. This is an excellent tool for any publisher to adjust their product to appeal to a larger audience. - Steam Workshop:
This is by far one of my favorite aspects of Steam. The workshop allows players to create content for the title and allows other players to download these mods to enhance their game experience. Most large-scale game publishers use this to “plan” their next title release as the players show them exactly what they want.
This would give us a multi-faceted view of how our product performed. We would know if we reached our target audience, how our product was received, what changes our players would like, if our title was financially successful, how we could do better in the future and have a ready in-house review of our product, by the players and for the players.
Initial Steps:
There are several steps or barriers that would have to be addressed to make our innovation into a reality.
Step 1: Form our LLC.
This was not what we thought would be the first step, yet after researching the legal and contractual agreements necessary to apply for ratings, Steam parent company Valve’s contract etc. all required the formation of the LLC to apply.
Step 2: Enter contract with Valve corporate.
For marketing, adverts, and basic information it would be essential to establish the Valve contract to gain access to the Steam platform and begin the structural work of creating the game site etc.
Step 3: Provide launch capital.
This refers to meeting all the deposits to establish Steam pay through their in-house Steam Wallet application. Valve also requires an “initial purchase of a room”. This simply means a space on Steam to promote our product.
Step 4: Get ratings from ESRB and Pegi.
We decided that it would be best to have both ratings systems so that we could market to the largest audience. ESRB is the US standard and Pegi is the EU standard. We would need to meet standards before launching our title.
Step 5: Final approval to launch.
Steam has requirements that are unique to each title and publisher they service, in this stage, any outstanding contractual agreements would be addressed and finalization of the Steam Wallet for store purchasing would be completed.
This is of course a very broad and over simplified version of the steps that would be involved in creating a game to launch. From the technical aspect of creating and testing the game all the way to legal signing off on launch day, the amount of work needed to make such an entrepreneurial innovation a reality is mind boggling. Just in the three-dimensional modeling alone would take years of work. Legal on the other hand would be more a question of paying a law firm that has experience in game publishers than any individual legal knowledge on the part of our group. Though portions of the formation of the LLC could be done in-house, when it comes to legal paperwork, I would prefer it all to be handled by an appropriate law firm. This is not an insurmountable task, but it does illustrate how much needs to happen to get a product to market.
Summary:
In summary, this project proved to be an interesting cerebral exercise. Adding to it the challenge of working as a group and in a remote format made it even more interesting. Most online students have work and family commitments that often do not adhere to the perspective of the traditional student. This was a minor obstacle compared to the research needed to understand the contractual agreements and ratings necessary to publish a game title. But during the process of deciding what we as a group wanted to do collectively as our innovation, I learned that sometimes I should simplify my thinking and focus more on a narrow concept at the beginning. Watching the eyes of my peers’ glass over as I described my first idea to contribute to the group let me know I was shooting to wide. Even once we decided on the game innovation it became necessary to narrow our focus even more. It was not that our collective ideas did not have merit, or one aspect was greater than another. It was more that we were casting our net far to wide to be effective at our stated purpose of educating younger generations on cyber hygiene. But once we narrowed our scope, things really took off.
The main take aways that this project gave me were:
- Keep it simple stupid (KISS)
This is an old military acronym meaning exactly what I learned doing this project. Keep it simple, don’t get distracted by the trees and miss the forest. - It’s hard to relinquish control.
I am not a control freak by any means, yet much of my adult life has been spent working alone. I am often left to my own direction with little supervision, so having to work with and wait on group members was new to me. - Now I want to 3D model.
After researching this innovative project and working on the graphics for our game I acquired the desire to try my hand at 3D modeling for game animations.
Perhaps I will even give creating a game a try. From the start it seemed a rather daunting task, yet the more I researched, the more I saw that it was not only doable but fun to boot.
Bibliography:
Chachak, E. (2017). Cybersecurity Games for Students. Retrieved from Cyber Research Data Base: https://www.cyberdb.co/cybersecurity-games-for-students/
Dan Manson, E. M. (2018). “Developing a Model Cybersecurity Curriculum for K-12 Education”. International Journal of Cyber Warfare and Terrorism.
David Panhans, e. a. (2022, September 21). Why Children Are Unsafe in Cyberspace. Retrieved from BCG: https://www.bcg.com/publications/2022/why-children-are-unsafe-in-cyberspace
Eidam, E. (2023, September). Out of Crisis, Opportunity: What Could Have Benn a Digital Quagmire for California’s Largest School District Served as a Chance to Hone Cyber Response. Government Technology, pp. 40-41.
ESRB. (2023). Ratings Process. Retrieved from Entertainment Software Rating Board: https://www.esrb.org/
ESRB. (2023). Search Ratings. Retrieved from Entertainment Software Rating Board: https://www.esrb.org/
Gabriel. (2023, 02 24). In-Depth Guide to Create a Business Plan for Video Game Studio. Retrieved from Empowered.gg: https://empowered.gg/blog/business-plan-for-video-game-studio-guide/
Giannakas, F. P. (2019). A comprehensive cybersecurity learning platform for elementary education. Information Security Journal., 81-106.
Hanafi, A. H. (2021). A Scenario CTF-Based Approach in Cybersecurity Education for Secondary School Students. Electronic Journal of Computer Science & Information Technology, 1-8.
Jennifer A. L. Sheldon, J. M.-W. (2019). “Empowering the Youngest Cybernauts: Cybersecurity Education for Early Childhood”. Young Children.
Joshua Streiff, C. J. (2019). Escaping to Cybersecurity Education: Using Manipulative Challenges to Engage and Educate. Proceedings of the European Conference on Games Based Learning, 1046-1050.
O’Keeffe, D. B. (2019). “Cybersecurity Education: The Role of the K-12 Educator”. Journal of Research on Technology in Education.
PEGI. (2023). What do Labels Mean. Retrieved from PEGI: https://pegi.info/what-do-the-labels-mean
Ranum, M. J. (2017, December). Blaine Burnham: Why ‘Best Practices Fail”. Information Security, pp. 22-25.
Sandra Chang-Kredl, J. M. (2019). “Children’s Cybersecurity Awareness: Evaluation of an Educational Program”. Journal of Applied Security Research.
Stanton, L. (2020, December 26). How to Sell a Game on Steam. Retrieved from Alphr: https://www.alphr.com/how-to-sell-a-game-on-steam/
STEAM. (2023). Steam. Retrieved from Store.steampowered.com: https://store.steampowered.com/
VALVE. (2023). At Valve we make games, Steam, and hardware. Retrieved from valvesoftware.com: https://www.valvesoftware.com/en/about
Witsenboer, J. S. (2022). Measuring cyber secure behavior of elementary and high school students in the Netherlands. Computers and Education.
Yasith Jayawardana, I. P. (2017). “Fostering Cybersecurity Awareness Among Children: A Pedagogical Approach”. Procedia Computer Science.
Zukalous. (2021, July 12). How to Market a Game. Retrieved from howtomarketagame.com: https://howtomarketagame.com/2021/07/12/how-to-market-your-indie-game-a-10-step-plan/