CPPJ

Abstract: Business students often lack cybersecurity awareness, leaving them vulnerable to social engineering and weak authentication practices. This study presents two gamified cybersecurity modules—Social Engineering and Authentication—designed for non-technical business students. The modules were developed collaboratively across three campuses of Business Academy Dania and hosted on the SmartLearning platform, combining storytelling, hands-on exercises, and the “Go Phishing” card game to support practical, scenario-based learning. The paper describes the design, development, and curricular integration of the modules, showing how they were embedded into existing business programs and adapted to diverse student groups. The modules were evaluated with undergraduate business students in two learning modules: Social Engineering (n = 44) and Authentication (n = 42). Pre- and post-assessment results showed substantial learning gains, with average quiz scores increasing from 41% to 78% for the Social Engineering module and from 45% to 82% for the Authentication module. Paired-sample t-tests confirmed significant improvements with large effect sizes (Cohen’s d = 6.03 and d = 6.51). Moreover, qualitative feedback indicated strong student engagement and perceived practical relevance of the gamified learning activities. By providing a structured and transferable pedagogical approach, this study offers a model for enhancing cybersecurity awareness among non-technical learners in higher education.

Download this article: CPPJ - V5 N1 Page 104.pdf

Recommended Citation: Saddiqa, M., Haagensen, M., Østergaard, N., (2026). Enhancing Cybersecurity Awareness in Business Students through Gamified Learning. Cybersecurity Pedagogy and Practice Journal 5(1) pp 104-113. https://doi.org/10.62273/WOBZ8483