The Human Firewall: Evaluation of Cybersecurity Awareness Among Students of Bulacan State University

Boris Palao; Niño Andrea Cruz; Gillian Lhord Lualhati; Emmanuel Pascual; John Maverick Santos

doi:10.5281/zenodo.19413443

Authors

Boris Palao Engineering Department, Bulacan State University, Philippines
Niño Andrea Cruz Engineering Department, Bulacan State University, Philippines
Gillian Lhord Lualhati Engineering Department, Bulacan State University, Philippines
Emmanuel Pascual Engineering Department, Bulacan State University, Philippines
John Maverick Santos Engineering Department, Bulacan State University, Philippines

DOI:

https://doi.org/10.5281/zenodo.19413443

Keywords:

Cyberattacks, Cybersecurity Awareness, Cybersecurity Education, Bulacan State University, Protection Motivation Theory

Abstract

In the age of swift digital transformation, the number and complexity of cyberattacks have reached bizarre levels, targeting individuals and organizations alike. This study evaluates the level of cybersecurity awareness and extent of cybersecurity education among students of Bulacan State University, focusing on their demographic profile in terms of gender, academic year level, and internet access devices, while also studying the relationship between awareness and education. Using a quantitative research design, 75 students were surveyed through a structured questionnaire adopted from established research instruments, using a 5-point Likert scale. Descriptive and inferential were used to analyze data, with results showing a high level of cybersecurity awareness and education among students. Results show that female students have slightly higher levels of cybersecurity education compared to male students. However, a gap remains in day-to-day practices of students’ security habits, specifically regarding secure password implementation and cautiousness with suspicious links. While the gender gaps were small, they highlighted the need for consistent practice and greater technical confidence. Correlation analysis also shows a strong positive correlation (r = 0.648, p < 0.01) between cybersecurity awareness and education, highlighting the impact of previous structured learning on students’ protective behaviors. The study concludes that effective cybersecurity education initiatives that are included in the curriculum are crucial in giving students the information and abilities they need to identify, prevent, and react to cyberthreats. These results have important implications for institutions of higher learning, emphasizing the value of developing a digitally resilient culture that equips students to securely and responsibly navigate the complexity of today’s evolving digital world

Downloads

Download data is not yet available.

References

A Comprehensive Review on Cyber-Attacks in Power Systems: impact analysis, Detection, and Cyber Security. (2024). IEEE Journals & Magazine | IEEE Xplore. https://ieeexplore.ieee.org/document/10418207

Al-Hawamleh, A. M. (2023). Predictions of cybersecurity experts on future Cyber-Attacks and related cybersecurity measures. International Journal of Advanced Computer Science and Applications, 14(2). https://doi.org/10.14569/ijacsa.2023.0140292

Arpaci, I., Aslan, O., & Oner, I. E. (2025). Cybersecurity Awareness Scale (CSAS) for Social Media Users: Development, Validity and Reliability study. Information Development. https://doi.org/10.1177/02666669251336562

Aslan, Ö., Aktuğ, S. S., Ozkan-Okay, M., Yilmaz, A. A., & Akin, E. (2023). A comprehensive review of cyber security vulnerabilities, threats, attacks, and solutions. Electronics, 12(6), 1333. https://doi.org/10.3390/electronics12061333

Chou, T., & Mohammed, T. (2024). Self-assessment of knowledge levels in the subjects of cyber attacks and defense in a Cybersecurity Awareness Education workshop. 2021 ASEE Virtual Annual Conference Content Access Proceedings. https://doi.org/10.18260/1-2--37705

Classification of cyber attacks based on rough set theory. (2015, November 1). IEEE Conference Publication | IEEE Xplore. https://ieeexplore.ieee.org/document/7351952

Cyber Kill chain. (n.d.-a). Lockheed Martin. https://www.lockheedmartin.com/en-us/capabilities/cyber/cyber-kill- chain.html

Goliath, S., Tsibolane, P., & Snyman, D. (2025). Exploring the Cybersecurity-Resilience Gap: An analysis of student attitudes and behaviors in higher education. In Communications in computer and information science (pp. 185–195). https://doi.org/10.1007/978-3-032-09660-9_19

Koduru, S. S., Machina, V. S. P., & Madichetty, S. (2023). Cyber Attacks in Cyber-Physical Microgrid Systems: A Comprehensive review. Energies, 16(12), 4573. https://doi.org/10.3390/en16124573

Lejarraga, T., Dutt, V., & Gonzalez, C. (2010). Instance‐based learning: a general model of repeated binary choice.

Journal of Behavioral Decision Making, 25(2), 143–153. https://doi.org/10.1002/bdm.722

Li, Y., & Liu, Q. (2021). A comprehensive review study of cyber-attacks and cyber security; Emerging trends and recent developments. Energy Reports, 7, 8176–8186. https://doi.org/10.1016/j.egyr.2021.08.126

Marikyan, D., & Papagiannidis, S. (2023, August 1). Protection Motivation Theory: A review. University of Bristol. https://research-information.bris.ac.uk/en/publications/protection-motivation-theory-a-review/

Memon, M. A., Thurasamy, R., Ting, H., & Cheah, J. (2025). CONVENIENCE SAMPLING: a REVIEW AND

GUIDELINES FOR QUANTITATIVE RESEARCH. Journal of Applied Structural Equation Modeling, 9(2), 1–15. https://doi.org/10.47263/jasem.9(2)01

Navarra, L. W. (2025). The national security concerns of the Philippines: A students’ perspective. Pantao, International Journal of the Humanities and Social Sciences, 4(4). https://doi.org/10.69651/pijhss0404541

Raju, R., Rahman, N. H. A., & Ahmad, A. (2022). Cyber Security Awareness in Using Digital Platforms Among Students in A Higher Learning Institution. Asian Journal of University Education, 18(3). https://doi.org/10.24191/ajue.v18i3.18967

Santelices, R. B. (2025). A Students’ perspective on cybersecurity awareness and education. International Journal of Research and Innovation in Social Science, IX(IIIS), 7976–7988. https://doi.org/10.47772/ijriss.2025.903sedu0597

Siedlecki, S. L. (2019). Understanding descriptive research designs and methods. Clinical Nurse Specialist, 34(1), 8–12. https://doi.org/10.1097/nur.0000000000000493

Stanton, B., Theofanos, M. F., Prettyman, S. S., & Furman, S. (2016). Security fatigue. IT Professional, 18(5), 26–

32. https://doi.org/10.1109/mitp.2016.84

Viraja, V. K., & Purandare, P. (2021). A qualitative research on the impact and challenges of cybercrimes. Journal of Physics Conference Series, 1964(4), 042004. https://doi.org/10.1088/1742-6596/1964/4/042004

Washington, M. A. (n.d.). A system approach for mitigating phishing attacks to secure confidential data in university enterprise information systems. https://eric.ed.gov/?q=vector&pg=13&id=ED634521

Zając, H. D., Li, D., Dai, X., Carlsen, J. F., Kensing, F., & Andersen, T. O. (2023). Clinician-Facing AI in the Wild: Taking stock of the sociotechnical challenges and opportunities for HCI. ACM Transactions on Computer- Human Interaction, 30(2), 1–39. https://doi.org/10.1145/3582430

Zwilling, M., Klien, G., Lesjak, D., Wiechetek, Ł., Cetin, F., & Basim, H. N. (2020). Cyber Security Awareness, Knowledge and Behavior: A Comparative study. Journal of Computer Information Systems, 62(1), 82–97. https://doi.org/10.1080/08874417.2020.1712269