Cybersecurity Literacy and Online Risk Management among First-Year IT Students

This research examined the cybersecurity literacy and online risk management behaviors of first-year Information Technology (IT) students at three colleges in the Philippines. The study's objectives were to evaluate students' understanding of cybersecurity threats, pinpoint prevalent risky online behaviors, and analyze the correlation between cybersecurity literacy and online risk management practices. A descriptive quantitative research design was utilized, and data were gathered from 250 first-year IT students through a structured questionnaire assessing cybersecurity knowledge and online risk management.
The results revealed that, despite students exhibiting a generally high degree of confidence in their ability to manage online risks, certain insecure practices persisted. Many respondents reported infrequent password updates (38% changing passwords only once a year and 29.6% rarely or never updating). The results also revealed that a large proportion of students entered the IT program with minimal formal cybersecurity training (32.4% had not taken any IT-related courses at all), as most respondents came from non-technical Senior High School strands (70%). Statistical analysis showed no significant differences in cybersecurity literacy and online risk management practices between male and female students (p = 0.815). Furthermore, Pearson correlation analysis revealed a statistically significant but weak positive relationship between cybersecurity literacy and online risk management (r = 0.27, p = 0.001).
The research findings indicated a discrepancy between students' self-assessed cybersecurity preparedness and their actual online behaviors. Specifically, students' expressed confidence did not always correlate with secure practices. Consequently, the study suggested incorporating practical, scenario-driven cybersecurity instruction into the foundational IT curriculum. This integration aimed to boost students' digital resilience and encourage safer online conduct.

Cybersecurity, Cybersecurity literacy

1. Abdulla, R. M., Faraj, H. A., Abdullah, C. O., Amin, A. H., & Rashid, T. A. (2023). Analysis of social engineering awareness among students and lecturers. IEEE Access, 11, 101098–101111. https://doi.org/10.1109/access.2023.3311708 [Google Scholar] [Crossref]

2. Albladi, S. M., & Weir, G. R. S. (2018). User characteristics that influence judgment of social engineering attacks in social networks. Human-Centric Computing and Information Sciences, 8(1). https://doi.org/10.1186/s13673-018-0128-7 [Google Scholar] [Crossref]

3. Aldawood, H., Alashoor, T., & Skinner, G. (2020). Does awareness of social engineering make employees more secure? International Journal of Computer Applications, 177(38). https://www.ijcaonline.org/archives/volume177/number38/aldawood-2020-ijca-919891.pdf [Google Scholar] [Crossref]

4. Alnifie, K. M., & Kim, C. (2023). Appraising the manifestation of optimism bias and its impact on human perception of cyber security: A meta-analysis. Journal of Information Security, 14(2), 93–110. https://doi.org/10.4236/jis.2023.142007 [Google Scholar] [Crossref]

5. Alshammari, S. S., Soh, B., & Li, A. (2025). Understanding social engineering victimisation on social networking sites: A comprehensive review of factors influencing user susceptibility to cyber-attacks. Information, 16(2), 153. https://doi.org/10.3390/info16020153 [Google Scholar] [Crossref]

6. Bandura, A. (1997). Self-efficacy: The exercise of control. W. H. Freeman. [Google Scholar] [Crossref]

7. Bashir, M., Wee, C., Memon, N., & Guo, B. (2016). Profiling cybersecurity competition participants: Self-efficacy, decision-making, and interests predict effectiveness of competitions as a recruitment tool. Computers & Security, 65, 153–165. https://doi.org/10.1016/j.cose.2016.10.007 [Google Scholar] [Crossref]

8. Concon, A. F., Arances, A. C., Lorican, F., & Soberano, K. (2025). Cyber literacy and cyber risk mitigation program of one municipal college in the Philippines. GAS Journal of Engineering and Technology, 2(6), 21–29. https://gaspublishers.com/wp-content/uploads/2025/08/Cyber-Literacy-and-Cyber-Risk-Mitigation-Program-of-One-Municipal-College-in-the-Philippines.pdf [Google Scholar] [Crossref]

9. Djatsa, F. (2019). How perceived benefits and barriers affect millennial professionals’ online security behaviors. Journal of Information Security, 10(4), 278–301. https://doi.org/10.4236/jis.2019.104016 [Google Scholar] [Crossref]

10. Furnell, S., & Clarke, N. (2012). Power to the people: The evolving recognition of human aspects of security. Computers & Security, 31(8), 983–988. https://doi.org/10.1016/j.cose.2012.01.008 [Google Scholar] [Crossref]

11. Javier, D. R. C. (2023). Awareness of senior high school students on digital literacy skills: A qualitative study. ResearchGate. https://www.researchgate.net/publication/369243517 [Google Scholar] [Crossref]

12. Ng, B., Kankanhalli, A., & Xu, Y. (2008). Studying users’ computer security behavior: A health belief perspective. Decision Support Systems, 46(4), 815–825. https://doi.org/10.1016/j.dss.2008.11.010 [Google Scholar] [Crossref]

13. Parikh, V., & Nimbekar, M. (2023). Socializing the Impact: An analysis of the theory of planned behavior’s influence on increasing university students’ cybersecurity awareness. Journal of Community and Development, 4(2), 139–156. https://doi.org/10.47134/comdev.v4i2.162 [Google Scholar] [Crossref]

14. Saeed, S. (2023). Education, online presence and cybersecurity implications: A study of information security practices of computing students in Saudi Arabia. Sustainability, 15(12), 9426. https://doi.org/10.3390/su15129426 [Google Scholar] [Crossref]

15. Xue, B., Warkentin, M., Mutchler, L. A., & Balozian, P. (2021). Self-efficacy in information security: A replication study. Journal of Computer Information Systems, 63(1), 1–10. https://doi.org/10.1080/08874417.2021.2015725 [Google Scholar] [Crossref]

16. Zwilling, M., Klien, G., Lesjak, D., Wiechetek, Ł., Cetin, F., & Basim, H. N. (2020). Cyber Security Awareness, Knowledge and Behavior: A Comparative study. Journal of Computer Information Systems, 62(1), 82–97. https://doi.org/10.1080/08874417.2020.1712269 [Google Scholar] [Crossref]

• Smart Iot Device for Weather And Health
• Merlarchive: A Web-Based Academic Hub for UDM With AI-Powered Natural Language Processing
• Enhanced Social Network Security System: Integrating Biometric Authentication for Improved User Verification and Privacy Protection
• Smart Budget Allocation in Public Policy: A Data-Driven Approach for Equitable Resource Distribution
• Decision Support System for Faculty Selection, Promotion, and Reclassification Using Predictive Analytics