Don't miss our weekly PhD newsletter | Sign up now Don't miss our weekly PhD newsletter | Sign up now

  Understanding cyber security risk behaviour of Generation Z

   Information Security Group

This project is no longer listed on and may not be available.

Click here to search for PhD studentship opportunities
  Prof D Watling  No more applications being accepted  Competition Funded PhD Project (Students Worldwide)

About the Project

Please note that advertised projects are sample projects and prospective applicants are not required to apply to one of the advertised projects, but are welcome to discuss broader research interests with the academic named in the advert - and/or to apply with their own research proposal.

Research has shown that adolescents are more likely to make risky decisions and are more likely to be influenced by peers. Importantly, the current generation of adolescents (Generation Z; born between 1997-2012) are viewed to have been raised on the internet and social media, and they are one of the most tech savvy generations. However, the media and internet security companies (e.g., McAfee) report that adolescents self-report that they are aware of cyber security risks such as hacking and phishing scams, but they do not act in accordance with this awareness; for example, they post confidential insights which can pose security risks and share personal information online.

Further, a recent study by Donegan (2020) found that Generation Z employees are more likely to experience security-related issues (on average 4 per week) in comparison to employees older than 45 years old (on average 1 per week), with issues focussed around passwords and technology issues. Moreover, it is found that these younger employees are more likely to make poor decisions when browsing websites (click to proceed to flagged insecure sites, revisiting sites where known hacks had previously occurred) and have poor understanding of tracking mechanisms (31% of 18- to 24-year-olds did not understand what “accept cookies” means). These findings may relate to a lack of awareness and training for Gen Z and they are alarming, given the time that Gen Z spend online; a recent Pew report (2018) reported that 95% of US teens report having a Smart phone, 45% report being online almost constantly, and a recent Ofcom report (2020) supports this with from age 15 almost all UK adolescents surveyed own their own smartphones. In fact, a recent JISC (2018) report highlights that Higher Education organisations have decreased cyber security training for their students (many who are Generation Z; 3% had compulsory training, 38% optional training, 51% no training in 2017). However, the phenomenon may also be related to what we know about adolescents’ development; adolescence is now considered to range from 10 years to 24 years and is a period where the brain is continuing to develop until 24 years, which has been linked to risky decision making and the importance of peer acceptance.

Given the above information, it is important for us to better understand how adolescent development may link to cyber security behaviours using an interdisciplinary approach. The supervision team includes Prof Watling (Psychology) and Dr Mersinas (Information Security). We are looking for a candidate with an interest in exploring risk taking behaviours of adolescents (Gen Z) online and the impact of such behaviours for cyber security risks and incidents. Potential candidates may be interested in approaching the topic a) from a risk attitude and behaviour perspective, b) from a security awareness training perspective, or c) from a combination of both (a) and (b).

We seek applicants with an interest in cyber security who have a social science background (e.g., undergraduate degree in the field of Psychology, Criminology, Sociology, Politics and IR, Human Geography). Ideally, applicants will have a good statistical background, understanding of research methods (e.g., qualitative and quantitative), and an understanding of adolescent development.

Please contact Prof Dawn Watling or Dr Konstantinos Mersinas to discuss further [Email Address Removed] [Email Address Removed]

Computer Science (8) Geography (17) Politics & Government (30) Psychology (31) Sociology (32)

Funding Notes

The Centre for Doctoral Training in Cyber Security for the Everyday can offer up to ten studentships per year, three of which can be awarded to international students (which includes EU and EEA.)
Please ensure you are familiar with the eligibility criteria set by UKRI and their terms and conditions.
In order to apply please visit the CDT website and follow the application instructions.
The studentship includes
* Tuition fees:
* Maintenance: £23,668.00 for each academic year.

Where will I study?