USING A MIXED DELPHI METHOD: IDENTIFY CYBER SECURE COMPETENCIES FOR OLDER ADULTS
Primary Investigator:
Gene Spafford
Julie Wenner
Abstract
This dissertation aligns with the United Nations and World Health Organization Healthy Ageing (2021–2030) initiative, emphasizing digital equity and cybersecurity for older adults. As cyber threats grow more sophisticated, older adults remain highly vulnerable due to limited cybersecurity awareness, digital literacy gaps, and evolving online threats. This research aimed to identify, and develop core cybersecurity competencies essential for older adults, equipping them with the necessary skills to foster readiness, willingness, and ability to engage in secure digital practices.
Using a qualitative mixed Delphi method, a panel of fifteen interdisciplinary cybersecurity and aging experts refined twenty-five key cybersecurity competencies across four thematic categories: Identify, Protect, Detect, and Respond. Aligning with the NIST Cybersecurity Framework (CSF). The research explored three research questions: [RQ1] What competency skills and technical knowledge do older adult digital users need to protect themselves online and minimize potential cyber-attacks? [RQ2] What are the attitudes, barriers, and challenges that older adults encounter in adopting cybersecurity best practices? [RQ3] What cybersecurity principles from digital accessibility, technology adoption, and existing digital competency models can be adapted to create cyber-secure competencies for older adults?
The findings and analysis revealed twenty-three critical gaps in older adults’ understanding of password security, phishing awareness, device protection, and online privacy. The Delphi panel of experts emphasized the need for age-friendly cybersecurity education, incorporating simplified instructions, real-world examples, and interactive learning. Trust in AI-driven cybersecurity training emerged as a potential key adoption factor, reinforcing the need for explainable AI and real-time behavioral reinforcement.
This research identified Motivation, Awareness, Skills, and Knowledge (M.A.S.K.), forming the foundation of the Cognitive Cybersecurity Learning Model (CCLM), a structured framework addressing cognitive adaptability, behavioral reinforcement, and recommending real-time AI-driven feedback to enhance cybersecurity resilience. These competencies align with Self-Determination Theory, Social Learning Theory, and Connectivism, reinforcing motivation, adaptability, and networked learning in cybersecurity education.
Future research recommendations indicate that AI-driven cybersecurity training may improve digital resilience, though human oversight remains crucial. The Delphi panel of experts stressed the importance of accessible and tailored training materials with simplified language, large text, visual aids, and step-by-step instructions to ensure usability and comprehension for older adults. This research underscores the urgent need for structured, qualitative cybersecurity education, emphasizing that an informed and practiced offense is the best defense against cyber threats. Equipping older adults with M.A.S.K. based learning competency strategies supports the UN and WHO’s initiative vision.