Education Commons^™

Improving Belonging And Connectedness In The Cybersecurity Workforce: From College To The Profession, Mary Beth Klinger

Journal of Cybersecurity Education, Research and Practice

This article explores the results of a project aimed at supporting community college students in their academic pursuit of an Associate of Applied Science (AAS) degree in Cybersecurity through mentorship, collaboration, skill preparation, and other activities and touch points to increase students’ sense of belonging and connectedness in the cybersecurity profession. The goal of the project was focused on developing diverse, educated, and skilled cybersecurity personnel for employment within local industry and government to help curtail the current regional cybersecurity workforce gap that is emblematic of the lack of qualified cybersecurity personnel that presently exists nationwide. Emphasis throughout the project …

Building A Diverse Cybersecurity Workforce: A Study On Attracting Learners With Varied Educational Backgrounds, Mubashrah Saddiqa, Kristian Helmer Kjær Larsen1 Helmer Kjær Larsen, Robert Nedergaard Nielsen, Jens Myrup Pedersen

Journal of Cybersecurity Education, Research and Practice

Cybersecurity has traditionally been perceived as a highly technical field, centered around hacking, programming, and network defense. However, this article contends that the scope of cybersecurity must transcend its technical confines to embrace a more inclusive approach. By incorporating various concepts such as privacy, data sharing, and ethics, cybersecurity can foster diversity among audiences with varying educational backgrounds, thereby cultivating a richer and more resilient security landscape. A more diverse cybersecurity workforce can provide a broader range of perspectives, experiences, and skills to address the complex and ever-evolving threats of the digital age. The research focuses on enhancing cybersecurity education …

Adoption Of Cybersecurity Policies By Local Governments 2020, Donald F. Norris Phd, Laura K. Mateczun Jd

Journal of Cybersecurity Education, Research and Practice

This paper should be of interest to the readers of this journal because it addresses a subject that has received little scholarly attention; namely, local government cybersecurity. The U.S. has over 90,000 units of local government, of which almost 39,000 are “general purpose” units (i.e., municipalities, counties, towns and townships). On average, these governments do not practice cybersecurity effectively (Norris, et al., 2019 and 2020). One possible reason is that they do not adopt and/or implement highly recommended cybersecurity policies. In this paper, we examine local government adoption or lack of adoption of cybersecurity policies using data from three surveys. …

Integrating Certifications Into The Cybersecurity College Curriculum: The Efficacy Of Education With Certifications To Increase The Cybersecurity Workforce, Binh Tran, Karen C. Benson, Lorraine Jonassen

Journal of Cybersecurity Education, Research and Practice

One only needs to listen to the news reports to recognize that the gap between securing the enterprise and cybersecurity threats, breaches, and vulnerabilities appears to be widening at an alarming rate. An un-tapped resource to combat these attacks lies in the students of the secondary educational system. Necessary in the cybersecurity education is a 3-tiered approach to quickly escalate the student into a workplace-ready graduate. The analogy used is a three-legged-stool, where curriculum content, hands-on skills, and certifications are equal instruments in the edification of the cybersecurity student. This paper endeavors to delve into the 3^rd leg of …

Cybersecurity Challenges And Awareness Of The Multi-Generational Learners In Nepal, Raj Kumar Dhungana, Lina Gurung Dr, Hem Poudyal

Journal of Cybersecurity Education, Research and Practice

Increased exposure to technologies has lately emerged as one of the everyday realities of digital natives, especially K-12 students, and teachers, the digital immigrants. Protection from cybersecurity risks in digital learning spaces is a human right, but students are increasingly exposed to high-risk cyberspace without time to cope with cybersecurity risks. This study, using a survey (N-891 students and 157 teachers) and in-depth interviews (27 students and 14 teachers), described the students' cybersecurity-related experiences and challenges in Nepal. This study revealed that the school’s cybersecurity support system is poor and teachers has very low awareness and competencies to protect students …

Like Treating The Symptom Rather Than The Cause - The Omission Of Courses Over Terrorism In Nsa Designated Institutions, Ida L. Oesteraas

Journal of Cybersecurity Education, Research and Practice

The National Security Agency (NSA) awards Center of Academic Excellence (CAE) designations to institutions that commit to producing cybersecurity professionals who will work in careers that reduce vulnerabilities in our national infrastructure. A review of the curricula in the 327 institutions and their degree programs reveal that only two programs offer a required course about terrorism. Given the fluid nature of terrorism and its threat to national infrastructure, the omission is concerning. It is recommended that NSA-certified cybersecurity programs begin implementing educational content that aim to teach about this emerging crime and justice issue. One suggestion is to embrace the …

Sociocultural Barriers For Female Participation In Stem: A Case Of Saudi Women In Cybersecurity, Alanoud Aljuaid, Xiang Michelle Liu

Journal of Cybersecurity Education, Research and Practice

The participation of women in Science, Technology, Engineering, and Mathematics (STEM) workforces is overwhelmingly low as compared to their male counterparts. The low uptake of cybersecurity careers has been documented in the previous studies conducted in the contexts of the West and Eastern worlds. However, most of the past studies mainly covered the Western world leaving more knowledge gaps in the context of Middle Eastern countries such as Saudi Arabia. Thus, to fill the existing knowledge gaps, the current study focused on women in Saudi Arabia. The aim of the study was to investigate the factors behind the underrepresentation of …

Cybersecurity Educational Resources For K-12, Debra Bowen, James Jaurez, Nancy Jones, William Reid, Christopher Simpson

Journal of Cybersecurity Education, Research and Practice

There are many resources to guide successful K-12 cybersecurity education. The objective of these resources is to prepare skilled and ethical cybersecurity students at the earliest level to meet the demands of higher-level programs. The goal of this article is to provide, as a starting point, a list of as many currently popular K-12 educational resources as possible. The resources provided are broken into five categories: 1) Career Information, 2) Curriculum, 3) Competitions, 4) CyberCamps, and 5) Labs and Gaming. Each resource listed has a link, the K-12 levels that are supported, whether the resource is free or has a …

Assessing The Practical Cybersecurity Skills Gained Through Criminal Justice Academic Programs To Benefit Security Operations Centers (Socs), Lucy Tsado, Jung Seob "Scott" Kim

Journal of Cybersecurity Education, Research and Practice

Private-sector and public-sector organizations have increasingly built specific business units for securing company assets, reputation, and lives, known as security operations centers (SOCs). Depending on the organization, these centers may also be referred to as global security operations centers, cybersecurity operations centers, fusion centers, and corporate command centers, among many other names. The concept of centralized function within an organization to improve an organization’s security posture has attracted both the government and the private sectors to either build their own SOCs or hire third-party SOC companies.

In this article, the need for a multidisciplinary approach to cybersecurity education at colleges …

Toward A Student-Ready Cybersecurity Program: Findings From A Survey Of Stem-Students, Lora Pitman, Brian K. Payne, Tancy Vandecar-Burdin, Lenora Thorbjornsen

Journal of Cybersecurity Education, Research and Practice

As the number of available cybersecurity jobs continues to grow, colleges strive to offer to their cybersecurity students an environment which will make them sufficiently prepared to enter the workforce after graduation. This paper explores the academic and professional needs of STEM-students in various higher education institutions across Virginia and how cybersecurity programs can cater to these needs. It also seeks to propose an evidence-based approach for improving the existing cybersecurity programs so that they can become more inclusive and student-ready. A survey of 251 college students in four higher-education institutions in Virginia showed that while there are common patterns …

The Impact Of A Gencyber Camp On In-Service Teachers’ Tpack, Kevin M. Thomas, Jessica Ivy, Kristin Cook, Robert R. Kelley

Journal of Cybersecurity Education, Research and Practice

The purpose of this study was to examine the impact of a GenCyber camp curriculum on teachers’ technology, pedagogy, and content knowledge (TPACK). The camp was designed to engage participants in developing the knowledge and skills to incorporate GenCyber Cybersecurity First Principles and GenCyber Cybersecurity Concepts (GenCyber, 2019) into their curriculums. Participants (37 middle and high school teachers from a variety of disciplines) attended one of two weeklong camps held at a Midwestern liberal arts university. Using the TPACK Self-Reflection and TPACK Self-Assessment Surveys, pre- and post-camp data were collected from participants. Findings indicate that participants demonstrated an increase in …

Observations, Evaluations, And Recommendations For Deterlab From An Educational Perspective, Ahmed Ibrahim, Vitaly Ford

Journal of Cybersecurity Education, Research and Practice

DETERLab is a cluster environment that provides a set of virtual machines that can be used by researchers and teachers to run cybersecurity experiments and competitions, and where it is possible to deploy different network configurations to research attack and defense mechanisms in the cyber world. While we were working to develop a pathway for producing more usable and effective cybersecurity educational resources by investigating and examining several projects, we examined DETERLab as a prospective platform to use in the classroom. Throughout our experimentation, we faced challenges that we decided to document in order to help other educators use the …

An Exploratory Study Of Mode Efficacy In Cybersecurity Training, Michael D. Workman

Journal of Cybersecurity Education, Research and Practice

Cybersecurity capabilities in organizations and governmental agencies continue to lag behind the threats. Given the current environment, these entities have placed renewed emphasis on cybersecurity education. However, education appears to lack its full potential in most settings. Few empirical studies have systematically tested the efficacy of various training methods and modes, and those that have been conducted have yielded inconsistent findings. Recent literature on the use of gamified simulations have suggested that they may improve cybersecurity behaviors. Similarly, live activities such as hackathons and capture the flag events have been surmised to augment learning and capabilities. We conducted an exploratory …

Applying High Impact Practices In An Interdisciplinary Cybersecurity Program, Brian K. Payne, Lisa Mayes, Tisha Paredes, Elizabeth Smith, Hongyi Wu, Chunsheng Xin

Journal of Cybersecurity Education, Research and Practice

The Center for Cybersecurity Education and Research at Old Dominion University has expanded its use of high impact practices in the university’s undergraduate cybersecurity degree program. Strategies developed to promote student learning included learning communities, undergraduate research, a robust internship program, service learning, and electronic portfolios. This paper reviews the literature on these practices, highlights the way that they were implemented in our cybersecurity program, and discusses some of the challenges encountered with each practice. Although the prior literature on high impact practices rarely touches on cybersecurity coursework, the robust evidence of the success of those practices provides a sound …

Malaware Defensive: A Game To Train Users To Combat Malware, Tyler Moon, Tamirat Abegaz, Bryson Payne, Abi Salimi

Journal of Cybersecurity Education, Research and Practice

Several research findings indicate that basic cyber hygiene can potentially deter the majority of cyber threats. One of the ways cybersecurity professionals can prepare users to ensure proper hygiene is to help them develop their ability to spot the difference between normal and abnormal behavior in a computer system. Malware disrupts the normal behavior of a computer system. The lack of appropriate user training has been one of the main reasons behind the exposure of computer systems to threats, from social engineering to viruses, trojans, and ransomware. Basic knowledge about common behavioral characteristics of malware could help users identify potentially …

Divergent Student Views Of Cybersecurity, Susan E. Ramlo, John B. Nicholas

Journal of Cybersecurity Education, Research and Practice

Cybersecurity is a worldwide issue and concern. Prior studies indicate that many people do not use cybersecurity best practices. Although these prior studies used large-scale surveys or interviews, this study used Q methodology [Q] because Q provides greater insight than Likert-format surveys. In fact, Q was created to scientifically study subjectivity. Within a Q study, various stages as well as philosophical, epistemological, and ontological principles represent a complete methodology. At first, Q researchers collect items that represent the broad range of communications about the topic (called the concourse). Although the items can be pictures, scents, or other means of communication, …

An Examination Of Cybersecurity Knowledge Transfer: Teaching, Research, And Website Security At U.S. Colleges And Universities, Aditya Gupta, James R. Wolf

Journal of Cybersecurity Education, Research and Practice

This work seeks to answer the question: Does faculty cybersecurity knowledge gained from teaching and research transfer to other IT units in the university? Specifically, do colleges and universities that excel in cybersecurity teaching and research have more secure websites? This work explores a unique setting where the knowledge of the source and recipient are both directly related and observable without outside intervention. Our study employed data from 591 U.S. colleges and universities, the National Centers of Academic Excellence (CAE) program, accepted paper data from the ACM Conference on Computer and Communications Security (CCS) and the IEEE Symposium on Security …

Experiential Learning Builds Cybersecurity Self-Efficacy In K-12 Students, Abdullah Konak

Journal of Cybersecurity Education, Research and Practice

In recent years, there have been increased efforts to recruit talented K-12 students into cybersecurity fields. These efforts led to many K-12 extracurricular programs organized by higher education institutions. In this paper, we first introduce a weeklong K-12 program focusing on critical thinking, problem-solving, and igniting interest in information security through hands-on activities performed in a state-of-the-art virtual computer laboratory. Then, we present an inquiry-based approach to design hands-on activities to achieve these goals. We claim that hands-on activities designed based on this inquiry-based framework improve K-12 students’ self-efficacy in cybersecurity as well as their problem-solving skills. The evaluation of …