Abstract As Cybersecurity evolves as a field, academic programs in higher education respond to include new content and activities. To prepare the next generation of Cybersecurity professionals, curriculum are modified, new courses developed, and cybersecurity-based extra-curricular activities are increasing in popularity. Collegiate Cyber Defense competitions have emerged to give students an opportunity to experience real-life situations and have also received attention as a learning environment.... As Cybersecurity evolves as a field, academic programs in higher education respond to include new content and activities. To prepare the next generation of Cybersecurity professionals, curriculum are modified, new courses developed, and cybersecurity-based extra-curricular activities are increasing in popularity. Collegiate Cyber Defense competitions have emerged to give students an opportunity to experience real-life situations and have also received attention as a learning environment. This study examines the curriculum and other factors at schools participating in National Collegiate Cyber Defense Competitions to analyze institutional factors that might be associated with performance in the competition. The results indicate that there is no obvious connection between team academic characteristics and the outcome of the competition1. Read More Read Less

Abstract The effort to raise cyber security awareness is widespread and growing. At our small liberal arts university, we held a cyber security fair, with the topics presented by students to students. This paper describes our experience and our effort to determine whether a cyber security fair is an appropriate venue for raising awareness of cyber security issues and to train users to improve... The effort to raise cyber security awareness is widespread and growing. At our small liberal arts university, we held a cyber security fair, with the topics presented by students to students. This paper describes our experience and our effort to determine whether a cyber security fair is an appropriate venue for raising awareness of cyber security issues and to train users to improve their cyber security behaviors. Read More Read Less

Abstract Online teaching and learning have been becoming more and more popular because students can study at anywhere and anytime. The reality is that it is hard to ask online students to conduct hands-on labs which normally require students to be on-campus. Computer network security is a course in which hands-on labs play a key role in enhancing students learning performance. In this paper... Online teaching and learning have been becoming more and more popular because students can study at anywhere and anytime. The reality is that it is hard to ask online students to conduct hands-on labs which normally require students to be on-campus. Computer network security is a course in which hands-on labs play a key role in enhancing students learning performance. In this paper we first, discuss the challenges to design online hands-on lab; second, describe the contents covered in computer network security course; third, design a lab platform which can make online students convenient to do hands-on exercise; and finally, propose eight hands-on labs which are properly designed for computer network security online students. Our survey results show that the students are satisfied by the eight hands-on labs. Read More Read Less

Abstract Cryptography is the foundation on which information and cyber security is built. As Mark Stamp has written, “cryptography or ‘secret codes’ are a fundamental information security tool.” (Stamp, et al., 2006) Without the ability to encrypt and decrypt messages or data, the fundamental characteristic of confidentiality, which is the prevention of “unauthorized reading of information,” (Stamp, et al., 2006) is lost. This... Cryptography is the foundation on which information and cyber security is built. As Mark Stamp has written, “cryptography or ‘secret codes’ are a fundamental information security tool.” (Stamp, et al., 2006) Without the ability to encrypt and decrypt messages or data, the fundamental characteristic of confidentiality, which is the prevention of “unauthorized reading of information,” (Stamp, et al., 2006) is lost. This could cause the potential exposure of trusted information. Given the importance of this discipline, teaching students the basics of cryptography should be an integral part of any curriculum in information and cyber security. For years students have been taught to perform cryptographic exercises by hand performing paper-and-pencil exercises, or by writing programs in a computer language to perform the cryptographic methods. Today, open-source GUI software exists that can teach students the methods of encrypting and decrypting messages. Consequently, it is of value to measure the effectiveness of teaching cryptography using paper-and-pencil exercises versus using software with a GUI interface. Read More Read Less

Abstract Insider threat continues to be of serious concern to governmental organizations and private companies. Vulnerabilities of the digital information being shared through mobile devices and Internet clouds increases exponentially due to IT security mechanisms not being capable of controlling what is beyond company network limits. One of the solutions could include providing an effective interactive framework to train future and current Information Technology... Insider threat continues to be of serious concern to governmental organizations and private companies. Vulnerabilities of the digital information being shared through mobile devices and Internet clouds increases exponentially due to IT security mechanisms not being capable of controlling what is beyond company network limits. One of the solutions could include providing an effective interactive framework to train future and current Information Technology security professionals and regular employees who need to be aware of these threats in order to avoid being a victim of insider attacks. There are few hands-on labs/modules available for training current students, the future information assurance professionals. This paper will classify the different actors and vectors involved in these attacks focusing specifically on Information Technology (IT) sabotage, theft of intellectual property and insider fraud. Then, we will describe how to design virtual hands-on labs mainly to current or future technology security professionals. The training hands-on labs will enhance trainee’s knowledge and practical security skills about how to mitigate insider threat attacks. In addition, the training hands-on labs will be implemented via CyberCIEGE, an innovative video game and tool to educate fundamental concepts for insider threat. Read More Read Less