Abstract
This work presents a model for reviewing the risks of institutions teaching cybersecurity. The work is based on efforts in this direction at Regis University and Adams 12 Five Star Schools in Colorado. These two institutions are described in a comparative case study reviewing the following four aspects of addressing risk: policy, adjudication, infrastructure protection, and curricular boundaries. The model is presented in a generalizable framework to facilitate risk analysis across the education of children in public schools, university level education, and professional development programs. This framework is not intended to supplement a traditional threat analysis program and not replace it. In addition to the specialized risks addressed here, institutions teaching cybersecurity are often perceived as potential targets for adversaries because of the schools as a pipeline to cyber defense activities, and because institutions teaching cybersecurity are part of societal long-term cyber defense strategies that confront criminal, nation state, and activist threats.
This is a preview of subscription content, log in via an institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsReferences
Marcum, C., Higgins, G., Ricketts, M., Wolfe, S.: Hacking in high school: cybercrime perpetration by Juveniles. Deviant Behav. 35(7), 581–591 (2014)
Marquardson, J., Gomillion, D.: Cyber security curriculum development: protecting students and institutions while providing hands-on experience. Inf. Syst. Educ. J. 16(5), 12–21 (2018)
Boylan, A., Tepe, A., Davis, D.: Texas governance and authorities for cyber attack response: a summary. https://cybersecurity.tamu.edu/wp-content/uploads/2019/11/Cyber-Response-State-Authorities_13-NOV-19.pdf. Accessed 3 July 2020
Fujs, D., Mihelič, A., and Vrhovec, S.: The power of interpretation: qualitative methods in cybersecurity research, tile of a proceedings paper. In: 14th International Conference on Availability, Reliability and Security (ARES 2019), Article 92, pp. 1–10. Association for Computing Machinery, New York (2019)
Creswell, J., Creswell, J.: Research Design: Qualitative, Quantitative, and Mixed Methods Approaches, p. 7. Sage Publications, Thousand Oaks (2017)
Carl, D.: Perkins Career and Technical Education Act of 2006, Public Law 88-210; 18 December 1963, As Amended Through P.L 116-6 Enacted 15 February 2019, United States of America (2019)
Knowles, M., Holton III, E., Swanson, R.: The Adult Learner. Routledge, London (2012)
https://www.acm.org/code-of-ethics. Accessed 10 Feb 2020
National Collegiate Cyber Defense Competition Rules. https://www.nationalccdc.org/index.php/competition/competitors/rules. Accessed 10 Feb 2020
Rocky mountain collegiate cyber defense competition. https://plantzmasters.net/rmccdc/. Accessed 10 Feb 2020
Cryptologic foundation framework. https://cryptologicfoundation.org/visit/goal/cybersecurity-curriculum-framework-portal-login.html. Accessed 10 Feb 2020
Stallings, W., Brown, L., Bauer, M., Bhattacharjee, A.: Computer security: principles and practice, pp. 0–978. Pearson Education, Upper Saddle River (2012)
NICERC cybersociety curriculum. https://nicerc.org/curricula/cyber-society/. Accessed 10 Feb 2020
Clark center home. https://www.clark.center/home. Accessed 10 Feb 2020
NIST cybersecurity framework. https://www.nist.gov/cyberframework. Accessed 3 July 2020
Nieles, M., Dempsey, K., Pillitteri, V.: NIST Special publication 800-12 revision 1 an introduction to information security. https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-12r1.pdf. Accessed 3 July 2020
Lockheed Martin Cyberquest™ competition, https://www.lockheedmartin.com/content/dam/lockheed-martin/eo/documents/CyberQuest/2019/LM-CYBERQUEST-Challenge-Overview_PIRA.pdf. Accessed 10 Feb 2020
Author information
Authors and Affiliations
Corresponding authors
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2020 IFIP International Federation for Information Processing
About this paper
Cite this paper
Moore, E., Likarish, D., Bastian, B., Brooks, M. (2020). An Institutional Risk Reduction Model for Teaching Cybersecurity. In: Drevin, L., Von Solms, S., Theocharidou, M. (eds) Information Security Education. Information Security in Action. WISE 2020. IFIP Advances in Information and Communication Technology, vol 579. Springer, Cham. https://doi.org/10.1007/978-3-030-59291-2_2
Download citation
DOI: https://doi.org/10.1007/978-3-030-59291-2_2
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-59290-5
Online ISBN: 978-3-030-59291-2
eBook Packages: Computer ScienceComputer Science (R0)