Кибербезопасность в образовательных сетях

The paper discusses the possible impact of digital space on a human, as well as human-related directions in cyber-security analysis in the education: levels of cyber-security, social engineering role in cyber-security of education, “cognitive vaccination”. “A Human” is considered in general meaning, mainly as a learner. The analysis is provided on the basis of experience of hybrid war in Ukraine that have demonstrated the change of the target of military operations from military personnel and critical infrastructure to a human in general. Young people are the vulnerable group that can be the main goal of cognitive operations in long-term perspective, and they are the weakest link of the System.У статті обговорюється можливий вплив цифрового простору на людину, а також пов'язані з людиною напрямки кібербезпеки в освіті: рівні кібербезпеки, роль соціального інжинірингу в кібербезпеці освіти, «когнітивна вакцинація». «Людина» розглядається в загальному значенні, головним чином як та, що навчається. Аналіз надається на основі досвіду гібридної війни в Україні, яка продемонструвала зміну цілей військових операцій з військовослужбовців та критичної інфраструктури на людину загалом. Молодь - це вразлива група, яка може бути основною метою таких операцій в довгостроковій перспективі, і вони є найслабшою ланкою системи.В документе обсуждается возможное влияние цифрового пространства на человека, а также связанные с ним направления в анализе кибербезопасности в образовании: уровни кибербезопасности, роль социальной инженерии в кибербезопасности образования, «когнитивная вакцинация». «Человек» рассматривается в общем смысле, в основном как ученик. Анализ представлен на основе опыта гибридной войны в Украине, которая продемонстрировала изменение цели военных действий с военного персонала и критической инфраструктуры на человека в целом. Молодые люди являются уязвимой группой, которая может быть главной целью когнитивных операций в долгосрочной перспективе, и они являются самым слабым звеном Систем

Cybersecurity in the Classroom: Bridging the Gap Between Computer Access and Online Safety

According to ISACA, there will be a global shortage of 2 million cybersecurity professionals worldwide by 2019. Additionally, according to Experian Data Breach Resolution, as much as 80% of all network breaches can be traced to employee negligence. These problems will not solve themselves, and they likewise won’t improve without drastic action. An effort needs to be made to help direct interested and qualified individuals to the field of cybersecurity to move toward closing this gap. Moreover, steps need to be made to better inform the public of general safety measures while online, including the safeguarding of sensitive information. A large issue with solving the problems at hand is that there seems to be no comprehensive curriculum for cybersecurity education to teach these basic principles. In my paper, I review and compare several after- and in-school programs that attempt to address this problem. I’ve also interviewed teachers from Montgomery County Public Schools, a relatively ethnically diverse school district outside of Washington, D.C. These issues need to be addressed, and while private organizations and local schools are attempting to tackle the problem, wider action may need to be taken at a national level to come to a resolution

Cybersecurity in the Classroom: Bridging the Gap Between Computer Access and Online Safety

According to ISACA, there will be a global shortage of 2 million cybersecurity professionals worldwide by 2019. Additionally, according to Experian Data Breach Resolution, as much as 80% of all network breaches can be traced to employee negligence. These problems will not solve themselves, and they likewise won’t improve without drastic action. An effort needs to be made to help direct interested and qualified individuals to the field of cybersecurity to move toward closing this gap. Moreover, steps need to be made to better inform the public of general safety measures while online, including the safeguarding of sensitive information. A large issue with solving the problems at hand is that there seems to be no comprehensive curriculum for cybersecurity education to teach these basic principles. In my paper, I review and compare several after- and in-school programs that attempt to address this problem. I’ve also interviewed teachers from Montgomery County Public Schools, a relatively ethnically diverse school district outside of Washington, D.C. These issues need to be addressed, and while private organizations and local schools are attempting to tackle the problem, wider action may need to be taken at a national level to come to a resolution

Building a Diverse Cybersecurity Workforce: A Study on Attracting Learners with Varied Educational Backgrounds

Cybersecurity has traditionally been perceived as a highly technical field, centered around hacking, programming, and network defense. However, this article contends that the scope of cybersecurity must transcend its technical confines to embrace a more inclusive approach. By incorporating various concepts such as privacy, data sharing, and ethics, cybersecurity can foster diversity among audiences with varying educational backgrounds, thereby cultivating a richer and more resilient security landscape. A more diverse cybersecurity workforce can provide a broader range of perspectives, experiences, and skills to address the complex and ever-evolving threats of the digital age. The research focuses on enhancing cybersecurity education to attract a diverse audience through the development and testing of a virtual platform on Haaukins (a cybersecurity training platform) designed with features resembling social media for capture-the-flag exercises. The results show that the cyber training platform effectively engages a diverse group of learners, bridging the gap between traditional technical boundaries and the urgent demand for comprehensive cybersecurity competence

Greater Washington Works: IT and Health Careers with Promise

The Greater Washington Workforce Development Collaborative, an initiative of The Community Foundation for the National Capital Region, has partnered with JPMorgan Chase & Co. to develop new a research report, Greater Washington Works: IT and Health Careers with Promise, released today. The report focuses on how our region can address the skills gap and lift more of our neighbors out of poverty through careers in IT and Healthcare.With over 70% of net new jobs requiring post-secondary education and training, the Washington regional economy continues to be highly knowledge-based. Local employers, however, face challenges in finding skilled workers. Nearly 800,000 individuals in our region have no education past high school, highlighting a skills gap that has the potential to undermine our region's global economic competitiveness.Further, while it is encouraging that our regional unemployment rate has improved to pre-Great Recession levels, many of our neighbors are still struggling to make ends meet. Our region can count 100,000 additional residents living below the Federal poverty level since 2009. African American or Latino workers in the region are three times more likely to earn an income below the poverty level. Addressing our region's race, ethnicity, and gender-based income inequality is a critical challenge for our region to tackle if we want to ensure that all in our region have a fair shot for prosperity

Understanding How to Diversify the Cybersecurity Workforce: A Qualitative Analysis

A robust cybersecurity workforce is critical for protection against a range of malicious attacks. However, it has been noted that there are many vacancies and a shortage of individuals entering the cybersecurity workforce. This workforce shortage has partly been attributed to the lack of diversity in the cybersecurity field, with women, African Americans, and Hispanics remaining underrepresented in educational and professional settings. Using a qualitative approach, this work sought to investigate what led underrepresented minorities currently involved in cybersecurity to the industry, with the goal of determining methods to attract and diversify the workforce. A thematic analysis was conducted using data collected during interviews with 23 participants including underrepresented minority students, underrepresented minority professionals, college instructors, and a high school administrator. The interview questions aimed to address (a) what attracted minorities to the field, (b) how they overcame educational and professional roadblocks, (c) how they built non-technical knowledge, skills, and attitudes, and (d) how they maintained engagement. Findings revealed 17 themes that were related to characteristics of (a) the learner, (b) the instruction, and (c) the environment. Based on these findings, recommendations are presented to illustrate how these themes can be implemented by instructors with the goal of increasing the participation and involvement of underrepresented minorities and fostering diversity in the cybersecurity field

Enhancing Smart Grid Resilience : An Educational Approach to Smart Grid Cybersecurity Skill Gap Mitigation

Cybersecurity competencies are critical in the smart grid ecosystem, considering its growing complexity and expanding utilization. The smart grid environment integrates different sensors, control systems, and communication networks, thus augmenting the potential attack vectors for cyber criminals. Therefore, interdisciplinary competencies are required from smart grid cybersecurity specialists. In the meantime, there is a lack of competence models that define the required skills, considering smart grid job profiles and the technological landscape. This paper aims to investigate the skill gaps and trends in smart grid cybersecurity and propose an educational approach to mitigate these gaps. The educational approach aims to provide guidance for competence-driven cybersecurity education programs for the design, execution, and evaluation of smart grids.© 2024 by the authors. Licensee MDPI, Basel, Switzerland. This article is an open access article distributed under the terms and conditions of the Creative Commons Attribution (CC BY) license (https://creativecommons.org/licenses/by/4.0/).fi=vertaisarvioitu|en=peerReviewed

The Effect of Security Education and Expertise on Security Assessments: the Case of Software Vulnerabilities

In spite of the growing importance of software security and the industry demand for more cyber security expertise in the workforce, the effect of security education and experience on the ability to assess complex software security problems has only been recently investigated. As proxy for the full range of software security skills, we considered the problem of assessing the severity of software vulnerabilities by means of a structured analysis methodology widely used in industry (i.e. the Common Vulnerability Scoring System (\CVSS) v3), and designed a study to compare how accurately individuals with background in information technology but different professional experience and education in cyber security are able to assess the severity of software vulnerabilities. Our results provide some structural insights into the complex relationship between education or experience of assessors and the quality of their assessments. In particular we find that individual characteristics matter more than professional experience or formal education; apparently it is the \emph{combination} of skills that one owns (including the actual knowledge of the system under study), rather than the specialization or the years of experience, to influence more the assessment quality. Similarly, we find that the overall advantage given by professional expertise significantly depends on the composition of the individual security skills as well as on the available information.Comment: Presented at the Workshop on the Economics of Information Security (WEIS 2018), Innsbruck, Austria, June 201

Preparing UK students for the workplace: The Acceptability of a Gamified Cybersecurity Training

This pilot study aims to assess the acceptability of Open University’s training platform called Gamified Intelligent Cyber Aptitude and Skills Training course (GICAST), as a means of improving cybersecurity knowledge, attitudes, and behaviours in undergraduate students using both quantitative and qualitative methods. A mixed-methods, pre-post experimental design was employed. 43 self-selected participants were recruited via an online register and posters at the university (excluding IT related courses). Participants completed the Human Aspects of Information Security Questionnaire (HAIS-Q) and Fear of Missing Out (FoMO) Scale. They then completed all games and quizzes in the GICAST course before repeating the HAIS-Q and FoMO scales as well as several open-ended questions. Pre-training HAIS-Q Knowledge, Attitude and Behaviour all improved from ‘reasonable’ pre-training levels to become ‘very high’ following training with large effect sizes estimated. FoMO improved to a lesser degree but also predicted the degree of HAIS-Q improvement suggesting it is relevant to the impact of this training course. Qualitatively, five key themes were generated: enjoyment, engagement, usability of GICAST, content relevance, and perceived educational efficacy. Overall, sentiment towards training was very positive as an enjoyable engaging and usable course. GICAST was found to be a feasible course for a wide range of students at a UK university: overall the training improved cyber-security awareness on a well validated measure with outcomes comparable to information-security-trained employees of a secure workplace. Despite a diversity of views about content, the course appears to be well suited to the non-IT undergraduate sector and may suit wide uptake to enhance students’ employability in a wide range of cybersecurity relevant contexts

Cybersecurity Challenges and Awareness of the Multi-Generational Learners in Nepal

Increased exposure to technologies has lately emerged as one of the everyday realities of digital natives, especially K-12 students, and teachers, the digital immigrants. Protection from cybersecurity risks in digital learning spaces is a human right, but students are increasingly exposed to high-risk cyberspace without time to cope with cybersecurity risks. This study, using a survey (N-891 students and 157 teachers) and in-depth interviews (27 students and 14 teachers), described the students\u27 cybersecurity-related experiences and challenges in Nepal. This study revealed that the school’s cybersecurity support system is poor and teachers has very low awareness and competencies to protect students from cybersecurity-related challenges. To create a safe cyberspace for learners, it is urgent to enhance the cybersecurity awareness and skills of teachers, as the existing infrastructure is weak and there is a significant gap related to the cybersecurity awareness between students and teachers. Poor cybersecurity is one of the significant barriers to the quality of education in Nepal. In the age of information and technology, effective collaboration among parents, teachers, and students, the multi-generational learners, is the prerequisite for ensuring children\u27s rights to learn in all settings including cyberspace