Redefining the Role of Information Warfare in Chinese Strategy

Information warfare is generally understood as “actions taken to affect adversary information and information systems, while defending one’s own information and information systems.” In this paper, a theory is introduced that China is currently executing a patient and deceptive form of information warfare that redefines the boundaries of Western definitions of the concept. China’s efforts are designed to advance its economic state, maintain its national unity, significantly improve its technological and military capabilities, and increase its regional and global influence -- all with minimal or no fighting and without alarming the West. This theory is supported by diverse sources that relate directly to China’s grand strategy and strategic heritage. China is emerging as the United States’ primary rival in the 21stCentury. In spite of this formidable competitor, American comprehension of China’s strategic heritage, grand strategy, and the role of information warfare in support of that strategy is gravely insufficient. This work presents summaries of China’s strategic heritage and grand strategy, and then proposes how China is currently using information warfare based on its strategic heritage to achieve its national interests. China’s view of America as an adversary and appropriate comparisons to America’s strategic heritage and America’s information warfare doctrine are also included. It is stressed throughout the paper that American analysis does not fully comprehend the strong impact that Eastern strategic heritage is having on China’s actions

Educating Future Multidisciplinary Cybersecurity Teams

We present a vision and the curricular foundations needed for the multidisciplinary cybersecurity teams of the future, which are made up of diverse cybersecurity experts, each contributing unique abilities and perspectives that emerged from their own discipline-centric methodological approaches. Examples demonstrating the effectiveness of current and emerging multidisciplinary cybersecurity teams are included

Holistic Cyber Education

This paper provides a multi-level, multidisciplinary approach for holistically integrating cyber into a student’s academic experience. Our approach suggests formally integrating cyber throughout an institution’s curriculum, including within the required general education program, in electives from a variety of disciplines, as multi-course threads, as minors, and in numerous cyber-related majors. Our holistic approach complements in-class curricula with both a pervasive cyber-aware environment and experiential, outside-the-classroom activities that apply concepts and skills in real-world environments. The goal of our approach is to provide all educated individuals a level of cyber education appropriate for their role in society. Throughout the description of our approach, we include examples of its implementation at the United States Military Academy.https://digitalcommons.usmalibrary.org/books/1024/thumbnail.jp

Enhancing Cybersecurity Content in Undergraduate Information Systems Programs: A Way Forward

The ongoing barrage of data and infrastructure breaches is a constant reminder of the critical need to enhance the cybersecurity component of modern undergraduate information systems (IS) education. Although the most recent undergraduate information systems curricular guidelines (IS2010) highlight security in the context of data, enterprise architecture, and risk management, much more needs to be done. The IS education community needs to identify cybersecurity competencies and curricular content that further integrates cybersecurity principles and practices into IS curricular guidelines. Until this is completed at the IS community level, IS programs will need to fulfill this role individually. This paper contributes to both these efforts by reviewing relevant literature and initiatives – highlighting two primary paths of curricular development: (1) the evolution of IS curricular guidelines, and (2) the development of Cybersecurity as a standalone discipline. Using these resources, the paper summarizes best practices for integrating cybersecurity into curricula and explores the integration of IS into cybersecurity programs

Bouncing Forward from COVID in Higher Education

This paper is a call to arms to bounce forward in the classroom as we emerge from the COVID crisis. The predominant return to in-person classes in higher education should not be a return to the same normal classroom conditions that existed prior to the pandemic. In the last 2+ years, we have come an extraordinarily long way in our abilities and in our inclinations to employ technologies and techniques in a blended classroom environment that truly improves the learning experience. In this paper, we call for and contribute to such an effort. Tying into the abundance of literature dealing with the COVID educational environment, we present our findings and ideas from carefully studying our own faculty. We summarize our overall findings as well as describe in detail three general categories that we believe hold great promise for improving the higher education classroom in the post-crisis era, namely digital chalkboards / screen sharing; remote participation and collaboration; and a paperless classroom. We argue that educators have an obligation and opportunity to not simply return to pre-crisis methods

Creating a Multifarious Cyber Science Major

Existing approaches to computing-based cyber undergraduate majors typically take one of two forms: a broad exploration of both technical and human aspects, or a deep technical exploration of a single discipline relevant to cybersecurity. This paper describes the creation of a third approach—a multifarious major, consistent with Cybersecurity Curricula 2017, the ABET Cybersecurity Program Criteria, and the National Security Agency Center for Academic Excellence—Cyber Operations criteria. Our novel curriculum relies on a 10-course common foundation extended by one of five possible concentrations, each of which is delivered through a disciplinary lens and specialized into a highly relevant computing interest area serving society’s diverse cyber needs. The journey began years ago when we infused cybersecurity education throughout our programs, seeking to keep offerings and extracurricular activities relevant in society’s increasingly complex relationship with cyberspace. This paper details the overarching design principles, decision-making process, benchmarking, and feedback elicitation activities. A surprising key step was merging several curricula proposals into a single hybrid option. The new major attracted a strong initial cohort, meeting our enrollment goals and exceeding our diversity goals. We provide several recommendations for any institution embarking on a process of designing a new cyber-named major

Meaningful Assessment

Assessment of student learning outcomes is a key process used in education to both evaluate students’ level of achievement and to identify opportunities for continuous improvement. The most prevalent technique for analyzing data collected from direct assessment methods is to distill the data to a single measure of central tendency, typically the arithmetic mean. Despite well-known awareness and understanding of the limitations of the arithmetic mean, it is still commonly used because it is easy to calculate from the readily available data and is familiar to most educators. This paper argues that use of arithmetic mean alone is a poor assessment practice, and an alternate evaluation technique is presented in detail. To illustrate our conceptual arguments, a case study involving the assessment of an intermediate, college-level information technology course is presented. For the evaluation of an outcome in this course, assessment of student performance for the embedded indicators of that outcome are shown using both the commonly used arithmetic mean and what we believe to be a better, more meaningful assessment technique that places individual student performance data points into categories using an Individual Indicator Metric and then evaluates the group’s overall performance based on the distribution of these student performances across the categories using a Group Indicator Metric. The paper’s concluding section briefly addresses integrating indirect (subjective) evidence, combining all data source evaluations to evaluate an outcome, identifying and acting on opportunities for improvement, and reassessing changes. The central theme of the paper is that the veracity of assessment can be significantly improved with minimal extra effort

The Value of a One Semester Exposure to the Institutional Review Board Process

Genuinely considering the user experience is an important element of developing usable and acceptable hardware and software. When working outside of a simple classroom project, however, an Institutional Review Board (IRB) approval must be obtained before conducting user studies with human subjects. Obtaining IRB approval is often viewed as a bureaucratic procedure to be endured rather than an opportunity to teach the value and process of conducting user studies. Here, we present our experience educating students on Human Protections Training, seeking IRB exempt approval, and conducting user studies all in a one semester experience. By going through the IRB and user study process, our students learn about the ethical treatment of participants and also experience firsthand the issues and insights involved in critiquing a design that would not have been discovered without usability studies. This best practice is completely in line with curriculum guidelines for computer science from the Association for Computing Machinery (ACM) and IEEE Computer Society requiring coverage of HCI and ethics