The purpose of this paper is to critically examine the application of theoretical teaching models to the development and teaching of the Information Security (ISEC) curriculum in tertiary education. Based on the author’s personal experiences, the paper examines various teaching theories, discusses their suitability to the ISEC curriculum and recommends a suitable teaching style for the ISEC course

Mubarak, Sameera

English

AIS Electronic Library (AISeL)

Association for Information SystemsAIS Electronic Library (AISeL)ACIS 2007 Proceedings Australasian (ACIS)2007A Critical Analysis on Theoretical Perspectives ofTeaching Information Security in TertiaryEducationSameera MubarakUniversity of South Australia, sameera.mubarak@unisa.edu.auFollow this and additional works at: http://aisel.aisnet.org/acis2007This material is brought to you by the Australasian (ACIS) at AIS Electronic Library (AISeL). It has been accepted for inclusion in ACIS 2007Proceedings by an authorized administrator of AIS Electronic Library (AISeL). For more information, please contact elibrary@aisnet.org.Recommended CitationMubarak, Sameera, "A Critical Analysis on Theoretical Perspectives of Teaching Information Security in Tertiary Education" (2007).ACIS 2007 Proceedings. 117.http://aisel.aisnet.org/acis2007/11718th Australasian Conference on Information Systems Theory of Teaching Information Security 5-7 Dec 2007, Toowoomba  Mubarak  844 A Critical Analysis on Theoretical Perspectives of Teaching Information Security in Tertiary Education Sameera Mubarak School of Computer and Information Sciences University of South Australia Adelaide, Australia Email: Sameera.mubarak@unisa.edu.au  Abstract  The purpose of this paper is to critically examine the application of theoretical teaching models to the development and teaching of the Information Security (ISEC) curriculum in tertiary education. Based on the author’s personal experiences, the paper examines various teaching theories, discusses their suitability to the ISEC curriculum and recommends a suitable teaching style for the ISEC course. Keywords  Teaching, theoretical perspectives, Information security curriculum, tertiary education Introduction  The fast growth of Information Technology (IT) has affected many sectors. Many organizations are adopting IT to a certain extent in their daily routines, mainly to store and retrieve information. Learning about basic information security concepts is essential at the tertiary level as information security (ISEC) could be useful for many disciplines, including technical, business and management. However, the content would need to incorporate both technical and management perspectives to ensure its relevance to practice. The ISEC curriculum content could range from concepts, confidentiality, integrity and accessibility of information to computer forensics and security policies. It could contain some practical teaching to investigate an organization’s Security policies and standards, or to audit aspects of the organization’s Security system and identify existing weaknesses.  I believe that effective delivery of the ISEC course content would depend to a large extent upon the teacher. The teacher’s role is very important because the success of the learning process is partially dependent on the teacher’s teaching style and adoption of suitable teaching/learning models. A teacher who is aware of the strengths and weaknesses of his/her teaching style can adopt an approach that is best suited to enhance the quality of their teaching for a particular curriculum. Based on the author’s personal experiences, this paper examines various teaching theories, discusses their suitability to the ISEC curriculum and recommends a suitable teaching style for ISEC courses. Theoretical Perspectives and Teaching Style It is important to review the theories proposed by Ramsden (2003) in relation to teaching styles. These include: 1) teaching as telling or transmission; 2) teaching as organizing student activity; and 3) teaching as making learning possible. • Teaching as telling or transmission   In this theory, the teacher’s role is to transmit knowledge to students. In this theory, students are passive and the teacher is active. This view was supported by Russell and Johnson (1998), who argued that the lecturer’s role is primarily to communicate knowledge: that it is both necessary and sufficient that the teacher should be an expert in the subject matter. However, in this approach, knowledge about subject content and knowledge of techniques for teaching it are kept entirely separate. This has some affinity with the superficial engagement with content that typifies a surface approach to teaching and learning (Ramsden, 2003). A similar view was put forward by Garsha (1996) in ‘cluster 1’ of his classification of teaching styles. In this style, the expert/formal authority cluster tends towards teacher-centered classrooms in which information is presented and students receive knowledge’. The teacher has total control. Westcott et al. (2003) described this type of approach as an ‘authoritarian didactic style’, in which students play very little part other than to accept what the teacher ‘thinks they need to know’. In this approach, students’ total dependence on the teacher might hinder his/her original thinking.  18th Australasian Conference on Information Systems Theory of Teaching Information Security 5-7 Dec 2007, Toowoomba  Mubarak  845 Even though many practitioners practice the ‘teaching as telling or transmission’ theory, it has several major drawbacks, particularly in relation to teaching ISEC. These include:  • responsibility for learning is completely on the student’s shoulders;  • the teacher does not carry any responsibility for involving students in the learning process, which may create serious problems in passing the information across to the students effectively;  • all students are treated as being at the same learning level, implying that they have an equal ability to grasp the knowledge the teacher is giving them;  • a friendly teacher-student environment, which from my experience I believe is an important prerequisite for productive teaching and learning, is absent.  Thus, I do not believe it would be advisable to adopt this theory for teaching the ISEC course, as this course requires very strong teacher-student teaching/learning relationships. Student involvement and participation is essential, as much of the course is based on students acquiring and mastering specific, required skills, and teachers using student feedback to pace the introduction of new knowledge and skills. If a student has no prior knowledge about information security basics, there is a greater chance of the student not being able to cope with the ISEC contents. Resolving this problem requires interaction between the student and teacher. The student needs to feel comfortable to give feedback to the teacher, and the teacher must be committed to giving feedback to the student so that they can work together to enable the student to learn the basics and upgrade their skills level. Similarly, if a student fails to acquire a required skill related to ISEC, the teacher needs to be more active in finding teaching methods to help that student upgrade their knowledge. I have found that while teaching technical components, one should bear in mind that each student’s capacity and aptitude is different. For example, the ISEC course that I teach in the University of South Australia has many international students from non-English-speaking backgrounds who may need the teacher to spend extra time with them – a situation that is given no consideration in the ‘teaching as telling or transmission’ theory. Also, there are several mature age students who have lost touch with a study pattern, and they, too, may require more input from the teacher. Thus, the teacher needs to be flexible and approachable to guide students who are having difficulty. Above all, the teacher should be willing to hear the students’ opinions and problems, and act accordingly. • Teaching as organizing student activity  In this theory, teaching is seen as a supervision process involving the articulation of techniques designed to ensure that students learn (Ramsden, 2003). This theory is less rigid than the authoritative style and leads to innovative higher education. Learning teaching techniques is promoted as a sufficient basis for improving teaching (Ramsden, 2003) that is more learner-centered and less teacher-directed than authoritarian styles. According to this theory, teaching is about taking part in the development of student learning rather than just disseminating knowledge to students.  Again, Garsha (1996) supports a similar view in his ‘cluster 3’ model, ‘the facilitator/personal model for the classroom’, which provides a good opportunity for students to participate in the learning process. ‘The teacher designs the activity, social interactions and problem-solving situations that allow students to practice and learn the course content’. Students are facilitated to show initiation and accept responsibility for meeting the demands of various learning tasks set by the teacher.  However, while I see this method as more conducive to developing a student-teacher teaching/learning relationship than the first theory, applying it to ISEC teaching still leaves scope for improvement. Students need to understand the ISEC course content thoroughly. In this scenario the learning need to occur not only through activities designed and provided by the teacher but also by active individual student engagement with the subject matter. I feel that, particularly in relation to ISEC, the teacher’s role should be much more than merely acting as or someone who designates tasks. • Teaching as making learning possible This approach is much more refined than the previous two theories. According to Ramsden (2003), ‘teaching is comprehended as a process of working cooperatively with learners to help them change their understanding’. Here, ‘teaching involves finding out about students’ misunderstandings, intervening to change them and creating a context of learning which encourages students’ activity to engage with subject matter’. Garsha (1996) supported this theory in his ‘cluster 4’ teaching style, in which ‘the delegator/facilitator/expert cluster places much of the learning burden on the students’. In this approach, students have adequate knowledge and posses independent, collaborative and participant learning styles, while the teacher’s role is to ‘empower’ them. Besides Ramsden and Garsha, Westcott (2003) also considered a similar teaching style in which knowledge is interchanged between teacher and learner. This ‘heuristic style’ delegates more time to ‘find out for yourself’ 18th Australasian Conference on Information Systems Theory of Teaching Information Security 5-7 Dec 2007, Toowoomba  Mubarak  846 student learning, but at the same time the teacher is happy to share what he/she knows. This approach encourages free interchange between the teacher and the student. Teaching and learning is more open to the outside world, with the whole process crossing the ‘rigid classroom’ boundary.  This teaching style would support the ISEC practical curriculum, as it gives an equal opportunity to all students to put forth their ideas and opinions, and teachers can ‘listen to other teachers in an effort to teach better’ (Ramsden, 2003). I believe it is more appropriate for the ISEC to use a student-centered approach with guidance from the teacher as a resource person than other approaches, as this can help both teachers and students realize their needs and responsibilities in learning. It also helps teachers become more in tune with their students’ needs and demands.  Application of Theory to ISEC Curriculum The theoretical perspectives discussed have been used to inform to the ISEC curriculum in two main ways: the teacher’s role in the whole teaching process and through curriculum development. The teacher’s role has been discussed already in conjunction with the theories. Curriculum development is discussed below. Curriculum Development A curriculum should be designed to help students develop learning skills and an understanding that enables them to apply the course content in real world situations. Ramsden (2003) points out that teachers must place importance on curriculum development, focusing on different ways of encouraging students to learn. It is important that the curriculum contains a variety of material and different task sequences so that individual differences between learners can be fitted in to the general goal of helping all students to develop their understanding of the topic. This would apply to the ISEC course curriculum, which would aim to fulfill the goal of integrating content and process. This means that the course content should be taught through the processes encountered in the real world, including decision-making, problem-solving, evaluating and comparing. Developing these skills can help students relate theoretical knowledge to real world situations. The ISEC curriculum would develop students’ skills in these areas, aided by study tools and with links to real-world objects, events and situations. Curriculum Promoting In-depth Learning Fenninmore and Tinzmann (1990) proposed curriculum development in which ‘concepts and strategies need to be identified, organized, prioritized and taught in-depth’ to promote in-depth learning. This type of curriculum can help students develop a deep understanding of essential concepts and the processes for dealing with those concepts, similar to the understanding that experts use in tackling complex tasks in the ISEC course.  Curriculum as a Holistic Teaching/Learning Process In line with Fennimore and Tinzmann’s (1990) focus on teaching a curriculum in an environment in which students can succeed, the ISEC curriculum would be taught as a holistic process, rather than fragmenting the process. It would be developed to promote a sense of efficacy and confidence in students. Teaching materials and course content would be structured to enable students to gradually regulate their own learning in a meaningful learning context.  The ISEC curriculum would also be designed to allow for students’ differing academic discipline backgrounds. For example, management students and technology students could undertake different projects related to their discipline backgrounds.  As a result of the ISEC curriculum’s endeavors to provide students with a holistic learning process, students would gain a greater understanding of all aspects of security information and its place in the world, and would be more able to relate theoretical concepts with real world processes and their own experiences.  Conclusion In the process of teaching and learning, teachers’ teaching styles and their commitment to curriculum development play important roles in helping students learn. The teacher’s personality and different roles played by the teacher in transmitting knowledge also influence the student’s learning. Each teacher’s teaching style may differ based on his/her past experiences, knowledge and skills gained over a period of time, topics taught and disciplines within which the teacher has worked. Hence it is a hard task to name an overall best theory or method of teaching. Taking this into consideration, in relation to teaching in the ISEC course, where the teacher 18th Australasian Conference on Information Systems Theory of Teaching Information Security 5-7 Dec 2007, Toowoomba  Mubarak  847 helps the student to gain knowledge and professional skills, the theory of teaching that aims to ‘make learning possible’ is a useful model. Curriculum, like teaching styles, needs to vary according to the discipline, topic and students. The importance of the teacher’s commitment to curriculum development can not be over-stated. In relation to the ISEC curriculum, I have concluded that curriculum development that adopts a holistic approach to student learning is most applicable.  References Fenninmore, T. F. and Tinzmann, M.B 1990, NCREL, Oak Brook. Garsha, A. 1996, Teaching with Style. Pittsburgh, PA: Alliance Publishers:149-205. Glazer, S.M  2004, Reflective Teachers. Teaching PreK-8, 34(4): 90. Ramsden, P. 2003 ,Learning to teach in higher education. London: Routledge. Russell, T. and Johnson, P. 1998 Teachers learning from experiences of teaching: Analyses based on metaphor and reflection. Paper presented at the Annual Conference of the American Educational Research Association, New Orleans, April.  Westcott, R. 2003 Teaching Styles.Doctor,42(1):3. Copyright  Sameera Mubarak © 2007. The author assign to ACIS and educational and non-profit institutions a non-exclusive licence to use this document for personal use and in courses of instruction provided that the article is used in full and this copyright statement is reproduced. The authors also grant a non-exclusive licence to ACIS to publish this document in full in the Conference Proceedings. Those documents may be published on the World Wide Web, CD-ROM, in printed form, and on mirror sites on the World Wide Web. Any other usage is prohibited without the express permission of the authors.   

A Critical Analysis on Theoretical Perspectives of Teaching Information Security in Tertiary Education

https://aisel.aisnet.org/cgi/viewcontent.cgi?article=1093&amp;context=acis2007

A Critical Analysis on Theoretical Perspectives of Teaching Information Security in Tertiary Education

Abstract

Similar works

Full text

Available Versions

AIS Electronic Library (AISeL)