Layering Sociotechnical Cybersecurity Concepts Within Project-Based Learning

What is it about?

We demonstrated that a project-based capstone experience is an effective context for teaching the foundations of security and privacy. We developed ten learning modules designed to introduce and sensitize students to foundational cybersecurity concepts. Then we delivered the modules in the treatment sections of a two-term capstone course involving the development of software solutions for external clients. Control sections of the course were taught without the modules as usual. We evaluated the effectiveness of the modules by administering pre-treatment and post-treatment assessments of cybersecurity knowledge and collecting written student reflections after the delivery of each module. We found that the students in the treatment condition exhibited statistically significant increases in their knowledge of foundational security and privacy concepts compared to those in the control condition without the modules. Further, student reflections indicate that they appreciated the content of the modules and were readily able to apply the concepts to their projects.

Featured Image

Photo by micheile henderson on Unsplash

Photo by micheile henderson on Unsplash

Why is it important?

Other studies have shown that graduates of computing majors have inadequate training in cybersecurity. This contributes to the frequency of security breaches. We show that embedding cybersecurity instruction in capstone courses is one effective way to address that training gap.

Perspectives