Cyber-Security in

Education

Dr. Sean Thorpe (Presenter)Dr Tyrone Grandison

2014Edu ision

Order of the Talk

What is Cyber-Security (CS) Education?

Why should we provide this Education?

Who is the target audience ?

Curriculum for Cyber-Security

Limitations of a Cyber-Security Curriculum

Conclusion

Future Work

Cyber-Security Education ?

Education

Learning that enables knowledge transfer, skills

and habits about the security of the Internet.

Cyber-Security

Protection computers, networks, programs and data from unintended or unauthorized access, change or destruction, i.e. enforcing Confidentiality, Integrity, Access (C.I.A) for the Internet.

Why Cyber-Security Education ?

Increase in Malicious Cyber-Attacks Increase in internet open access Proliferation in social media (instagram,

facebook) Adoption of new technologies (e.g. web bitcoins)

Awareness levels close to real time is low Increase in Cyber-Security penetration Need for Cyber-Security Forensics

Target Audience

Primary School Education

High School Education

College /Tertiary Education

Cyber Security Curriculum

Curriculum at primary level education Geared towards mobile safety and online

conduct

High School Education Deeper in browser forensics and online

tracking

College Level /Tertiary Education Emphasis on understanding threat models,

creating mitigation strategies and building solutions.

Primary Level Curriculum

Power up and Power down computers Identifying secure and insecure web

pages Social Engineering for the Internet Identifying basic malicious attacks (e.g.

pop ups, script kiddies etc.) Reading web page instructions and terms

and conditions for using such pages.

Tertiary Curriculum

Advance Computer Networking Advance Digital Forensics and Incident Response for the Internet Legal Policy for the Internet Cryptography Techniques for the Web Online Financial Security Internet Auditing and Risk Management

Internet Governance

Limitations

Security is an interdisciplinary field (many skills to hone) Policy adoption on security education

Human Talent Pool of Educational Security

Experts at all levels of curriculum Technology Adoption

Conclusion

Cyber-Security transformation education initiatives at all levels of the curriculum required Existing National ICT initiatives lack the

adequate pool expertise at all requisite levels of curricula.

As Internet penetration increases - a global intiative on Cyber-Security is imperative and the Jamaican context requirement is no less.

Tertiary Level training to inform tertiary level training and lower level curricula is required.

Future Work

Cyber-Security transformation education initiatives at all levels of the curriculum required National ICT security policy initiatives that

speak to skills based initiatives to provide short term, medium term and long term Security Talent Management Pools

Tertiary Level training to inform tertiary and lower level curricula

Questions

?

Thank You