Technology and its applications are advancing rapidly, making it challenging to assess the implications of its use. Exacerbating these issues is a lack of cybersecurity professionals in the workforce. In Summer 2022, the researchers implemented GenCyber as a six-day professional development camp for middle and high school teachers, focusing on a broad range of cybersecurity principles. Participants designed two lesson plans to foster cybersecurity learning across the content areas. This case study explored how participants perceived the impacts of GenCyber on their instructional practices. Data sources included their lesson plans and a focus group interview. It was found that participants perceived the camp as impactful on their teaching practices. They were able to address needs and issues of practice, increase student engagement, and foster interdisciplinary and career connections; however, the participants' lesson plans aligned to a limited scope of technology and engineering contexts. Conclusions and implications are shared, including ways to improve future professional development.
TopIntroduction
Today’s global society relies on technology and connectedness in unprecedented ways. All aspects of life from business to social interactions, shopping to education, can be conducted through digital means. Technology and its applications are advancing very rapidly for eager consumers, making it challenging to properly assess the implementations and implications of its use. In many cases, protections are forgone for the sake of quick product delivery (Mai & Wu, 2023).
A thorough understanding of cybersecurity threats and vulnerabilities and the measures needed to mitigate vulnerabilities is essential for protecting data and privacy for digitally-mediated living. Not all users will be cybersecurity experts, but at a minimum, everyone should possess basic cybersecurity knowledge and skills to protect themselves and their digital affairs. Security is a collective effort and can be achieved if everyone – designers, developers, users, experts – does their part in securing the systems they use.
Users are constantly falling victim to cyber-attacks. According to the 2022 Annual Internet Crime Report by the Federal Bureau of Investigation’s (FBI) Internet Crime Complaint Center (IC3), complaints that addressed a wide array of Internet scams were received globally, resulting in $10.3 billion in losses. Between 2018-2022, 3.26 million complaints were reported with total losses of $27.6 billion. The top five crime types in the report include tech support, extortion, non-payment, non-delivery, and personal data breach. These types of attacks can easily be prevented by vigilant users who are aware of cyber threats, their consequences, and how to mitigate them.
Many sectors employ reactive, rather than preventative, approaches to cybersecurity once issues have arisen; however, Mai and Wu (2023) recommend that institutions “quantitatively evaluate and prevent cyber threats in a hierarchical manner...to identify and address vulnerabilities before they can be exploited” (p. 1). Such proactive approaches may remain elusive given the current shortage of qualified cyber professionals across the world in all sectors. According to the heatmap provided by Cyberseek (2023), there are currently 663,343 openings in cybersecurity. The supply-demand ratio for cybersecurity professionals is 69%, meaning only 69% of the cybersecurity positions are filled in the U.S. The demand for cybersecurity professionals is high in all sectors of today’s workforce, including government, public, and private sectors.
Several initiatives have been launched in recent years to address this gap in the cybersecurity field. One example is the GenCyber program, primarily funded by the National Security Agency (NSA) and the National Science Foundation (NSF), which has been shown to increase participants’ confidence levels in designing and implementing cybersecurity instruction (Childers et al., 2023) and bolster technological knowledge and technological pedagogical knowledge (Thomas et al., 2022).
The goals of the program, as stated on the GenCyber (n.d.) website, are as follows: a)
- 1.
Ignite, sustain, and increase awareness of K12 cybersecurity content and cybersecurity postsecondary and career opportunities for participants through year-round engagement; 2. Increase student diversity in cybersecurity college and career readiness pathways at the K-12 level; and
- 3.
Facilitate teacher readiness within a teacher learning community to learn, develop, and deliver cybersecurity content for the K-12 classroom in collaboration with other nationwide initiatives. (para. 2)