Engineering a secure IT system, in addition to technical skills, requires a particular mindset focused on using cybersecurity solutions effectively against sophisticated and stealthy cyber attacks. The traditional lecture-centric style of teaching has failed to deliver that mindset, which is the direct result of an over-emphasis on specific technical skills (with limited lifespan and insufficient technical depth), abstract rather than deeply technical examination of fundamental concepts, and an impatience in developing broader analytical skills. The vast majority of cybersecurity failures are the result of poor understanding of the security landscape and an inability to adapt to new threats.
Peer instruction may be a solution to this challenge. This project evaluates the effectiveness of peer instruction methodology for cybersecurity education, and develops the peer instruction material for three cybersecurity courses offering an introduction to security concepts, a defensive view of cybersecurity, and an offensive view of cybersecurity. The two primary mechanisms are used for measuring impact of peer instruction, which are pre- and post-testing, and isomorphic questions.