Skip to main content
SpringerLink
Log in

Teaching as a Collaborative Practice: Reframing Security Practitioners as Navigators

  • Chapter
  • First Online:
Transactions on Edutainment XV

Part of the book series: Lecture Notes in Computer Science ((TEDUTAIN,volume 11345))

  • 1024 Accesses

Abstract

The need is growing for a workforce with both technical skills and the ability to navigate existing and emerging information security challenges. Practitioners can no longer depend upon process-driven approaches to people, processes and IT systems to manage information security. They need to be navigators of the entire environment to effectively integrate controls to protect information and technology. The research presented in this paper trialed an innovative tactile learning activity developed through the European Technology-supported Risk Estimation by Predictive Assessment of Socio-technical Security (TREsPASS) project with tertiary education students, designed to provide students with experience in real-world modelling of complex information security scenarios. The outcomes demonstrate that constructing such models in an educational setting are a means of encouraging exploration of the multiple dimensions of security. Such teaching may be a means of teaching social, organization and technical navigation skills necessary to integrate security controls in complex settings.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

References

  1. Australian Government: Protective Security Policy Framework. Australian Government, Attorney-General’s Department (2016). https://www.protectivesecurity.gov.au/informationsecurity/Pages/default.aspx. Accessed 30 Nov 2017

  2. GOV.UK: Security Policy Framework. Cabinet Office, Government Security Profession and National Security Intelligence (2014). https://www.gov.uk/government/publications/security-policy-framework. Accessed 30 Nov 2017

  3. TechWorld: 28 of the most infamous data breaches (2017). https://www.techworld.com/security/uks-most-infamous-data-breaches-3604586/. Accessed 30 Nov 2017

  4. Burdon, M., Siganto, J., Coles-Kemp, L.: The regulatory challenges of Australian information security practice. Comput. Law Secur. Rev. 32(4), 623–633 (2016)

    Article  Google Scholar 

  5. NCSC: CESG Certification for IA Professionals and Guidance to Certification for IA Professionals documents. National Technical Authority for Information Assurance, UK. (2015). https://www.ncsc.gov.uk/articles/cesg-certification-ia-professionals-and-guidance-certification-ia-professionals-documents. Accessed 30 Nov 2017

  6. November, V., Camacho-Hübner, E., Latour, B.: Entering a risky territory: space in the age of digital navigation. Environ. Plan. D Soc. Space 28(4), 581–599 (2010)

    Article  Google Scholar 

  7. Coles-Kemp, L., Overill, R.E.: On the role of the facilitator in information security risk assessment. J. Comput. Virol. 3(2), 143–148 (2007)

    Article  Google Scholar 

  8. Vasenev, A., Montoya, L., Ceccarelli, A., Le, A., Ionita, D.: Threat navigator: grouping and ranking malicious external threats to current and future urban smart grids. In: Hu, J., Leung, Victor C.M., Yang, K., Zhang, Y., Gao, J., Yang, S. (eds.) Smart Grid Inspired Future Technologies. LNICST, vol. 175, pp. 184–192. Springer, Cham (2017). https://doi.org/10.1007/978-3-319-47729-9_19

    Chapter  Google Scholar 

  9. de Leeuw, K.M.M., Bergstra, J.: The History of Information Security: A Comprehensive Handbook. Elsevier, Amsterdam (2007)

    Google Scholar 

  10. Saltzer, J., Schroeder, M.: The protection of information in computer systems. Proc. IEEE 63(9), 1278–1308 (1975)

    Article  Google Scholar 

  11. Reece, R., Stahl, B.: The professionalisation of information security: perspectives of UK practitioners. Comput. Secur. 48, 182–195 (2015)

    Article  Google Scholar 

  12. ISO: ISO/IEC 27000:2016 Information technology – Security techniques – Information security management systems – Overview and vocabulary (2016). https://www.iso.org/standard/66435.html. Accessed 30 Nov 2017

  13. NIST: Cybersecurity Framework. National Institute of Standards and Technology (2014). https://www.nist.gov/cyberframework. Accessed 30 Nov 2017

  14. Giranldi, B., Martin, D., Nguyen-Duy, J., Santana, M., Schwartz, E., Weber, D.: Transforming traditional security strategies into an early warning system for advanced threats: big data propels SIEM into the era of security analytics. RSA Secur. Brief 11 (2012). https://www.emc.com/collateral/software/solution-overview/h11031-transforming-traditional-security-strategies-so.pdf. Accessed 30 Nov 2017

  15. CISCO: Internet of Everything (IoE) value index (2013). http://internetofeverything.cisco.com/sites/default/files/docs/en/ioe-value-index_Whitepaper.pdf. Accessed 30 Nov 2017

  16. Shedden, P., Scheepers, R., Smith, W., Ahmad, A.: Incorporating a knowledge perspective into security risk assessments. VINE J. Knowl. Manag. 41(2), 152–166 (2011)

    Google Scholar 

  17. Hansen, L., Nissenbaum, H.: Digital disaster, cyber security, and the copenhagen school. Int. Stud. Q. 53(4), 1155–1175 (2009)

    Article  Google Scholar 

  18. Libicki, M., Senty, D., Pollak, J.: Hackers Wanted: An Examination of the Cybersecurity Labor Market. RAND Corporation, Santa Monica (2014)

    Book  Google Scholar 

  19. National Audit Office: The digital skills gap in government: survey findings (2017). https://www.nao.org.uk/report/the-digital-skills-gap-in-government-survey-findings/. Accessed 30 Nov 2017

  20. Frost and Sullivan: The 2015 (ISC)2 Global Information Security Workforce Study (2015). https://www.boozallen.com/content/dam/boozallen/documents/Viewpoints/2015/04/frostsullivan-ISC2-global-information-security-workforce-2015.pdf. Accessed 30 Nov 2017

  21. SFIA Foundation: SFIA 5 Framework Reference (2017). https://www.sfia-online.org/en/sfia-5. Accessed 30 Nov 2017

  22. Universities Australia: Landmark strategy to make graduates more ‘job ready’ (2015). https://www.universitiesaustralia.edu.au/news/media-releases/Landmark-strategy-to-make-graduates-more–job-ready-#.WEMoFfl97D4. Accessed 30 Nov 2017

  23. Bloom, B., Englehart, M., Furst, E., Hill, W., Krathwohl, D.: Taxonomy of Educational Objectives: The Classification of Educational Goals. Handbook I: Cognitive Domain. Longmans Green, New York (1956)

    Google Scholar 

  24. University Alliance: Job Ready: universities, employers and students creating success (2014). http://www.unialliance.ac.uk/wp-content/uploads/2014/07/UA06_JOB_READY_web.pdf. Accessed 30 Nov 2017

  25. Norton, A., Cakitaki, B.: Mapping Australian higher education 2016, Grattan Institute (2016). http://grattan.edu.au/wp-content/uploads/2016/08/875-Mapping-Australian-Higher-Education-2016.pdf. Accessed 30 Nov 2017

  26. Matthews, K.E., Mercer-Mapstone, L.D.: Toward curriculum convergence for graduate learning outcomes: academic intentions and student experiences. Stud. High. Educ., 1–16 (2016). https://doi.org/10.1080/03075079.2016.1190704

  27. ACS: Common ICT job profiles & indicators of skills mobility: ICT skills white paper. Australian Computer Society (2013). http://www.acs.org.au/information-resources/ict-skills-white-paper. Accessed 30 Nov 2017

  28. Hentea, M., Dhillon, H.S., Dhillon, M.: Towards changes in information security education. J. Inf. Technol. Educ. 5, 221–233 (2006)

    Google Scholar 

  29. Yasinsac, A.: Information security curricula in computer science departments: theory and practice. Georg. Wash. Univ. J. Inf. Secur. 1(2), 5 (2002)

    Google Scholar 

  30. Lewis, M., Coles-Kemp, L.: I’ve Got Something To Say: The Use of Animation to Create a Meta-Story about Professional Identity (2014). https://www.riscs.org.uk/2014/06/22/ive-got-something-to-say-the-use-of-animation-to-create-a-meta-story-about-professional-identitylewis-m-coles-kemp-l/. Accessed 25 Nov 2017

  31. TREsPASS: EU TREsPASS (Technology-supported Risk Estimation by Predictive Assessment of Socio-technical Security) project (2015). http://www.trespass-project.eu/. Accessed 20 Nov 2017

  32. Coles-Kemp, L.: TREsPASS Exploring Risk (2016). https://bookleteer.com/collection.html?id=27

  33. Conklin, A.: Cyber defense competitions and information security education: an active learning solution for a capstone course. In: Proceedings of the 39th Annual Hawaii International Conference on System Sciences (HICSS 2006) (2006)

    Google Scholar 

  34. He, W., Kshirsagar, A., Nwala, A., Li, Y.: Teaching information security with workflow technology–a case study approach. J. Inf. Syst. Educ. 25(3), 201+ (2014)

    Google Scholar 

  35. Zurita, H., Maynard, S., Ahmad, A.: Evaluating the utility of research articles for teaching information security management. In: Proceeding of Australasian Conference on Information Systems 2015 (2016). https://arxiv.org/abs/1606.01448

  36. Bailey, B.P., Biehl, J.T., Cook, D.J., Metcalf, H.E.: Adapting paper prototyping for designing user interfaces for multiple display environments. Pers. Ubiquitous Comput. 12(3), 269–277 (2008). https://doi.org/10.1007/s00779-007-0147-2

    Article  Google Scholar 

  37. Tonkin, E.: Multilayered paper prototyping for user concept modeling: supporting the development of application profiles. In: Proceedings of the International Conference on Dublin Core and Metadata Applications, 2009, pp. 51–60 (2009)

    Google Scholar 

  38. Linek, S.B., Tochtermann, K.: Paper prototyping: the surplus merit of a multi-method approach. Forum Qual. Soc. Res. 16(3) (2015)

    Google Scholar 

  39. OECD: Digital Security Risk Management for Economic and Social Prosperity: OECD Recommendation and Companion Document (2015). https://doi.org/10.1787/9789264245471-en, http://www.oecd.org/sti/ieconomy/digital-security-risk-management.pdf. Accessed 02 Nov 2017

  40. NIST: Managing Information Security Risk Organization, Mission, and Information System View, NIST Special Publication 800-39, 88 (2011). http://csrc.nist.gov/publications/nistpubs/800-39/SP800-39-final.pdf. Accessed 30 Nov 2017

  41. Kirschner, P.A., Ayres, P., Chandler, P.: Contemporary cognitive load theory research: the good, the bad and the ugly. Comput. Hum. Behav. 27(1), 99–105 (2011)

    Article  Google Scholar 

  42. Sweller, J.: Cognitive load during problem solving: effects on learning. Cogn. Sci. 12(2), 257–285 (1988)

    Article  Google Scholar 

  43. Kalyuga, S., Hanham, J.: Instructing in generalized knowledge structures to develop flexible problem solving skills. Comput. Hum. Behav. 27(1), 63–68 (2011)

    Article  Google Scholar 

  44. Kirschner, F., Paas, F., Kirschner, P.A.: Superiority of collaborative learning with complex tasks: a research note on an alternative affective explanation. Comput. Hum. Behav. 27(1), 53–57 (2011)

    Article  Google Scholar 

  45. Swords, J., Askins, K., Jeffries, M., Butcher, C.: Geographic visualisation: lessons for learning and teaching. Planet 27(2), 6–13 (2013). https://doi.org/10.11120/plan.2013.00001

    Article  Google Scholar 

  46. Hall, P., Heath, C., Coles-Kemp, L., Tanner, A.: Examining the contribution of critical visualisation to information security. In: Proceedings of the 2015 New Security Paradigms Workshop 2015, pp. 59–72. ACM, September 2015

    Google Scholar 

  47. TReSPASS mapping tools and techniques for cyber security. https://visualisation.trespass-project.eu/ Accessed 24 Feb 2017

  48. AISA: The Australian Cyber Security Skills Shortage Study 2016. Australian Information Security Association (2016). https://www.aisa.org.au/Public/Training_Pages/Research/AISA%20Cyber%20security%20skills%20shortage%20research.aspx. Accessed 30 Nov 2017

Download references

Acknowledgments

The researchers would like to thank the participants for their efforts, energy and contributions. Coles-Kemp’s contribution was by supported by the European Commission through the FP7 project TREsPASS (grant agreement n. 318003). The materials for the workshop were developed as part of Work Package 4 outputs for the TREsPASS project by art studio LUST.

Author information

Authors and Affiliations

  1. Flinders University, Adelaide, SA, Australia

    Patricia A. H. Williams

  2. Royal Holloway University of London, Egham, UK

    Lizzie Coles-Kemp

  3. Edith Cowan University, Joondalup, WA, Australia

    Patricia A. H. Williams

Authors
  1. Patricia A. H. Williams
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Lizzie Coles-Kemp
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Patricia A. H. Williams .

Editor information

Editors and Affiliations

  1. Hangzhou Normal University, Hangzhou, China

    Zhigeng Pan

  2. Imagineering Institute, Nusajaya, Malaysia

    Adrian David Cheok

  3. University of Education, Weingarten, Germany

    Wolfgang Müller

  4. Zhejiang University, Hangzhou, China

    Mingmin Zhang

  5. John Moores University, Liverpool, UK

    Abdennour El Rhalibi

  6. Air University, Islamabad, Pakistan

    Kashif Kifayat

Rights and permissions

Reprints and permissions

Copyright information

© 2019 Springer-Verlag GmbH Germany, part of Springer Nature

About this chapter

Check for updates. Verify currency and authenticity via CrossMark

Cite this chapter

Williams, P.A.H., Coles-Kemp, L. (2019). Teaching as a Collaborative Practice: Reframing Security Practitioners as Navigators. In: Pan, Z., Cheok, A., Müller, W., Zhang, M., El Rhalibi, A., Kifayat, K. (eds) Transactions on Edutainment XV. Lecture Notes in Computer Science(), vol 11345. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-662-59351-6_10

Download citation

  • DOI: https://doi.org/10.1007/978-3-662-59351-6_10

  • Published:

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-662-59350-9

  • Online ISBN: 978-3-662-59351-6

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation