I have written several times about the experience of teaching information security in the classroom, both in the brick and mortar and online environments. My focus has always been on the student and the ways I try to make it interesting and practical for them, the challenges faced in teaching security procedures that may have good or bad applications, and how their own personal computers can be the best learning tool.
Cybersecurity is one of the few career fields in today’s job market whose demand has exceeded supply.
What I have never written about is my own experience teaching information security, and the things I do to teach myself the very concepts and skills I want to share with them. I believe that it is very important for me to be able to “walk the walk” and not just “talk the talk.” There are all sort of individuals working in information security who know the buzzwords, can talk to you about an issue, but do not know how to resolve it or have the capability to do the necessary things, such as manage a firewall, locate a malware infection and remove it, scan a log file for an improper event, and all sorts of other things done every day by someone working in the field.
Here are many of the things I do to stay current, acquire new skills, and challenge myself in order to be able to share my experience with my students:
I read books, magazines, and blogs. I watch YouTube videos. I keep in touch with former students now working in the security field. I look for new websites that contain topics I am interested in. I pursue certifications that I do not need for my teaching position, but that I want to get because they are a challenge and that will add to my knowledge and skills. I enter competitions where I have to crack encryption, disassemble code, hunt for an entry point on a system. I consult with many different companies in information security administration. I attend security and forensic conferences and also present at them. I work on my PhD in Electrical and Computer Engineering part time. I develop courses in Cybersecurity for different colleges.
I benefit from all these activities, and so do my students. If you are interested in learning more about cybersecurity, you may be interested in reading our chapter on Cybersecurity Education and Training in our book Protecting Our Future: Educating a Cybersecurity Workforce or looking at many of our Webinars to learn what’s new in a variety of areas of cyber.