The Human Factor in Cyber Security Education

In the age of digitization, cyber security has become a major challenge for all actors in the private economy, public service, national security authorities, and the private user. Although the mismatch is large between the demand and supply for the cyber security workforce labor market, demands on educational institutions are increasing. With accelerating technological progress, the development of educational concepts has lagged behind, resulting in a fragmented educational landscape in the cyber security sector. The educational institutions responsible for providing the future cyber security workforce lack support for developing, evaluating, and implementing curricula; learning outcomes; and required skill sets. Although this challenge exists for all aspects of cyber security education, the education soft skills is of particular concern.

Cyber security education is not only limited to academic institutions offering degrees in this subject area or certain time windows in full-time higher education, but also occurs continuously in private and public institutions, whether this being cyber security experts, workforce employees, and the general public. Due to the Covid-19 pandemic, cyber security education has also become pertinent as a subject in primary and secondary schools as remote learning has accelerated the need for delivering secure instruction and learning, as well as increasing the platforms and modalities for the development of maladaptive cyber behaviors (i.e. cyber bullying, problematic internet use, cyber addictive behaviors) . Post pandemic workplaces will become more remote due to technical developments and affordances, but users will need to be educated on the risk factors (both psychosocial and technical) that may increase vulnerabilities for breaches due to less on site support. Workplace changes will also lead to more maladaptive behaviors that could lead to more workload stress demands, influence motivation an increase burnout due to workplace environment changes. Therefore, cyber security education must approach the different levels of society that includes both cyber security experts and non-experts.

This Research Topic aims to address this gap by presenting state-of-the-art knowledge on the human factor in cyber security, its implication in educational best practices, profoundly reducing the workload of academics by selecting and presenting established and robust evidence-based knowledge. Topics of interest include: Current debates and emerging challenges, performance assessment in teaching and training, Theoretical frameworks and their applicability, Cognitive Science’s contribution to cyber security education, Communication across hierarchies, disciplines, and sectors, Social engineering, Cognitive engineering, socio-technical systems, Evaluating educational methods, Individual learning and group learning, Admission processes in educational institutions offering cybersecurity degrees, Designing Cybersecurity and Defence Exercises for teaching and training, Knowledge transfer between sub-disciplines, Visualization of cyber incidents, Cognitive performance under pressure, CyberSecurity Team development, Leadership and cybersecurity education, Continued professional development, Curricula development, Sustainable performance, Cyber security education in primary and secondary schools.