Software vulnerabilities in commercial products are an issue of national importance. The most prevalent breaches are input validation vulnerabilities, and these are easily avoidable. This dissertation contributes to cybersecurity education with a set of hands-on interventions tailored for three CS courses, a set of reflection prompts to encourage…

The growing importance of researching online activities, such as cyber-deviance and cyber-crime, as well as the use of online tools (e.g. questionnaires, games, and other interactive tools) has created new ethical and legal challenges for researchers, which can be even more complicated when researching adolescents. In this article, we highlight…

Cybersecurity remains a critical concern for school systems nationwide, showing a consistent increase in publicly disclosed K-12 cyber incidents over the past 5 years. The U.S. Department of Homeland Security's 2024 Homeland Threat Assessment underscores this trend, predicting ongoing targeting of K-12 school networks by cyber actors who will…

There is an ever-pressing need for cybersecurity awareness and implementation of learning strategies in the workplace to mitigate the increased threat posed by cyber-attacks and exacerbated by an untrained workforce. The lack of cybersecurity knowledge amongst government employees has increased to critical levels due to the amount of sensitive…

With the increase in cybercrime costing organizations financial loss and loss to their reputation, the need to hire qualified and experienced employees is paramount. As the gap in the workforce shortage widens, cybersecurity education and training institutions are struggling to produce a capable workforce with enough experience and skills that…

In mid-July 2020, the social media site Twitter had over 100 of its most prominent user accounts start to tweet requests to send Bitcoin to specified Bitcoin wallets. The requests promised that the Bitcoin senders would receive their money back doubled, as a gesture of charity amidst the COVID-19 pandemic. The attack appears to have been carried…

Many districts struggle to access the cybersecurity expertise or other resources needed to secure their networks and data appropriately. This isn't because mitigation strategies don't exist. Often, the barrage of suggestions and warnings directed at school IT leaders are too overwhelming to navigate, are not properly scoped for educational…

This Praxis develops a machine learning (ML) model to address ransomware threats in higher education institutions (HEIs). HEIs are vulnerable to cyberattacks due to their open-access environments, diverse user bases, and decentralized IT systems. These vulnerabilities are compounded by limited budgets, heightened risks from increased digital…

There is an increasing trend in cloud adoption of enterprise applications in, for example, manufacturing, healthcare, and finance. Such applications are routinely subject to targeted cyberattacks, which result in significant loss of sensitive data (e.g., due to data exfiltration in advanced persistent threats) or valuable utilities (e.g., due to…

Any academic from an overrepresented group who advocates more "diversity" is directly contributing to the lack of "diversity" by remaining in his position. Assuming the number of jobs is relatively fixed, such an individual is effectively saying, "I want the percentage of academics who have the same demographic…

The current study proposes a taxonomy to organize existing knowledge on cybercrimes against critical infrastructure such as power plants, water treatment facilities, dams, and nuclear facilities. Routine Activity Theory is used to inform a three-dimensional taxonomy with the following dimensions: hacker motivation (likely offender), cyber,…

There is a significant skill gap, with millions of cybersecurity jobs still needing to be fulfilled due to a lack of a trained workforce. Various academic programs are available that teach students in different aspects of cybersecurity. This paper investigates if the title of an IT program has any impact on the desirability of a program and if…

The Cybersecurity Ambassador Program provides professional skills training for emerging cybersecurity professionals remotely. The goal is to reach out to underrepresented populations who may use Federal Work-Study (FWS) or grant sponsored internships to participate. Cybersecurity Ambassadors (CAs) develop skills that will serve them well as…

Private-sector and public-sector organizations have increasingly built specific business units for securing company assets, reputation, and lives, known as "security operations centers" (SOCs). Depending on the organization, these centers may also be referred to as global security operations centers, "cybersecurity" operations…

The goal of this research is to describe an active learning opportunity that was conducted as a community service offering through our Center for Cybersecurity Education and Applied Research (CCEAR). As a secondary goal, the participants sought to gain real world experience by applying techniques and concepts studied in security classes. A local…