Connected Security
By Michael Lance Whisenant
Intro to AI

Note for Reviewers: Start Here

View more

Note to Students:

View more

Welcome!
I am the Learning Technologist at Texarkana College, where I provide technical support for faculty, manage AI-driven learning software, support platforms like ZogoTech and Moodle, and design instructional content.

MLW's LTEC Portfolio

UNT LTEC Portfolio

My research interests span a wide range of topics, including: technology proficiency, information security, technology-based learning environments, connectivism, artificial intelligence, machine learning, human resiliency, cognitive psychology, human performance improvement, ethics, conditional logic, instructional design, adaptive learning systems, and failure points in learning.

Learning Technologies

UNT Learning Technologies Blog

"And now that you don't have to be perfect, you can be good." -John Steinbeck

www.linkedin.com

LinkedIn

Connect with me and let's form an information node!

Cybersecurity in the Information Age: A Connectivist Approach to Instructional Design
Part I
Overview of Traditional Learning Theories
Explore the foundational theories that have shaped modern approaches to education and skill development.
What is Connectivism?
This theory suggests that learning transpires through the navigation and connection within information networks, a process facilitated by digital literacy and the critical evaluation of information (Siemens, 2005).
  • Learning and knowledge rest in diversity of opinions.
  • Learning is a process of connecting specialized nodes or information sources.
  • Learning may reside in non-human appliances.
  • Capacity to know more is more critical than what is currently known.
  • Nurturing and maintaining connections are needed to facilitate continual learning.
  • The ability to see connections between fields, ideas, and concepts is a core skill.
  • Currency (accurate, up-to-date knowledge) is the intent of all connectivist learning activities.
  • Decision-making is itself a learning process. Choosing what to learn and the meaning of incoming information is seen through the lens of a shifting reality. While there is a right answer now, it may be wrong tomorrow due to alterations in the information climate affecting the decision.

Connectivism: A Networked Learning Theory for the Digital Age

View more

…And why is this relevant?
As artificial intelligence (AI) becomes increasingly integrated into modern education, the principles of connectivism - learning through networked information sources - have gained significant relevance. This approach aligns well with the dynamic, data-driven nature of AI-powered educational tools and platforms.

14:16

YouTube

Should we let students use ChatGPT? | Natasha Berg | TEDxSioux Falls

The emergence of ChatGPT in November of 2022 took the world by storm: particularly the world of education. With this technology able to generate complex pieces of writing, solve advanced math equations, generate code, and more with the push of a button, educators across the country have entered a state of panic. How are educators supposed to teach students when they have this technology at their literal fingertips? For too long, the field of education has been teetering at the precipice of serious change, and the widespread accessibility of generative AI may just be the catalyst education needs in order to progress in tandem with the rest of the world. But first, educators need to reevaluate their answer to the tough question: why do we teach? Natasha Berg, M.Ed. works as the Multimedia and Technology Integration Specialist at a local high school in South Dakota. She has spent her career learning about and developing her skills in education and educational technology. Berg believes that new and emerging technology should be integrated into classrooms as it fully prepares students to enter the 21st century workforce and helps make learning accessible to students of all abilities. This talk was given at a TEDx event using the TED conference format but independently organized by a local community. Learn more at https://www.ted.com/tedx

15:37

YouTube

How AI Could Save (Not Destroy) Education | Sal Khan | TED

Sal Khan, the founder and CEO of Khan Academy, thinks artificial intelligence could spark the greatest positive transformation education has ever seen. He shares the opportunities he sees for students and educators to collaborate with AI tools -- including the potential of a personal AI tutor for every student and an AI teaching assistant for every teacher -- and demos some exciting new features for their educational chatbot, Khanmigo. If you love watching TED Talks like this one, become a TED Member to support our mission of spreading ideas: https://ted.com/membership Follow TED! Twitter: https://twitter.com/TEDTalks Instagram: https://www.instagram.com/ted Facebook: https://facebook.com/TED LinkedIn: https://www.linkedin.com/company/ted-conferences TikTok: https://www.tiktok.com/@tedtoks The TED Talks channel features talks, performances and original series from the world's leading thinkers and doers. Subscribe to our channel for videos on Technology, Entertainment and Design — plus science, business, global issues, the arts and more. Visit https://TED.com to get our entire library of TED Talks, transcripts, translations, personalized talk recommendations and more. Watch more: https://go.ted.com/salkhan https://youtu.be/hJP5GqnTrNo TED's videos may be used for non-commercial purposes under a Creative Commons License, Attribution–Non Commercial–No Derivatives (or the CC BY – NC – ND 4.0 International) and in accordance with our TED Talks Usage Policy: https://www.ted.com/about/our-organization/our-policies-terms/ted-talks-usage-policy. For more information on using TED for commercial purposes (e.g. employee learning, in a film or online course), please submit a Media Request at https://media-requests.ted.com #TED #TEDTalks #education #AI #khanacademy

Cybersecurity Education: Embracing Interdisciplinary Approaches
Interconnected Interests
The pervasive role of technology has interconnected our interests and options, leading to behavioral shifts and increased vulnerabilities, threats, and risks.
Diverse Perspectives
Cybersecurity education must adopt an interdisciplinary approach, focusing on both the human and technical elements to address the far-reaching implications of cybersecurity threats.
Expanding Opportunities
The employment of Information Security Analysts is projected to grow much faster than average, necessitating cybersecurity education to expand beyond its technical focus.
Cybersecurity-
refers to the proactive protection and subsequent restoration of digital assets, encompassing electronic communications and the information they contain, to guarantee their confidentiality, integrity, and availability
Note. This figure is meant to provide a visual interpretation of the definitional pieces that encompass cybersecurity.
Historical Overview of Cybersecurity
ARPANET's Origins
Funded by the Department of Defense in the 1960s and early 1970s, the ARPANET network was created to demonstrate the utility of packet switching for military command and control, especially in the context of nuclear threats.

PDF file

Expanding Influence
As ARPANET developed, it laid the foundation for the modern Internet by extending its influence beyond the U.S. and fostering a growing community of users and pioneers.

03:55

YouTube

Kahn and Cerf on why the ARPANET was built

Robert Kahn, winner of the Association for Computing Machinery's A.M. Turing Award, discusses the original motivations behind the creation of the ARPANET. This clip is taken from an interview conducted with Kahn by Vinton Cerf (his co-awardee) for the Computer History Museum on September 30, 2006 in McClean, Virginia. Video of the full interview is available as part of Kahn’s ACM profile at https://amturing.acm.org/award_winners/kahn_4598637.cfm.

Addressing Threats
The arrival of a networked environment led to the need for documented security standards to protect classified information within computer systems, reflecting an early awareness of the importance of robust cybersecurity protocols.

PDF file

Establishing Standards
The DoD and NBS were instrumental in developing security policies and technical measures, culminating in the creation of the DoD Computer Security Center in 1981 to advance trusted computer systems.

arxiv.org

arXiv.org e-Print archive

arXiv is a free distribution service and an open-access archive for nearly 2.4 million scholarly articles in the fields of physics, mathematics, computer science, quantitative biology, quantitative finance, statistics, electrical engineering and systems science, and economics. Materials on this site are not peer-reviewed by arXiv.

Cybersecurity Threats
Intrusion Detection
Proactive strategies like anomaly monitoring and security analytics can help identify and mitigate unauthorized access attempts.
Tactical Approaches
Innovative game-based simulations like Core War demonstrate how programming principles can influence real-world cybersecurity tactics and threat models.
Evolving Malware
Modern malware has shown alarming capabilities for self-replication and autonomous adaptation, posing significant risks to secured systems.
Note. This figure depicts a honeypot strategy where a decoy system lures hackers away from real servers and data while being monitored by a defender, thus demonstrating an interactive cybersecurity defense mechanism.
Cybersecurity Threats (cont.)

1

2

3

1

Detecting Malware
Signature-based detection struggles against evolving malware like the Melissa virus, highlighting the need for advanced techniques.

2

Securing Email
The Love Bug worm exploited email vulnerabilities, demonstrating the importance of comprehensive cybersecurity measures to protect against such threats.

3

Adaptive Defense
As cyber threats adapt and become more sophisticated, security strategies must evolve to meet the dynamic challenge of protecting systems and data.
Educating the User: A Case Study
The Center for Cybersecurity Education and Research (CCER) at Old Dominion University serves as a model for interdisciplinary cybersecurity education, bringing together diverse faculty to develop an open-access course that empowers students from various backgrounds.

CYBERSECURITY, TECHNOLOGY AND SOCIETY

CYBERSECURITY, TECHNOLOGY AND SOCIETY |

Students will explore how technology is related to cybersecurity from an interdisciplinary orientation. Attention is given to the way that technologically-driven cybersecurity issues are connected to cultural, political, legal, ethical, and business domains.

Note. Each hexagon represents a distinct area of focus, demonstrating the multidisciplinary nature of cybersecurity education.
Needs Assessment

1

Identify Gaps
While the principles and structure of the ODU course offer valuable insights, the specific needs and context of community college students necessitate a different educational approach.

2

Understand Audience
Community college students often have varied educational backgrounds, immediate job-oriented goals, and diverse life circumstances that can impact their educational journey (Whisenant & Bradshaw, 2021).

3

Prioritize Topics
The ODU curriculum may not align with a community college whose nontraditional population and open admission standards potentially attracts a student who is often attending college without the needed technological skills (e.g., Byrd and Macdonald, 2005; Wallace and Clariana, 2005; Henson, 2014; Goncalves and Trunk, 2014; Eichelberger and Imler, 2016).

4

Funding
The resources of a public research university such as ODU likely outnumber those which a community college is able to offer.

5

Purpose
To design and evaluate an introductory cybersecurity course (referred to as Connected Security (CS) in this study) that is grounded in the Connectivism learning theory and the NIST Cybersecurity standards

6

Literature Review Search Results
While conducting a literature review of cybersecurity and information security articles focused on the higher education environment, a gap emerged in which many of the proposed courses included instructional design models, but not a learning theory or educational framework, that acted as a guide in structuring the learning materials and course content (see Figure 1).

7

Figure 1
Note. This figure provides a summary of literature search results comparing the number of sources found on cybersecurity and information security within education. The left side details the results for "Cybersecurity Lit Review" and the right side for "Information Security Lit Review," including total results, filters applied, and relevant findings by category. This demonstrates the scope and focus areas of current research in these fields.

8

Lighthouses
This course will potentially serve as a pioneering effort for future course designs involving connectivism, cybersecurity, AI, and the learning design process.
If successful, this model can be replicated for other courses thus promoting a theory-driven approach to online course design across various disciplines.

DigitalCommons@Kennesaw State University

Applying High Impact Practices in an Interdisciplinary Cybersecurity Program

The Center for Cybersecurity Education and Research at Old Dominion University has expanded its use of high impact practices in the university’s undergraduate cybersecurity degree program. Strategies developed to promote student learning included learning communities, undergraduate research, a robust internship program, service learning, and electronic portfolios. This paper reviews the literature on these practices, highlights the way that they were implemented in our cybersecurity program, and discusses some of the challenges encountered with each practice. Although the prior literature on high impact practices rarely touches on cybersecurity coursework, the robust evidence of the success of those practices provides a sound rationale for applying them across the curricula. Challenges confronted included developing partnerships, introducing students to new learning strategies, and gaining buy in from faculty. Despite these challenges, the authors’ experiences with the efforts also support using high impact practices in cybersecurity programs. Recommendations for other cybersecurity programs seeking to expand the use of high impact practices include integrating experiential learning throughout the curricula, developing campus-wide partnerships, embracing the interdisciplinary nature of cybersecurity, demonstrating the purpose of the practices, providing faculty development, emphasizing writing, and embracing failure.

Old Dominion University

Research

A primary mission of ODU's Center for Cybersecurity Education and Research (CCSER) is to develop high-impact, cross-disciplinary research initiatives that center on cybersecurity and be a source of cybersecurity expertise to the University, the Hampton Roads region, and the Commonwealth of Virginia.

Cybersecurity in the Information Age: A Connectivist Approach to Instructional Design
Part II
Cybersecurity Landscape

1

Microsoft
Microsoft is a leading provider of cybersecurity solutions, with a focus on protecting organizations from evolving threats.
Microsoft Digital Defense Report 2023
Hogan-Burney (cited in Microsoft, 2023) notes that cybercrime is intensifying as criminals exploit human and technological vulnerabilities to stay ahead of security efforts. These adversaries exhibit a level of operational sophistication that mirrors legitimate business enterprises by constantly refining their tactics to circumvent improved security measures. They exploit business networks to conduct credential phishing campaigns, disseminate malware, and steal protected information from unwitting businesses for malicious gain (Microsoft, 2023).

2

IBM
IBM is a global technology leader that offers advanced cybersecurity services and expertise to help businesses stay secure.
Cost of a Data Breach Report 2023 (pulled findings)
IBM’s Cost of a Data Breach Report (IBM, 2023) findings show that the financial landscape of cybersecurity has been notably marked by an increase in the average total cost of data breaches, reaching a record high of USD 4.45 million in 2023. Phishing, a social engineering attack in which an attacker tricks the individual into revealing sensitive information, surpassed stolen or compromised credentials as the most frequent cause of data breaches, responsible for 16% of cases, while compromised credentials were involved in 15% of breaches (IBM, 2023). Phishing was not only the most frequent attack method utilized, but also the second most expensive cause with an average cost of USD 4.76 million (IBM, 2023).

3

Sophos
Sophos is a prominent cybersecurity company that provides comprehensive protection against a wide range of cyber threats.
The State of Ransomware 2023 (pulled findings)
Ransomware 2023
Higher education emerged as the second most likely sector to experience ransomware, with a 79% likelihood. This ranking is just behind the lower education sector, which leads at 80%, a trend attributed to lower levels of technology resources (Sophos, 2023). Similarly, higher education institutions were most susceptible to attackers exploiting a vulnerability in the institution’s system or user’s credentials being compromised and accessed. The prompt application of software patches, continuous endpoint monitoring, and a regular review of security controls to ensure tools are functioning optimally can bolster cyber defenses and ward off common attacks (Sophos, 2023).

Cybersecurity Framework & Policies | Microsoft Cybersecurity

View more

Psychological Techniques Used by Threat Actors

View more

Cybersecurity Hygiene
Note. This figure outlines essential practices of cybersecurity hygiene-in-action, featuring key strategies such as Multi-Factor Authentication (MFA), Zero Trust architecture, threat detection, regular updates, and protective measures. Each icon corresponds to a specific action or principle crucial to maintaining robust cybersecurity.

Cybersecurity and Infrastructure Security Agency CISA

Secure Our World | CISA

Official websites use .gov A .gov website belongs to an official government organization in the United States.

Resiliency in Cybersecurity
  • NIST defines cyber resiliency as the “ability to anticipate, withstand, recover from, and adapt to adverse conditions, stresses, attacks, or compromises on systems that use or are enabled by cyber resources” (CSRC Content Editor, n.d.).
  • Recovery and adaptation to technological disruptions are core functions of systems designed for critical situations.
  • The advancement of the cyber-resiliency field depends on the ability of cybersecurity experts to master and implement resiliency principles within secure systems.

40:22

YouTube

Cyber Resilience

This session was part of the 2022 Aspen Cyber Summit. You can learn more about the Summit here: https://www.aspencybersummit.org/ The idea of cyber “resilience” is not new, but it has taken on a new meaning in the wake of ransomware attacks on critical infrastructure and Russia’s further invasion of Ukraine. Leaders from government and the private sector will discuss how the idea has evolved, what it means to them today, and how it should impact security going forward. Adam Bromwich, Vice President R&D, Symantec, by Broadcom Software Valerie Cofield, Chief Strategy Officer, Cybersecurity and Infrastructure Security Agency Sean Joyce, Principal, Global and US Cybersecurity and Privacy Leader and US Cyber, Risk and Regulatory Leader, PwC Iranga Kahangama, Assistant Secretary for Cyber, Infrastructure, Risk, and Resilience, Department of Homeland Security with Jeff Greene, Senior Director of Cybersecurity Programs, Aspen Digital, The Aspen Institute

PDF file

Note. This figure depicts the four core principles of resiliency: Anticipate, Withstand, Recover, and Adapt. Each principle is symbolized by an icon representing the proactive and reactive measures essential for building resilience in various systems or situations.

crowdstrike.com

What Is Cyber Resilience? - CrowdStrik

Cyber resilience describes an organization’s ability to minimize the impact of an adversary and restore their operations to maintain business continuity.

The White House

National Cyber Workforce and Education Strategy

The Biden-Harris Administration unveiled the National Cyber Workforce and Education  Strategy (NCWES), a first-of-its-kind comprehensive approach aimed at addressing both  immediate and long-term cyber workforce needs. Filling the hundreds of thousands of cyber job  vacancies across our nation is a national security imperative and the Administration is making  generational…

NIST

NICE

The mission of NICE is to energize, promote, and coordinate a robust community working together to advance an integrated ecosystem of cybersecurity education, training, and workforce development.

The White House

Connecting Americans to Good-Paying Jobs in Cyber | ONCD | The White House

To keep all Americans secure and boost the next generation of innovation in the U.S., we must drastically scale up the cyber workforce across the country. The Office of the National Cyber Director (ONCD) developed the National Cyber Workforce and Education Strategy (NCWES) and Fact Sheet to address this national security and economic imperative.  The…

Cybersecurity and Curriculum Models
Digital Fluency
Train students to effectively utilize information and communication tools for cybersecurity learning and practice.
Tech-Enabled Teaching
Enhance IT skills and digital literacy among educators to enable modern, technology-driven teaching methods.

PDF file

PDF file

udlguidelines.cast.org

UDL: The UDL Guidelines

The UDL Guidelines are a tool used in the implementation of Universal Design for Learning, a framework to improve and optimize teaching and learning for all people based on scientific insights into how humans learn. Learn more about the Universal Design for Learning framework from CAST. The UDL Guidelines can be used by educators, curriculum developers, researchers, parents, and anyone else who wants to implement the UDL framework in a learning environment. These guidelines offer a set of concrete suggestions that can be applied to any discipline or domain to ensure that all learners can access and participate in meaningful, challenging learning opportunities.

SpringerLink

Social cybersecurity: an emerging science

With the rise of online platforms where individuals could gather and spread information came the rise of online cybercrimes aimed at taking advantage of not just single individuals but collectives. In response, researchers and practitioners began trying to understand this digital playground and the way in which individuals who were socially and digitally embedded could be manipulated. What is emerging is a new scientific and engineering discipline—social cybersecurity. This paper defines this emerging area, provides case examples of the research issues and types of tools needed, and lays out a program of research in this area.

EDUCAUSE Library

Higher Education Community Vendor Assessment Toolkit

The HECVAT is a questionnaire framework specifically designed for higher education to measure vendor risk. Before you purchase a third-party solution,

Note. The components of social cybersecurity are depicted in Figure 8, highlighting the interaction between community networks, autonomous AI, and analytics for improved security measures.

Theoretical Framework

View more

Connective Learning

1

2

3

4

5

1

Apply NIST guidelines and best practices
Leverage established security frameworks to enhance cybersecurity resilience.

2

Develop backup/recovery procedures
Implement robust data protection and disaster recovery protocols to safeguard critical information.

3

Use desktop/device OS security features
Leverage built-in security tools and settings to harden end-user devices against threats.

4

5

Use tools to enhance network security
Employ advanced security solutions and cryptography to secure data in transit and at rest.
Note. This figure merges the concept of connectivism with cybersecurity. The dynamic network of learning is illustrated where nodes represent the acquisition and application of knowledge in detecting and responding to cybersecurity events.
Diverse Perspectives Fuel Learning
In a connectivist model, learning and knowledge are not confined to a single source. They reside in the diversity of opinions expressed across a network of interconnected nodes - websites, organizations, peers, and other information hubs.
Continual Adaptation is Key
As information constantly shifts, the ability to seek out current knowledge and discern relevance becomes crucial. Connectivism views decision-making itself as a dynamic learning process, where "right answers" can change with the information climate.

Connectivism Learning Theory

View more

Cybersecurity in the Information Age: A Connectivist Approach to Instructional Design
Part III
Moodle Course

Introduction

View more

Research Questions

View more

Interested in the Findings, Implications, and Conclusions?