Teaching Cybersecurity in CSP (or Any CS Class):

Introducing the Security Mindset


A SIGCSE 2020 Workshop

Join us at SIGCSE 2020 in Portland, OR, at a webinar for an introduction to the Teaching Security lessons!


* Due to the SIGCSE cancellation, we will be providing our planned workshop as a webinar series. *

New Dates:
Tuesdays, May 19, May 26, and June 2, 2020
7:00–8:00 p.m. EDT / 4:00–5:00 p.m. PDT
Registration still open for Session 3!

The “Teaching Security” lessons introduce the broad idea of cybersecurity through threat modeling and the human-centered nature of authentication. They are prepared by subject-matter experts with research backgrounds in the technical workings and social implications of cybersecurity. While our lessons were designed to meet the cybersecurity learning objectives in the AP Computer Science Principles framework, they are appropriate for any high school computer science class or program (including dedicated cybersecurity classes).

This will be an interactive workshop for CS educators at all levels; no previous cybersecurity experience is required. Participants will learn how to begin developing the “security mindset” by teaching students a simplified version of threat modeling (our introductory lesson). We will also introduce lessons on authentication and social engineering. In addition, the workshop will provide opportunities for attendees to share their own strategies.

Why teach cybersecurity? Cybersecurity is vital to a technology-driven society. Daily headlines about data breaches and ransomware attacks demonstrate that we can’t ignore the potential security risks inherent to our highly networked lives. Cybersecurity is a growing job field — and even for students that don’t go on to pursue cybersecurity careers, it is crucial to have some level of security awareness! But until very recently, young people usually weren’t introduced to the intrigue and opportunity of cybersecurity until advanced undergraduate CS courses. However, the real world implications and applied nature of the topic lends itself well to engaging a wide audience, key to catching the interest of a diverse group of students in CS at a younger age.

Presenters: Buffie Holley (Albemarle High School) and Dan Garcia (University of California, Berkeley)

Contact us with questions: contact@teachingsecurity.org

Draft Agenda for Workshop

Tuesday, May 19:

  • Opening: Welcome, overview of agenda, quick survey of attendees’ interests.
  • Brief introduction to the Teaching Security curriculum.
  • Model Lesson #1: “Cybersecurity Through Threat Modeling”: Presenters lead a model lesson that uses threat modeling exercises to introduce the “security mindset”.
  • After-hours question time.

Tuesday, May 26:

  • Re-opening and review Lesson 1.
  • Model Lesson #2: “What Is Authentication and Why Do We Need It?”.
  • After-hours question time.

Tuesday, June 2:

  • Re-opening and review.
  • Model Lesson #3: “Social Engineering: The Oldest Hack”.
  • Turning the Tables: Participants share their experiences (if any) teaching cybersecurity — and brainstorm about doing it remotely.
  • Ask the Experts: The Teaching Security team answers questions about the nitty-gritty of cybersecurity.
  • After-hours question time.