SaTC: EDU: Transdisciplinary Cybersecurity Education for Law and Engineering Students

While cyberattacks and defenses are technical in nature, the legal and regulatory environment shapes both the risks they pose and the responses available. As a result, there is an urgent need to train future cybersecurity professionals in the technical IT skills as well as the relevant legal and policy issues. In addition, it is critical to have legal professionals with sufficient technical knowledge to work with their cybersecurity counterparts.

This project will design and implement a cybersecurity education framework that integrates law and engineering students in a single classroom and trains them to assess and respond to real-life scenarios. The objective is to provide students with a holistic view of cybersecurity issues across multiple dimensions and to prepare them to develop new countermeasures, regulations, and policies.

The resulting curriculum will be made available so that other institutions can adapt the approach and provide similar education and training programs.

This project will develop a scenario-based cybersecurity course for both law and engineering students, with the effort including (i) implementing the cybersecurity scenarios on a virtual machine environment, (ii) developing modules on legal issues concerning security and privacy regulations, jurisdiction over data, and data governance, and (iii) developing transdisciplinary interaction sessions. The seven cybersecurity scenarios will include cyberattacks at the level of software, hardware, data and networks, and social engineering.

These scenarios will also cover a wide range of legal and policy issues including data breach notification laws, legal analysis of when to disclose vulnerabilities, challenges in addressing low-level cybercrime, limits of law enforcement, and legal and ethical issues in compliance. The project team’s objective is to facilitate adoption of this transdisciplinary approach by developing an open-source textbook, which will include well-documented software-hardware platforms and cybersecurity scenarios.

This project is supported by the Secure and Trustworthy Cyberspace (SaTC) program, which funds proposals that address cybersecurity and privacy, and in this case specifically cybersecurity education. The SaTC program aligns with the Federal Cybersecurity Research and Development Strategic Plan and the National Privacy Research Strategy to protect and preserve the growing social and economic benefits of cyber systems while ensuring security and privacy.

This award reflects NSF's statutory mission and has been deemed worthy of support through evaluation using the Foundation's intellectual merit and broader impacts review criteria.