A case against “Google it”: A cognitive science approach

Presented at Diana Initiative 2020 Virtual, Aug. 21, 2020, 3 p.m. (60 minutes).

"Google it" is a great one-liner, but it doesn't follow how people learn. People new to the infosec field have a lot to navigate during their learning. Mentors and education programs should develop a model of learning based on human cognition. There is an overwhelming amount of information and even more opinions on how to begin learning cybersecurity. Not to mention, not everyone is an excellent technical writer or writes content without considering their audience. Accordingly, telling a new learner to just "Google it" can be cognitively overwhelming, disrupts learning, and may cause people to not pursue infosec as a career or hobby. In this presentation, mentors and those that create educational content for infosec professionals will learn the cognitive apprenticeship (Collins et al., 1987) model of learning and cognitive load theory (Sweller, 1994; Sweller, 2006; Sweller et al., 2011). Cognitive apprenticeships are the same as a traditional mentor-mentee relationship, except it provides a cognitive framework of how to learn. The four phases of modeling, scaffolding, fading, and coaching will be discussed in context to a Windows system administrator who wants to transition into a cybersecurity professional. The presentation will discuss how to train a Windows System Administration to apply the CSC Security Controls to Windows and Linux using a cognitive apprenticeship approach. Cognitive load theory is one way of explaining how instructional design helps or hinders transferring information from short-term memory, which has a small storage capacity, to long-term memory, which has a much larger storage capacity. When cognitive apprenticeships are practiced in context to how people learn, it will reduce the mentor and mentee's cognitive load and create a more engaging learning experience to facilitate long-term retention of what is learned.

Presenters:

  • Duane Dunston - Champlain College
    Duane Dunston is an Associate Professor of Cybersecurity at Champlain College. He has been in Information Security for over 20 years working in both the education and government sectors. He focuses on risk management, cryptography, security education, and using technology for social change. In addition to teaching and consulting, he is a member of the Vermont Cyberpatriots Program. He is currently pursuing his Doctor of Education at Northeastern University and resides in Essex Junction, Vermont.

Links:

Similar Presentations: