Students Explore the Complex World of Cybersecurity
Cybersecurity
July, 2023
Author: Brian Gran is a sociologist and lawyer on the faculty of the Sociology Department, Law School, and Mandel School of Applied of Social Sciences of Case Western Reserve University. His scholarship concentrates on human rights, including children’s rights, law, and social policy.
Author: Chloe Smith is a second-year psychology and sociology major at Case Western Reserve. She aspires to earn a Ph.D. in forensic psychology then work in cybersecurity for the U.S. government.
In spring 2022, we (Professors Brian Gran and An Wang) piloted an experiential cybersecurity course at Case Western Reserve University, supported by a PIT-UN Network Challenge Grant. We designed the course to draw students from across disciplines, and socioeconomic, racial, and ethnic backgrounds to the field of cybersecurity.
Brian, a sociologist, and An, a computer scientist, wanted to address the urgent need for greater expertise diversity in the cybersecurity field (that is, more people trained in social sciences and humanities, not only computer sciences and engineering), and diversity of lived experience (including racial, ethnic, gender, and socioeconomic backgrounds). This desire grew out of our shared conviction as public interest technologists that cybersecurity — too often the exclusive domain of private interests — is inherently a public interest that demands a diverse and interdisciplinary workforce that understands the collective good as a core concern of the profession.
Chloe Smith, a co-author of this article, is a rising third-year psychology and sociology major at Case Western, who aspires to earn a Ph.D. in forensic Psychology and apply this expertise to working in cybersecurity for the U.S. government.
The course took a sociotechnology approach, which asked the instructors and students to study the technical components of cybersecurity as well as how people think about and experience cybersecurity and technology, including the underlying social, political, and economic factors.
To provide students with a broad range of perspectives, we welcomed guest speakers from across civil society, business, government, and academia, including Jeff Brancato, executive director of the Northeast Ohio CyberConsortium, who introduced students to the role of private-public partnerships in creating regional cybersecurity; Josephine Wolff, an associate professor of cybersecurity policy at Tufts University, who shared insights into the fast-growing industry of cyberinsurance; and Sharri Clark, a foreign affairs officer in the Bureau of Counterterrorism of the U.S. Department of State, who discussed her background in national security and the role of the federal government in international cybersecurity efforts.
Each speaker emphasized the need for cybersecurity professionals with a range of expertise and lived experience who can understand experiences, opinions, and practices with cybersecurity and technologies.
In late March 2022, the group visited Washington, D.C., to learn how officials in government and the private sector “do” cybersecurity and to learn about internship opportunities and career pathways in cybersecurity.
While there, the group attended the Zero Trust Summit, hosted by the Advanced Technology Academic Research Center (ATARC). The conference featured federal officials and leaders of private sector firms that work on zero trust architecture, an approach to cybersecurity that in recent years has become the industry standard. Instructors and students had discussed zero trust architecture in class as well as with our university’s chief information officer, so students already had a good understanding of its advantages and disadvantages. Zero trust architecture transitions from “trust but verify” to continuous verification, a shift that helped students interrogate and understand how digital systems can both strengthen and undermine trust relationships.
Students met and listened to experts discussing next steps in the cybersecurity industry and who needs to be involved in order to implement these steps. One feature of this discussion was the importance of innovations in education to tackle new cybersecurity challenges, including understanding factors that influence people’s decisions to bolster cybersecurity. Toward the end of the conference, the group was recognized by the host and were asked to stand up to represent Case Western Reserve University. This welcome was greatly appreciated by the students, given the broad range of cyber experts in the room.
After visits to the Library of Congress and the House of Representatives, the group met at the State Department with members of the Bureau of Cyberspace and Digital Policy. The hosts included a policy analyst, a foreign service officer, an intelligence officer, and an attorney. The speakers emphasized the agency’s need to work with people who can understand human behavior and technologies associated with cybersecurity. The students found the meeting inspiring and informative, and they appreciated the insightful overviews of federal cybersecurity careers and specific answers to topical and professional questions.
Later, the group met with officials of the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA), a relatively new department, where students learned how officials from State, CISA, the Defense Department, and other parts of government recognize boundaries while collaborating across departments. Throughout the course, instructors and students had discussed the problem of boundaries and silos as sites of exploitation, and had discussed strategies to mitigate these vulnerabilities and the resulting harms. Students’ understanding of these challenges was deepened by this experience of hearing directly from practitioners about how they address these challenges in complex, real-world situations.
A final tour of Washington sites included the Lincoln Memorial, the Korean War Veterans Memorial, and the National Museum of the American Indian, tying together a weekend of intense learning about cybersecurity with an in-person experience of our nation’s history and shared values.
Students left the trip feeling refreshed and hopeful about their futures, including the possibility of working for the government. We believe that it is very important for students to have the opportunity to meet with experts and learn more about the paths they want to take beyond their university. The D.C. trip was very beneficial to the group, and we hope to make this opportunity available for future students.