Teaching Cybersecurity in CSP (or Any CS Class) - Introducing the Security Mindset.

Cybersecurity is vital to a technology-driven society. Daily headlines about data breaches and ransomware attacks demonstrate that we cannot ignore the security risks inherent to our highly networked lives. Cybersecurity is a growing job field -- and even for students who don't go on to pursue cybersecurity careers, it is crucial to have some level of security awareness. But until very recently, the intrigue and opportunity of cybersecurity was usually not introduced until advanced undergraduate CS courses. However, the real world implications and applied nature of the topic lends itself well to catching the interest of a diverse group of students in CS at a younger age. The Teaching Security lessons (at teachingsecurity.org) introduce the broad idea of cybersecurity through threat modeling and the human-centered nature of authentication. They were prepared by subject-matter experts with research backgrounds in the technical workings and social implications of cybersecurity. Our lessons were designed to meet the cybersecurity learning objectives in the AP Computer Science Principles framework, but they are appropriate for any high school computer science class or program. This will be an interactive workshop for CS educators at all levels; no previous cybersecurity experience required. (Laptops also optional.) Participants will learn how to begin developing the "security mindset" by teaching students a simplified version of threat modeling (mostly via "unplugged" activities). We will also preview lessons on authentication and social engineering. The workshop will also provide opportunities for attendees who teach cybersecurity to share their own strategies.