Teaching Cybersecurity with Experiential Learning: the Case of the Phishing and Deviance Module in Social Science Courses

This article examines the impact of experiential pedagogy in integrating cybersecurity into the social science undergraduate curriculum of Historically Black University. The article is based on a National Science Foundation project, where twenty-six socio-cybersecurity modules were created, and some were integrated into Sociology and Criminal Justice courses. The impact of one of the modules, “Phishing and Deviance”, on cybersecurity learning outcomes is the focus of this article. The two research questions for this article are: 1) Was cybersecurity awareness increased after the infusion of the Phishing and Deviance Modules? 2) Were cybersecurity learning outcomes impacted by using experiential pedagogy? Vygotsky’s experiential learning theory was the grounding theory that guided the integration of the modules. The methodology included a pretest survey of students’ awareness of phishing, the module’s lecture and experiential activities, then a post-test survey of cybersecurity awareness. T-test analysis was performed on the data obtained from the quasi-experimental survey data. The results from the student responses demonstrate that experiential pedagogy was helpful and allowed them to showcase their new knowledge. This curriculum development project shows significant development in African American students’ awareness of cybersecurity at our institution. Post-research endeavors have expanded the socio-cybersecurity modules using constructivist experiential learning to other disciplines and institutions. Further research efforts can include developing more expansive socio-cybersecurity content like courses and programs and measuring their impacts through tracer studies and program evaluations.