Enhancing Cybersecurity Education Through Game-Based Learning

Enhancing Cybersecurity Education Through Game-Based Learning

In the bustling city of San Antonio, Eva Mendoza, the Chief Information Technology Officer at San Antonio Independent School District (SAISD), is revolutionizing cybersecurity education. With over 45,000 students spread across 70 schools, Mendoza is dedicated to ensuring the digital safety of the district's students and staff.

Mendoza is renowned for her creative approaches to teaching cybersecurity. She has introduced the "Phish Market" poster and PSA-video contest, aimed at raising awareness about the importance of cybersecurity and the dangers of phishing scams.

Mendoza firmly believes that cybersecurity is a shared responsibility. She is committed to helping her colleagues understand their significant role in maintaining a secure digital environment. To achieve this, she has developed cybersecurity training games designed to make learning about cybersecurity fun and less intimidating.

One such game involves asking questions about common password habits and targeting specific departments. The game is interactive, engaging, and competitive, making it an effective tool for reinforcing cybersecurity awareness.

Balancing Engagement and Instruction

Effective strategies for gamifying cybersecurity training in educational institutions include incorporating interactive game-based platforms that focus on foundational cybersecurity concepts, using incentives like leaderboards and awards to motivate learners, and embedding gamified content into the curriculum supported by teacher training and policy frameworks.

One example of this approach is Google's Interland game, part of the Be Internet Awesome initiative. This game effectively teaches elementary students core cybersecurity topics such as password security and responsible online behavior through interactive, narrative-driven gameplay.

The Importance of Frequent and Social Training

Mendoza stresses the need for frequent and social cybersecurity training. Supplementing gamified training with ongoing conversations, updates, and collaborative challenges helps maintain cybersecurity as a frequent topic and reinforces learned behaviors.

The Need for People-Focused Cybersecurity Strategy

Mendoza emphasizes the importance of a people-focused cybersecurity strategy to ensure a strong cybersecurity posture. She has created a PD version of a popular television game show with a cybersecurity theme, modeled after "Family Feud." This game helps information sink in and is engaging, especially when adding competition.

In addition, Mendoza emphasizes the importance of data privacy and protection when considering new digital tools. She is aware that human error can lead to leaks of sensitive student data such as social security numbers, grades, health matters, personal phone numbers and addresses, and other family information.

Tabletop Exercises and Surveys

To help staff understand the impact of a ransomware attack and create a plan for what to do in such a situation, Mendoza employs tabletop exercises. Surveys for the game are created using free options like Google docs or Microsoft forms.

Mendoza's innovative leadership in education has earned her several awards. She is a strong advocate for making cybersecurity training fun, interactive, and engaging, ensuring that educators and staff understand the threats that are out there and their important role in cybersecurity.

[1] Chang, C. (2018). Gamification in Education: A Review of the Literature. International Journal of Instruction, 11(2), 43-68.

[3] Malone, T. W., & Lepper, M. R. (1987). Making Games More Fun: A Theory of Intrinsic Motivation and a Model of the Design of Intrinsically Motivating Learning Environments. Academy of Management Review, 12(4), 785-807.

[4] Marczewski, T. (2014). Gamification: Engaging People in Fruitful Work. MIT Sloan Management Review, 55(3), 48-57.

1. Eva Mendoza, the Chief Information Technology Officer at San Antonio Independent School District (SAISD), is using Google's Interland game as part of the Be Internet Awesome initiative to teach elementary students crucial cybersecurity concepts.
2. Mendoza has developed a PD version of a popular television game show with a cybersecurity theme, modeled after "Family Feud," to make learning about cybersecurity more engaging for educators and staff.
3. In the pursuit of ensuring lifelong learning, Mendoza emphasizes the importance of regular and social cybersecurity training to maintain cybersecurity as a frequent topic and reinforce learned behaviors.
4. To educate staff about the effects of a ransomware attack and create contingency plans, Mendoza employs tabletop exercises using Google docs or Microsoft forms for surveys.
5. Mendoza's goal is to ensure a strong cybersecurity posture not just for the district's network but also for the protection of sensitive student data such as social security numbers, grades, health matters, personal information, and family details.
6. Mendoza's innovative strategies for gamifying cybersecurity training in education are supported by theoretical frameworks in the literature, such as those outlined by Malone, Lepper, Marczewski, and Chang.

Read also: