FROM A TECHNOLOGICAL FOCUS TO A HUMAN EMPHASIS: RE-INTRODUCING THE END-USER IN INFORMATION SECURITY EDUCATION

Abstract

The end-user oriented perspective to information security education is a new way of motivating students. It is essentially a human-oriented approach ranging from guidelines and awareness to management and ethics. In this paper, we first present an educational model and a matrix for teaching. Then we will expand our approach to include encryption and network security related educational modules, because current technological changes are shifting the main emphasis in security education toward increased end-user security awareness. Rather than narrow-minded specialists, the IT industry needs people who understand the multifaceted nature of security and are able to apply their knowledge in their daily work. The work reported in this paper is based on practical experiences and feedback received from students and IT employers.