ABSTRACT
The security field has adopted the social construct of the security mindset: the idea that there exists a single attitude that allows individuals to think like an attacker. However, there is little evidence that the security mindset is an appropriate construct. We suggest an alternative approach, consisting of multiple security-relevant attitudes, which are linked to security roles within the systems development life-cycle. To illustrate the usefulness of our approach, we show how the framework can be used to help shape curricula.
- C. Alexander. 1964. Notes on the synthesis of form. Harvard University Press, Cambridge, USA.Google Scholar
- C.R. Allen. 1919. The instructor, the man, and the job. J. B. Lippincott Company, Philadelphia, USA.Google Scholar
- L. Allery. 2009. How to teach practical skills. Education for Primary Care. 20, 1 (2009), 58--60.Google ScholarCross Ref
- O.H. Ammann, T. von Karman, and G.B. Woodruff. 1941. The failure of the Tacoma Narrows Bridge. Federal Works Agency, Washington, USA.Google Scholar
- L.W. Anderson, D.R. Krathwohl, P.W. Airasian, K.A. Cruikshank, R.E. Mayer, P.R. Pintrich, J. Raths, and M.C. Wittrock. 2001. A taxonomy for learning, teaching, and assessing. Longman, New York, USA.Google Scholar
- R.J. Anderson. 2010. Security engineering, 2nd edition. John Wiley & Sons, New York, USA.Google Scholar
- D. Andriessen, D. Sluijsmans, M. Snel, and A. Jacobs. 2017. Protocol verbeteren en verantwoorden van afstuderen in het HBO 2.0. Vereniging Hogescholen, The Hague, The Netherlands.Google Scholar
- J.N. Bassili. 2008. Attitude strength. In Attitudes and attitude change. W.D. Crano and R. Prislin, eds. Psychology Press, New York, USA, 237--260.Google Scholar
- J. Berg, J. Dickhaut, and K. McCabe. 1995. Trust, reciprocity, and social history. Games and Economic Behavior. 10, 1 (1995), 122--142.Google Scholar
- Y. Bertot and P. Casteran. 2004. Interactive theorem proving and program development. Springer, Berlin, Germany. Google ScholarDigital Library
- G.J.J. Biesta. 2013. The beautiful risk of education. Paradigm Publishers, Boulder, USA.Google Scholar
- P. Black and D. Wiliam. 2009. Developing the theory of formative assessment. Educational Assessment, Evaluation, and Accountability. 21, 1 (2009), 5--31.Google Scholar
- B.S. Bloom, M.D. Engelhart, E.J. Furst, W.H. Hill, and D.R. Krathwohl. 1956. Taxonomy of educational objectives. David McKay Company, New York, USA.Google Scholar
- G.C. Bowker and S.L. Star. 2000. Sorting things out. MIT Press, Cambridge, USA.Google Scholar
- J.D. Bransford, A.L. Brown, R.R. Cocking, M.S. Donovan, and J.W. Pellegrino. 2000. How people learn, 2nd edition. National Academies Press, Washington, USA.Google Scholar
- F.P. Brooks. 1995. The mythical man-month, 2nd edition. Addison-Wesley, Reading, USA. Google ScholarDigital Library
- J.S. Bruner. 1966. Toward a theory of instruction. Harvard University Press, Cambridge, USA.Google Scholar
- J. Cappos and R. Weiss. 2014. Teaching the security mindset with reference monitors. In Proceedings of the 45th ACM Technical Symposium on Computer Science Education (SIGCSE '14). ACM Press, New York, USA, 523--528. Google ScholarDigital Library
- R.A. Caralli, J.F. Stevens, L.R. Young, and W.R. Wilson. 2007. Introducing OCTAVE Allegro. Carnegie Mellon University, Pittsburgh, USA.Google Scholar
- CEN. 2014. European e-competence framework 3.0. CWA 16234-1-2014. European Committee for Standardization, Brussels, Belgium.Google Scholar
- C.M. Christensen. 1997. The innovator's dilemma. Harvard Business School Press, Boston, USA.Google Scholar
- CIS. 2016. The CIS critical security controls for effective cyber defense (version 6.1). Center for Internet Security, East Greenbush, USA.Google Scholar
- J.M. Clark and A. Paivio. 1991. Dual coding theory and education. Educational Psychology Review. 3, 3 (1991), 149--210.Google Scholar
- G. Conti and J. Caroland. 2011. Embracing the Kobayashi Maru. IEEE Security & Privacy. 9, 4 (2011), 48--51. Google ScholarDigital Library
- L.F. Cranor and S. Garfinkel. 2005. Security and usability. O'Reilly Media, Sebastopol, USA. Google ScholarDigital Library
- S.R. Cruess, R.L. Cruess, and Y. Steinert. 2008. Role modelling. British Medical Journal. 336, 7646 (2008), 718--721.Google Scholar
- M. Csikszentmihalyi. 1990. Flow. Harper & Row, New York, USA.Google Scholar
- T. de Jong. 2010. Cognitive load theory, educational research, and instructional design. Instructional Science. 38, 2 (2010), 105--134.Google ScholarCross Ref
- D. Dhillon. 2011. Developer-driven threat modeling. IEEE Security & Privacy. 9, 4 (2011), 41--47. Google ScholarDigital Library
- W. Dietz and B.W. Bevens. 1970. Learn by doing. Walter Dietz, Summit, USA.Google Scholar
- T. Dimkov, W. Pieters, and P. Hartel. 2011. Training students to steal. In Proceedings of the 42nd ACM Technical Symposium on Computer Science Education (SIGCSE '11). ACM Press, New York, USA, 21--26. Google ScholarDigital Library
- J. Dolin and R. Evans. 2017. Transforming assessment. Springer, Berlin, Germany.Google Scholar
- C.R. Dooley. 1946. Training within industry in the United States. International Labour Review. 54, 3 (1946), 160--178.Google Scholar
- d.school. 2013. Bootcamp bootleg. Stanford University, Stanford, USA.Google Scholar
- W. Du. 2011. Hands-on lab exercises for computer security education. IEEE Security & Privacy. 9, 5 (2011), 70--73. Google ScholarDigital Library
- W. Dutton. 2017. Fostering a cyber security mindset. Internet Policy Review. 6, 1 (2017), 110--123.Google Scholar
- European Union. 2016. General data protection regulation. Official Journal of the European Union. L 119, 4.5.2016 (2016), 1--88.Google Scholar
- J. Evers and R. Kneyber. 2015. Flip the system. Routledge, Abingdon, UK.Google Scholar
- N. Ferguson, B. Schneier, and T. Kohno. 2011. Cryptography engineering. John Wiley & Sons, New York, USA.Google Scholar
- R.P. Feynman. 1974. Cargo cult science. Engineering and Science. 37, 7 (1974), 10--13.Google Scholar
- J. Freund and J. Jones. 2014. Measuring and managing information risk. Butterworth-Heinemann, Oxford, UK. Google ScholarDigital Library
- E.R. Fyfe, N.M. McNeil, J.Y. Son, and R.L. Goldstone. 2014. Concreteness fading in mathematics and science instruction. Educational Psychology Review. 26, 1 (2014), 9--25.Google ScholarCross Ref
- R.M. Gagne and L.J. Briggs. 1974. Principles of instructional design. Holt, Rinehart & Winston, New York, USA.Google Scholar
- A. Gawande. 2009. The checklist manifesto. Metropolitan Books, New York, USA.Google Scholar
- G. Gibbs. 2010. Using assessment to support student learning. Leeds Met Press, Leeds, UK.Google Scholar
- L. Giles. 1910. The art of war (a translation of a work by Sun Tzu). Luzac & Company, London, UK.Google Scholar
- A. Gordon. 2015. Official (ISC)2 guide to the CISSP CBK, 4th edition. CRC Press, Boca Raton, USA. Google ScholarDigital Library
- F.W. Guldenmund. 2000. The nature of safety culture. Safety Science. 34, 1 (2000), 215--257.Google ScholarCross Ref
- D.F. Haasl. 1965. Advanced concepts in fault tree analysis. In Proceedings of the System Safety Symposium. Boeing Company, Seattle, USA.Google Scholar
- D.F. Halpern. 1998. Teaching critical thinking for transfer across domains. American Psychologist. 53, 4 (1998), 449--455.Google ScholarCross Ref
- J. Hattie and H. Timperley. 2007. The power of feedback. Review of Educational Research. 77, 1 (2007), 81--112.Google Scholar
- C. Herley and P.C. van Oorschot. 2018. Science of security. IEEE Security & Privacy. 16, 1 (2018), 12--22.Google ScholarCross Ref
- R.J. Heuer. 1999. Psychology of intelligence analysis. Central Intelligence Agency, Langley, USA.Google Scholar
- E. Hollnagel, D.D. Woods, and N. Leveson. 2006. Resilience engineering. Ashgate, Aldershot, UK.Google Scholar
- C.M. Holloway and C.W. Johnson. 2006. Why system safety professionals should read accident reports. In Proceedings of the 1st IET International Conference on System Safety (SSCS '06). Institution of Engineering and Technology, Stevenage, UK, 325--331.Google Scholar
- G.J. Holzmann. 2003. The SPIN model checker. Addison-Wesley, Boston, USA.Google Scholar
- G.J. Holzmann. 2006. The power of 10. Computer. 39, 6 (2006), 95--99.Google ScholarDigital Library
- Homeland Security Advisory Council. 2012. CyberSkills Task Force report. United States Department of Homeland Security, Washington, USA.Google Scholar
- W.S. Humphrey. 1988. Characterizing the software process. IEEE Software. 5, 2 (1988), 73--79. Google ScholarDigital Library
- IDEO.org. 2003. The field guide to human-centered design. IDEO, Palo Alto, USA.Google Scholar
- INCOSE. 2014. Systems engineering handbook, 4th edition. International Council on Systems Engineering, San Diego, USA.Google Scholar
- ISACA. 2008. Information technology assurance framework, 3rd edition. ISACA, Rolling Meadows, USA.Google Scholar
- ISACA. 2012. Control objectives for information and related technology, 5th edition. ISACA, Rolling Meadows, USA.Google Scholar
- K. Ishikawa. 1976. Cause-and-effect diagram. In Guide to quality control. Asian Productivity Organization, Tokyo, Japan, 18--28.Google Scholar
- ISO. 2011. Information security risk management. ISO 27005-2011. International Organization for Standardization, Geneva, Switzerland.Google Scholar
- ISO. 2013. Information security management systems. ISO 27001-2013. International Organization for Standardization, Geneva, Switzerland.Google Scholar
- ISO. 2013. Code of practice for information security controls. ISO 27002-2013. International Organization for Standardization, Geneva, Switzerland.Google Scholar
- ISO. 2014. Vulnerability disclosure. ISO 29147-2014. International Organization for Standardization, Geneva, Switzerland.Google Scholar
- ISO. 2015. Quality management systems. ISO 9001-2015. International Organization for Standardization, Geneva, Switzerland.Google Scholar
- D. Jackson. 2012. Software abstractions, 2nd edition. MIT Press, Cambridge, USA. Google ScholarDigital Library
- S.Johnson. 1998. Who moved my cheese? Putnam, New York, USA.Google Scholar
- Joint Task Force on Cybersecurity Education. 2017. Curriculum guidelines for post-secondary degree programs in cybersecurity (CSEC2017). ACM Press, New York, USA.Google Scholar
- L. Kimbell. 2015. Applying design approaches to policy making. University of Brighton, Brighton, UK.Google Scholar
- J.H.G. Klabbers. 2009. The magic circle, 3rd edition. Sense Publishers, Rotterdam, The Netherlands.Google Scholar
- L. Kohnfelder and P. Garg. 1999. The threats to our products. Microsoft Corporation, Redmond, USA.Google Scholar
- T. Kohno. 2009. What to contribute (Winter 2009 CSE 484 / CSE M 584). Retrieved from https://cubist.cs.washington.edu/Security/2009/01/04/what-to-contribute-winter-2009-cse-484-cse-m-584/.Google Scholar
- D.R. Krathwohl. 2002. A revision of Bloom's taxonomy. Theory Into Practice. 41, 4 (2002), 212--218.Google ScholarCross Ref
- D.R. Krathwohl, B.S. Bloom, and B.B. Masia. 1964. Taxonomy of educational objectives. David McKay Company, New York, USA.Google Scholar
- T.S. Kuhn. 1962. The structure of scientific revolutions. University of Chicago Press, Chicago, USA.Google Scholar
- P. Kumaraguru, Y. Rhee, A. Acquisti, L.F. Cranor, J. Hong, and E. Nunge. 2007. Protecting people from phishing. In Proceedings of the SIGCHI Conference on Human Factors in Computing Systems (CHI '07). ACM Press, New York, USA, 905--914. Google ScholarDigital Library
- J.A. Kupsch, B.P. Miller, E. Heymann, and E. Cesar. 2010. First principles vulnerability assessment. In Proceedings of the 2010 ACM Cloud Computing Security Workshop (CCSW '10). ACM Press, New York, USA, 87--92. Google ScholarDigital Library
- P. Ladkin and K. Loer. 1998. Why-because analysis. RVS-Bk-98-01. Bielefeld University, Bielefeld, Germany.Google Scholar
- L. Lamport. 2002. Specifying systems. Addison-Wesley, Boston, USA.Google Scholar
- B. Larcom. 2012. Trike version 1.5.06 spreadsheet (help). Retrieved from https://sourceforge.net/projects/trike/files/trike/1.5.06/.Google Scholar
- J.H. Larkin and H.A. Simon. 1987. Why a diagram is (sometimes) worth ten thousand words. Cognitive Science. 11, 1 (1987), 65--100.Google Scholar
- T. Lenoir and H. Lowood. 2005. Theaters of war. In Collection, laboratory, theater. H. Schramm, L. Schwarte, and J. Lazardzig, eds. Walter de Gruyter, Berlin, Germany, 427--456.Google Scholar
- L. Lessig. 2006. Code v2. Basic Books, New York, USA.Google Scholar
- N. Leveson. 1994. High-pressure steam engines and computer software. Computer. 27, 10 (1994), 65--73. Google ScholarDigital Library
- N. Leveson. 1995. Safeware. Addison-Wesley, Reading, USA.Google Scholar
- N. Leveson. 2011. Engineering a safer world. MIT Press, Cambridge, USA.Google Scholar
- S. Levy. 1984. Hackers. Anchor Press, Garden City, USA.Google Scholar
- R.R. Linde. 1975. Operating system penetration. In Proceedings of the 1975 National Computer Conference and Exposition (AFIPS '75). ACM Press, New York, USA, 361--368. Google ScholarDigital Library
- S. Lipner. 2004. The trustworthy computing security development lifecycle. In Proceedings of the 20th Annual Computer Security Applications Conference (ACSAC '04). IEEE Computer Society, Washington, USA, 2--13. Google ScholarDigital Library
- S. Lueders. 2016. CERN computer security (presentation given at Rotterdam UAS on 2018-09-16). CERN, Geneva, Switzerland.Google Scholar
- R.D. Marshall, E.O. Pfrang, E.V. Leyendecker, K.A. Woodward, R.P. Reed, M.B. Kasen, and T.R. Shives. 1982. Investigation of the Kansas City Hyatt Regency walkways collapse. NBS BSS 143. National Bureau of Standards, Washington, USA.Google Scholar
- D.B. McCoach, R.K. Gable, and J.P. Madura. 2013. Instrument development in the affective domain. Springer, Berlin, Germany.Google Scholar
- G. McGraw. 2006. Software security. Addison-Wesley, Boston, USA. Google ScholarDigital Library
- MISRA. 2013. Guidelines for the use of the C language in critical systems, 3rd edition. MIRA Limited, Nuneaton, UK.Google Scholar
- B. Moggridge. 2007. People and prototypes. In Designing interactions. MIT Press, Cambridge, USA, 641--735.Google ScholarDigital Library
- NCSC. 2013. Policy for arriving at a practice for responsible disclosure. Ministry of Security and Justice, The Hague, NL.Google Scholar
- T.P. Nelms, J.M. Jones, and D.P. Gray. 1993. Role modeling. Journal of Nursing Education. 32, 1 (1993), 18--23.Google Scholar
- W. Newhouse, S. Keith, B. Scribner, and G. Witte. 2017. NICE cybersecurity workforce framework. NIST SP 800-181. National Institute of Standards and Technology, Gaithersburg, USA.Google Scholar
- T. Nipkow, L.C. Paulson, and M. Wenzel. 2002. Isabelle/HOL. Springer, Berlin, Germany.Google Scholar
- NIST. 2018. Framework for improving critical infrastructure cybersecurity (version 1.1). National Institute of Standards and Technology, Gaithersburg, USA.Google Scholar
- D. Norman. 2013. The design of everyday things, 2nd edition. Basic Books, New York, USA.Google Scholar
- G. Nuthall. 2007. The hidden lives of learners. NZCER Press, Wellington, New Zealand.Google Scholar
- G. Orwell. 1945. Animal farm. Secker & Warburg, London, UK.Google Scholar
- G. Orwell. 1949. Nineteen eighty-four. Secker & Warburg, London, UK.Google Scholar
- R. Paul and L. Elder. 2016. The art of Socratic questioning. Foundation for Critical Thinking, Tomales, USA.Google Scholar
- W. Pieters, J. Barendse, M. Ford, C.P.R. Heath, C.W. Probst, and R. Verbij. 2016. The navigation metaphor in security economics. IEEE Security & Privacy. 14, 3 (2016), 14--21.Google ScholarDigital Library
- W. Pieters and A. van Cleeff. 2009. The precautionary principle in a world of digital dependencies. Computer. 42, 6 (2009), 50--56. Google ScholarDigital Library
- K. Popper. 1959. The logic of scientific discovery. Hutchinson & Company, London, UK.Google Scholar
- M.E. Porter. 1979. How competitive forces shape strategy. Harvard Business Review. 59, 2 (1979), 137--145.Google Scholar
- C.W. Probst, J. Willemson, and W. Pieters. 2015. The attack navigator. In Proceedings of the 2nd International Workshop on Graphical Models for Security (GraMSec '15). Springer, Berlin, Germany, 1--17.Google Scholar
- PwC. 2013. Internal control integrated framework. Committee of Sponsoring Organizations of the Treadway Commission, New York, USA.Google Scholar
- PwC. 2017. Enterprise risk management integrated framework. Committee of Sponsoring Organizations of the Treadway Commission, New York, USA.Google Scholar
- J. Romein. 1937. De dialektiek van de vooruitgang. In Het onvoltooid verleden. Querido, Amsterdam, The Netherlands, 9--64.Google Scholar
- R. Ross, M. McEvilley, and J.C. Oren. 2018. Systems security engineering. NIST SP 800-160v1. National Institute of Standards and Technology, Gaithersburg, USA.Google Scholar
- P. Saitta, B. Larcom, and M. Eddington. 2005. Trike version 1.0 methodology document. Retrieved from http://www.octotrike.org/papers/Trike_v1_Methodology_Document-draft.pdf.Google Scholar
- B. Schneier. 2008. The security mindset. Retrieved from https://www.schneier.com/blog/archives/2008/03/the_security_mi_1.html.Google Scholar
- B. Schneier. 2012. Liars and outliers. John Wiley & Sons, New York, USA.Google Scholar
- D.A. Schoen. 1983. The reflective practitioner. Basic Books, New York, USA.Google Scholar
- A. Shostack. 2008. Experiences threat modeling at Microsoft. In Proceedings of the Workshop on Modeling Security (MODSEC '08). Sun SITE Central Europe, Aachen, Germany, 41--51.Google Scholar
- A. Shostack. 2014. Threat modeling. John Wiley & Sons, New York, USA.Google Scholar
- H.A. Simon. 1962. The architecture of complexity. Proceedings of the American Philosophical Society. 106, 6 (1962), 467--482.Google Scholar
- H.A. Simon. 1996. The sciences of the artificial, 3rd edition. MIT Press, Cambridge, USA. Google ScholarDigital Library
- Software Engineering Institute. 2016. SEI CERT C coding standard, 2016 edition. Carnegie Mellon University, Pittsburgh, USA.Google Scholar
- T. Srivatanakul. 2005. Security analysis with deviational techniques. University of York, York, UK.Google Scholar
- T. Srivatanakul, J.A. Clark, and F. Polack. 2004. Effective security requirements analysis. In Proceedings of the 7th International Conference on Information Security (ISC '04). Springer, Berlin, Germany, 416--427.Google Scholar
- B. Suits. 1978. The grasshopper. University of Toronto Press, Toronto, Canada.Google Scholar
- M. Svinicki and W.J. McKeachie. 2014. Facilitating discussion. In McKeachie's teaching tips. Wadsworth, Belmont, USA, 38--57.Google Scholar
- F. Swiderski and W. Snyder. 2004. Threat modeling. Microsoft Press, Redmond, USA. Google ScholarDigital Library
- T. UcedaVelez and M.M. Morana. 2015. Risk centric threat modeling. John Wiley & Sons, New York, USA. Google ScholarDigital Library
- UFMCS. 2016. The applied critical thinking handbook (version 8.1). University of Foreign Military and Cultural Studies, Fort Leavenworth, USA.Google Scholar
- United States Congress. 2002. Sarbanes-Oxley act of 2002. United States Statutes at Large. 116, 1 (2002), 745--810.Google Scholar
- United States Department of Commerce. 1937. Report of airship Hindenburg accident investigation. Air Commerce Bulletin. 9, 2 (1937), 21--36.Google Scholar
- J.J.G. van Merrienboer, R.E. Clark, and M.B.M. de Croock. 2002. Blueprints for complex learning. Educational Technology Research and Development. 50, 2 (2002), 39--64.Google ScholarCross Ref
- R.B. Vaughn, D.A. Dampier, and M.B. Warkentin. 2004. Building an information security education program. In Proceedings of the 1st Annual Conference on Information Security Curriculum Development (InfoSecCD '04). ACM Press, New York, USA, 41--45. Google ScholarDigital Library
- R. Wash. 2010. Folk models of home computer security. In Proceedings of the 6th Symposium on Usable Privacy and Security (SOUPS '10). ACM Press, New York, USA, 130--145. Google ScholarDigital Library
- R. Wass and C. Golding. 2014. Sharpening a tool for teaching. Teaching in Higher Education. 19, 6 (2014), 671--684.Google ScholarCross Ref
- C. Weissman. 1995. Penetration testing. In Information security. M.D. Abrams, S. Jajodia, and H.J. Podell, eds. IEEE Computer Society, Washington, USA, 269--296.Google Scholar
- W. Westera. 2001. Competences in education. Journal of Curriculum Studies. 33, 1 (2001), 75--88.Google ScholarCross Ref
- E.L. Wiener, B.G. Kanki, and R.L. Helmreich. 2010. Crew resource management. Academic Press, Cambridge, USA.Google Scholar
- G.P. Wiggins and J. McTighe. 2005. Understanding by design, 2nd edition. ASCD, Alexandria, USA.Google Scholar
- B.J. Wood and R.A. Duggan. 2000. Red teaming of advanced information assurance concepts. In Proceedings of the 2000 DARPA Information Survivability Conference and Exposition (DISCEX '00). IEEE Computer Society, Washington, USA, 112--118.Google Scholar
- D. Wood, J.S. Bruner, and G. Ross. 1976. The role of tutoring in problem solving. Journal of Child Psychology and Psychiatry. 17, 2 (1976), 89--100.Google ScholarDigital Library
- M. Zenko. 2016. Red team. Basic Books, New York, USA.Google Scholar
- C. Zimmerman. 2014. Ten strategies of a world-class cybersecurity operations center. MITRE Corporation, Bedford, USA.Google Scholar
Index Terms
- Against Mindset
Recommendations
A comprehensive software engineering education program for grades 6 to 12 in NYC public schools (abstract only)
SIGCSE '13: Proceeding of the 44th ACM technical symposium on Computer science educationHow do we best prepare middle and high school students for college and career pathways in software engineering? Current industry and academic trends suggest that students are best prepared for postsecondary success in new and emerging interdisciplinary ...
Integrating communication skills into the computer science curriculum
SIGCSE '12: Proceedings of the 43rd ACM technical symposium on Computer Science EducationComputer Science majors must be able to communicate effectively. Industry surveys identify the development of communication and critical thinking skills as key to the reform of the higher education sector. However, academics are challenged by time and ...
A model for piloting pathways for computational thinking in a general education curriculum
SIGCSE '11: Proceedings of the 42nd ACM technical symposium on Computer science educationComputational thinking has been identified as a necessary fundamental skill for all students. University curricula, however, are currently not designed to provide such knowledge to a broad student population. In this paper, we report on our experiences ...
Comments