Introducing cybersecurity concepts in non-security courses through a pogil activity: A pilot study

Abstract

Process-Oriented Guided Inquiry Learning (POGIL) activities are used in many undergraduate courses. Their utilization in Computer Science courses is very useful in the delivery of fundamentals of computer science. The site https://cspogil.org/contains many such activities. Currently, there is limited amount of research published involving both POGIL and Security. As such we feel that this area is wide open for contributions. In this work we create a POGIL activity designed to introduce some fundamental Cybersecurity concepts to undergraduate computer science/information technology/information systems students enrolled in non-security-focused courses. The learners will get exposure to essential application security risks and reflect upon the concepts introduced. Through this POGIL activity students get exposed to exercises involving the first seven of the The Open Web Application Security Project (OWASP) Top 10 Application Security Risks. We use PRE/POST survey methods to collect data from these courses and investigate students' engagement and knowledge gains resulted from this activity.