Abstract:

In a technology-dependent world, the importance of cybersecurity knowledge cannot be underestimated. The practice of protecting computer systems, networks, and data from unauthorized access and from cyberattacks in general to avoid financial, operational or reputational damages is often considered a task for information technology (IT) professional. It is not! Or at least not only! As technology plays an increasingly critical role in our personal, professional, and societal lives, cybersecurity knowledge becomes essential for everyone in everyday activities, at both private and professional level. Understanding cyber threats and risk management is of paramount importance for all actors in the modern-day society, especially for corporate management and high responsibility profiles who often are accessing and managing sensitive data and infrastructure. All these professionals are confronted with the digital transformation, independently from the domain of their corporate business. Several studies show that in most cases, these professional figures have a low background in IT and cybersecurity, thus representing an important vulnerability for their companies and exposing the business to high risks.
The Erasmus+ Cyber IN Practice project (2021-1-TR01-KA220-HED-000031993) aims at enhancing the existing expertise of non-IT professionals with higher education (HE), starting from 5 consortium Countries, by supporting the development of a cybersecurity culture. More specifically, paying attention to the fact that this culture should start at an early stage, the research project focuses on presenting this knowledge to students in non-IT faculties. Cybersecurity learning modules are an essential investment for non-IT professionals to protect themselves, their organizations, and their clients from cyber risks. By fostering a cybersecurity-conscious background already in the higher education phase, organizations will be able to count on a workforce that will take a robust defense against ever-evolving cyber threats in today's digital world.
The project team (consisting of skilled cyber intelligence professionals as well as highly experienced education professionals) is applying innovative technologies to implement a course on cybersecurity for non-IT disciplines. The course content was defined on the basis of the results of a survey, carried out in the first phase of the project, that allowed categorizing and clustering cyber-threats. The content is organized into small pieces of information (called nuggets), structured in specific scientific topics to be studied.
Learning nuggets are short standalone learning activities that learners undertake in order to reach specific learning outcomes. In the Cyber IN Practice project, since more authors have to contribute to their production, a common template was required to present contents in a homogeneous way. The template consists of a first theoretical part and an assessment quiz. Learning nuggets are made available as Open Educational Resources, i.e., learning material released under an open license. They have been produced using H5P, a free tool to create, share and reuse rich interactive content on the web.

Keywords:

Cybersecurity, vulnerability assessment, resilience to cyberthreats, cybersecurity awareness, higher education, learning nuggets, open educational resources.