In this paper, we describe the development of an in-class exercise designed to teach students how to craft social engineering attacks. Specifically, we focus on the development of phishing emails. Providing an opportunity to craft offensive attacks not only helps prepare students for a career in penetration testing but can also enhance their…

The demand for qualified analytics professionals remains high with forecasts showing a continued need over the next few years. While this demand necessitates instruction in analytics in the classroom, many students find analytics concepts to be complicated and boring. This teaching brief describes a novel approach to teaching analytics through…

Amid the ever-increasing number of cyberthreats, cybersecurity degree programs represent a potential growth area for business schools. This study examines undergraduate cybersecurity programs offered by AACSB-accredited business schools in the US. It surveyed 503 AACSB-accredited schools and identified 72 cybersecurity programs. Using the IS2020…

Mobile devices are a constantly used item in a college student's life. Students depend on them for entertainment, academics, and socializing with their friends. While they continually use them, they perhaps do not understand the impact of their use on their privacy or that the devices can be used to track them and collect their personal…

Cybersecurity education is becoming increasingly important in modern society, and hands-on practice is an essential element. Although instructors provide hands-on labs in their cybersecurity courses, traditional lab exercises often fail to effectively motivate students. Hence, many instructors desire to incorporate gamification in hands-on…

The Internet of Things (IoT) has pervaded practically all aspects of our lives. In this exploratory study, we survey its applications in the field of education. It is evident that technology in general, and, in particular IoT, has been increasingly altering the educational landscape. The goal of this paper is to review the academic literature on…

In this role-playing teaching case, students impersonate Selective Consulting, a fictitious, Australian-based company tasked with assessing the information security practices of SkillPlat, a provider of apprenticeship and traineeship services. The case develops around the one-week visit paid by Selective Consulting to SkillPlat's headquarters,…

While demand for cybersecurity professionals is high, the field is currently facing a workforce shortage and a skills gap. Thus, an examination of current cybersecurity position hiring requirements may be advantageous for helping to close the skills gap. This work examines the education, professional experience, industry certification, security…

This paper explores the perceptions of undergraduate students experiencing an educational intervention in a cybersecurity course. The intervention was developed using activity theory. Laboratory activities were designed to 'protect' and 'poke around' systems and networks in a sandbox cloud environment. These activities provided dynamic…

ISACA, a non-profit, independent association that advocates for professionals involved in information security, assurance, risk management, and governance, recently updated its IT governance framework, Control Objectives for Information and Related Technology (COBIT). COBIT 2019 presents a logical approach to information technology and policy…

The availability of powerful head-mounted displays (HMDs) has made virtual reality (VR) a mainstream technology and spearheaded the idea of immersive virtual experiences within the Metaverse -- a shared and persistent virtual world. Companies are eagerly investing in various VR products and services, aiming to be early adopters and create new…

Despite advancements in pedagogy and technology, students often yearn for more applied opportunities in information security education. Further, small businesses are likely to have inadequate information security postures due to limited budgets and expertise. To address both issues, an advanced course in ethical hacking was developed which allows…

Information systems courses must adapt to meet the unprecedented demand for well-trained information security (InfoSec) professionals, but they cannot competently fill this gap without also ensuring that students are fluent and confident in foundational skills, both technical and behavioral. How to teach behavioral topics in InfoSec management is…

Faculty in the information systems (IS) and information technology (IT) fields are faced with the challenge to keep their curriculum relevant and current. What was taught two years ago will often be outdated and faculty must constantly update their curriculum on which courses should be taught as well as what should be taught within a particular…

This paper takes a look backward while simultaneously looking to the future for MIS departments that are making the transition to Analytics departments. MIS has a long past of providing a base of skills supporting organizations. We examine this history as well as how the blending of MIS with business translator and modeling skills has led to the…