Cybersecurity Education with POGIL

Experiences with Access Control Instruction

  • Li Yang
  • Xiaohong Yuan
  • Wu He
  • Jennifer Ellis
  • Jonathan Land
Keywords: POGIL, Access Control, Discretionary Access Control (DAM), Mandatory Access Control (MAC)


Given the ever-increasing realization as to how cybersecurity integrates into all aspects of daily life, cybersecurity education becomes increasingly important. While cybersecurity skillset certainly includes being equipped to safeguard businesses/organizations from cyberattacks, it also includes “professional skills” as also called “soft skills”, such as teamwork, critical thinking, communications, etc. In this regard, it is important for colleges and universities to promote pedagogical frameworks that approach education in a way that does not dichotomize theory and praxis but encourages their interrelationship in terms of educating students towards these ends. In this paper, we introduced cybersecurity education materials we developed with Process-Oriented Guided Inquiry Learning (POGIL) which provides a promising educational framework for re-envisioning a holistic methodology for technical studies, specifically for the discipline of cybersecurity. As will be discussed in the findings of the student surveys below, and in the hands-on lab explaining access control, the scope of the POGIL methodology values training in the necessary content related to the specific areas of study, as well skills that complement, or work in conjunction with, the theoretical acumen gained in traditional education. Specifically, implementing POGIL within the discipline of cybersecurity assumes that technical training anticipates what students will face in real world contexts, as well as practices that will promote an integrated and holistic skillset. As a result, it is hoped that students will be prepared and empowered to succeed and to contribute as active participants within the businesses/organizations in which they fulfill their work-related responsibilities.