{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,11,15]],"date-time":"2025-11-15T10:35:16Z","timestamp":1763202916915,"version":"3.41.2"},"reference-count":43,"publisher":"Oxford University Press (OUP)","issue":"1","license":[{"start":{"date-parts":[[2024,11,15]],"date-time":"2024-11-15T00:00:00Z","timestamp":1731628800000},"content-version":"vor","delay-in-days":319,"URL":"https:\/\/creativecommons.org\/licenses\/by\/4.0\/"}],"funder":[{"name":"Slovenia Agency for Research","award":["P2-0037"],"award-info":[{"award-number":["P2-0037"]}]}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2024,1,2]]},"abstract":"<jats:title>Abstract<\/jats:title>\n               <jats:p>A recent survey among high school teachers and students in the EU revealed that cybersecurity topics are not included in the programs addressing computer science topics of European schools and that the teachers\u2019 knowledge is not being upgraded regularly for this field. Based on an exhaustive study in 2021\u20132023 involving high schools in the EU a definition of the educational content and the aligned methodology for high school levels was developed for two areas: cyber-safety and cybersecurity. Available sources, including video platforms, quizzes, presentations, educational games, and hands-on sources for practical exercises, were evaluated and included in the developed fiches with the educational content. The applicability of the developed educational model and the content prepared for upgrading the high school teachers and their student\u2019s knowledge was applied in nine European schools during the 2022\u20132023 school year. This paper describes the study, briefly presents the educational content, the class preparation and the assessment of the achieved learning objectives obtained with the surveys, interviews, and the Capture the Flag contest. The paper ends with an evaluation of the developed methodology and the usefulness of the approach. Recommendations for future use and development are included in the last paper section.<\/jats:p>","DOI":"10.1093\/cybsec\/tyae018","type":"journal-article","created":{"date-parts":[[2024,11,15]],"date-time":"2024-11-15T11:51:27Z","timestamp":1731671487000},"source":"Crossref","is-referenced-by-count":1,"title":["Toward effective learning of cybersecurity: new curriculum agenda and learning methods"],"prefix":"10.1093","volume":"10","author":[{"ORCID":"https:\/\/orcid.org\/0009-0002-8629-9770","authenticated-orcid":false,"given":"Andrej Jerman","family":"Bla\u017ei\u010d","sequence":"first","affiliation":[{"name":"Jo\u017eef Stefan Institute, Laboratory for Open Systems and Networks , Ljubljana 1 000 ,","place":["Slovenia"]}]},{"ORCID":"https:\/\/orcid.org\/0000-0001-9002-4548","authenticated-orcid":false,"given":"Borka Jerman","family":"Bla\u017ei\u010d","sequence":"additional","affiliation":[{"name":"Jo\u017eef Stefan Institute, Laboratory for Open Systems and Networks and Postgraduate International School, Chair of the Advanced Internet Technologies program , Jamova 39, Ljubljana, 1000 ,","place":["Slovenia"]}]}],"member":"286","published-online":{"date-parts":[[2024,11,15]]},"reference":[{"year":"2021","author":"Eurodyce","key":"2024121909142717500_bib1"},{"key":"2024121909142717500_bib2","doi-asserted-by":"publisher","first-page":"101769","DOI":"10.1016\/j.techsoc.2021.101769","article-title":"The cybersecurity labour shortage in Europe: moving to a new concept for education and training","volume":"67","author":"Jerman-Bla\u017ei\u010d","year":"2021","journal-title":"Technol Soc"},{"year":"2020","author":"ENISA","key":"2024121909142717500_bib3"},{"key":"2024121909142717500_bib4","doi-asserted-by":"publisher","first-page":"233","DOI":"10.4236\/jis.2021.124013","article-title":"Relevance of cybersecurity education at pedagogy levels in schools","volume":"12","author":"Amankwa","year":"2021","journal-title":"J Inform Secur"},{"key":"2024121909142717500_bib5","article-title":"Exploring cybersecurity education at K 12 level","volume-title":"SITE Interactive Conference, Online, 2021. United States, Proceedings, 108-114,\u00a0P.C. AACE","author":"Chen","year":"2021"},{"year":"2015","author":"GenCyber","key":"2024121909142717500_bib6"},{"key":"2024121909142717500_bib7","doi-asserted-by":"crossref","first-page":"23","DOI":"10.3390\/su14084763","article-title":"Cybersecurity skills among European high-school students: new approach in the design of sustainable educational development in cybersecurity","volume":"14","author":"Jerman-Bla\u017ei\u010d","year":"2022","journal-title":"Sustainability"},{"key":"2024121909142717500_bib8","doi-asserted-by":"publisher","DOI":"10.1145\/3600160.3605009","article-title":"Why Mary can hack: effectively introducing high school girls to cybersecurity","volume-title":"ARES '23: Proceedings of the 18th International Conference on Availability, Reliability and SecurityAugust 2023Article No.: 71","author":"Costa","year":"2023"},{"key":"2024121909142717500_bib9","article-title":"Cybersecurity skills training. An attacker-centric gamified approach","volume-title":"Technology Innovation Management Review","author":"Adams","year":"2017"},{"key":"2024121909142717500_bib10","doi-asserted-by":"crossref","first-page":"3011","DOI":"10.1007\/s10639-021-10704-y","article-title":"Changing the landscape of cybersecurity education in the EU: will the new approach produce the required cybersecurity skills?","volume":"27","author":"Bla\u017ei\u010d","year":"2022","journal-title":"Educ Inf Technol"},{"key":"2024121909142717500_bib11","first-page":"47","volume-title":"Using Capture the Flag to Enhance the Effectiveness of Cybersecurity Education, SIGITE 2017, Proceedings, 52 October 4-7, 2017","author":"Leune","year":"2017"},{"key":"2024121909142717500_bib12","doi-asserted-by":"crossref","first-page":"20","DOI":"10.11591\/edulearn.v12i1.7736","article-title":"Evaluation of game-based learning in cybersecurity education for high school students","volume":"12","author":"Jin","year":"2018","journal-title":"J Edu Learn"},{"key":"2024121909142717500_bib13","doi-asserted-by":"crossref","DOI":"10.1007\/978-3-030-61814-8_10","article-title":"Bridging the cyber security skills gap: using tabletop exercises to solve the CSS, crisis","volume-title":"Serious Games. JCSG 2020. Lecture Notes in Computer Science","author":"Angafor","year":","},{"key":"2024121909142717500_bib14","doi-asserted-by":"crossref","first-page":"81","DOI":"10.1109\/MSEC.2020.3037446","article-title":"Are we preparing students to build security in? A survey of European cybersecurity in higher education programs","volume":"19","author":"Dragoni","year":"2021","journal-title":"IEEE Secur Privacy"},{"key":"2024121909142717500_bib15","first-page":"77","article-title":"Pedagogically grounded techniques and technologies for enhanced student learning","volume":"13","author":"Burns","year":"2013","journal-title":"Adv Eng Edu"},{"year":"2022","key":"2024121909142717500_bib16"},{"volume-title":"Too Few Cybersecurity Professionals Is a Gigantic Problem","year":"2019","author":"Ackerman","key":"2024121909142717500_bib17"},{"key":"2024121909142717500_bib18","first-page":"1","article-title":"A study of the UK undergraduate computer science curriculum: a vision of cybersecurity","volume-title":"IEEE International Conference on Global Security, Safety and Sustainability (ICGS3). In Proceedings London, 2019, UK","author":"Ruiz","year":"2019"},{"key":"2024121909142717500_bib19","doi-asserted-by":"crossref","DOI":"10.1109\/HICSS.2014.254","article-title":"Re-engineering cybersecurity education in the US: an analysis of the critical factors","volume-title":"Proceedings of the 47th Hawaii International Conference on System Sciences, Waikoloa, HI, 2014 USA","author":"Conklin","year":"2014"},{"key":"2024121909142717500_bib20","doi-asserted-by":"publisher","first-page":"tyz001","DOI":"10.1093\/cybsec\/tyz001","article-title":"Cybersecurity education in a developing nation: the Ecuadorian environment","volume":"5","author":"Catota","year":"2019","journal-title":"J Cybersecur"},{"key":"2024121909142717500_bib21","doi-asserted-by":"crossref","first-page":"1809","DOI":"10.1007\/s10639-022-11261-8","article-title":"Analysis of cyber security knowledge gaps based on cyber security body of knowledge","volume":"28","author":"Catal","year":"2023","journal-title":"Educ Inf"},{"key":"2024121909142717500_bib22","first-page":"985","article-title":"Identifying the role of further and higher education in Cyber security skills development. Skills: concepts, measurement and policy, approaches","volume":"32","author":"Malan","year":"2018","journal-title":"J Econ Surv"},{"key":"2024121909142717500_bib23","article-title":"Cybersecurity material for K-12 education","volume-title":"Midwest Instruction and Computer Symposium, Proceedings","author":"Nygard","year":"2018"},{"key":"2024121909142717500_bib24","first-page":"55","article-title":"Engaging students in basic cybersecurity concepts using digital game-based learning: computer games as virtual learning environments","volume":"14","author":"Karagiannis","year":"2021","journal-title":"Adv Core Comput Sci"},{"key":"2024121909142717500_bib25","doi-asserted-by":"crossref","first-page":"586","DOI":"10.1177\/1046878120933312","article-title":"Experiencing one game at a time: systematic review of cybersecurity digital games","volume":"51","author":"Coentrad","year":"2020","journal-title":"Simul Games"},{"year":"2021","author":"Jerman-Bla\u017ei\u010d","article-title":"Cybersecurity and gaming for cybersecurity training, chapter in the Concordia report","key":"2024121909142717500_bib26"},{"key":"2024121909142717500_bib27","doi-asserted-by":"crossref","DOI":"10.1145\/3593434.3593459","article-title":"Exploring the UK cyber skills gap through a mapping of active job listings to the cyber security body of knowledge ((2023); CyBOK)","volume-title":"Proceedings of the 27th International Conference on Evaluation and Assessment in Software Engineering","author":"Attwood","year":"2023"},{"key":"2024121909142717500_bib28","first-page":"012023","article-title":"Malware awareness tool using for internet safety using gamification techniques","volume":"1874","author":"Omar","year":"2021","journal-title":"J Phys: Conf Ser"},{"key":"2024121909142717500_bib29","first-page":"387","article-title":"Teaching tip: what you need to know about gamification, process of cybersecurity, hands-on lab exercises: lessons and challenges","volume":"34","author":"Kim","year":"2023","journal-title":"J Inf Syst Educ"},{"key":"2024121909142717500_bib30","doi-asserted-by":"publisher","first-page":"63","DOI":"10.4018\/ijopcd.2011070105","article-title":"The relationship between student learning styles and motivation during educational video game play","volume":"1","author":"Findley","year":"2011","journal-title":"Int J Online Pedagogy Course Des"},{"key":"2024121909142717500_bib31","first-page":"1","article-title":"Cybersecurity knowledge and skills taught in capture the flag challenges","volume":"102","author":"\u0160vabensky","year":"2021","journal-title":"J Compu Secur"},{"key":"2024121909142717500_bib32","first-page":"1","article-title":"Evaluating the effectiveness of gamification on students\u2019 performance in a cybersecurity course","volume":"8","author":"Demmese","year":"2020","journal-title":"J Coll Inf Syst Secur Educ"},{"key":"2024121909142717500_bib33","doi-asserted-by":"publisher","first-page":"68","DOI":"10.1109\/MSEC.2020.2969409","article-title":"Bringing cyber to school: integrating cybersecurity into secondary school education","volume":"18","author":"Pencheva","year":"2020","journal-title":"IEEE Secur Priv"},{"key":"2024121909142717500_bib34","doi-asserted-by":"crossref","first-page":"421","DOI":"10.1007\/s10639-016-9475-z","article-title":"Computer security in the compulsory education curriculum, implication for future research","volume":"22","author":"Passy","year":"2017","journal-title":"Educ Inf Technol"},{"year":"2022","key":"2024121909142717500_bib35"},{"key":"2024121909142717500_bib36","doi-asserted-by":"publisher","first-page":"skac352","DOI":"10.1093\/jas\/skac352","article-title":"A review of the application of active learning pedagogies in undergraduate animal science curricula","volume":"101","author":"Redcliffe","year":"2021","journal-title":"J Anim Sci"},{"key":"2024121909142717500_bib37","first-page":"528","article-title":"Challenges and solutions in designing a network architecture for red and blue cybersecurity competitions","volume-title":"27th International Conference on System Theory, Control and Computing (ICSTCC)","author":"Chindrus","year":"2023"},{"key":"2024121909142717500_bib38","first-page":"8425","article-title":"Applicability of the learnability attributes in serious game design: the case of digital forensic game design","volume-title":"In INTED2017, 2017. Proceedings IASTED","author":"Jerman-Bla\u017ei\u010d","year":"2017"},{"key":"2024121909142717500_bib39","doi-asserted-by":"publisher","first-page":"1014","DOI":"10.3390\/su12031014","article-title":"Assessment of the development of professional skills in university students: sustainability and serious games","volume":"12","author":"Miguel","year":"2020","journal-title":"Sustainability"},{"year":"2021","key":"2024121909142717500_bib40"},{"year":"2023","author":"European Security Challenges","key":"2024121909142717500_bib41"},{"key":"2024121909142717500_bib42","doi-asserted-by":"crossref","first-page":"102470","DOI":"10.1016\/j.jnca.2019.102470","article-title":"An empirical survey of functions and configurations of open source capture the flag (CTF) environments","volume":"151","author":"Kucek","year":"2020","journal-title":"J Netw Comput Appl"},{"key":"2024121909142717500_bib43","doi-asserted-by":"crossref","DOI":"10.1145\/3502718.3524806","article-title":"Impact of capture the flag (CTF)-styles. Traditional exercises in an introductory computer security class","volume-title":"Proceedings of the 27th ACM Conference on Innovation and Technology in Computer Science Education, Proceedings","author":"Cole","year":"2022"}],"container-title":["Journal of Cybersecurity"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/academic.oup.com\/cybersecurity\/article-pdf\/10\/1\/tyae018\/61182340\/tyae018.pdf","content-type":"application\/pdf","content-version":"vor","intended-application":"syndication"},{"URL":"https:\/\/academic.oup.com\/cybersecurity\/article-pdf\/10\/1\/tyae018\/61182340\/tyae018.pdf","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2024,12,19]],"date-time":"2024-12-19T09:14:52Z","timestamp":1734599692000},"score":1,"resource":{"primary":{"URL":"https:\/\/academic.oup.com\/cybersecurity\/article\/doi\/10.1093\/cybsec\/tyae018\/7900964"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2024]]},"references-count":43,"journal-issue":{"issue":"1","published-print":{"date-parts":[[2024,1,2]]}},"URL":"https:\/\/doi.org\/10.1093\/cybsec\/tyae018","relation":{},"ISSN":["2057-2085","2057-2093"],"issn-type":[{"type":"print","value":"2057-2085"},{"type":"electronic","value":"2057-2093"}],"subject":[],"published-other":{"date-parts":[[2024]]},"published":{"date-parts":[[2024]]},"article-number":"tyae018"}}