Strengthening the Weakest Link in Digital Protection

Although much has been written about digital protection technologies, the greatest vulnerability in any system is invariably the person behind the keyboard. In our one-semester course at the US Military Academy in New York, we educate roughly 800 undergraduates from nontechnical fields each year on intermediate-level IT skills. We place our students in an isolated virtual-computing environment, give them hands-on experience with a variety of attack vectors that hackers use to exploit vulnerabilities, and provide them with a multidimensional framework for understanding and mitigating risks. As a result of this educational experience, our students are better able to internalize the concepts we teach and end up with an increased realization of the actions required to protect crucial resources. To achieve our goal of reducing the potential vulnerabilities nontechnical users introduce, we´ve integrated three major components into our course: 1) a broad overview of key IT topics; 2) lessons directly targeting information assurance (IA); and 3) a recurring thread of ethical and security considerations that´s explicitly injected into lessons throughout the semester