Day 14: Cybersecurity Challenges and Ethics

Learning Objectives

• CSN-1.F: Explain how the design of the Internet and the Internet protocols contribute to reliability and scalability.

Essential Questions

• What emerging challenges exist in cybersecurity?
• How do we balance security with privacy and usability?
• What ethical considerations arise in cybersecurity practices?

Materials Needed

• Presentation slides on cybersecurity challenges
• Case study materials of security incidents
• Debate preparation templates
• Ethical scenario cards
• Exit ticket templates

Vocabulary

• Zero-day vulnerability
• Advanced persistent threat (APT)
• Ransomware
• IoT security
• Privacy
• Ethical hacking
• Responsible disclosure
• Security vs. convenience
• Data breach
• Cyber warfare

Procedure (50 minutes)

Opening (8 minutes)

1. Review and Connection (3 minutes)

   • Review network security measures from previous lesson
   • Connect to today's focus on broader cybersecurity challenges and ethics

2. Warm-up Activity (5 minutes)

   • Present a headline about a recent major security breach
   • Ask students: "How could this have happened despite security measures?"
   • Discuss the evolving nature of security threats
   • Introduce the concept of the security arms race

Main Activities (32 minutes)

3. Lecture: Emerging Cybersecurity Challenges (12 minutes)

   • Discuss emerging security challenges:
     • Zero-day vulnerabilities: Unknown security flaws
     • Advanced persistent threats: Sophisticated, targeted attacks
     • Ransomware evolution: More targeted and damaging
     • IoT security issues: Billions of potentially vulnerable devices
     • AI and machine learning in attacks and defense
     • Supply chain attacks: Compromising trusted software sources
     • Cloud security challenges: Shared responsibility models
   • Explain the security implications of new technologies:
     • 5G networks
     • Quantum computing
     • Smart cities
     • Autonomous vehicles
   • Discuss the human element in security:
     • Social engineering remains effective
     • Security awareness and training
     • Security culture in organizations

4. Case Studies: Major Security Incidents (8 minutes)

   • Present 2-3 significant security incidents
   • For each case, analyze:
     • What happened
     • How the attack was carried out
     • Impact and consequences
     • How it could have been prevented
     • Lessons learned
   • Discuss how these incidents changed security practices
   • Connect to fundamental security principles

5. Activity: Debating Security vs. Privacy Trade-offs (12 minutes)

   • Divide class into small groups
   • Assign each group a scenario involving security and privacy trade-offs:
     • Government backdoors in encryption
     • Employee monitoring for security
     • Biometric authentication requirements
     • Mass data collection for threat detection
     • Privacy-invasive security measures
   • Groups prepare arguments for both sides of the debate
   • Conduct mini-debates with groups presenting opposing viewpoints
   • Discuss the balance between security, privacy, and usability

Closing (10 minutes)

6. Discussion: Ethical Hacking and Responsible Disclosure (5 minutes)

   • Lead a discussion on ethical hacking:
     • White hat vs. black hat hackers
     • Bug bounty programs
     • Responsible disclosure processes
     • Legal and ethical boundaries
   • Discuss the ethics of security research
   • Address the importance of ethical guidelines in cybersecurity
   • Explore career paths in ethical hacking and security

7. Exit Ticket: Position Paper (5 minutes)

   • Students write a brief position statement on a cybersecurity ethical dilemma
   • Topics might include:
     • Should encryption have backdoors for law enforcement?
     • Is it ethical to hack back against attackers?
     • How much privacy should be sacrificed for security?
     • Should security researchers disclose vulnerabilities publicly?
   • Collect papers before students leave

Assessment

• Formative: Quality of participation in security vs. privacy debates
• Exit Ticket: Thoughtfulness and reasoning in position paper

Differentiation

For Advanced Students

• Ask them to research and incorporate legal frameworks in their arguments
• Have them explore more complex ethical dilemmas
• Challenge them to propose balanced solutions to security-privacy trade-offs

For Struggling Students

• Provide more structured debate templates
• Focus on simpler ethical scenarios
• Use more concrete examples and clear positions

Homework/Extension

• Research a cybersecurity ethical dilemma in more depth
• Interview an IT professional about security challenges they face
• Create a set of ethical guidelines for security professionals

Teacher Notes

• Keep debates respectful and focused on issues rather than politics
• Be prepared to address questions about controversial security topics
• Make connections to students' experiences with privacy and security
• Consider discussing how different countries approach cybersecurity differently
• Emphasize that ethical considerations are central to cybersecurity practice