Doug Jacobson, Director, Iowa State University Information Assurance Center
It has long been recognized that there exists an urgent need to improve security education and that the security community needs to begin educating a broader audience than just those who work in technology. The primary method for educating the general public about cyber security has been to construct top-ten security lists, which often communicate a false sense of security to its readers as it implies all that is necessary to achieve security is to follow a list of broad steps. This presentation will address the issue of computer security literacy and will demonstrate by example how to teach a couple relevant security topics in the context of tasks many people perform everyday. The talk will also provide a case study looking at Iowa State University's efforts to provide security literacy.