Personal vs. professional authenticity in introductory cybersecurity and education.

Abstract

This conceptual/theoretical paper explores how personal authenticity can promote generative learning in introductory cybersecurity courses. Generative learning easily transfers to future educational, professional, personal, and testing situations. This cycle of design-based research addresses the concern that more typical professionally authentic contexts (e.g., hospitals, banks, etc.) may be alien and overwhelming to many students, particularly those in introductory courses and/or from non-professional families and communities. If so, this leads to “inert” knowledge that does not transfer. Personal authenticity is rooted in expansive framing, a modern theory of learning transfer. We reframe expansive framing as personal authenticity to make it more accessible and to highlight the contrast with professional authenticity. The paper describes two examples of personally authentic cybersecurity instruction (one actual and one hypothetical). The paper then uses these examples to shed light on five theoretical explanations for why such personally authentic and expansively framed instruction should transfer more readily than professionally authentic instruction or traditional “direct” instruction, in which contexts are introduced after the “basics” have been mastered. The paper’s ultimate goals are to (a) encourage cybersecurity and computing educators to explore personal authenticity, (b) introduce a well-supported theoretical framework for studying personal authenticity, and (c) help cybersecurity and computing educators and educational researchers understand the implications of newer “situated” theories of cognition.