Resch, C., & Gardner-McCune, C., & Wintjen, K. (2022, August), Cross-Sectional Survey of CS Students’ Knowledge of and Attitudes Toward Cybersecurity  Paper presented at 2022 ASEE Annual Conference & Exposition, Minneapolis, MN. 10.18260/1-2--40734

\bibitem{asee_peer_40734}
  Resch, C., \& Gardner-McCune, C., \& Wintjen, K. (2022, August), \emph{Cross-Sectional Survey of CS Students’ Knowledge of and Attitudes Toward Cybersecurity}
  Paper presented at 2022 ASEE Annual Conference \& Exposition, Minneapolis, MN.
  10.18260/1-2--40734

Cheryl Resch, Christina Gardner-McCune, and Keyna Wintjen.  "Cross-Sectional Survey of CS Students’ Knowledge of and Attitudes Toward Cybersecurity".  2022 ASEE Annual Conference & Exposition, Minneapolis, MN, 2022, August.  ASEE Conferences, 2022.  https://peer.asee.org/40734 Internet.  07 May, 2024

\bibitem{asee_peer_40734}
  Cheryl Resch, Christina Gardner-McCune, and Keyna Wintjen.
  "Cross-Sectional Survey of CS Students’ Knowledge of and Attitudes Toward Cybersecurity".
  \emph{2022 ASEE Annual Conference \& Exposition, Minneapolis, MN, 2022, August}.
  ASEE Conferences, 2022.
  https://peer.asee.org/40734 Internet.  07 May, 2024

@INPROCEEDINGS{asee_peer_40734
author = "Cheryl Resch, Christina Gardner-McCune, and Keyna Wintjen"
title = "Cross-Sectional Survey of CS Students’ Knowledge of and Attitudes Toward Cybersecurity"
booktitle = "2022 ASEE Annual Conference \& Exposition"
year = "2022"
month = "August"
address = "Minneapolis, MN"
publisher = "ASEE Conferences"
note = {https://peer.asee.org/40734}
number = {10.18260/1-2--40734}
}

TY  - CPAPER
AB  - Cyber attacks are a common feature of current news and many of them are the result of easy to avoid vulnerabilities in software.  It is imperative that students graduating from an undergraduate Computer Science (CS) curriculum have knowledge of vulnerabilities and understand the consequences of vulnerable code.  The introductory programming courses often have a full schedule of topics, so it is common to cover software security content briefly in early courses and more extensively in later courses.  It would be useful to know if students with only a brief introduction to software vulnerabilities carry that knowledge into later classes.  Also, it would be useful to have a sense of students’ prior knowledge of cybersecurity and how this prior knowledge contributes to the appreciation of software vulnerabilities.  This paper describes an analysis of the results of a survey of 1677 students in core CS courses at our large public university, in which software security topics are covered briefly in the two introductory courses and more extensively in a later course.  We found that students in upper-level classes scored higher on a cybersecurity quiz than students who are just beginning the Computer Science curriculum, when correcting for a prior knowledge or interest in cybersecurity.   This suggests that students are gaining knowledge of cybersecurity while in the Computer Science curriculum.  However, we found some gaps in cybersecurity knowledge.  Less than half the students were able to name a software vulnerability that has caused a cybersecurity breach, and less than half were able to correctly answer questions about botnets and the use of VPNs.  This suggests that we should consider increasing cybersecurity content in order to build on what students have apparently learned in the lower-level classes, and ensure that students learn all cybersecurity topics, and particularly about networking topics and common software vulnerabilities.  
AU  - Cheryl Resch
AU  - Christina Gardner-McCune
AU  - Keyna Wintjen
CY  - Minneapolis, MN
DA  - 2022/08/23
PB  - ASEE Conferences
TI  - Cross-Sectional Survey of CS Students’ Knowledge of and Attitudes Toward Cybersecurity
UR  - https://peer.asee.org/40734
DO  - 10.18260/1-2--40734
ER  -