26th Colloquium
Save the date

Thank you attendees and presenters

Pedagogy for Cybersecurity

26th Colloquium Online

The 2022 conference of the Colloquium on Information Systems Security Education (CISSE) celebrates its 26th year as the senior and premier conference on Cybersecurity Education. Participating in the Colloquium are representatives from education, industry, and government with an interest in conducting productive conversations, present new ideas, and improve the content and curricula for cybersecurity education.

Subscribe for updates

Zoom Events Registration

The Colloquium
26th Colloquium Online - $75

For your convenience, registration is managed directly through Zoom. The 26th Colloquium is all viritual and powered by Zoom Events, an all-in-one platform with the power to produce interactive and engaging virtual experiences. Browse event information from our new hub.



For over 26 years, the Colloquium for Information Systems Security Education (CISSE) provides the sole forum in which the members of the academic field of cybersecurity gather to present and discuss emerging trends and ideas. Our government and industry partners actively collaborate to provide information on persistent cyber issues. This balance serves to provide input for our stakeholders across disciplines to reinforce a shared mission.

Zoom Events

The 26th Colloquium will convene on November 14th. Registration is via Zoom Events with a flat fee of $75.

  • Date: Monday, November 14, 2022
  • Time: 10:30 AM to 8:00 PM EST
    • Lobby opens at 9:30 AM and closes 9:00 PM EST
  • Platform: Zoom Events (see event hub)
The Colloquium
26th Colloquium Online - $75

For your convenience, registration is managed directly through Zoom. The 26th Colloquium is all viritual and powered by Zoom Events, an all-in-one platform with the power to produce interactive and engaging virtual experiences. Browse event information from our new hub.


Refund Policy

Refunds up to 1 hour before the event starts.

Questions: events@thecolloquium.org

Special Panel

The Colloquium is honored to have as part of the 26th Colloquium the following panel:

The Role of Education in Dispelling Myths and Misconceptions in Cybersecurity


  • Eugene Spafford, Ph.D. of Purdue University, Chair
  • Leigh Metcalf, Ph.D. of Carnegie Mellon University / SEI CERT
  • Josiah Dykstra, Ph.D. of the National Security Agency


There is a significant body of knowledge required to be successful in the profession and application of cybersecurity. Knowledge is passed along in many forms, including formal education and experiential learning. Given the need for personnel in the field many people do not receive much formal instruction, often “learning through doing.”

A potentially dangerous pitfall is perpetuating traditional practices or beliefs as truth without evidence. While cybersecurity is an evolving discipline, many people still hear the refrain “that’s the way it’s done” when questioning an approach. Folk wisdom and folklore are sometimes used merely to justify what we already do or believe rather than as informed guidelines for action. Myths arise because of misunderstandings or by making poor analogies to other fields.

In this session, the panelists will discuss their observations and experiences of cybersecurity myths across academia, industry, and government. They will draw on their decades of experience to discuss pitfalls they've encountered and examples of folk wisdom including: Is the user the weakest link? Is more security always better? Is cyber offense easier than defense? This will also touch on some of the biases humans bring to decision-making, and how those may negatively influence good security practices. These include the action and conformity biases.

The panel will illuminate opportunities for education to help dispel prevalent and widespread myths that can be avoided or mitigated for the benefit of more effective cybersecurity. Portions of this presentation are drawn from personal experience and courses taught by the panelists, including a regular course offered at Purdue University as part of the graduate cybersecurity curriculum.

Program Committee

Our gratitude to the CISSE community for your interest to join the 2022 program committee. The following are CISSE members who actively participated in the peer-review process and provided exceptional support to the Editorial team.

Maha Alotaibi

Cardiff university

Jackie Armstrong

Hill College

Helen Barker

University of Maryland Global Campus (UMGC)

Jane Blanken-Webb

Wilkes University

Ingrid Buckley

Florida Gulf Coast University

Zhixiong Chen

Mercy College

Tom Chothia

University of Birmingham

Henry Collier

Norwich University

Leslie Corbo

Utica University

Lonnie Decker

Davenport University

Charles Desassure

Rose State College

Swarupa Dholam

Bombay High Court

Maeve Dion

University of New Hampshire

Alfreda Dudley

Towson University

Donald Easton

Lane Community College

Eric Eskelsen

Idaho State University

Xinwen Fu

University of Massachusetts Lowell

Steven Fulton

US Air Force Academy

Paloma Galindo

University of Houston Clear Lake

Yuming He

Old Dominion University

Susan Helser

Central Michigan University

Sergio Hernandez Del Cid

Tacoma Community College

Jim Hoag

Champlain College

Yen-Hung Hu

Norfolk State University

Shou-Hsuan Huang

University of Houston

Randall Joyce

Murray State University

Phil Legg

University of the West of England

Lin Li

Prairie View A&M University

Susan Lincke

University of Wisconsin-Parkside

Luc Longpre


Teresa Macklin

CSU San Marcos

Laura Malave

St. Petersburg College

Razvan Alexandru Mezei

Saint Martin's University

Stanley Mierzwa

Kean University

Denis Nicole

University of Southampton

Brajendra Panda

University of Arkansas

Themis Papageorge

Northeastern University, CCIS

Zachary Peterson

Cal Poly, San Luis Obispo

Jason Pittman

University of Maryland Global Campus

Steven Presley

University of South Alabama

Prashanth Reddy

University of North Carolina

Cheryl Resch

University of Florida

Ivo Rosa


Altair Santin


Ben Scott

Edith Cowan University

Cragin Shelton

Capitol Technology University

Jill Slay

University of South Australia

Aurelia Smith

Columbus State University

Mahadevan Subramaniam

University of Nebraska at Omaha

Jay Thom

University of Nevada Reno

James Tippey

Montreat College

Shambhu Upadhyaya

SUNY at Buffalo

Emily Vandalovsky

Bergen Community College

Hsiaoan Wang

Northeastern University

Weichao Wang


Paper Presentations

Abstracts and submitted slides for paper presentations exhibited at the 26th Colloquium are available below. Article order is alphabetical and features works corresponding to CISSE and CCERP tracks. This content will be archived within the next 30 days. If presenting authors elect to revise slides or submit anew, please send to Andrew Belon at your earliest convenience.

A Systematic Mapping Study on Gamification Applications for Undergraduate Cybersecurity Education

Sherri Weitl-Harms, Adam Spanier, John Hastings, Matthew Rokusek

Addressing the Cybersecurity Issues and Needs of Rural Pennsylvania Nonprofit Organizations

Brian Gardner, Maryam Roshanaei, J. Andrew Landmesser, Jennifer Breese, Michael Bartolacci

An Empirical Study of Password Policy Compliance

Robert C. Hall, Mary Ann Hoppa, Yen-Hung Hu

Authentication Based on Periocular Biometrics and Skin Tone

Kennedy Marsh, Clifton Wallace, Jeffrey Hernandez, Rodney Dejournett, Xiaohong Yuan, Kaushik Roy

BEACON Labs: Designing Hands-on Lab Modules with Adversarial Thinking for Cybersecurity Education

Jordan Whyte, Gaby G. Dagher and Sara Hagenah

Bringing the Industry Partner to the Cybersecurity Education Table as an Active Participant

Randy Hinrichs, Viatcheslav Popovsky, Barbara Endicott-Popovsky

Cyber-physical Shooting Gallery: Gamification to Address the IT-OT Gap in Cybersecurity Education

Tiffany Fuhrmann, Taegan Williams, Michael Haney

CyberAlumni a Cybersecurity Collaboratory

Alejandro Ayala, Barbara Endicott-Popovsky and Randy Hinrichs

Cybercrime in the Developing World

David A. Ghelerter, John E. Wilson, Noah L. Welch, John-David Rusk

Election Security and Technology Education

Garry White

Framing Gamification in Undergraduate Cybersecurity Education

Sherri Weitl-Harms, Adam Spanier, John Hastings, Matthew Rokusek

Improving Workplace and Societal Cybersecurity via Post-Secondary General Education

Maeve Dion

Interactive Cyber-Physical System Hacking: Engaging Students Early Using Scalextric

Jonathan White, Phil Legg, Alan Mills

Interactive Program Visualization to Teach Stack Smashing: An Experience Report

Harini Ramaprasad, Meera Sridhar, Erik Akeyson

Low-Cost CTF Platform for Industrial Control Systems Education

Taegan Williams, Tiffany Fuhrmann, Michael Haney

Meeting the Challenges of Large Online Graduate Cybersecurity Classes in the Age of COVID

Michael Whitman, Herbert Mattord

Microtransactions and Gambling in the Video Game Industry

Christopher L. Antepenko, Samuel R. Rickey, Angel L. Hibbets, John-David Rusk

NIDS in Airgapped LANs - Does it Matter?

Winston Messer

Practical Labs for Teaching SDN Security

Souvik Das, Kamil Sarac

Secure Cloud-based IoT Water Quality Gathering for Analysis and Visualization

Soin Abdoul Kassif Traore, Maria Valero, Amy Gruss

Security Mindset Fundamentals and Second Language Learning

Amy Kuiken

Simulating Cybersecurity Risk Using Advanced Quantitative Risk Assessment Techniques: A Teaching Case Study

Basil Hamdan

Social Media Platforms and Responsibility for Disinformation

Matt T. Figlia, Brandon M. Henschen, Joseph T. Sims, John-David Rusk

Structure or Anarchy: A Bibliometric Analysis of Keywords in Cybersecurity Education Literature

Jason Pittman, Helen Barker, Shaho Alaee

Teaching Offensive and Defensive Cyber Security in Schools using a Raspberry Pi Cyber Range

Phil Legg, Alan Mills, Ian Johnson

Teaching Software Security to Novices With User Friendly Armitage

Christopher Morales-Gonzalez, Matthew Harper and Xinwen Fu

Techniques to Overcome Network Attacks (Sybil Attack, Jamming Attack, Timing Attack) in VANET

Sinan Ameen Noman and Travis Atkison

The Role of Education in Dispelling Myths and Misconceptions in Cybersecurity

Eugene Spafford, Leigh Metcalf, Josiah Dykstra

Towards Assessing Organizational Cybersecurity Risks via Remote Workers' Cyberslacking and Their Computer Security Posture

Ariel Luna, Yair Levy, Gregory Simco, Wei Li

Towards the Development and Assessment of a Method for Educating Users into Choosing Complex, Memorable Passphrases

Juan M. Madrid, Yair Levy, Laurie Dringus, Ling Wang

Using Experts for Improving Project Cybersecurity Risk Scenarios

Steven S. Presley, Jeffrey P. Landry, Jordan Shropshire, Phil Menard

Virginia Cyber Navigator Internship Program (VA-CNIP): Service Learning in Local Election Security

Angela Orebaugh, Jack Davidson, Deborah Johnson, Daniel Graham, Worthy Martin

What You See Is Not What You Know: Deepfake Image Manipulation

Cathryn Allen, Bryson R. Payne, Tamirat T. Abegaz, Chuck Robertson

Member Supported