Improving cybersecurity skill development through visual programming
Information and Computer Security
ISSN: 2056-4961
Article publication date: 16 February 2023
Issue publication date: 26 June 2023
Abstract
Purpose
Cybersecurity training plays a decisive role in overcoming the global shortage of cybersecurity experts and the risks this shortage poses to organizations' assets. Seeking to make the training of those experts as efficacious and efficient as possible, this study investigates the potential of visual programming languages (VPLs) for training in cyber ranges. For this matter, the VPL Blockly was integrated into an existing cyber range training to facilitate learning a code-based cybersecurity task, namely, creating code-based correlation rules for a security information and event management (SIEM) system.
Design/methodology/approach
To evaluate the VPL’s effect on the cyber range training, the authors conducted a user study as a randomized controlled trial with 30 participants. In this study, the authors compared skill development of participants creating SIEM rules using Blockly (experimental group) with participants using a textual programming approach (control group) to create the rules.
Findings
This study indicates that using a VPL in a cybersecurity training can improve the participants' perceived learning experience compared to the control group while providing equally good learning outcomes.
Originality/value
The originality of this work lies in studying the effect of using a VPL to learn a code-based cybersecurity task. Investigating this effect in comparison with the conventional textual syntax through a randomized controlled trial has not been investigated yet.
Keywords
Acknowledgements
This work is performed under the INSIST project, which is supported under contract by the Bavarian Ministry of Economic Affairs, Regional Development and Energy (DIK0338/01).
Citation
Glas, M., Vielberth, M., Reittinger, T., Böhm, F. and Pernul, G. (2023), "Improving cybersecurity skill development through visual programming", Information and Computer Security, Vol. 31 No. 3, pp. 316-330. https://doi.org/10.1108/ICS-11-2022-0170
Publisher
:Emerald Publishing Limited
Copyright © 2023, Emerald Publishing Limited