Activity 01
Think-Pair-Share: AI Defender vs. AI Attacker
Present two short case studies: one where AI detected a breach faster than human analysts, and one where AI-generated phishing bypassed traditional filters. Students individually write which side they think gains more from AI, then compare with a partner and report out. Debrief focuses on why the answer depends on context and resources.
Predict how artificial intelligence will impact cybersecurity defenses.
Facilitation TipDuring Think-Pair-Share, assign half the pairs to defend and half to attack, then have them switch roles to emphasize dual-use dynamics.
What to look forPose the following to students: 'Imagine you are a cybersecurity consultant in 2030. Based on current trends, what are the top three emerging cybersecurity threats you foresee, and what new defense strategies would you recommend to a major corporation?'
UnderstandApplyAnalyzeSelf-AwarenessRelationship Skills
Generate Complete Lesson→· · ·
Activity 02
Scenario Analysis: Post-Quantum Threat Modeling
Small groups receive a card describing a current encryption use case (bank transactions, HTTPS, encrypted messaging, government records). Groups assess how vulnerable their scenario is to a quantum attack, what data would still be at risk under harvest-now-decrypt-later strategies, and which NIST post-quantum algorithm fits best. Groups present their threat model to the class.
Analyze the potential threats posed by quantum computing to current encryption.
Facilitation TipFor Scenario Analysis, provide a timeline graphic so students can visualize the gap between current quantum computers and cryptographically relevant ones.
What to look forPresent students with two scenarios: one describing an AI-powered phishing attack and another describing a potential quantum computer breaking an RSA encryption key. Ask students to write one sentence for each scenario explaining the core technological threat involved.
UnderstandApplyAnalyzeSocial AwarenessRelationship Skills
Generate Complete Lesson→· · ·
Activity 03
Gallery Walk: Emerging Threat Landscape
Post six stations around the room, each covering an emerging cybersecurity challenge: deepfake-based social engineering, IoT device vulnerabilities, supply chain attacks, AI-generated malware, critical infrastructure risks, and biometric data theft. Students rotate with sticky notes, adding connections, questions, and risk ratings at each station. Close with a class synthesis of which threats they found most underestimated.
Hypothesize new cybersecurity challenges that may arise in the next decade.
Facilitation TipIn the Gallery Walk, post three large sheets of paper labeled 'Defender Wins,' 'Attacker Wins,' and 'Unknown Outcome' so students can categorize threats as they move.
What to look forAsk students to write down one specific cybersecurity challenge that might exist in 10 years that is not a major concern today, and briefly explain why it might emerge. Then, have them identify one emerging technology that could help defend against it.
UnderstandApplyAnalyzeCreateRelationship SkillsSocial Awareness
Generate Complete Lesson→· · ·
Activity 04
Formal Debate: Regulating AI in Cybersecurity
Assign students to argue for or against the proposition that governments should require AI-powered cybersecurity tools to be certified before deployment. Students prepare for 10 minutes using provided source excerpts, then run a structured four-corner debate where they can physically move as their position shifts. Debrief connects to CSTA standard 3A-IC-28 on the societal impacts of computing.
Predict how artificial intelligence will impact cybersecurity defenses.
Facilitation TipDuring the Structured Debate, assign roles like 'AI Ethics Researcher' or 'Quantum Cryptography Engineer' to deepen role-specific expertise.
What to look forPose the following to students: 'Imagine you are a cybersecurity consultant in 2030. Based on current trends, what are the top three emerging cybersecurity threats you foresee, and what new defense strategies would you recommend to a major corporation?'
AnalyzeEvaluateCreateSelf-ManagementDecision-Making
Generate Complete Lesson→A few notes on teaching this unit
Experienced teachers approach this topic by framing cybersecurity as a continuous arms race rather than a problem with a single solution. They avoid overemphasizing doom scenarios and instead focus on measurable risks and adaptive strategies. Research suggests students grasp dual-use technology best through debate and scenario analysis, where they confront trade-offs directly rather than through lecture.
Successful learning looks like students questioning assumptions, connecting current technology to future risks, and articulating how defenses and attacks evolve together. They should move from seeing AI and quantum computing as abstract concepts to recognizing them as forces shaping real-world security decisions.
Watch Out for These Misconceptions
During Think-Pair-Share on AI Defender vs. AI Attacker, watch for students assuming AI will make cybersecurity entirely automated.
Use the AI Defender vs. AI Attacker prompt to push students to identify specific limitations of AI in both roles, such as adversarial examples or data poisoning vulnerabilities.
During Scenario Analysis on Post-Quantum Threat Modeling, watch for students believing quantum computers will break encryption overnight once they exist.
Use the scenario’s timeline graphic to redirect students to focus on the current gap between existing quantum prototypes and the thousands of error-corrected qubits needed for RSA-2048.
During Gallery Walk on Emerging Threat Landscape, watch for students dismissing near-term threats like AI-generated phishing as too futuristic for immediate study.
Use the Gallery Walk’s categorized sheets to redirect students to real-world incidents, such as NIST post-quantum standards or recent AI phishing campaigns, to ground their discussion in current evidence.
Methods used in this brief