Computer Science · 9th Grade

Active learning ideas

Human Factors in Cybersecurity

Active learning works for this topic because human-centered cybersecurity is about behavior, not just knowledge. Students need to practice recognizing manipulation tactics and making decisions under realistic pressure to internalize why human factors matter.

Common Core State StandardsCSTA: 3A-NI-06
20–40 minPairs → Whole Class4 activities

Activity 01

Role Play25 min · Pairs

Role-Play: Social Engineering Scenarios

Students work in pairs. One plays an attacker using a pretexting script, such as 'Hi, I'm from IT -- I need your password to fix your account.' The other plays the target, practicing how to verify the caller's identity and decline the request safely. Groups debrief on which techniques felt most convincing.

Explain how human factors contribute more to security breaches than technical failures.

Facilitation TipDuring Role-Play: Social Engineering Scenarios, assign specific roles so students experience the emotional triggers attackers use, such as urgency or flattery, in a low-stakes environment.

What to look forProvide students with three short scenarios describing potential cyber threats. Ask them to identify the type of social engineering attack in each scenario and explain one specific action they would take to avoid falling victim.

ApplyAnalyzeEvaluateSocial AwarenessSelf-Awareness
Generate Complete Lesson

Activity 02

Role Play40 min · Small Groups

Collaborative Design: Security Awareness Campaign

Groups design a three-part security awareness program for their school: a poster, a five-minute activity, and a quick-reference card. They present their programs and the class votes on which is most likely to actually change behavior and why.

Analyze common social engineering techniques used in cyberattacks.

Facilitation TipWhen facilitating Collaborative Design: Security Awareness Campaign, rotate student teams through different campaign elements so they see how messaging changes for different audiences.

What to look forPresent students with a simulated phishing email. Ask them to highlight at least three red flags that indicate the email is malicious and explain why each is a warning sign.

ApplyAnalyzeEvaluateSocial AwarenessSelf-Awareness
Generate Complete Lesson

Activity 03

Case Study Analysis30 min · Small Groups

Case Study Analysis: Inside the Human Breach

Groups analyze the 2011 RSA SecurID breach, in which an employee opened a phishing email titled '2011 Recruitment Plan.' They identify every human decision point where the attack could have been stopped and propose process changes for each.

Design a training program to improve human cybersecurity awareness.

Facilitation TipIn Case Study Analysis: Inside the Human Breach, have students annotate the timeline of events with psychological triggers they identify in the breach narrative.

What to look forFacilitate a class discussion using the prompt: 'Imagine you receive a phone call from someone claiming to be from your internet provider, stating your service will be disconnected unless you immediately provide your account password. How would you respond, and why is this a common social engineering tactic?'

AnalyzeEvaluateCreateDecision-MakingSelf-Management
Generate Complete Lesson

Activity 04

Think-Pair-Share20 min · Pairs

Think-Pair-Share: Why Do People Fall For It?

Students individually list three cognitive biases that social engineers exploit, such as urgency, authority, or familiarity. Pairs combine their lists and find examples of each in real phishing messages. The class builds a master list of psychological levers attackers use.

Explain how human factors contribute more to security breaches than technical failures.

Facilitation TipUse Think-Pair-Share: Why Do People Fall For It? to first isolate individual assumptions, then build consensus in small groups before whole-class discussion.

What to look forProvide students with three short scenarios describing potential cyber threats. Ask them to identify the type of social engineering attack in each scenario and explain one specific action they would take to avoid falling victim.

UnderstandApplyAnalyzeSelf-AwarenessRelationship Skills
Generate Complete Lesson

A few notes on teaching this unit

Experienced teachers approach this topic by normalizing mistakes and reframing ‘human error’ as a predictable outcome of cognitive shortcuts. Avoid shaming students for falling for fake scenarios; instead, use those moments to teach resilience. Research shows that scenario-based practice reduces real-world vulnerability more than lectures alone. Keep the tone practical and solution-focused.

Successful learning looks like students applying critical thinking to real-world scenarios, designing clear security messages for peers, and articulating why humans are the weakest link in cybersecurity. They should move from passive awareness to active defense.

Watch Out for These Misconceptions

  • During Role-Play: Social Engineering Scenarios, watch for students assuming only careless or uneducated people fall for phishing. Redirect by having them debrief after each role-play, highlighting how even IT professionals get tricked by well-crafted spear-phishing emails.

    During Role-Play: Social Engineering Scenarios, use the debrief to point out that attackers exploit universal human traits like urgency and authority, which affect everyone. Share real-world examples of security researchers being phished to normalize vulnerability.

  • During Collaborative Design: Security Awareness Campaign, watch for students believing better software will eliminate the human problem. Redirect by asking them to research high-profile breaches caused by human error and present findings to the class.

    During Collaborative Design: Security Awareness Campaign, have students include a slide in their campaign about why software alone cannot fix human psychology. Use case studies like the 2016 Democratic National Committee breach to illustrate this point.

Methods used in this brief

More in The Architecture of the Internet

Internet Infrastructure and IP Addressing

Students will understand how IP addresses and routers manage the flow of packets across a decentralized network.

2 methodologies

Network Protocols and Communication

Students will investigate the necessity of standardized protocols for global communication.

2 methodologies

Physical Limitations of Data Transmission

Students will explore the physical limitations of sending data across the world at high speeds.

2 methodologies

Symmetric and Asymmetric Encryption

Students will investigate methods for protecting data integrity and privacy through encryption.

2 methodologies

Cybersecurity Threats and Defenses

Students will identify common cybersecurity threats and explore various defense mechanisms.

2 methodologies