Education theories applied to a cyber security bootcamp

Abstract

Prior to the ubiquity of information technology, United States military doctrine recognized four warfighting domains: land, sea, air, and space. The creation of the internet and a growing reliance on connected, integrated systems introduced an unfamiliar environment not governed by the same laws as the four physical warfighting domains. The United States Air Force recognized its need for a cyber force to operate in cyberspace. In 2003, the Information Directorate of the Air Force Research Laboratory (AFRL/RI) created a 10-week cyber security bootcamp called the Advanced Course in Engineering (ACE) to educate and train future cyber operators. Despite its record of success, the ACE lacks a formal, proven method to assess its effectiveness and improve the program. A formal assessment method may provide more exact, objective measurements of the effectiveness of the program. This work provides a case study in the use of learning theories (informed by and complementing participant feedback and staff observations) to assess ACE and provides recommendations to improve the ACE. We analyze available data from the 2019 ACE class and use relevant education theories to reveal insights regarding what the ACE program does well, ways it could improve, and future work that could further improve the program and other cyber security bootcamps.