Multidisciplinary Experiential Learning for Holistic Cybersecurity Education, Research and Evaluation

Experiential learning is defined as learning through action, experience, and discovery and exploration. Capture the Flags (CTFs) events have been offering experiential learning to computer science/engineering students for over 20 years. However, existing pedagogical technical research recognizes the need to address certain shortcomings of CTFs, such as novice encouragement, skewed experiences of CTF type (attack-defend vs. attack only vs. defend only), the difficulty and clarity of CTF challenges, and temporal constraints. This paper argues that CTFs can offer valuable experiential learning experiences for criminology/criminal justice students as well, by improving their hands-on research skills as well as their understanding of cyberattacks/defense. The paper also argues that multidisciplinary experiential learning is critical in improving CTFs for both technical and criminological domains. Specifically, it offers four benefits: breakdown of disciplinary silos in cybersecurity education; innovative research; enhanced learning experiences; and greater transparency in the evaluation of CTFs. The paper also offers some challenges of multidisciplinary experiential learning and offers possible implementation suggestions.