-
VIDEO RESOURCES
Education is Salesmanship Part 2 Education is Salesmanship Part 1 Education is Salesmanship Part 3In the near future, this section will contain free videos covering a range of topics, from instructor development to instructional systems design. For now, check out this ground-breaking presentation Dr. Kiper gave to the Interactive Learning Technologies Conference sponsored by the Society for Applied Learning Technology (SALT).
Education is Salesmanship: Using Technology to Enhance – Not Replace – Effective Instructional Systems Design
-
PUBLISHED PAPERS
(2018). Kiper, J.R. Pick a Tool, the Right Tool: Developing a Practical Typology for Selecting Digital Forensics Tools. The SANS Institute Reading Room. March 16, 2018.Abstract: One of the most common challenges for a digital forensic examiner is tool selection. In recent years, examiners have enjoyed a significant expansion of the digital forensic toolbox – in both commercial and open source software. However, the increase of digital forensics tools did not come with a corresponding organizational structure for the toolbox. As a result, examiners must conduct their own research and experiment with tools to find one appropriate for a particular task. This study collects input from forty six practicing digital forensic examiners to develop a Digital Forensics Tools Typology, an organized collection of tool characteristics that can be used as selection criteria in a simple search engine. In addition, a novel method is proposed for depicting quantifiable digital forensic tool characteristics.
(2017). Curriculum Guidelines for Post-Secondary Degree Programs in Cybersecurity. Contributing author. Joint Task Force on Cybersecurity Education. Association for Computing Machinery (ACM), IEEE Computer Society (IEEE-CS), and the Association for Information Systems Special Interest Group on Security (AIS SIGSEC).Excerpt: By all accounts, the world faces a current and growing workforce shortage of qualified cybersecurity professionals and practitioners. In fact, both government and nongovernment sources project nearly 1.8 million cybersecurity-related positions going unfilled by 2022 [1]. The workforce demand is acute, immediate, and growing [2]. In order to develop the required talent, academic departments across the spectrum of computing disciplines are launching initiatives to establish new cybersecurity programs or courses of study within existing programs. Whether developing full new programs, defining new concentrations within existing programs, or augmenting existing course content, these institutions need curricular guidance based on a comprehensive view of the cybersecurity field, the specific demands of the base discipline, and the relationship between the curriculum and cybersecurity workforce frameworks.
(2017) Wilkerson, W. S., Levy, Y., Kiper, J. R., & Snyder, M. (2017). Towards a development of a Social Engineering eXposure Index (SEXI) using publicly available personal information. KSU Proceedings on Cybersecurity Education, Research and Practice. 5.Abstract: Millions of people willingly expose their lives via Internet technologies every day, and even those who stay off the Internet find themselves exposed through data breaches. Trillions of private information records flow through the Internet. Marketers gather personal preferences to coerce shopping behavior, while providers gather personal information to provide enhanced services. Few users have considered where their information is going or who has access to it. Even fewer are aware of how decisions made in their own lives expose significant pieces of information, which can be used to harm the very organizations they are affiliated with by cyber attackers. While this threat can affect everyone, upper management provides a significantly higher risk due to their level of access to critical data and finances targeted by cybercrime. Thus, the goal of this work-in-progress research is to develop and validate a means to measure exposure to social engineering of 100 executives from Fortune 500 companies. This work-in-progress study will include a mixed methods approach combining an expert panel using the Delphi method, developmental research, and a quantitative data collection. The expert panel will provide a weighted evaluation instrument, subsequently used to develop an algorithm that will form the basis for a Social Engineering eXposure Index (SEXI) using publicly available personal information found on the Internet on these executives, which will help quantify the exposure of each executive. The collected data will be quantitatively evaluated, analyzed, and presented.
(2017). Kiper, J.R. The OPTIC Approach: Objectives, Policies, and Tasks for Instructional Content. Government Learning Technology Symposium, Washington, DC, November 29-30, 2017.Excerpt: Large organizations – especially law enforcement agencies – have unique training management challenges. They especially struggle with updating their instructional content to reflect hundreds of organizational policies and business processes that could change at any time [1]. We’ve all lived with the pain and suffering of disorganized training programs, but to illustrate the problem consider the following two scenarios.
Scenario #1: A recent court decision on Issue X resulted in a major change to your organization’s policy and processes. Unfortunately, the content you use to train Issue X to the workforce is contained in a variety of web-based training modules, job aides, PowerPoint presentations, face-to-face instruction, and other legacy training products.
Question: How do you locate the relevant training materials so that all Issue X content may be updated?
This scenario illustrates the need for training products to be linked to policies and processes, so that they are searchable in response to a specific need for information. For example, if a court or lawmaker makes a change to the Rules of Evidence then an agency needs to know which of its myriad lesson plans covers the Rules of Evidence so the required changes can be made – before someone gets into trouble.
Now take a look at this scenario:
Scenario #2: Your top executive manager asks how you can be confident that all of the organization’s policies and business processes are being trained to the workforce.
Question: How do you conduct a training gap analysis to ensure adequate coverage?
This scenario illustrates the need for training products to be linked to policies and processes, so that training gaps may be identified. Law enforcement agencies often rely upon static course titles and descriptions to get a general feel for which job tasks they are teaching and which job tasks are not yet covered. A lesson plan’s learning objectives can help with this analysis, but they are rarely in a format that can be “racked-and-stacked” across lesson plans and curricula.
(2017). Kiper, J.R. “Forensication” Education: Towards a Digital Forensics Instructional Framework. The Colloquium for Information Systems Security Education (CISSE). Las Vegas, Nevada. June 12-14, 2017.Abstract: The field of digital forensics is a diverse and fast-paced branch of cyber investigations. Unfortunately, common efforts to train individuals in this area have been inconsistent and ineffective, as curriculum managers attempt to plug in off-the-shelf courses without an overall educational strategy. The aim of this study is to identify the most effective instructional design features for a future entry-level digital forensics course. To achieve this goal, an expert panel of digital forensics professionals was assembled to identify and prioritize the features, which included general learning outcomes, specific learning goals, instructional delivery formats, instructor characteristics, and assessment strategies. Data was collected from participants using validated group consensus methods such as Delphi and cumulative voting. The product of this effort was the Digital Forensics Framework for Instruction Design (DFFID), a comprehensive digital forensics instructional framework meant to guide the development of future digital forensics curricula.
(2016). Kiper, J.R. Needs to Know: Validating User Needs for a Proposed FBI Academy Knowledge Management System. Hawaii International Conference on System Sciences (HICSS), January 5-8, 2016.Abstract: Large organizations have trouble keeping their ever-changing business processes and policies aligned with their training programs, which are largely based on learning content locked inside static lesson plans. One particular large organization recognized the need for a knowledge management (KM) solution and took steps to elicit user needs from a group of training experts. A subsequent study was conducted to enable the validation, fine-tuning, and prioritization of the natural language software requirements, accomplished by reaching consensus among eight of the most important training stakeholders in the organization – all without having to conduct any face-to-face meetings. The successful validation and prioritization of the 33 user-based requirements were achieved using techniques derived from Hybrid Delphi, preference-based goal modeling, and hierarchical cumulative voting.
(2015). Kiper, J.R. Eliciting User Needs for a Knowledge Management System to Align Training Programs with Business Processes in Large Organizations. Hawaii International Conference on System Sciences (HICSS), January 5-9, 2015.Abstract: Large organizations struggle to keep their training programs aligned with their business processes and policies. Lesson plans are often stored as static documents, which are neither readily searchable nor linked to approved processes and policies, rendering corporate training programs inefficient and outdated. A well-designed knowledge management (KM) system would be able to meet this technological need, but generating software requirements for such a system is typically a time and resource intensive process. A unique combination of requirements elicitation techniques was employed to elicit a robust set of user needs without the need for face-to-face meetings. Employees of a government agency were asked to tell their stories about the problems they experienced in training management and common themes were identified in their responses. The resulting user needs for the KM system were documented in conceptual diagrams that represent the participants’ view of the current and future state of affairs. These models will serve as artifacts to be used for future requirements definition, validation, and prioritization.
(2013). Theoretical framework for coordinating training programs with business processes and policies in large organizations. Primary speaker. Interactive Learning Technologies Conference. Reston, Virginia, August 16, 2013.Abstract: Training programs suffer when they become outdated and irrelevant, which happens when the training content does not match what is supposed to be taught. It is the duty of curriculum managers to update instructional materials to reflect the latest organizational policies— what the workforce is allowed to do— and business processes— job tasks that are actually carried out. However, organizations with large workforces have difficulty modifying their individual training products to keep up with the thousands of policies and processes that change frequently. By exploring the issue through a review of the literature this paper sets forth the theoretical foundation for creating a knowledge management (KM) system that will address the problem. Readers who are employees of large organizations will benefit from learning about the nature and impact of the problem–which is rarely understood–and the challenges of creating a KM system that will solve the problem.
(2008). Kiper, J.R. Online strategies for teaching business processes in large organizations. Journal of Instruction Delivery Systems, 22, 2. 14-18.Abstract: Changes in technology, security, and economics are driving a growing number of large organizations to make wholesale changes to the way they do business. Private corporations, as well as government agencies, are seeking the most efficient methods of training their large and diverse workforces without compromising their operations or competitiveness. By reviewing specific challenges and training needs, this article explores several online learning strategies for instructors to incorporate into the training programs of large organizations. Recommendations for preparing online instructors and evaluating such programs are also provided.