BLOG

There is little debate about whether AI belongs in the classroom. It already does. For cybersecurity educators, the unresolved question is how to teach effectively when the same tools that support learning also get in the way of it. In the classroom, these tensions surface quickly, forcing instructors to make deliberate choices about what responsible AI integration looks like. 

Michael Solomon, PhD, professor and coauthor of Fundamentals of Information Systems Security, Fifth Edition, has spent years navigating this reality. 

“We all know that our students are using AI to answer questions,” he says. “So we as educators have to go the next mile.” 

Embracing AI in and Out of the Classroom 

The challenge with AI in the classroom is not philosophical. It is practical. How do you teach students to use tools that are already shaping security operations without undermining learning outcomes or professional judgment? 

Solomon’s view is that avoiding AI altogether is no longer a realistic option. Instead, instructors should focus on helping students understand when and how to use these tools responsibly. 

“What I would encourage every educator to do is to roll up your sleeves and jump in,” he says. “You’re not alone, and you’re not behind. The best way to move forward is to start, learn as you go, and ask for help, because everyone is navigating the same shift. And this isn’t limited to cybersecurity. AI is affecting all of us.” 

Bringing AI into Cybersecurity Education 

The challenge, then, becomes how to incorporate AI into coursework without weakening learning. Keeping AI at arm’s-length may feel safer, but it limits opportunities to develop the kind of judgment security work demands, where accuracy and accountability matter. 

Solomon deliberately builds AI into his assignments, asking students to use generative tools, respond to prompts, then step back, and critically assess the results. 

“Give me the prompt. Give me the response,” he explains. “Then critique it. Tell me what’s wrong with it.” 

Instead of treating output as an answer, students learn to examine, identify gaps, and determine where human judgment is necessary, mirroring how real security decisions are made. 

This expectation extends beyond individual assignments. In the latest edition of Fundamentals of Information Systems Security, AI is interwoven throughout the content, practice questions and labs to emphasize the importance of human judgment in offensive and defensive contexts. 

Rather than treating AI as a standalone topic, the Fifth Edition provides a structured way to address it across core security topics, from risk assessment and access control to encryption and incident response. 

“One of our consistent goals in the Fifth Edition was to integrate AI as a force multiplier, not a crutch,” Solomon says. “We don’t advocate using AI to replace job functions or decision-making. We treat it as integral to the conversation, so it flows naturally through the material and reflects how security actually works.” 

Creating Realistic and Practical Learning Environments 

Alongside AI, cybersecurity educators face a familiar challenge: giving students meaningful, hands-on experience in safe environments. Students need opportunities to apply concepts learned in ways that reflect real-world scenarios.  

Solomon emphasizes the importance of labs and exercises that simulate real security workflows, using authentic operating systems and tools rather than simplified examples. 

“In the exercises and end-of-chapter questions, along with the labs, we ask students to roll up their sleeves and actually do the work,” he explains. “They create reports, run scans, and answer questions that matter.” 

“We find that many students finish the curriculum feeling as if they’ve already done some of the work they’ll be asked to do professionally,” Solomon says. “Not an internship, but real tasks that prepare them for what comes next.” 

Staying One Step Ahead of Students 

Cybersecurity does not change all at once, but it rarely pauses. In an academic sense, staying current often means making steady and informed adjustments rather than chasing every new development. 

Solomon encourages instructors to stay connected to industry developments through news, professional communities, and conferences as practical ways to stay grounded in a rapidly evolving field.  

“If you pay attention to what’s happening,” he says, “you start to see the trajectory of what’s coming.” 

Fostering a Culture of Responsibility 

Technical skills alone are not enough in cybersecurity. Professionals are entrusted with sensitive data, critical systems, and public trust, making ethical responsibility a core part of the role. 

“We are stewards of our domain,” Solomon says. “And we have to impart that respect to everyone who sits in our classes.” 

Ethical considerations throughout help students understand not only what security tools can do, but also the consequences of their use. 

Leading the Charge in Cybersecurity Education 

As AI continues to reshape the cybersecurity landscape, educators face the challenge of preparing students for a field in a constant state of change. The key isn't to chase every new development, but to instill in students the ability to pause, scrutinize outcomes, and apply critical thinking to real-world situations. By doing so, educators can equip future professionals to navigate the complexities of cybersecurity with confidence.