A Cal Poly engineering educator was selected as one of 17 new cybersecurity fellows by an influential Washington, D.C.,-based think tank because of his use of fun and engaging games to draw students to the increasingly important cybersecurity field.
 
As a fellow with New America Foundation, Zachary Peterson, an associate professor in the computer science and software engineering department, will support the organization’s positions with research and personal input.

“It feels like an opportunity to affect change at a larger level,” he said.
 
New America, which employs more than 200 people, is supported by titans including the Bill and Melinda Gates Foundation, Google and the Ford Foundation as well as government entities such as the U.S. Department of State. Some of the foundation’s goals include universal access to technology, equal representation in politics, access to education, and economic opportunities for all.
 
It has also recognized the threat posed by new technology.
 
“New America is dedicated to confronting the challenges caused by rapid technological and social change,” Anne-Marie Slaughter, the foundation’s president and CEO, said in a statement. “This is particularly true in cybersecurity, where productive discussions depend on a meaningful and ongoing exchange of views between policymakers and experts from a diverse array of backgrounds.”
 
New America cited Peterson’s efforts at outreach and education, “especially those methods centered around the use of games and play.”
 
Peterson’s affinity for games derives from his upbringing, when videogames like Super Mario Bros. had a memorable impact.
 
“I played a lot of board games, too,” Peterson said. “I really enjoyed playing Stratego with my dad, which was a game of duplicity and subterfuge.”
 
Given his own history with games, it’s no surprise that Peterson has used them as a tool to recruit and retain students to computer science — and particularly to computer security.
 
“A lot of my research at Cal Poly has been in cybersecurity education — especially in ways we can teach security principles to younger and underserved students,” he said.
 
While the cybersecurity field is booming, with many high-paying jobs, getting students interested in the field — and keeping them interested — has been a challenge.
 
“Computer science generally suffers from a lot of attrition, and computer security is even worse,” Peterson said.
 
Nationwide, there’s also a lack of diversity in the field, which he said “leads to a lot of homogenous thinking and hive-mind mentality, and that’s bad for computer security as a field.”
With that in mind, he has created classroom experiences that are fun, inclusive and meaningful. That includes a course he developed that is taught as an alternate-reality game.
 
“This year we’re running the entire class as a 10-week capture-the-flag game,” he said amid a roomful of students at the Northrop Grumman Cyber Lab. Part of the class draws attention to the potential harms caused by new technology.
 
“We have a bad habit of developing a new technology and then not thinking about its implications on security and adding security later,” he said. “And that is the worst way to design a secure system.”
 
Peterson is devising ways to make computer science more enticing to younger students as well, reaching out to them before they come to college. He has created board games designed to teach middle- to high-school-age students about cybersecurity terminology and basic concepts, and he developed a cybersecurity track in Cal Poly’s Engineering Possibilities in College, or EPIC, summer camps.
 
Games and the cybersecurity field do have parallels, he said — “thinking about adversaries and strategy and what their next moves will be.”
 
Peterson is a past recipient of multiple National Science Foundation awards and, in 2016, he received a U.S.-U.K. Security Fulbright Scholarship, which he used to continue his research exploring the use of games for teaching computer security concepts to new and non-technical audiences.