Proceedings of the European Information Security Multi-Conference (EISMC 2013) 59 Towards a Brain-Compatible Approach for Web-Based, Information Security Education R Reid and JF Van Niekerk Institute for ICT Advancement, Port Elizabeth, South Africa e-mail: S208045820@live.nmmu.ac.za; Johan.vanniekerk@nmmu.ac.za Abstract Information Security is becoming a necessity for all information users. Suitable delivery and presentation of information security education to these users is therefore becoming increasingly important. Online learning may be a suitable mechanism. It has become a widely used, extensive education format that uses information and communication technology as well as the many resources available on the web. In order to ensure an effective and enjoyable learning experience online education should emulate real-world ‘classroom education’ and be designed in compliance with pedagogy. Brain-compatible education (BCE) is such a pedagogy. BCE has primarily been used in real-world classrooms. This paper examines how generic, online, information security education can be developed in compliance with BCE principles in the Moodle environment. Keywords Information Security Education, Brain-compatible Education, E-learning, Moodle, Case study 1. Introduction Information security education had long been an acknowledged need in an organisational context (NIST 800-16 1998). However due to recent changes in and the creation of new national legislation and cyber security initiatives, this need has now been assigned to the organisation and the general public. The educational target audience therefore includes individuals from all age groups, education levels and social standings. The current generation would be the most affected by this change. The current generation of learners has grown up in a media-rich environment. This environment has predisposed them to prefer information presented in an entertaining and interactive manner. Consequently, this generation will be the first capable of benefiting from the educational aspects of the web and interactive web technologies. Educational approaches which use computer network technologies, primarily over an intranet or the Internet, to deliver information and instruction to individuals are fast becoming a popular education method (Welsh et al. 2003). It has many advantages such as easy accessibility, target audience diversity and development versatility. Unfortunately web-based learning courses often mirror real classrooms. Therefore in many educational fields including information security, the problems that exist in real classrooms also exist in web-based learning environments.