The rapid integration of digital technologies has led to a significant rise in cyber threats, from personal data breaches to large-scale attacks on critical infrastructure. These threats, often driven by criminal intent for financial gain or disruption, continue to grow in both frequency and sophistication. While technological countermeasures lay the foundations for cybersecurity, the human element still has a major impact for the success of most cyberattacks [ 1 ]. Therefore, organizations should prioritize cybersecurity education, which must go beyond training skilled professionals and must rather address the broader challenge of public awareness.

At the same time, the global job market faces an urgent supply and demand gap in cybersecurity recruitment. The increase in cyber-attacks has intensified the need for qualified professionals, yet traditional education and training programs struggle to keep pace with evolving industry demands. Organizations such as ENISA (European Union Agency for Cybersecurity) emphasize the need for a standardized understanding of cybersecurity roles, competencies, and career pathways. However, more efort is needed to bridge the gap between academic training and real-world business needs, ensuring that professionals and end-users alike develop the necessary skills to mitigate cybersecurity risks efectively.

CEUR

ceur-ws.org

To tackle these challenges, cybersecurity education must embrace innovative approaches that combine technological advancements with practical, hands-on learning [ 2, 3 ]. Interactive methods such as Artificial Intelligence-powered training tools, gamified learning experiences, and immersive simulations can enhance skill development by providing realistic cybersecurity scenarios. These approaches not only strengthen professional training but also make complex security concepts more intuitive for non-expert users. Furthermore, as digital transformation accelerates, ensuring that both public and private sector employees are equipped to securely manage sensitive data is crucial. A modern cybersecurity education framework should therefore integrate these advancements to create more efective, accessible, and engaging learning environments.

The 3rd International Workshop on Cyber Security Education for Industry and Academia (CSE4IA 2025) continues the mission of its previous editions [ 4, 5 ] by ofering a collaborative platform for researchers and practitioners to discuss innovative educational strategies. Co-located with IS-EUD 2025, the workshop will explore how End-User Development (EUD), Human-Computer Interaction (HCI) principles, and emerging technologies, such as Artificial Intelligence (AI) and Virtual Reality (VR), can create more engaging and efective cybersecurity learning environments. Special attention will be given to practical approaches that close the gap between cybersecurity education and real-world applications, equipping professionals and end-users with the necessary skills to navigate today’s complex digital landscape.

As in previous editions [ 4, 5 ], CSE4IA 2025 aims to redefine cybersecurity education by fostering interdisciplinary collaboration and promoting user-centered training solutions. The workshop will provide a dynamic, multidisciplinary platform for sharing cutting-edge tools and methodologies, empowering both professionals and everyday users to confidently manage cybersecurity risks in an increasingly digital world. We invite researchers, educators, and industry experts to contribute with innovative research, case studies, and best practices that shape the future of cybersecurity education, ensuring a more secure and resilient digital ecosystem for all.

The topics of interest for the 3rd International Workshop on CyberSecurity Education for Industry and Academia (CSE4IA 2025) include, but are not limited to: • Conversational Interface in Cybersecurity Education • Approaches, methods, and techniques for enabling users to create, modify, and customize digital tools and systems while considering cybersecurity issues. • Case studies and design implications on Cybersecurity issues and practices of end-user development

The workshop will take place over a single full day. It will begin with an opening session, during which the organizers will welcome participants and outline the schedule.

This will be followed by a keynote designed to inspire and set the stage for the workshop’s discussions. Then the presentation sessions will start and its schedule will vary based on the type of paper: (i) Regular papers (up to 10 pages, excluding references) will have 10 minutes for presentation and 5 minutes for discussion, while (ii) Extended Abstracts (up to 4 pages, excluding references) will have 7 minutes for presentation and 5 minutes for discussion. The number of presentation sessions will be tailored to the number and type of accepted submissions. After the presentation sessions, the workshop will culminate in a roundtable discussion featuring representatives from both academia and industry. This interactive session will explore the future of cybersecurity education, emphasizing innovative technologies, interdisciplinary collaboration, and industry-academia partnerships to address the skills gap. It aims to identify key challenges, opportunities, and actionable strategies, generating ideas to shape future research, policy, and educational practices, ensuring a forward-looking conclusion of CSE4IA 2025.

The target audience for CSE4IA is diverse, reflecting the multidisciplinary nature of cybersecurity education. It includes researchers in fields like computer science, technology-enhanced learning, education, and HCI, cybersecurity professionals from industry, policymakers, tech industry representatives interested in educational trends, and students in computer science and related fields seeking to enhance their skills. This diverse group will foster rich discussions and contribute to the advancement of cybersecurity education. We expect 15 to 35 attendees, invited through direct outreach to academics, industry professionals, and policymakers, and promoted via mailing lists, professional networks, social media, and a dedicated website (https://sites.google.com/view/cse4ia-2025).

All submissions will undergo a rigorous double-blind peer-review process, focusing on originality, quality, soundness, and relevance, with each paper reviewed by three program committee members. Accepted submissions will be published in the CSE4IA 2025 workshop proceedings (CEUR-WS). As in the previous editions, authors of selected high-quality papers will be invited to submit extended versions for potential publication in a special issue of a leading international journal.

Vita Santa Barletta is an Assistant Professor at the Department of Computer Science at the University of Bari “Aldo Moro”. Her research interests include cybersecurity, cyber social security, quantum software engineering, and secure software engineering. In the past, she organized the following workshops: the 1st and 2nd edition of CSE4IA; the 1st and 2nd edition of QP4SE (Quantum Programming for Software Engineering); the 2nd edition of CISE’23 (Computational Intelligence and Software Engineering).

Federica Caruso is a post-doc research fellow at the Department of Information Engineering, Computer Science and Mathematics (DISIM) of the University of L’Aquila (Italy). Her primary research interests are in Assistive Technology and Technology-Enhanced Learning. In particular, she is working on methodologies for designing Serious Games and Immersive Virtual Reality-based learning-oriented systems. In the past, she organized the 1st and 2nd edition of CSE4IA.

Francesco Greco is a Research fellow and third-year PhD student at the University of Bari “Aldo Moro”, where he conducts research on the fields of Usable Security and Human-Centered Explainable AI with the Interaction, Visualization, Usability & UX (IVU) laboratory. During his PhD, he has also been a visiting student at King’s College London in the Cybersecurity (CYS) group, under the supervision of Prof. Luca Viganò. He will serve as both the Publicity Chair and the Website Chair for CSE4IA 2025. In this role, he will handle workshop promotion and communication, as well as the creation and upkeep of the website.

Manuel A. Serrano is an Assistant Professor at the Escuela Superior de Informática, University of Castilla-La Mancha, Ciudad Real. Regarding his research interests, he is working on cyber security (especially in Big Data and the IoT), quantum software engineering, software quality, and measurement and business intelligence. His scientific production is large, having published more than 50 papers in high-level journals and conferences. He has participated in more than 20 research projects, has conducted several invited speeches, and has worked in several transfer projects with companies. In the past, he organized the following workshops: the 1st and 2nd edition of QP4SE (Quantum Programming for Software Engineering); the 1st edition of E-QSE (Empirical Studies for Quantum Software Engineering).

Hannan Xiao is a Senior Lecturer in Computer Science Education in the Department of Informatics, King’s College London. She is a Senior Fellow of the Higher Education Academy (SFHEA). She obtained her PhD from the National University of Singapore, and completed her MEng and BEng from the Huazhong University of Science and Technology, China. Before joining King’s College London, Hannan held positions as Principal Lecturer at the University of Hertfordshire, UK, Research Fellow at the National University of Singapore, and Assistant Professor at the Huazhong University of Science and Technology, China.

Chaminda Alocious is a former Network Security Researcher at the University of Herefordshire, UK, specializing in wireless network security. He obtained his Ph.D. in Network Security from the University of University, UK. Chaminda Alocious is a Senior Software Engineer for Deutsche Bank, UK with over decade of experience in the Software industry, and has specialized in building secure software systems for accessing confidential data and improving secure software design.

The program committee members will be selected from both senior and junior researchers working on the topics of CSE4IA 2025. This ensures a high-quality review process while also fostering the integration of junior researchers into the community.

Below is the list of CSE4IA 2025 program committee members: • Mario Angelelli – University of Salento (Italy) • Danilo Caivano – University of Bari (Italy) • Dajana Cassioli – University of L’Aquila (Italy) • Alessia Catalano - University of Salento (Italy) • Mirko De Vincentiis - SER&P, University of Bari spin-of (Italy) • Flaminia Del Conte – Hackable S.r.l. (Italy) • Samuele Del Vescovo - IMT School Lucca (Italy) • Giuseppe Desolda – University of Bari (Italy) • Alessio Di Santo - University of L’Aquila (Italy) • Leonardo Fazzini - University of L’Aquila (Italy) • Ilenia Fronza – Free University of Bozen-Bolzano (Italy) • Tasmina Islam – King’s College London (UK) • Annita Larissa Sciacovelli – ENISA • Antonio Piccinno – University of Bari (Italy) • Valerio Rughetti – LUISS ”Guido Carli” (Italy) • Walter Tiberti – University of L’Aquila (Italy) • Luca Viganò – King’s College London (UK)

This workshop is supported by SERICS (Security and Rights in CyberSpace) - CSS - Cyber Social Security, Spoke 3: Attacchi e Difesa(PE00000014) under the MUR National Recovery and Resilience Plan funded by the European Union - NextGenerationEU.

The author(s) have not employed any Generative AI tools.