Research Question:

How do I teach, and inspire, individuals to verify the legitimacy of responses provided by generativeAI as an action of cybersecurity?

Guiding Questions:

Questions Generated By Research:

• What is AI Literacy?
• What is the history of literacy and how did the concept evolve?
• How do you teach literacy?
• How do you practice literacy?
• How is practicing literacy a form of cybersecurity?
• What tools can I use to confirm legitimacy?
• How does genAI make mistakes and how can I combat that? 
• What is the difference between “digital natives” and “digital immigrants”?
• How do the differences in generations play out in literacy (ie Boomers, GenX, Millennial and GenZ)
• What instances of AI as a tool for malicious use are there in the news?
• How does AI effect known cyber risks?
• What biases are involved with generativeAI?
• How do I communicate the value of literacy, critical thinking, and fact checking in a non-political manner to a diverse audience?
• Terms like “digital natives”, “digital immigrant”, and “hallucinations” seem like they could be clearer – what is the historical context of these terms and is there a better way to communicate these themes?

Questions by generative AI:

• How does the application of SIFT or lateral reading strategies compare to traditional fact-checking methods in effectively verifying the accuracy of information generated by AI?
• What is the specific impact of the “fractionation” technique on a learner’s ability to identify and verify claims within a complex, multimodal AI output?
• To what extent can the ROBOT Test framework be adapted to evaluate the ethical and technical legitimacy of different subtypes of applied AI technologies beyond just text generation?
• How do bias’s cause people to trust polite conversational AI language, as mentioned in the notes, influence a user’s likelihood to critically fact-check the output?
• Does the overconfidence in “digital natives” translate into a measurable decrease in their use of lateral reading or other verification strategies when engaging with generative AI?
• What are the pedagogical best practices for teaching users to “check currency” and identify outdated information, especially when an AI is intentionally vague about its training data cut-off?
• In what ways does a strong foundation in digital or media literacy correlate with or predict an individual’s proficiency in AI literacy competencies?
• How can security literacy principles (like understanding phishing protocols for risky links) be effectively integrated into AI literacy curricula that focus on fact-checking generated citations and resources?
• How can users effectively apply threat modeling principles—common in cybersecurity—to assess the potential harm (e.g., data breach, financial loss, reputational damage) of acting on unverified or malicious information generated by a Large Language Model (LLM)?
• What specific training is required to help users differentiate between a mere “AI hallucination” (inaccurate fact) and an “AI impersonation” (a response crafted to simulate a credible source for malicious intent, akin to social engineering)?
• How does the act of “lateral reading” serve as a zero-trust security model for information, where all sources (including an AI’s output) are treated as potentially malicious until independently verified?
• What new best practices should be developed for “checking currency” in AI outputs when considering cybersecurity, particularly for time-sensitive information like new exploit vulnerabilities or updated security patch details?
• Beyond simple non-existence, what are the cyber-risks associated with AI generating plausible but fabricated citations, and how can an AI literacy curriculum teach users to identify these?
• How does a user’s pre-existing level of security literacy (understanding passwords, malware, phishing) influence their willingness and ability to adopt the fact-checking protocols required for AI literacy?
• What measurable impact does overconfidence in “digital natives” have on their adherence to security-focused fact-checking steps (e.g., following a link provided by an AI vs. searching for it themselves) compared to digital immigrants?