Using Bloom\u27s and Webb\u27s Taxonomies to Integrate Emerging Cybersecurity Topics into a Computic Curriculum

Recent high profile hackings have cost companies millions of dollars resulting in an increasing priority to protect government and business data. Universities are under increased pressure to produce graduates with better security knowledge and skills, particularly emerging cybersecurity skills. Although accredited undergraduate computing programs recognize the need to solve this problem, these computing programs are constrained by accreditation standards and have limited ability to modify their curricula. This paper discusses a case study on how one Accreditation Board for Engineering and Technology (ABET) accredited undergraduate IT program created a strategy to continue to teach existing security-related topics as well as emerging cybersecurity topics within its IT curriculum without increasing credit requirements. The faculty developed an IT Security-related and Cybersecurity Curriculum Taxonomy to identify strategies to move security-related topics taught in the higher level courses to lower and intermediate courses. Thus emerging cybersecurity topics could be added to high-level courses. The faculty also created the IT Student Learning (Security-related) Taxonomy by combining Bloom’s Taxonomy’s six levels of thinking with Webb’s Depth of Knowledge Model. This student learning taxonomy enabled the faculty to review the student learning outcomes for each of the existing security-related core topics and develop new ones for the emerging cybersecurity topics. Challenges, benefits, and application of this strategy to other disciplines are discussed

Enhancing Cybersecurity Content in Undergraduate Information Systems Programs: A Way Forward

The ongoing barrage of data and infrastructure breaches is a constant reminder of the critical need to enhance the cybersecurity component of modern undergraduate information systems (IS) education. Although the most recent undergraduate information systems curricular guidelines (IS2010) highlight security in the context of data, enterprise architecture, and risk management, much more needs to be done. The IS education community needs to identify cybersecurity competencies and curricular content that further integrates cybersecurity principles and practices into IS curricular guidelines. Until this is completed at the IS community level, IS programs will need to fulfill this role individually. This paper contributes to both these efforts by reviewing relevant literature and initiatives – highlighting two primary paths of curricular development: (1) the evolution of IS curricular guidelines, and (2) the development of Cybersecurity as a standalone discipline. Using these resources, the paper summarizes best practices for integrating cybersecurity into curricula and explores the integration of IS into cybersecurity programs

Constructing a Methodology for Developing a Cybersecurity Program

This paper serves to introduce the problem of constructing a methodology to develop a cybersecurity program. The goal of the program is to prepare students graduating from an accredited two-year college for success in cybersecurity careers. Several challenges must be addressed such as program accreditation, workforce development, and DHS/NSA Center of Academic Excellence in Cyber Defense (CAE-CD) designation. All of these serve as inputs in constructing a methodology to develop such a program to meet local industry needs for cyber professional

A Process-Based Approach to ABET Accreditation: A Case Study of a Cybersecurity and Digital Forensics Program

ABET accreditation has become a well-known standard for academic programs not only in the U.S. but also across the globe. Instantiating the processes to systematically improve the quality of programs is a daunting task for higher education institutions. In this contribution, we provide a detailed process-based framework that can assist aspiring institutions to embed quality in their processes leading to ABET accreditation. Our contribution is a novel framework for a process-based approach to quality assurance, as most of the published literature is primarily concerned with the experience of ABET accreditation of a solitary program. However, in this paper, we have presented a generic framework that ABET aspiring programs can instantiate in their preparation for ABET accreditation. We have validated these processes in our successful ABET accreditation application of the Bachelor of Science in Cybersecurity and Digital Forensics program. Our existing ABET-accredited programs were following old ABET criteria and the Bachelor of Science in Cybersecurity and Digital Forensics program must apply based on the new criteria proposed by ABET. Another novelty of our contribution is that it is based on our work for the first application cycle for ABET cybersecurity-related programs, so the findings of our contribution may assist other aspiring cybersecurity related academic programs to well prepare in their ABET accreditation pursuit

Creating a Multifarious Cyber Science Major

Existing approaches to computing-based cyber undergraduate majors typically take one of two forms: a broad exploration of both technical and human aspects, or a deep technical exploration of a single discipline relevant to cybersecurity. This paper describes the creation of a third approach—a multifarious major, consistent with Cybersecurity Curricula 2017, the ABET Cybersecurity Program Criteria, and the National Security Agency Center for Academic Excellence—Cyber Operations criteria. Our novel curriculum relies on a 10-course common foundation extended by one of five possible concentrations, each of which is delivered through a disciplinary lens and specialized into a highly relevant computing interest area serving society’s diverse cyber needs. The journey began years ago when we infused cybersecurity education throughout our programs, seeking to keep offerings and extracurricular activities relevant in society’s increasingly complex relationship with cyberspace. This paper details the overarching design principles, decision-making process, benchmarking, and feedback elicitation activities. A surprising key step was merging several curricula proposals into a single hybrid option. The new major attracted a strong initial cohort, meeting our enrollment goals and exceeding our diversity goals. We provide several recommendations for any institution embarking on a process of designing a new cyber-named major

Holistic Cyber Education

This paper provides a multi-level, multidisciplinary approach for holistically integrating cyber into a student’s academic experience. Our approach suggests formally integrating cyber throughout an institution’s curriculum, including within the required general education program, in electives from a variety of disciplines, as multi-course threads, as minors, and in numerous cyber-related majors. Our holistic approach complements in-class curricula with both a pervasive cyber-aware environment and experiential, outside-the-classroom activities that apply concepts and skills in real-world environments. The goal of our approach is to provide all educated individuals a level of cyber education appropriate for their role in society. Throughout the description of our approach, we include examples of its implementation at the United States Military Academy.https://digitalcommons.usmalibrary.org/books/1024/thumbnail.jp

Understanding Student Perspective of Undergraduate Cybersecurity Programs and Experiences Across Christian Colleges and Universities

The number of Christian colleges and universities that are offering cybersecurity four-year degrees is rising. The workforce is in dire need of cybersecurity professionals; however, has anybody asked the new cybersecurity professionals in the workforce how their recent academic experience prepared them for such a global need? Research is well-documented about what industry currently needs in cybersecurity professionals; however, this research focused on asking graduates what students need for the workforce. The purpose of this explorative qualitative study was to gain an understanding of the phenomena of the holistic experience (technical, nontechnical, and whole-person) strengths and shortcomings (if any) recent cybersecurity graduates who are now in the workforce experienced at various Christian colleges and universities during their undergraduate education. The population of this research was recent graduates of Christian undergraduate cybersecurity programs that are currently in the cybersecurity workforce. The gap that drove this study was the need to learn how current cybersecurity programs have influenced and molded students for the workforce and allow Christian cybersecurity program leaders to utilize this research and optimize the experience their students have at their institution. The theory which guided this exploratory research was academic outcomes assessment theory in which student opinions are sought to identify the satisfaction relationship their technical, nontechnical, and whole-person development in their Christian undergraduate program as preparation for real-world application. This qualitative, exploratory, phenomenological research identified Christian undergraduate program strengths and gaps, such as an overwhelming trend of recent cybersecurity graduates that are not fully satisfied with their technical development

Designing a Security System Administration Course for Cybersecurity with a Companion Project

In the past few years, an incident response-oriented cybersecurity program has been constructed at University of Central Oklahoma. As a core course in the newly-established curricula, Secure System Administration focuses on the essential knowledge and skill set for system administration. To enrich students with hands-on experience, we also develop a companion coursework project, named PowerGrader. In this paper, we present the course structure as well as the companion project design. Additionally, we survey the pertinent criterion and curriculum requirements from the widely recognized accreditation units. By this means, we demonstrate the importance of a secure system administration course within the context of cybersecurity educationComment: Accepted by the 37th Annual CCSC: Southeastern Conferenc

Latin American perspectives to internationalize undergraduate information technology education

The computing education community expects modern curricular guidelines for information technology (IT) undergraduate degree programs by 2017. The authors of this work focus on eliciting and analyzing Latin American academic and industry perspectives on IT undergraduate education. The objective is to ensure that the IT curricular framework in the IT2017 report articulates the relationship between academic preparation and the work environment of IT graduates in light of current technological and educational trends in Latin America and elsewhere. Activities focus on soliciting and analyzing survey data collected from institutions and consortia in IT education and IT professional and educational societies in Latin America; these activities also include garnering the expertise of the authors. Findings show that IT degree programs are making progress in bridging the academic-industry gap, but more work remains

Proposal for a Joint Cybersecurity and Information Technology Management Program

Cybersecurity and Information Technology Management programs have many similarities and many similar knowledge, skills, and abilities are taught across both programs. The skill mappings for the NICE Framework and the knowledge units required to become a National Security Agency and Department of Homeland Security Center of Academic Excellence in Cyber Defense Education contain many information technology management functions. This paper explores one university’s perception on how a joint Cybersecurity and Information Technology Management program could be developed to upskill students to be work force ready