Constructing a Methodology for Developing a Cybersecurity Program

This paper serves to introduce the problem of constructing a methodology to develop a cybersecurity program. The goal of the program is to prepare students graduating from an accredited two-year college for success in cybersecurity careers. Several challenges must be addressed such as program accreditation, workforce development, and DHS/NSA Center of Academic Excellence in Cyber Defense (CAE-CD) designation. All of these serve as inputs in constructing a methodology to develop such a program to meet local industry needs for cyber professional

Factors In uencing Curriculum Adoption in 2- and 4-year Undergraduate Cybersecurity Programs

Increased demand in the cybersecurity workforce requires a significant response from colleges and universities in order to meet that demand. The federal government has emphasized cybersecurity education at all levels as a way to meet that demand, yet there is wide variance in curriculum defined by academics, industry, and government organizations. While there are many curriculum standards, little research has been conducted to investigate the drivers for curriculum adoption. This study aims to discover what factors influence the adoption of new curriculum at the undergraduate level through a quantitative adaptation and application of existing technology adoption models (e.g. UTAUT, UTAUT2, TRA, TPB, TAM) to the domain of curriculum adoption. It is hypothesized that many of the same factors that drive technology adoption also drive curriculum adoption with the addition of altruistic motivation of the faculty member on behalf of the student. The survey-based study employs a path model analyzed using partial least squares structural equation modeling. Of the nine hypotheses derived from technology adoption, three were directly supported and one was partially supported with student performance expectancy and facilitating conditions standing out as the most influential exogenous constructs. If it is desirable to drive toward standardized cybersecurity curriculum, this work will benefit standards bodies, accreditors, university leaders, and the federal government to determine the factors that drive adoption to direct resources appropriately

Cybersecurity Awareness in African Higher Education Institutions: A Case Study of Sudan

The crisis caused by the rapid spread of the coronavirus (COVID-19) has imposed a swift and profound change on teaching and learning methods. Consequently, most higher education institutions around the world, including African higher education institutions, have moved from face-to-face teaching to online learning and teaching, which has made the use of the internet by university students necessary and obligatory regardless of the risks associated with unsafe use. This quick move to online teaching and learning has exposed African universities to a greater risk of cybercrime. This prompted the researchers to investigate the cybersecurity awareness levels among undergraduate students at African higher education institutions based in the case country, Sudan. In an exploratory research approach, a survey was conducted on a convenience sample of 1,200 undergraduate students at six public universities in Sudan. The results show that most undergraduate students in Sudan higher educational institutions have low cybersecurity awareness levels. Further investigation using inferential statistics reveals that male students at the universities in Sudan have slightly higher levels of cybersecurity awareness than female students. Most of the participants believe that cybersecurity should be taught in schools; they are also willing to learn about cybersecurity. In addition, the results showed that students with advanced computer skills significantly differ from students with intermediate or basic computer skills in practicing cybersecurity

FACTORS INFLUENCING CURRICULUM ADOPTION IN UNDERGRADUATE CYBERSECURITY PROGRAMS

Increased demand in the cybersecurity workforce requires a significant response from colleges and universities to meet that demand. The federal government has emphasized cybersecurity education at all levels as a way to address demand, yet there is wide variance in curriculum defined by academics, industry, and government organizations. While there are many curriculum standards, little research has been conducted to investigate the drivers for curriculum adoption. This study aims to discover what factors influence the adoption of new curriculum at the undergraduate level through a quantitative adaptation and application of existing technology adoption models (e.g. UTAUT, UTAUT2, TRA, TPB, TAM) to the domain of curriculum adoption. It is hypothesized that many of the same factors that drive technology adoption also drive curriculum adoption with the addition of altruistic motivation of the faculty member on behalf of the student. The survey-based study employs a path model analyzed using partial least squares structural equation modeling (PLS-SEM). If it is desirable to move toward standardized cybersecurity curriculum or to encourage faculty to adopt existing high quality curriculum, this work will benefit standards bodies, accreditors, university leaders, and the federal government to determine the factors that drive adoption to direct resources appropriatel

Enhancing Cybersecurity Content in Undergraduate Information Systems Programs: A Way Forward

The ongoing barrage of data and infrastructure breaches is a constant reminder of the critical need to enhance the cybersecurity component of modern undergraduate information systems (IS) education. Although the most recent undergraduate information systems curricular guidelines (IS2010) highlight security in the context of data, enterprise architecture, and risk management, much more needs to be done. The IS education community needs to identify cybersecurity competencies and curricular content that further integrates cybersecurity principles and practices into IS curricular guidelines. Until this is completed at the IS community level, IS programs will need to fulfill this role individually. This paper contributes to both these efforts by reviewing relevant literature and initiatives – highlighting two primary paths of curricular development: (1) the evolution of IS curricular guidelines, and (2) the development of Cybersecurity as a standalone discipline. Using these resources, the paper summarizes best practices for integrating cybersecurity into curricula and explores the integration of IS into cybersecurity programs

The Transformative Integration of Artificial Intelligence with CMMC and NIST 800-171 For Advanced Risk Management and Compliance

This paper explores the transformative potential of integrating Artificial Intelligence (AI) with established cybersecurity frameworks such as the Cybersecurity Maturity Model Certification (CMMC) and the National Institute of Standards and Technology (NIST) Special Publication 800-171. The thesis argues that the relationship between AI and these frameworks has the capacity to transform risk management in cybersecurity, where it could serve as a critical element in threat mitigation. In addition to addressing AI’s capabilities, this paper acknowledges the risks and limitations of these systems, highlighting the need for extensive research and monitoring when relying on AI. One must understand boundaries when integrating AI into frameworks that ensure the security of sensitive data, otherwise, the ethicality of AI systems is compromised. This paper overviews compliance audits and their intricate relationship with cybersecurity frameworks CMMC and NIST 800-171, underscoring their complementary nature and shared objectives. Finally, the significance of AI in ensuring compliance with these frameworks will be explored, and the transformative potential of AI in automating processes and its advancements in risk management will be discussed

Understanding Student Perspective of Undergraduate Cybersecurity Programs and Experiences Across Christian Colleges and Universities

The number of Christian colleges and universities that are offering cybersecurity four-year degrees is rising. The workforce is in dire need of cybersecurity professionals; however, has anybody asked the new cybersecurity professionals in the workforce how their recent academic experience prepared them for such a global need? Research is well-documented about what industry currently needs in cybersecurity professionals; however, this research focused on asking graduates what students need for the workforce. The purpose of this explorative qualitative study was to gain an understanding of the phenomena of the holistic experience (technical, nontechnical, and whole-person) strengths and shortcomings (if any) recent cybersecurity graduates who are now in the workforce experienced at various Christian colleges and universities during their undergraduate education. The population of this research was recent graduates of Christian undergraduate cybersecurity programs that are currently in the cybersecurity workforce. The gap that drove this study was the need to learn how current cybersecurity programs have influenced and molded students for the workforce and allow Christian cybersecurity program leaders to utilize this research and optimize the experience their students have at their institution. The theory which guided this exploratory research was academic outcomes assessment theory in which student opinions are sought to identify the satisfaction relationship their technical, nontechnical, and whole-person development in their Christian undergraduate program as preparation for real-world application. This qualitative, exploratory, phenomenological research identified Christian undergraduate program strengths and gaps, such as an overwhelming trend of recent cybersecurity graduates that are not fully satisfied with their technical development