Cybersecurity programs vary widely by country, the study found. The authors argue that program leaders should work with professional organizations to ensure that graduates are adequately trained to meet industry needs in rapidly changing fields.
In a review published in the Proceedings of the Association for Computer Science Education's Technical Symposium on Computer Science Education, a Washington State University-led research team found that there is a lack of research evaluating instructional approaches used to teach cybersecurity. I discovered that The authors also argue that programs could benefit from increased use of pedagogical and instructional tools and theories.
“There is wide variation across schools in how much cybersecurity content students need to take,” said co-author Dr. said one Assefaw Gebremedhin. -Funded the VICEROY Northwest Cybersecurity Education and Research Institute (CySER). “We found that the program could benefit from drawing on ideas from other fields that are evaluated a little more rigorously, such as educational psychology.”
Cybersecurity has become an increasingly important field of research, as breaches of data and network infrastructure can directly impact people's privacy, livelihoods, and safety. The researchers also noted that adversaries change tactics frequently, so cybersecurity professionals must be able to respond effectively.
As part of the study, researchers analyzed the programs of 100 institutions across the United States that are designated as National Academic Research Centers in Cybersecurity by the National Security Agency. To receive the designation, a program must meet NSA requirements for educational content and quality.
Researchers evaluated factors such as the number and type of programs offered, the number of credits focused on cybersecurity courses, the learning outcomes listed, and the list of professions available to graduates.
Although the NSA designation sets requirements regarding the amount of cybersecurity content included in the curriculum, center of excellence institutions vary widely in the types of programs they offer and the number of cybersecurity-specific courses they offer. It turns out. Half of the programs offered a bachelor's degree, and the others offered certificates, associate degrees, minor degrees, or concentrations.
The most common type of program offered was a certificate, and most programs were offered within engineering, computer science, or technology schools or departments. The researchers found that industry professionals had different expectations for skill levels than program graduates.
Researchers hope this study will serve as a benchmark for comparing programs across the country and a roadmap to better meet industry needs.
With funding from Washington State, WSU began offering a cybersecurity degree last year. Gebremedin said his oldest cybersecurity program is only about 25 years old, but the program has traditionally trained students to become information technology professionals and systems administrators.
“Cybersecurity is relatively new within computer science in terms of maturity and being a field as a standalone degree program,” Gebremedin said.
The workplace is also constantly changing.
“In cyber operations, you want to be aggressive,” he says. “If you're going to defend, you have to stay in front of your attackers, and if your attackers are going to keep changing, you've got to change faster.”
