research-article

Global perspectives on cybersecurity education for 2030: a case for a meta-discipline

Authors:

John Impagliazzo,

Rajendra K. Raj,

Henrique Santos,

Muhammad Rizwan Asghar,

Teresa Pereira,

Eliana StavrouAuthors Info & Claims

ITiCSE 2018 Companion: Proceedings Companion of the 23rd Annual ACM Conference on Innovation and Technology in Computer Science Education

Pages 36 - 54

https://doi.org/10.1145/3293881.3295778

Published: 02 July 2018 Publication History

Abstract

Information security has been an area of research and teaching within various computing disciplines in higher education almost since the beginnings of modern computers. The need for security in computing curricula has steadily grown over this period. Recently, with an emerging global crisis, because of the limitations of security within the nascent information technology infrastructure, the field of "cybersecurity" is emerging with international interest and support. Recent evolution of cybersecurity shows that it has begun to take shape as a true academic perspective, as opposed to simply being a training domain for certain specialized jobs. This report starts from the premise that cybersecurity is a "meta-discipline." That is, cybersecurity is used as an aggregate label for a wide variety of similar disciplines, much in the same way that the terms "engineering" and "computing" are commonly used. Thus, cybersecurity should be formally interpreted as a meta-discipline with a variety of disciplinary variants, also characterized through a generic competency model. The intention is that this simple organizational concept will improve the clarity with which the field matures, resulting in improved standards and goals for many different types of cybersecurity programs.

References

[1]

ABET, Inc. 2017. Criteria for Accrediting Computing Programs, Effective for Review During the 2019-20 Accreditation Cycle. http://www.abet.org/wp-content/ uploads/2017/12/C001-18-19-CAC-Criteria-Version-2.0-11-29-17-FINAL.pdf, Accessed November 06, 2018.

[2]

ABET, Inc. 2017. Proposed Accreditation Criteria for Cybersecurity Academic Programs. http://www.abet.org/wp-content/uploads/2018/02/ C001-18-19-CAC-Criteria-Version-2.0-updated-02-12-18.pdf, Accessed November 06, 2018.

[3]

ABET, Inc. 2018. ABET Web site. urlhttp://abet.org, Accessed November 06, 2018.

[4]

ACM. 2018. ACM Education Curriculum Recommendations. http://www.acm. org/education/curricula-recommendations, Accessed 29 June, 2018.

[5]

ACM/AIS Task Group on Information Systems Curricula. 2010. Information Systems 2010. Technical Report. ACM Press.

[6]

https://www.acm.org/binaries/content/ assets/education/curricula-recommendations/cc2005-march06final.pdf, Accessed November 06, 2018.

[7]

ACM/IEEE-CS Joint Task Force on Computing Curricula. 2013. Computer Science Curricula 2013. Technical Report. ACM Press and IEEE Computer Society Press.

[8]

Accessed Novemner 06, 2018.

[9]

ACM/IEEE-CS Task Group on Computer Engineering Curricula. 2016. Computer Engineering Curricula 2016. Technical Report. ACM Press and IEEE Computer Society Press.

[10]

Accessed November 06, 2018.

[11]

ACM/IEEE-CS Task Group on Information Technology Curricula. 2017. Information Technology Curricula 2017. Technical Report. ACM Press and IEEE Computer Society Press.

[12]

https://dl.acm.org/citation.cfm? id=3173161, Accessed November 06, 2018.

[13]

AQA. 2016. Tech-level IT: Cyber Security. http://www.aqa.org.uk/subjects/ computer-science-and-it/tech-level/it-cyber-security-2016, Accessed November 06, 2018.

[14]

Muhammad Rizwan Asghar and Andrew Luxton-Reilly. 2018. Teaching Cyber Security Using Competitive Software Obfuscation and Reverse Engineering Activities. In Proceedings of the 49th ACM Technical Symposium on Computer Science Education. ACM, New York, NY, USA, 179–184.

Digital Library

[15]

Australian Government. 2016. Australia’s Cyber Security Strategy: Enabling innovation, growth & prosperity. https://cybersecuritystrategy.pmc.gov.au/ assets/img/PMC-Cyber-Strategy.pdf Accessed: June 14, 2018.

[16]

Australian Government. 2017.

[17]

Australia’s Cyber Security Strategy: Enabling innovation, growth & prosperity, First Annual Update 2017.

[18]

https://cybersecuritystrategy.pmc.gov.au/ cyber-security-strategy-first-annual-update-2017.pdf Accessed: June 14, 2018.

[19]

Benjamin Samuel Bloom, Max D Engelhart, Edward J Furst, Walker H Hill, and David R Krathwohl. 1956. Taxonomy of Educational Objectives, The Classification of Educational Goals, Handbook I: Cognitive Domain. Longmans, Green and Company, New York.

[20]

William J Caelli and Vicky Liu. 2018. Cybersecurity education at formal university level: An Australian perspective. In Journal for the Colloquium for Information Systems Security Education, Vol. 5. CISSE, New Orleans, 26–44.

[21]

Lillian Cassel, Alan Clements, Gordon Davies, Mark Guzdial, Renée McCauley, Andrew McGettrick, Bob Sloan, Larry Snyder, Paul Tymann, and Bruce W. Weide. 2008. Computer Science Curriculum 2008: An Interim Revision of CS 2001. Technical Report. ACM, New York, NY, USA.

[22]

Alison Clear, Allen Parrish, Ming Zhang, and Gerritt C. van der Veer. 2017. CC2020: A Vision on Computing Curricula. In Proceedings of the 2017 ACM SIGCSE Technical Symposium on Computer Science Education (SIGCSE ’17). ACM, New York, NY, USA, 647–648.

Digital Library

[23]

Stephen Cooper, Christine Nickell, Lance C. Pérez, Brenda Oldfield, Joel Brynielsson, Asim Gencer Gökce, Elizabeth K. Hawthorne, Karl J. Klee, Andrea Lawrence, and Susanne Wetzel. 2010. Towards Information Assurance (IA) Curricular Guidelines. In Proceedings of the 2010 ITiCSE Working Group Reports (ITiCSE-WGR ’10). ACM, New York, NY, USA, 49–64.

Digital Library

[24]

Stephen Cooper, Christine Nickell, Victor Piotrowski, Brenda Oldfield, Ali Abdallah, Matt Bishop, Bill Caelli, Melissa Dark, E. K. Hawthorne, Lance Hoffman, Lance C. Pérez, Charles Pfleeger, Richard Raines, Corey Schou, and Joel Brynielsson. 2010. An Exploration of the Current State of Information Assurance Education. SIGCSE Bull. 41, 4 (Jan. 2010), 109–125.

Digital Library

[25]

1709457

[26]

Jessica Dawson and Robert Thomson. 2018. The Future Cybersecurity Workforce: Going Beyond Technical Skills for Successful Cyber Performance. Frontiers in Psychology 9 (2018), 744.

[27]

Jan den Berg, Jacqueline Van Zoggel, Mireille Snels, Mark Van Leeuwen, Sergei Boeke, Leo van de Koppen, Jan der Lubbe, Bibi den Berg, and Tony De Bos. 2014.

[28]

On (the Emergence of) Cyber Security Science and its Challenges for Cyber Global Perspectives on Cybersecurity Education for 2030 ITiCSE ’18 Companion, July 2–4, 2018, Larnaca, Cyprus Security Education. In The NATO IST-122 Cyber Security Science and Engineering Symposium. NATO Science and Technology Organization, Tallinn, Estonia, 10.

[29]

Joseph J. Ekstrom, Barry M. Lunt, Allen Parrish, Rajendra K. Raj, and Edward Sobiesk. 2017. Information Technology As a Cyber Science. In Proceedings of the 18th Annual Conference on Information Technology Education (SIGITE ’17). ACM, New York, NY, USA, 33–37.

Digital Library

[30]

ENISA. 2016. NCSS Good Practice Guide. https://www.enisa.europa.eu/ publications/ncss-good-practice-guide, Accessed November 06, 2018.

[31]

ENISA. 2018. National Cyber Security Strategies. https://www.enisa.europa.eu/ topics/national-cyber-security-strategies/

[32]

Louis Fein. 1959. The Role of the University in Computers, Data Processing, and Related Fields. Commun. ACM 2, 9 (Sept. 1959), 7–14. 368424.368427

Digital Library

[33]

Joint Task Force for Computing Curricula 2005. 2005. Computing Curricula 2005: The Overview Report. Technical Report. ACM Press and IEEE Computer Society Press.

[34]

https://www.acm.org/binaries/content/assets/education/ curricula-recommendations/cc2005-march06final.pdf, Accessed November 06, 2018.

[35]

Leon Fourie, Shaoning Pang, Tamsin Kingston, Hinne Hettema, Paul Watters, and Hossein Sarrafzadeh. 2014. The global cyber security workforce: an ongoing human capital crisis. In 2014 Global Business and Technology Association Conference. Global Business and Technology Association, Auckland, New Zealand.

[36]

Adam P Henry. 2017. Mastering the cyber security skills crisis: realigning educational outcomes to industry requirements. Technical Report. Australian Centre for Cyber Security, Canberra, Australia.

[37]

IEEE Computer Society. 2014. Software Engineering Competency Model. IEEE Press, Washington, DC. Paperback ISBN-10: 0-7695-5373-7.

[38]

Luukas K Ilves, Timothy J Evans, Frank J Cilluffo, and Alec A Nadeau. 2016. European Union and NATO global cybersecurity challenges: a way forward. Prism: a Journal of the Center for Complex Operations 6, 2 (2016), 126.

[39]

Institute of Information Security Professionals. 2018. IISP Skills Framework. https://www.iisp.org/iisp/About_Us/Our_Frameworks/Our_ Skills_Framework/iispv2/Accreditation/Our_Skills_Framework.aspx?hkey= e77a6f03-9498-423e-aa7b-585381290ec4, Accessed November 06, 2018.

[40]

Joint Task Force on Cybersecurity Education. 2018. Cybersecurity Curricula 2017, Version 1.0. ACM, IEEE Computer Society, AIS SIGSEC, and IFIPS WG 11.8., Accessed November 06, 2018.

[41]

Allard Kernkamp and Josine van de Ven. 2017. MNCDE&T Cyber Defense Competencies. http://academiamilitar.pt/images/site_images/Eventos/3rd_ Conference/Day_1/CD_Competency_Framework_and_Training_needs_-_ Allard_Kernkamp_and_Josine.pdf Accessed November 06, 2018.

[42]

Labour Market Information Directorate, Government of Canada. 2016. National Occupational Classification 2016. http://noc.esdc.gc.ca/English/noc/welcome. aspx?ver=16, Accessed November 06, 2018.

[43]

Barry Lunt, Joseph Ekstrom, Sandra Gorka, Greg Hislop, Reza Kamali, Eydie Lawson, Richard LeBlanc, Jacob Miller, and Han Reichgelt. 2008. Curriculum Guidelines for Undergraduate Degree Programs in Information Technology. Technical Report. ACM, New York, NY, USA.

[44]

National Security Agency College of Cyber. 2018. National Centers of Academic Excellence for Cyber Defense. https://www.iad.gov/nietp/CAERequirements.cfm, Accessed November 06, 2018.

[45]

National Security Agency College of Cyber. 2018. National Centers of Academic Excellence for Cyber Operations. https://www.nsa.gov/resources/ students-educators/centers-academic-excellence/cae-co-fundamental/index. shtml, Accessed November 06, 2018.

[46]

NATO. 2018. Multinational Cyber Defence Education and Training Project (MN CD E&T). http://mncdet.wixsite.com/mncdet-nato Accessed November 06, 2018.

[47]

NATO Review. 2018. The history of cyber attacks - a timeline. https://www. nato.int/docu/review/2013/cyber/timeline/en/index.htm, Accessed November 06, 2018.

[48]

New Zealand Qualifications Authority (NZQA). 2017. Draft NZ Diploma in Cybersecurity (Level 6) 120 Credits. http://www.nzqa.govt.nz/ assets/qualifications-and-standards/qualifications/ICT-quals-review/ Security-and-Testing/NZ-Dip-Cybersecurity-L6-Nov2017-AtD.doc Accessed November 06, 2018.

[49]

William Newhouse, Stephanie Keith, Benjamin Scribner, and Greg Witte. 2012. National Initiative for Cybersecurity Education (NICE) Cybersecurity Workforce Framework. US National Institute of Standards and Technology. Accessed November 06, 2018.

[50]

William Newhouse, Stephanie Keith, Benjamin Scribner, and Greg Witte. 2017. National Initiative for Cybersecurity Education (NICE) Cybersecurity Workforce Framework. NIST Special Publication 800 (2017), 181.

[51]

NIST. 2017. National Initiative for Cybersecurity Education, National Cybersecurity Workforce Framework. https://www.nist.gov/file/359261 Accessed November 06, 2018.

[52]

The Norwegian Data Protection Authority. 2017. Software development with Data Protection by Design and by Default. https://www.datatilsynet.no/en/ regulations-and-tools/guidelines/data-protection-by-design-and-by-default/

[53]

ACM/IEEE-CS Task Group on Software Engineering Curricula. 2014. Software Engineering 2014.

[54]

Allen Parrish, Rajendra Raj, Edward Sobiesk, Andrew Hall, J.J. Ekstrom, and Shannon Gorman. 2018. The Evolution of Cybersecurity Education in Four-Year Undergraduate Programs. In 22nd Colloquium for Information Systems Security Education (CISSE 2018). CISSE, New Orleans, 1.

[55]

PRIPARE Project. 2016. PRIPARE Handbook: Privacy and Security by Design Methodology. http://pripareproject.eu/wp-content/uploads/2013/11/ PRIPARE-Methodology-Handbook-Final-Feb-24-2016.pdf

[56]

Public Safety Canada. 2018. National Cyber Security Strategy: Canada’s Vision for Security and Prosperity in the Digital Age. https://www.publicsafety.gc. ca/cnt/rsrcs/pblctns/ntnl-cbr-scrt-strtg/index-en.aspx, Accessed November 06, 2018.

[57]

Security and Intelligence Group (SIG). 2011. New Zealand’s Cyber Security Strategy 2011.

[58]

https://www.dpmc.govt.nz/publications/ new-zealands-cyber-security-strategy-2011, Accessed November 06, 2018.

[59]

Security and Intelligence Group (SIG). 2015. New Zealand’s Cyber Security Strategy 2015: Action Plan. https://www.dpmc.govt.nz/sites/default/files/2017-03/ nz-cyber-security-action-plan-december-2015.pdf, Accessed November 06, 2018.

[60]

Security and Intelligence Group (SIG). 2016. New Zealand’s Cyber Security Strategy 2016: Action Plan Annual Report. https://www.dpmc.govt.nz/sites/default/ files/2017-06/nzcss-action-plan-annual-report-2016.pdf Accessed November 06, 2018.

[61]

F. Spidalieri and S. Kern. 2014. Professionalizing Cybersecurity: A Path to Universal Standards and Status. Technical Report. Pell Center for International Relations and Public Policy.

[62]

The Tech Partnership. 2016. Information Security Standards. https: //www.thetechpartnership.com/standards-and-quality/it-industry-standards/ it-professional-standards/information-security/, Accessed November 06, 2018.

[63]

Heikki Topi. 2017. IS EDUCATION: MSIS 2016: Guidance and Inspiration for Master’s Programs in Information Systems. ACM Inroads 8, 2 (May 2017), 27–28.

Digital Library

[64]

UK National Cyber Security Centre. 2017. Certification of Bachelors’ Degrees in Cyber Security. https://www.ncsc.gov.uk/content/files/protected_files/article_ files/Certification-Bachelors-2_0-20171214.pdf, Accessed November 06, 2018.

[65]

US Bureau of Labor Statistics. 2016-âĂŞ2017. Occupational Outlook Handbook: Information Security Analysts. US Department of Labor. http://www.bls.gov/ooh/ computer-and-inforrnation-technology/information-security-analysis.html, Accessed November 06, 2018.

[66]

US Department of Education. 2018. Integrated Postsecondary Education Data System. https://nces.ed.gov/ipeds, Accessed November 06, 2018.

[67]

US National Security Agency and the Department of Homeland Security. 2018. Centers of Academic Excellence in Cybersecurity. https://www.nsa.gov/ resources/educators/centers-academic-excellence Accessed November 06, 2018.

[68]

US President’s Council of Advisors on Science and Technology. 2012. Engage to Excel: Producing One Million Additional College Graduates with Degrees in Science, Technology, Engineering, and Mathematics. http://files.eric.ed.gov/ fulltext/ED541511.pdf, Accessed November 06, 2018.

[69]

Rebecca Vogel et al. 2016. Closing the cybersecurity skills gap. Salus Journal 4, 2 (2016), 32.

[70]

Paul Voigt and Axel von dem Bussche. 2017. The EU General Data Protection Regulation (GDPR): A Practical Guide (1st ed.). Springer Publishing Company, Incorporated.

Digital Library

Cited By

Eibl GJungbauer CLitvyak OVolkl PLuidold C(2024)Proactive Curriculum for Cyber Security Education: A Model of Micro-Credentials and Active Blended LearningProceedings of the Central and Eastern European eDem and eGov Days 202410.1145/3670243.3673882(234-239)Online publication date: 12-Sep-2024
https://dl.acm.org/doi/10.1145/3670243.3673882
Prickett TCrick TDavenport JBowers DHayes AIrons AMonga MLonati VBarendsen ESheard JPaterson J(2024)Embedding Technical, Personal and Professional Competencies in Computing Degree ProgrammesProceedings of the 2024 on Innovation and Technology in Computer Science Education V. 110.1145/3649217.3653578(346-352)Online publication date: 3-Jul-2024
https://dl.acm.org/doi/10.1145/3649217.3653578
Redd BTang YZiv HPatil S(2024)Layering Sociotechnical Cybersecurity Concepts Within Project-Based LearningProceedings of the 2024 ACM Conference on International Computing Education Research - Volume 110.1145/3632620.3671093(406-418)Online publication date: 12-Aug-2024
https://dl.acm.org/doi/10.1145/3632620.3671093
Show More Cited By

Index Terms

Global perspectives on cybersecurity education for 2030: a case for a meta-discipline
1. Social and professional topics
  1. Professional topics
    1. Computing education
      1. Computing education programs
      2. Model curricula

Recommendations

Game based Cybersecurity Training for High School Students
SIGCSE '18: Proceedings of the 49th ACM Technical Symposium on Computer Science Education

Cybersecurity is critical to the national infrastructure, federal and local government, military, industry, and personal privacy. To defend the U.S. against the cyber threats, a significant demand for skilled cybersecurity workforce is predicted in ...
Global perspectives on cybersecurity education
ITiCSE 2018: Proceedings of the 23rd Annual ACM Conference on Innovation and Technology in Computer Science Education

Global cybersecurity crises have compelled universities to address the demand for educated cybersecurity professionals. As no shared framework for cybersecurity as an academic discipline exists, growthhas been unfocused and driven by training materials, ...
A Capstone Design Project for Teaching Cybersecurity to Non-technical Users
SIGITE '16: Proceedings of the 17th Annual Conference on Information Technology Education

This paper presents a multi-year undergraduate computing capstone project that holistically contributes to the development of cybersecurity knowledge and skills in non-computing high school and college students. We describe the student-built Vulnerable ...

Comments

Please enable JavaScript to view thecomments powered by Disqus.

Information & Contributors

Information

Published In

cover image ACM Conferences

ITiCSE 2018 Companion: Proceedings Companion of the 23rd Annual ACM Conference on Innovation and Technology in Computer Science Education

July 2018

235 pages

ISBN:9781450362238

DOI:10.1145/3293881

Program Chairs:
Guido Rößling
TU Darmstadt, Germany
,
Bruce Scharlau
University of Aberdeen, UK

Copyright © 2018 ACM.

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

Sponsors

SIGCSE: ACM Special Interest Group on Computer Science Education

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 02 July 2018

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Research-article

Funding Sources

US National Science Foundation

Conference

ITiCSE '18

Sponsor:

SIGCSE

ITiCSE '18: 23rd Annual ACM Conference on Innovation and Technology in Computer Science Education

July 2 - 4, 2018

Larnaca, Cyprus

Acceptance Rates

Overall Acceptance Rate 552 of 1,613 submissions, 34%

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

39
Total Citations
View Citations
1,032
Total Downloads

Downloads (Last 12 months)149
Downloads (Last 6 weeks)17

Reflects downloads up to 16 Nov 2024

Other Metrics

View Author Metrics

Citations

Cited By

Eibl GJungbauer CLitvyak OVolkl PLuidold C(2024)Proactive Curriculum for Cyber Security Education: A Model of Micro-Credentials and Active Blended LearningProceedings of the Central and Eastern European eDem and eGov Days 202410.1145/3670243.3673882(234-239)Online publication date: 12-Sep-2024
https://dl.acm.org/doi/10.1145/3670243.3673882
Prickett TCrick TDavenport JBowers DHayes AIrons AMonga MLonati VBarendsen ESheard JPaterson J(2024)Embedding Technical, Personal and Professional Competencies in Computing Degree ProgrammesProceedings of the 2024 on Innovation and Technology in Computer Science Education V. 110.1145/3649217.3653578(346-352)Online publication date: 3-Jul-2024
https://dl.acm.org/doi/10.1145/3649217.3653578
Redd BTang YZiv HPatil S(2024)Layering Sociotechnical Cybersecurity Concepts Within Project-Based LearningProceedings of the 2024 ACM Conference on International Computing Education Research - Volume 110.1145/3632620.3671093(406-418)Online publication date: 12-Aug-2024
https://dl.acm.org/doi/10.1145/3632620.3671093
Crabb JHundhausen CGebremedhin AStephenson BStone JBattestilli LRebelsky SShoop L(2024)A Critical Review of Cybersecurity Education in the United StatesProceedings of the 55th ACM Technical Symposium on Computer Science Education V. 110.1145/3626252.3630757(241-247)Online publication date: 7-Mar-2024
https://dl.acm.org/doi/10.1145/3626252.3630757
Yi CWang WKwok L(2024)Analysis of Cyber Range Scenario DesignBlended Learning. Intelligent Computing in Education10.1007/978-981-97-4442-8_25(322-332)Online publication date: 29-Jun-2024
https://doi.org/10.1007/978-981-97-4442-8_25
Magesa DMshana J(2023)Assessing Challenges Facing Implementation of Information Security Critical Success Factors: A Case of National Examination Council, TanzaniaEuropean Journal of Theoretical and Applied Sciences10.59324/ejtas.2023.1(5).741:5(883-897)Online publication date: 1-Sep-2023
https://doi.org/10.59324/ejtas.2023.1(5).74
Alamsyahril Sasongko RSumarsih (2023)Development of Data Management Information System Model for Basic Training of Civil Servant CandidatesOnline Conference of Education Research International (OCERI 2023)10.2991/978-2-38476-108-1_10(112-119)Online publication date: 28-Sep-2023
https://doi.org/10.2991/978-2-38476-108-1_10
Majanoja AHakkala A(2023)Enhancing a cybersecurity curriculum development tool with a competence framework to meet industry needs for cybersecurityProceedings of the 24th International Conference on Computer Systems and Technologies10.1145/3606305.3606325(123-128)Online publication date: 16-Jun-2023
https://dl.acm.org/doi/10.1145/3606305.3606325
Kashef RFreunek MSchwartzentruber JSamavi RBulgurcu BKhan ASantos M(2023)Bridging the Bubbles: Connecting Academia and Industry in Cybersecurity Research2023 IEEE Secure Development Conference (SecDev)10.1109/SecDev56634.2023.00034(207-213)Online publication date: 18-Oct-2023
https://doi.org/10.1109/SecDev56634.2023.00034
Allison J(2023)Devising a cyber security management module through integrated course designJournal of Further and Higher Education10.1080/0309877X.2023.225072947:10(1389-1403)Online publication date: 8-Sep-2023
https://doi.org/10.1080/0309877X.2023.2250729
Show More Cited By

View Options

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Media

Figures

Other

Tables

View Table of Contents