Security

College-Level Cybersecurity Ed Gets Formal Makeover

• By Dian Schaffhauser
• 02/21/18

A two-year effort to develop curriculum guidelines for cybersecurity education will officially be released this week, two months after a report with the details was published by a joint task force. "Cybersecurity Curricula 2017" will be introduced on Feb. 22 at the Annual ACM Special Interest Group on Computer Science Education meeting taking place in Baltimore. At the same time a new "community engagement website" will also be launched.

As the report noted, various sources within and outside the government expect nearly 1.8 million cybersecurity-related positions to go unfilled by 2022. To address the skills gap, academic departments are "launching initiatives to establish new cybersecurity programs or courses of study within existing programs." The goal of the report is to help institutions define cybersecurity proficiency and structure their academic programs.

According to the report, a graduate of a cybersecurity program should have worked with curriculum that includes:

• A foundation in computer science or IT concepts, such as data and software;
• "Essential cybersecurity knowledge and skills," the basic skills every cybersecurity student needs to understand, no matter what his or her area of specialization, such as cryptography, digital forensics and access control;
• "Crosscutting concepts," such as confidentiality, availability, risk, adversarial thinking and systems thinking;
• In-depth coverage of a "range of specializations"; and
• A "strong emphasis" on ethical conduct and professional responsibilities.

This isn't the first time ACM has become involved in institutional efforts. Past collaborations with professional and scientific societies have resulted in curriculum guidelines for programs teaching computer science, computer engineering, information systems, information technology and software engineering.

The project, which began in 2015, was overseen by four computing organizations: the Association for Computing Machinery, which convened the task force, as well as the IEEE Computer Society, the Association for Information Systems and the International Federation for Information Processing. The work drew on expertise from 10 higher education cybersecurity programs, including those at George Washington University, the University of California, Davis and Brigham Young. Also contributing: 320 advisers from 35 countries.

The report is openly available on the ACM website.