Framework, Tools and Good Practices for Cybersecurity Curricula

Hajný, Jan; Ricci, Sara; Piesarskas, Edmundas; Levillain, Olivier; Galletta, Letterio; Nicola, Rocco De

doi:10.1109/access.2021.3093952

Cited by 19 publications

(7 citation statements)

References 2 publications

Supporting

Mentioning

Contrasting

Unclassified

Order By: Relevance

“…Research has spotlighted potential opportunities and pitfalls in various educational models, especially when it comes to attracting, retaining and preparing students for a career in cybersecurity [14,20,21]. Stavrou [17] emphasized that cultivating lifelong learning should be a priority in formal education for cybersecurity subjects.…”

Section: Analysis Of Pedagogical Modelsmentioning

confidence: 99%

Strategic Approaches to Cybersecurity Learning: A Study of Educational Models and Outcomes

Mukherjee,

Le,

Chow

et al. 2024

Information

View full text Add to dashboard Cite

As the demand for cybersecurity experts in the industry grows, we face a widening shortage of skilled professionals. This pressing concern has spurred extensive research within academia and national bodies, who are striving to bridge this skills gap through refined educational frameworks, including the integration of innovative information applications like remote laboratories and virtual classrooms. Despite these initiatives, current higher education models for cybersecurity, while effective in some areas, fail to provide a holistic solution to the root causes of the skills gap. Our study conducts a thorough examination of established cybersecurity educational frameworks, with the goal of identifying crucial learning outcomes that can mitigate the factors contributing to this skills gap. Furthermore, by analyzing six different educational models, for each one that can uniquely leverage technology like virtual classrooms and online platforms and is suited to various learning contexts, we categorize these contexts into four distinct categories. This categorization introduces a holistic dimension of context awareness enriched by digital learning tools into the process, enhancing the alignment with desired learning outcomes, a consideration sparsely addressed in the existing literature. This thorough analysis further strengthens the framework for guiding education providers in selecting models that most effectively align with their targeted learning outcomes and implies practical uses for technologically enhanced environments. This review presents a roadmap for educators and institutions, offering insights into relevant teaching models, including the opportunities for the utilization of remote laboratories and virtual classrooms, and their contextual applications, thereby aiding curriculum designers in making strategic decisions.

show abstract

Section: Analysis Of Pedagogical Modelsmentioning

confidence: 99%

Strategic Approaches to Cybersecurity Learning: A Study of Educational Models and Outcomes

Mukherjee,

Le,

Chow

et al. 2024

Information

View full text Add to dashboard Cite

show abstract

“…In [34], Hudnall estimated the above-mentioned mapping to become an ''overwhelmingly time consuming'' task, and in [36] although the authors did not perform the mapping, they concluded that for a successful mapping, and due to a huge number of knowledge descriptions, the researchers have to trim the knowledge descriptions of the NICE framework. In another work [37] that was performed within the Advanced Research and Technology in Europe project (a.k.a., SPARTA project) 2 , the authors mapped the job roles of the NICE framework to 29 cybersecurity topics that were defined by the SPARTA project. This mapping enables the curricula designers to directly consult knowledge descriptions, skills, and tasks that are required for each job role of the NICE framework.…”

Section: Cybersecurity Curriculum Development Based On Work Force Req...mentioning

confidence: 99%

Cybersecurity Education in Universities: A Comprehensive Guide to Curriculum Development

Ramezanian,

Niemi

2024

IEEE Access

View full text Add to dashboard Cite

The widespread deployment of digital technologies has made the globe an interconnected world. Among other necessities of the digitalized world, cybersecurity is a crucial component. Therefore, education and proper training of the cybersecurity workforce are essential for building a strong national and global community. However, a significant shortage of proficient cybersecurity experts is reported worldwide. In this study, we present a comprehensive guideline for university-level cybersecurity curriculum development with respect to workforce training. Our curriculum guideline is based on consulting various globally well-known documents, reports, and frameworks that are specifically designed for cybersecurity. Namely, to conduct our research we utilize Cybersecurity Curricula 2017 (CSEC2017) by the Joint Task Force on Cybersecurity Education [1], National Initiative for Cybersecurity Education (NICE) cybersecurity workforce framework by the National Institute of Standards and Technology (NIST) [2], and the Development Needs in Cybersecurity Education: Final report of the project by Lehto et al. at the University of Jyväskylä in Finland [3]. The significance of our work also relies on the fact that the previous efforts to establish a link between the NICE workforce framework [2] and the CSEC2017 curriculum [1] have fallen short, and to the best of our knowledge, this work is the first successful attempt on the matter. In particular, we map every knowledge requirement in each work role of [2] to one or several knowledge areas of CSEC2017 curriculum [1]. We define a measurement system to assign a numeric value to each knowledge area of [1]. Our goal is to determine the significance of a cybersecurity knowledge area in workforce training. Moreover, we identify the shortcomings of the Cybersecurity Curricula that is defined in [1], i.e., we recognize the knowledge areas that are missing from the curriculum of [1]. We also discuss about the shortcomings of NICE framework in terms of defining the proper required knowledge in the work roles. Based on our findings, we present a comprehensive guideline for cybersecurity curriculum development for higher educational institutions. Finally, we propose a curriculum roadmap to the job categories of [2]. INDEX TERMS Curriculum development, cybersecurity, cybersecurity curricula 2017 by JTF, higher education, NICE workforce framework, workforce training.

show abstract

“…Others [50] examined whether NICE can be used as a baseline to create questionnaires that measure the level of knowledge improvement. The benefits of using the NICE framework as a detailed and extensive list of expected learning outcomes have also been mentioned in [36]. In another work [74], the NICE framework was analysed, and a model was proposed to design a cybersecurity degree program, highlighting the potential inconsistencies of the framework.…”

Section: Related Workmentioning

confidence: 99%

Towards NICE-by-Design Cybersecurity Learning Environments: A Cyber Range for SOC Teams

Karagiannis

Magkos

Karavaras³

et al. 2022

Preprint

View full text Add to dashboard Cite

Due to the evolution of cyberattacks, the need to deploy modern cybersecurity learning environments is constantly increasing. Furthermore, the security challenges of the digital era are inevitably connected to the human factor, which urges personnel to become familiar with state-of-the-art security software for mitigating and detecting cyberattacks. Cybersecurity learning environments include, among others, virtual labs, Cyber Ranges and Capture the Flag (CTF) challenges, providing interactive digital learning environments for trainees to engage in complex cybersecurity scenarios. However, scenario design is not always governed by specific design principles, and the learning outcomes of the cybersecurity exercises are not always clearly defined. In this paper, a cybersecurity educational framework was used to guide the design of cybersecurity scenarios and a Cyber Range to host the scenarios was developed as a proof-of-concept. This work suggests that educators could use the proposed design methodology to design cybersecurity learning environments, including, but not limited to, Cyber Ranges.

show abstract

Framework, Tools and Good Practices for Cybersecurity Curricula

Cited by 19 publications

References 2 publications

Strategic Approaches to Cybersecurity Learning: A Study of Educational Models and Outcomes

Strategic Approaches to Cybersecurity Learning: A Study of Educational Models and Outcomes

Cybersecurity Education in Universities: A Comprehensive Guide to Curriculum Development

Towards NICE-by-Design Cybersecurity Learning Environments: A Cyber Range for SOC Teams

Contact Info

Product

Resources

About