Abstract
The objective of this study is to propose a cybersecurity curriculum from a best practice perspective for universities and other higher educational institutions. Cybersecurity is a fast-growing part of the overall job market and cybersecurity skills shortage is a factor that needs attention worldwide. An updated approach is needed to build the cybersecurity labour force. A scoping literature review was applied on academic databases for proposed cybersecurity skills curricula. It was also applied on cybersecurity curricula offered by top universities as well as by studying cybersecurity curriculum frameworks and guidelines. The knowledge, skills, abilities and modules from the aforementioned were integrated to compile a holistic reference point for a cybersecurity curriculum. The study found that there is a global need for cybersecurity degrees and specifically for African countries like South African. More cybersecurity professionals need to be trained in the necessary technical abilities, combined by the necessary soft skills to be productive and fill the gaps in industry. This is possible by concentrating on this study’s proposal namely a reference point for cybersecurity modules to be included in a cybersecurity curriculum.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Similar content being viewed by others
References
(ISC)2: Cybersecurity Professionals Stand Up to a Pandemic. https://www.trendmicro.com/closethegap/wp-content/uploads/2018/11/2018-ISC2-Cybersecurity-Workforce-Study.pdf. Accessed 09 Mar 2021
Kagwiria, C.: Cybersecurity skills gap in Africa. https://www.afralti.org/cybersecurity-skills-gap-in-africa/. Accessed 09 Mar 2021
Shango, D.: Why the skills gap remains wider in Africa. https://www.weforum.org/agenda/2019/09/why-the-skills-gap-remains-wider-in-africa/. Accessed 09 Mar 2021
PricewaterhouseCoopers: CEOs’ curbed confidence spells caution. https://www.pwc.com/gx/en/ceo-survey/2019/report/pwc-22nd-annual-global-ceo-survey.pdf. Accessed 09 Mar 2021
Furnell, S., Bishop, M.: Addressing cyber security skills: the spectrum, not the silo. Comput. Fraud Secur. 2020, 6–11 (2020)
Kaspersky Lab: The Cybersecurity Skills Gap: a Ticking Time Bomb. https://media.kaspersky.com/uk/Kaspersky-Cyberskills-Report_UK.pdf. Accessed 09 Mar 2021
Bishop, M., Burley, D., Futcher, L.A.: Cybersecurity curricular guidelines. In: Ismini, V., Furnell, S. (eds.) Cybersecurity Education for Awareness and Compliance, pp. 158–180. IGI Global, Hershey (2019)
Joint Task Force on Cybersecurity Education: Curricula 2017 Cybersecurity Curriculum. http://www.csec2017.org/. Accessed 09 Mar 2021
Moher, D., Liberati, A., Tetzlaff, J., Altman, D.G., PRISMA Group: Preferred reporting items for systematic reviews and meta-analyses. Ann. Intern. Med. 89, 264–270 (2009)
De Zan, T.: Mind the Gap: The Cyber Security Skills Shortage and Public Policy Interventions. https://ora.ox.ac.uk/objects/uuid:e9699fc6-279c-4595-b707-7fd0acc487b3/download_file?file_format=pdf&safe_filename=cyber-ebook-definitivo.pdf&type_of_work=Working+paper. Accessed 09 Mar 2021
Morgan, S.: 2018–2021 Cybersecurity Jobs Report. https://herjavecgroup.com/wp-content/uploads/2018/11/HG-and-CV-Cybersecurity-Jobs-Report-2018.pdf. Accessed 09 Mar 2021
Buvat, J., Turner, M., Slatter, M., Putter, R.K.: Cybersecurity Talent: The big gap in cyber protection. https://www.capgemini.com/wp-content/uploads/2018/02/the-cybersecurity-talent-gap-v8_web.pdf. Accessed 09 Mar 2021
Oltsik, J.: The Life and Times of Cybersecurity Professionals. https://www.esg-global.com/hubfs/issa/ESG-ISSA-Research-Report-Life-of-Cybersecurity-Professionals-Nov-2017.pdf?hsCtaTracking=a63e431c-d2ce-459d-8787-cc122a193baf%7Ce74f0327-0bbc-444a-b7a8-e2cd08d1999eCtaTracking=a63e431c-d. Accessed 09 Mar 2021
Veerasamy, N., Mashiane, T., Pillay, K.: Contextualising cybersecurity readiness in South Africa Namosha. In: van der Waag-Cowling, N., Leenen, L. (eds.) Proceedings of the 14th International Conference on Cyber Warfare and Securit. ACPI (2000)
Sutherland, E.: Governance of cybersecurity – the case of South Africa. Afr. J. Inf. Commun. 20, 83–112 (2017)
Salleh, N., Mendes, E., Grundy, J.: Empirical studies of pair programming for CS/SE teaching in higher education: a systematic literature review. IEEE Trans. Softw. Eng. 37, 509–525 (2011)
Kmet, L.M., Cook, L.S., Lee, R.C.: Standard quality assessment criteria for evaluating primary research papers from a variety of fields. Edmonton: Alberta Heritage Foundation for Medical Research (AHFMR). HTA Initiative #13 (2004)
Švábenský, V., Vykopal, J., Čeleda, P.: What are cybersecurity education papers about? A systematic literature review of sigcse and iticse conferences. In: Proceedings of the 51st ACM Technical Symposium on Computer Science Education, Portland, pp. 2–8 (2020)
Bell, S., Oudshoorn, M.: Meeting the demand: building a cybersecurity degree program with limited resources. In: Proceedings - Frontiers in Education Conference, FIE, pp. 1–7. IEEE (2019)
Criteria for Accrediting Computing Programs, 2018–2019 | ABET
Asghar, M.R., Luxton-Reilly, A.: A case study of a cybersecurity programme. In: Proceedings of the 51st ACM Technical Symposium on Computer Science Education, pp. 16–22. ACM, New York (2020)
Jones, K.S., Namin, A.S., Armstrong, M.E.: The core cyber-defense knowledge, skills, and abilities that cybersecurity students should learn in school: results from interviews with cybersecurity professionals. ACM Trans. Comput. Educ. 18, 1–12 (2018)
Buckley, I.A., Zalewski, J.: Course development in the cybersecurity curriculum. In: Proceedings of the LACCEI International Multi-conference for Engineering, Education and Technology, pp. 24–26 (2019)
CPHC: Cybersecurity Principles and Learning Outcomes for Computer Science an IT-related Degrees: A Resource for Course Designers and Accreditors. (ISC)2 and The Council of Professors and Heads of Computing (2015)
Swain, N., Biswal, B.: Design and development of cybersecurity concentration courses and laboratory experiences for undergraduate students. ASEE Annual Conference and Exposition Conference Proceedings (2019)
Santos, H., Pereira, T., Mendes, I.: Challenges and reflections in designing Cyber security curriculum. In: 2017 IEEE World Engineering Education Conference (EDUNINE), pp. 47–51 (2017)
THE - Times Higher Education: World University Rankings (2020). https://www.timeshighereducation.com/world-university-rankings/2020/world-ranking#!/page/0/length/25/sort_by/rank/sort_order/asc/cols/stats. Accessed 09 Mar 2021
Cardiff University: Computer Science with Security and Forensics (BSc) - Study - Cardiff University. https://www.cardiff.ac.uk/study/undergraduate/courses/2021/computer-science-with-security-and-forensics-bsc. Accessed 09 Mar 2021
Macquarie University: Bachelor of Commerce with a Major in Cyber Security Governance | Macquarie University. https://courses.mq.edu.au/2020/domestic/undergraduate/bachelor-of-commerce-cyber-security-governance. Accessed 09 Mar 2021
University of Winchester: BSc (Hons) Cyber Security - University of Winchester. https://www.winchester.ac.uk/study/undergraduate/courses/bsc-hons-cyber-security/. Accessed 09 Mar 2021
Deakin University: Bachelor of Criminology/Bachelor of Cyber Security | Deakin. https://www.deakin.edu.au/course/bachelor-criminology-bachelor-cyber-security. Accessed 09 Mar 2021
Flinders University: Study the Bachelor of Information Technology (Network and Cybersecurity Systems) - Flinders University. https://www.flinders.edu.au/study/courses/bachelor-information-technology-network-cybersecurity-systems?source=ecs-int-home. Accessed 09 Mar 2021
Ma, Q., Pearson, J.: ISO 17799: “Best practices” in information security management? In: Communications of the Association for Information Systems, pp. 577–591. Association for Information Systems (2005)
Coventry, L., Briggs, P., Blythe, J., Tran, M.: Using behavioural insights to improve the public’s use of cyber security best practices, Northumbria (2015)
Osburn, J., Caruso, G., Wolfensberger, W.: The concept of “best practice”: a brief overview of its meanings, scope, uses, and shortcomings. Int. J. Disabil. Dev. Educ. 58, 213–222 (2011)
Joint Task Force on Cybersecurity Education: CyberSecurity Curricula. ACM, IEEE-CS, AIS SIGSEC, IFIP, New York (2017)
Professionals, Institute of Information Security: The IISP Skills Framework-Scoring levels for Skills Framework. https://apmg-international.com/sites/default/files/documents/products/iisp_skills_framework_v1_0.pdf. Accessed 09 Mar 2021
NIST: Framework for Improving Critical Infrastructure Cybersecurity. https://nvlpubs.nist.gov/nistpubs/CSWP/NIST.CSWP.04162018.pdf. Accessed 09 Mar 2021
AICPA: 2017 Trust Services Criteria for Security, Availability, Processing Integrity, Confidentiality, and Privacy. https://www.aicpa.org/content/dam/aicpa/interestareas/frc/assuranceadvisoryservices/downloadabledocu. Accessed 09 Mar 2021
Saunders, M., Lewis, P., Thornhill, A.: Research Methods for Business Students. Pearson Education Limited, London (2016)
Alsmadi, I., Zarour, M.: Cybersecurity programs in Saudi Arabia: issues and recommendations. In: 1st International Conference on Computer Applications & Information Security (ICCAIS), pp. 1–5. IEEE (2018)
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2021 IFIP International Federation for Information Processing
About this paper
Cite this paper
da Veiga, A. et al. (2021). A Reference Point for Designing a Cybersecurity Curriculum for Universities. In: Furnell, S., Clarke, N. (eds) Human Aspects of Information Security and Assurance. HAISA 2021. IFIP Advances in Information and Communication Technology, vol 613. Springer, Cham. https://doi.org/10.1007/978-3-030-81111-2_5
Download citation
DOI: https://doi.org/10.1007/978-3-030-81111-2_5
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-81110-5
Online ISBN: 978-3-030-81111-2
eBook Packages: Computer ScienceComputer Science (R0)
