A CBK for Information Security and Critical Infrastructure Protection
- 1.3k Downloads
Academic institutions educate future Information Security and Critical Infrastructure Protection (ISCIP) professionals, offering expedient and broad knowledge of the field. As industry often demands higher productivity and stronger specialization, several organizations (academic, governmental, industrial) considered the use of a Common Body of Knowledge (CBK), to serve as a tool that appropriately groups together the essential knowledge of this field. In this paper, we review the content of current ISCIP curricula, we define the necessary skills of an ISCIP Professional – as indicated and suggested by the industry – and form a multidisciplinary CBK of the ISCIP field.
KeywordsCommon Body of Knowledge (CBK) Academic Curriculum Academic Programme Critical Infrastructure Protection
- 1.Bishop M., Engle S.: The Software Assurance CBK and University Curricula. 10th Colloquium for Information Systems Security Education. University of Maryland, USA (2006). Available online at: http://nob.cs.ucdavis.edu/bishop/talks/2006-cisse-1/swacbk_OnlinePDF.pdf.Google Scholar
- 2.Cabay M.: Information security education resources for professional development, ver. 11 (2004). Available online at: http://www.norwich.edu/mkabay/overviews/infosec_ed_OnlinePDF.pdf.
- 3.Crowley E.: Information system security curricula development. In: Brewer J., Mendonca J. (Eds.): Proc. of the 4th Conf. on ITechnology Curriculum. ACM Press, USA (2003).Google Scholar
- 5.Gritzalis D., Theocharidou M., Kalimeri E.: Towards an interdisciplinary information security education model. In: Miloslavskaya N., et al. (Eds.): Proc. of the 4th World Conf. on InfoSec Education (W1SE-4). Moscow (2005) 22–35.Google Scholar
- 6.Krause M., Tipton F. 2006. Handbook of Information Security Management, CRC Press.Google Scholar
- 7.Morneau K.: Designing an Information Security Program as a core competency of Network Technologists. In: Proc. of the 5th Conf. on IT Education. ACM Press, USA (2004) 29–32.Google Scholar
- 8.Redwine S. (Ed.): Secure Software Assurance: A guide to the Common Body of Knowledge to produce, acquire and sustain secure software, US Dept. of Homeland Security (2006).Google Scholar
- 9.Slay J., Lock P.: Developing an Undergraduate IT Security Stream: Industry Certification and the Development of Graduate Qualities. In: Miloslavskaya N., et al. (Eds.): Proc. of the 4th World Conf. on Information Security Education (WISE-4). Moscow (2005) 57–66.Google Scholar
- 10.Smith E., Kritzinger E., Oostuizen H., Von Solms S.: Information Security education: Bridging the gap between academic institutions and industry. In: Miloslavskaya N., et al. (Eds.): Proc. of the 4th World Conf. on InfoSec Education (WISE-4). Moscow (2005) 45–55.Google Scholar
- 12.Wilson M., Hash J.: Building an Information Technology Security Awareness and Training Program. NIST Special Publication 800-50. USA (2003).Google Scholar
- 13.Cresson-Wood C: Why information security is now multi-disciplinary, multi-departmental, and multi-organizational in nature. Computer Fraud & Security, Elsevier (2004) 16–17.Google Scholar