Multifarious initiatives in cybersecurity education

Abstract

According to the nAtionAl Security council, “president obama has identified cybersecurity as one of the most serious economic and national security challenges we face as a nation, but one that we as a government or as a country are not adequately prepared to counter [2].” in may of 2009, the president supported the recommendations from his commissioned cyberspace policy review that, among other endorsements, included promoting cybersecurity awareness and building the digital workforce of the 21st century. the recommendations from the cyberspace policy review were based upon the 2008 comprehensive National cybersecurity initiative (cNci), which consists of 12 individual initiatives designed to help secure the united States in cyberspace. this column will focus on initiative 8 – expand cyber education – as it relates to two-year college programs. First a little background on cNci initiative 8. presently, an insufficient number of cybersecurity practitioners and professionals exist to protect and defend the united States in cyberspace. the current cybersecurity training and education programs are limited in focus and lack unity of effort. Evolving from cNci initiative 8, the National initiative for cybersecurity Education (NicE) was established with the goal of creating “operational, sustainable and continually improving” cybersecurity education that will enhance the nation’s security [8]. the Department of Education and the National Science Foundation (NSF) are serving as co-leads for this NicE component called Formal Cybersecurity Education. the mission of this component is to bolster cybersecurity education programs from kindergarten through graduate school, with an emphasis on science, technology, engineering and mathematics (StEm) disciplines to fill the pipeline with technologicallyskilled and cyber-savvy personnel. During the summer of 2011, an acm innovation and technology in computer Science Education (iticSE) working group studied 16 associate-degree programs in information assurance (a.k.a. cybersecurity). the findings are revealing and in concert with cNci initiative 8. “a lack of consensus of what constitutes information assurance (ia) education has led to ia degree programs with widely varying curricula [10].” associate degree ia programs vary in their particular emphases, their curricular structure, and whether they are meant to place graduates into the workforce or to matriculate students into baccalaureate degree programs. of the 16 associate-degree programs examined by the 2011 working group, 14 were associate of applied Science (a.a.S.) degrees and 2 were associate of Science (a.S.) degrees. of the a.a.S. career programs, two areas of concentration emerged, network security and computer forensics. Figure 1 depicts the composition of a typical network security degree, while Figure 2 illustrates the composition of a typical computer forensics