The role of national cybersecurity strategies on the improvement of cybersecurity education

Abstract

Digital information and telecommunication technologies have not only become essential to individuals’ daily lives but also to a nation’s sustained economic growth, societal well-being, critical infrastructure resilience, and national security. Consequently, the protection of a nation’s cyber sovereignty from malicious acts is a major concern. This signifies the importance of cybersecurity education in facilitating the creation of a resilient cybersecurity ecosystem and in supporting cyber sovereignty. This study reviews a sample from world-leading countries National Cybersecurity Strategic Plans (NCSPs) and analyzes the associated existing cybersecurity education and training improvement initiatives. Furthermore, a proposal to adopt the Goal-Question-Outcomes(GQO)+Strategies paradigm into cybersecurity education and training programs curricula improvement to national cybersecurity strategic goals is presented. The proposal maps cybersecurity strategic goals to cybersecurity skills and competencies using the National Initiative for Cybersecurity Education (NICE) framework. The newly proposed cybersecurity education and training programs’ curricula learning outcomes were generated from the GQO+Strategies paradigm based on the three major cybersecurity strategic goals: Development of secure digital and information technology infrastructure and services, defending from sophisticated cyber threats, and enrichment of individuals’ cybersecurity maturity and awareness. It is highly recommended that cybersecurity university program administrators utilize the proposed GQO+Strategies to align their program’s curriculum to NCSP. Hence, closing the gap that exists with the relevant skills and sustain national cybersecurity workforces.