Cybersecurity is defined as: 1) "measures to protect information technology; the information it contains, processes, and transmits and associated physical and virtual elements (which together comprise cyberspace)"; 2) "the degree of protection resulting from application of those measures; and 3) "the associated field of professional endeavor" Fischer (2005). A Frost & Sullivan Market Survey in 2011 sponsored by (ISC)2 revealed a thorough insight into the critical trends and opportunities rising in the information security profession worldwide. The key findings were: 1. Application vulnerabilities represent the number one threat to organizations. 2. Mobile devices were the second highest security concern for the organization 3. Professionals aren’t ready for social media threats 4. Cloud computing illustrates a serious gap between technology implementation and the skills necessary to provide security 5. Information security professionals weathered the economic recession very well 6. Developing countries illustrated opportunities for growth with an experienced and more educated workforce 7. The information security workforce continues to show signs of strong growth 8. A clear skills gap exists that jeopardizes professionals’ ability to protect organizations in the near future The underlining trend affecting all these key issues is the lack of appropriate skills being demonstrated by information security professionals for protecting cybesecurity treats against organizations and that "... the information security profession could be on a dangerous course, where information security professionals are engulfed in their current job duties and responsibilities, leaving them ill-prepared for the major changes ahead, and potentially endangering the organizations they secure." (Ayoub, 2011) Smith, Koohang & Behling (2010) stated that higher education has a responsibility in designing and re-designing cybersecurity curriculum that prepare graduates with necessary knowledge and skills to become competent cybersecurity professionals. These knowledge and skills must also set the foundation for these graduates to become certified cybersecurity professionals. The purpose of this panel is to discuss two themes. They are as follows: Theme 1 - Cybersecurity curriculum: What is a sound cybersecurity curriculum that can prepare graduates with necessary knowledge and skills to protect organization's cybersecurity treats? What should the curriculum entail regarding continuous improvement given the ever-changing nature of cybersecurity? How does a cybersecurity curriculum aligned with curriculum models (e.g., IS 2010, IT 2008) and special accreditation bodies (e.g., ABET). Theme 2 - Cybersecurity certification: Do graduates need to pass cybersecurity certification? What role does the university curriculum play in preparing graduates for taking and passing these certificates?
Koohang, Alex; Floyd, Kevin; Smith, Terry; and Ashford, Tina, "Panel: The Challenges of Cybersecurity Curriculum" (2012). SAIS 2012 Proceedings. 28.