This presentation will explain the interdepartmental collaborative processes, theoretical frameworks, digital tools and design principles used to develop on-demand and blended learning courses for current and aspiring cybersecurity professionals. Attendees will understand the support necessary to implement and sustain the initiative, as well as, the outcomes hoped to be accomplished.
Employing an Interdepartmental Collaborative Process to Enhance Cybersecurity Professionals’ Experience in On-Demand and Blended Learning Courses
In this highly digital age cybersecurity attacks and data breaches occur frequently and have now become almost commonplace. Last year hackers, aiming to gain access to confidential data, payment portals and even test their hacking abilities, compromised several well know organizational system accounts such as LinkedIn, Tumblr, Yahoo, Target and even the United States National Security Agency was breached by an employee. Due to these rising attacks, millions of people have been put at risk as their usernames, email addresses, passwords, phone numbers, photos and IP addresses have been exposed. A global survey conducted by ISCA (2015) indicated cybersecurity attacks were one of the top three highest concerns for over 80% of organizations and they are fervently working to increase their system security measures to ensure the privacy of user data.
One barrier to developing effective cybersecurity professionals is the broad definition and diverse understanding of what cybersecurity entails. Cybersecurity benefits from the integration of several other scientific fields such as computer science, mathematics, economics and the social sciences. Determining the “exact fundamental concepts, principles, mathematical constructs, or tools to predict or measure cybersecurity” (JASON, 2012) has been a high-level challenge for this evolving field of study and” to achieve security breakthroughs we need a more fundamental understanding of the science of cyber-security” (JASON, 2012).
The relative newness and rapid evolution of the field has left the cybersecurity community lacking in trained professionals qualified to successfully counteract such common attacks. McDuffie and Piotrowski (2014) point out the alarming deficit in baccalaureate-level cybersecurity program and the inconsistency of the curriculum found within higher educational institutions. Many universities currently offer a computer science degree with only an elective security track consisting of a few cybersecurity specific courses (pg. 68).
In 2016, in hopes of lessening the dire shortage of cybersecurity professionals, the United States implemented the Cybersecurity National Action Plan. This long-term strategy established four key initiatives:
• Expand the Cybersecurity Workforce through Education and Training through the allocation of $62 million, to be used for student college tuition and the development of higher education cybersecurity course curriculums.
• Recruit the Nation’s Best Cyber Talent for Federal Service focused on recruiting diverse populations – including women, minorities and veterans – and streamlining the hiring practices of new talent. Developing partnerships with private agencies as well as higher education institutions.
• Retain and Develop Highly Skilled Talent by developing distinct cybersecurity career paths, developing credentialing program, and providing continuing education opportunities and ensuring.
• Identify Cybersecurity Workforce needs through using the National Cybersecurity Workforce Framework developed by National Initiative for Cybersecurity Education (NICE) to identify workforce areas and recruit candidates with specific skills and abilities.
One organization dedicated to advancing the cybersecurity industry is The International Information Systems Security Certification Consortium, Inc. (ISC)2. This international nonprofit membership association focuses on “inspiring a safe and secure cyber world” (ISC)2, 2016). They offer a portfolio of credentials as well as resources to train cybersecurity professionals and enable them to advance the cybersecurity industry.
(ISC)² offers 10 cybersecurity certifications including Certified Cloud Security Professional, Certified Information Systems Security Professional and Health Care Information Security and Privacy Practitioner. They also offer a variety of cybersecurity training modalities, textbooks and other study materials based on their cybersecurity Common Body of Knowledge (CBK). These resources are meant to assist current members and aspiring cybersecurity professionals in refreshing their knowledge as well as identify areas needed to study for one of the (ISC)² certification exam which test a candidate's knowledge of the related CBK domains.
In the past (ISC)2 has used a variety of tools to deliver both their On-Demand (fully online) and Live on Line (blended) learning courses to cybersecurity members, clients and students. To provide end users with a better learning experience, the organization recently purchased a fully functional learning management system (LMS) and have begun the process of transferring content into the new LMS. Due to the nature of the highly sensitive information and the dire importance of keeping it secure the process of transferring the resources and course content into a more modern and user friendly system has not been without it’s challenges. To successfully ensure the secure transfer of content and user data, a high level interdepartmental process utilizing the assistance of an outside consulting firm and an internal interdepartmental collaborative team approach has been implemented.
This presentation aims to examine and explain the interdepartmental collaborative processes, theoretical frameworks, digital tools and design principles used to develop on-demand and blended learning courses for current and aspiring cybersecurity professionals. Readers and presentation attendees will understand how stakeholders were chosen to be involved, their roles in the iterative process, the project management methodology used to guide the process, the role of global partner participation in the decision making, how both quantitative and qualitative student data will be used to inform course revision, the interdepartmental and supervisory support necessary to implement and sustain the transformative initiative, and the ultimate outcomes hoped to be accomplished.