Competency models are widely adopted frameworks that are used to improve human resource functions and education. However, the characteristics of competency models related to the information security and cybersecurity domains are not well understood. To bridge this gap, this study investigates the current state of competency models related to the…

More specialized cybersecurity education programs are needed to address workforce needs, but it is unclear which knowledge, skills, and abilities (KSAs) fulfil industry needs. We interviewed 48 professionals within four cyber defense specialty areas: (1) Cyber Network Defense Analysis, (2) Cyber Network Defense Infrastructure Support, (3) Incident…

We present a psychometric evaluation of a revised version of the "Cybersecurity Concept Inventory" ("CCI"), completed by 354 students from 29 colleges and universities. The CCI is a conceptual test of understanding created to enable research on instruction quality in cybersecurity education. This work extends previous expert…

This study focuses on the challenges encountered in online cybersecurity education. It adopts an exploratory research design using a mixed-methods approach to investigate the perceptions and experiences of postgraduate students enrolled in an online cybersecurity program. The collection of data is structured into two distinct phases. In the…

Our cybersecurity workforce needs surpass our ability to meet them. These needs could be mitigated by developing relevant curricula that prioritize the knowledge, skills, and abilities (KSAs) most important to cybersecurity jobs. To identify the KSAs needed for performing cybersecurity jobs, we administered survey interviews to 44 cyber…

With ever-greater reliance of the developed world on information and communication technologies, constructing secure software has become a top priority. To produce secure software, security activities need to be integrated throughout the software development lifecycle. One such activity is security design analysis (SDA), which identifies security…

With the continuous growth of cyberinfrastructure throughout modern society, the need for secure computing and communication is more important than ever before. As a result, there is also an increasing need for entry-level developers who are capable of designing and building practical solutions for systems with stringent security requirements.…

Computing science students amass years of programming experience and a wealth of factual knowledge in their undergraduate courses. Based on our combined years of experience, however, one of our students' abiding shortcomings is that they think there is only "one correct answer" to issues in most courses: an "idealistic"…