A Cybersecurity Curriculum for the Masses

What should every person in cybersecurity know, and how?

Photo by Pang Yuhao on Unsplash

Recently, I had the good fortune to be in a room with some really experienced, thoughtful, well-read cybersecurity professionals. I wanted to know what they think should be included in an undergraduate cybersecurity curriculum — but I had some constraints that mirrored the challenges I see in the “real world” of academia:

Requirements

• Academic rigor — non-security academics need to be able to approve the topics and readings, so it needs to have a strong research body of work supporting the topic
• Topics need to be able to be taught by someone who has not worked in cybersecurity — as many college classes are
• They can suggest only nine classes, as undergraduate curriculums must take into account general education and other learning requirements
• The suggested topics must stay relevant for at least ten years (because that’s how long it will take to get any changes approved)
• The topics must be useful for EVERYONE who works in ANY PART of security.

Here’s what they came up with, after 10 minutes of brainstorming:

1. Influencing without authority