CYBERSECURITY EDUCATION: SYSTEMS APPROACH

Angelina Bott,
Institute of Radio and Information Systems (IRIS), Vienna, Austria
iris@media-publisher.eu

DOI: 10.36724/2664-066X-2024-10-5-47-66

SYNCHROINFO JOURNAL. Volume 10, Number 5 (2024). P. 47-66.

Abstract

This research paper looks at existing research in national cybersecurity education capacity and explores the application of a “systems approach” to guide future cybersecurity education capacity development, using systems thinking tools to build a holistic understanding of the national cybersecurity education capacity landscape. To close the global cybersecurity workforce gap and continue institutionalizing an approach to a structured process for a cybersecurity workforce, it is important to further develop national cybersecurity education capacity in all countries around the world. This research paper is aimed at stakeholders working across government, private sector, academia, and civil society that are interested in how a systems approach can improve the understanding of national cybersecurity education landscapes and guide the design and implementation of future capacity development interventions, with particular application to low-and-middle income countries. Informed by secondary sources, this paper intends to initiate a broader discussion and further research on the benefits and applications of a systems approach to cybersecurity education capacity development.

Keywords: cybersecurity education, national education capacity development

References

[1]     World Economic Forum. Global Cybersecurity Outlook 2022. Insight Report. https://www3.weforum.org/docs/WEF_Global_Cybersecurity_Outlook_2022.pdf

[2]     (ISC2) Cybersecurity Workforce Study 2022 https://media.isc2.org/-/media/Project/ISC2/Main/Media/documents/research/ISC2-Cybersecurity-Workforce-Study-2022.pdf

[3]     United Nations. SDG 4 Quality Education. 2023. https://sdgs.un.org/goals/goal4

[4]     UNICEF. Digital Literacy in Education Systems Across ASEAN. 2021. https://www.unicef.org/eap/media/7766/file/Digital%20Literacy%20in%20Education%20Systems%20Across%20ASEAN%20Cover.pdf

[5]     Vladimir Radunovic, David Rüfenacht, “Report on cybersecurity competence building trends in OECD countries,” 2016. https://www.diplomacy.edu/resources/general/cybersecurity-competence-building-trends

[6]           Pavlov S.V., Dokuchaev V.A., Maklachkova V.V., Gadasin D.D. (2023) Automated Decision Support for Selection of Specialists for Complex Infocommunication Systems Management. T-Comm, vol. 17, no. 12, pр. 36-43. DOI: 10.36724/2072-8735-2023-17-12-36-43.

[7]           Statev V.Yu., Dokuchaev V.A., Maklachkova V.V. (2022) Information security in the big data space. T-Comm, vol. 16, no.4, pр. 21-28. DOI: 10.36724/2072-8735-2022-16-4-21-28.

[8]     Aspen Cybersecurity Group. Principles for Growing and Sustaining the Nation’s Cybersecurity Workforce. 2018. https://www.aspeninstitute.org/wp-content/uploads/2018/11/Aspen-Cybersecurity-Group-Principles-for-Growing-and-Sustaining-the-Nations-Cybersecurity-Workforce-1.pdf.

[9]     De Zan, Di Franco, “Cybersecurity Skills Development in the EU,” 2019. https://www.enisa.europa.eu/publications/the-status-of-cyber-security-education-in-the-european-union.

[10]   S. AlDaajeh, H. Saleous, S. Alrabaee, E. Barka, F. Breitinger, K.K.R. Choo, “The role of national cybersecurity strategies on the improvement of cybersecurity education,” Computers & Security, 2022, p. 119.

[11]   S. Creese, W. H. Dutton, P. Esteve-González, “The social and cultural shaping of cybersecurity capacity building: a comparative study of nations and regions,” Personal and ubiquitous computing, 2021, no. 25(5), pp. 941-955. https://doi.org/10.1007/s00779-021-01569-6

[12]   F. E. Catota, M. G. Morgan, D. C. Sicker, “Cybersecurity education in a developing nation: The Ecuadorian environment,” Journal of Cybersecurity, 2019, no. 5(1).

[13]   GFCE Working Group D. Developing Cyber Security as a Profession. 2022. https://thegfce.org/wp-content/uploads/2022/08/GFCE-Report-Developing-Cyber-Security-as-a-Profession-July-2022-1.pdf.

[14]   N. A. A. Rahman, I. H. Sairi, N. A. M. Zizi, F. Khalid, “The importance of cybersecurity education in school,” International Journal of Information and Education Technology, 2020, no. 10(5), pp. 378-382.

[15]   B. J. Blazic, “Changing the landscape of cybersecurity education in the EU: Will the new approach produce the required cybersecurity skills?” Educ Inf Technol, 2022, no. 27, pp. 3011–3036. https://doi.org/10.1007/s10639-021-10704-y.

[16]   J. Hajny, S. Ricci, E. Piesarskas, O. Levillain, L. Galletta and R. De Nicola, “Framework, Tools and Good Practices for Cybersecurity Curricula,” IEEE Access, 2021, vol. 9, pp. 94723-94747. https://doi.org/10.1109/ACCESS.2021.3093952

[17]   R. Shillair, P. Esteve-González, W. H. Dutton, S. Creese, E. Nagyfejeo, B. von Solms, “Cybersecurity education, awareness raising, and training initiatives: National level evidence-based results, challenges, and promise,” Computers & Security, 2022, no. 119, https://doi.org/10.1016/j.cose.2022.102756.

[18]   ITU. Global Cybersecurity Index (GCI). 2018. https://www.itu.int/dms_pub/itu-d/opb/str/D-STR-GCI.01-2018-PDF-E.pdf

[19]   E-Governance Academy Foundation. National Cyber Security Index (NCSI). 2020. https://ncsi.ega.ee

[20]   ENISA. National Capabilities Assessment Framework (NCAF). 2020. https://www.enisa.europa.eu/publications/national-capabilities-assessment-framework

[21]   Global Cyber Security Capacity Centre. Cybersecurity capacity maturity model for nations (CMM): Revised edition. 2021. https://gcscc.ox.ac.uk/files/cmm2021editiondocpdf

[22]   Potomac Institute. (Cyber Readiness Index (CRI) 2.0. 2015. https://www.potomacinstitute.org/images/CRIndex2.0.pdf

[23]         Dokuchaev V.A., Maklachkova V.V., Statev V. Yu. (2020) Digitalization of the personal data subject. T-Comm, vol. 14, no.6, pp. 27-32.

DOI: 10.36724/2072-8735-2020-14-6-27-32.

[24]         Pavlov S.V., Dokuchaev V.A., Maklachkova V.V., Mytenkov S.S. (2019). Features of supporting decision making in modern enterprise infocommunication systems. T-Comm, vol. 13, no.3, pр. 71-74. DOI 10.24411/2072-8735-2018-10252.

[25]   L. Bate, “Cybersecurity Workforce Development: A Primer. New America, Florida International University,” 2018. https://d1y8sb8igg2f8e.cloudfront.net/documents/Cybersecurity_Workforce_Development_A_Primer_2018-11-01_183611.pdf

[26]   A. Parrish, J. Impagliazzo, R. K. Raj, H. Santos, M. R. Asghar, A. Josang, E. Stavrou, “Global perspectives on cybersecurity education for 2030: a case for a meta-discipline,” Procedings companion of the 23rd annual ACM conference on innovation and technology in computer science education, 2018, pp. 36-54.

[27]   OAS. Cybersecurity Education. 2020. https://www.oas.org/es/sms/cicte/docs/White-Paper-Cybersecurity-Education.pdf

[28]   Henry, Adam P., “Mastering the Cyber Security Skills Crisis: Realigning Educational Outcomes to Industry Requirements,” 2017. https://unsw.adfa.edu.au/unsw-canberra-cyber/sites/accs/files/uploads/ACCS-Discussion-Paper-4-Web.pdf

[29]   J. Bridge, J. Twaddle, “Scaling up work integrated learning in higher education,” 2023. https://www.pwc.com.au/government/government-matters/work-integrated-learning-in-higher-education.html

[30]   Western Sydney University. Industry Placement Pathway. 2023. https://online.westernsydney.edu.au/online-courses/social-science/bachelor-cyber-security-behaviour/placement-pathway/

[31]   Guide to Developing a National Cybersecurity Strategy. GFCE Working Group D. White Paper: Task Force on Cybersecurity Professional Training and Development. 2019. https://cybilportal.org/wp-content/uploads/2020/02/GFCE-WG-D-White-Paper-Task-Force-on-Cybersecurity-Professional-Training-and-Development.pdf.

[32]   W. Newhouse, S. Keith, B. Scribner, G. Witte, “National initiative for cybersecurity education (NICE) cybersecurity workforce framework,” NIST special publication, 800(2017), 181.

[33]   European Commission. Operational Guidance for the EU’s international cooperation on cyber capacity building. 2018. https://www.iss.europa.eu/content/operational-guidance-eu%E2%80%99s-international-cooperation-cyber-capacity-building

[34]   Allen & Kilvington. Summary: An introduction to systems thinking and systemic design – concepts and tools (Presentation). Based on material for an introductory workshop. 2018. https://learningforsustainability.net/post/systemicdesign-intro

[35]   OECD. Systems Approaches to Public Sector Challenges. 2017. https://www.oecd.org/publications/systems-approaches-to-public-sector-challenges-9789264279865-en.htm

[36]   Learning for Sustainability. Systems Thinking. 2020. https://learningforsustainability.net/systems-thinking

[376] Social Value International. Maximise Your Impact: A guide for social entrepreneurs. 2017. https://socialvalueint.org/maximise-your-impact-guide

[38]   REWIRE Project. PESTLE analysis of Cybersecurity Education. 2021. https://digital-skills-jobs.europa.eu/en/inspiration/research/pestle-analysis-cybersecurity-education-2021

[39]   I. Agrafiotis, M. Bada, P. Cornish, S. Creese, M. Goldsmith, E. Ignatuschtschenko, D. M. Upton, “Cyber harm: concepts, taxonomy and measurement. Saïd Business School WP,” 2016.

[40]   Stakeholder Mapping Adapted from: Social Value UK. Maximise Your Impact – A Guide for Social Entrepreneurs. 2017. http://www.socialvalueuk.org/app/uploads/2017/10/MaximiseYourImpact.24.10.17.pdf

[41]   Interactive dashboard for the United States of America: Cyber Seek. 2023. https://www.cyberseek.org/

[42]   A systems approach to understanding national cybersecurity education capacity. 2024. https://www.itu.int/hub/publication/d-phcb-cyb_educ-2024/

[43]         Dokuchaev V.A., Maklachkova V.V., Statev V.Yu. (2020) Classification of personal data security threats in information systems. T-Comm, vol. 14, no.1, pр. 56-60. DOI: 10.36724/2072-8735-2020-14-1-56-60.