Skip to main content
SpringerLink
Log in

Designing and implementing an undergraduate program in information systems security

  • Published:
Education and Information Technologies Aims and scope Submit manuscript

Abstract

This paper describes development and delivery of the curriculum for a four-year undergraduate program in applied Information Sciences which comprises all the aspects of information systems security. After the first generation of students graduated in 2008, the program was evaluated by using multiple methods, including an exploration of the challenges and successes the program underwent in the process. By reflecting on the established need for such a program and how it evolved historically, the authors set up a baseline for comparing this program with other related programs in the field as well as with known information systems security curriculum models. While this curriculum continues to be modified in response to requirements from the job market and input from industry experts, some challenges for the program remain, such as scarcity of qualified instructors to ensure seamless program delivery, having students with varied educational backgrounds in the same class, and underrepresentation of females. Program curriculum details and useful experiential conclusions are also provided.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Fig. 1
Fig. 2

Similar content being viewed by others

Notes

  1. SANS stands for SysAdmin, Audit, Network, Security; while (ISC)2 stands for International Information Systems Security Certification Consortium.

References

  • Aycock, J., & Barker, K. (2004). Creating a secure computer virus laboratory (case study). In U. E. Gattiker (Ed.), EICAR 2004 Conference CD-ROM: Best Paper Proceedings. 13 pages. Copenhagen: EICAR e.V.

  • Aycock, J., & Barker, K. (2005). Viruses 101, Department of Computer Science, University of Calgary, SIGCSE’05, February 23–27, 2005, St. Louis, Missouri, USA.

  • Blahnik, J., McVey, B., & Pankratz, D. (2006). Adding concentrations to the CS major: Our Dean calls us ‘innovative’. SIGCSE’06, March 1–5, 2006, Houston, Texas, pp. 191–194.

  • Bogolea, B., & Wijekumar, K. (2004). Information security curriculum creation: A case study. InfoSecCD Conference ’04, October 8, 2004, Kennesaw, GA, USA, 59–65.

  • CC2001 Joint Task Force (2001). Computing Curricula 2001: Computer Science. Retrieved September 5, 2009 from http://www.sigcse.org/resources/cs-2001.

  • Chen, L.-C., & Lin, C. (2007). Combining theory with practice in information security education. Proceedings of the 11th Colloquium for Information Systems Security Education, Boston University, Boston, MA June 4–7, 2007, 28–35.

  • Du, W., Teng, Z., & Wang, R. (2007). SEED: A suite of instructional laboratories for computer SEcurity EDucation. SIGCSE’07, March 7–10, 2007, Covington, Kentucky, pp. 486–490.

  • Frieze, C., Hazzan, O., Blum, L., & Dias, M. B. (2006). Culture and environment as determinants of women’s participation in computing: Revealing the “women-CS fit.” SIGCSE’06, March 1–5, 2006, Houston, Texas, pp. 22–26.

  • Frost & Sullivan (2008). The 2008 (ISC)2 global information security workforce study. Retrieved September 1, 2009 from http://www.isc2.org/uploadedFiles/Industry_Resources/2008_Global_WF_Study.pdf.

  • Furst, M., Isbell, C., & Guzdial, M. (2007). ThreadsTM: How to restructure a computer science curriculum for a flat world. SIGCSE’07, March 7–10, 2007, Covington, Kentucky, pp. 420–424.

  • Ontario Jobs and Investment Board (1999). A roadmap to prosperity: An economic plan for jobs in the 21st Century, Ontario Government Documents Collection.

  • Ontario Ministry of Training, Colleges and Universities (2000). “Increasing Degree Opportunities for Ontarians”, A Consultation Paper.

  • Sheoran, P., Friesen, C., & de Belón, H. (2006). Developing and sustaining information assurance: The role of community colleges, part 2. IEEE Security and Privacy, 4, 60–65.

    Google Scholar 

  • Theoharidou, M., & Gritazalis, D. (2007). Common body of knowledge for information security. IEEE Security & Privacy, 5(2), 64–67.

    Article  Google Scholar 

  • Tipton, H. F., & Henry, K. (2006). Official (ISC)² guide to the CISSP CBK. New York: Auerbach Publications.

    Google Scholar 

  • Whitman, M. E., & Mattord, H. J. (2004a). Designing and teaching information security curriculum. InfoSecCD Conference ’04, October 8, 2004, Kennesaw, GA, USA, 1–7.

  • Whitman, M., & Mattord, H. (2004b). A draft curriculum model for programs of study in information security and assurance. Retrieved March 30, 2009 from http://infosec.kennesaw.edu/InfoSecCurriculumModel.pdf.

Download references

Author information

Authors and Affiliations

  1. BAISc (Information Systems Security), Sheridan Institute of Technology and Advanced Learning, 1430 Trafalgar Road, Oakville, ON, L6H 2L1, Canada

    Victor Ralevich

  2. Faculty of Education, University of Windsor, Windsor, ON, N9B 3P4, Canada

    Dragana Martinovic

Authors
  1. Victor Ralevich
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Dragana Martinovic
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Victor Ralevich.

Rights and permissions

Reprints and permissions

About this article

Cite this article

Ralevich, V., Martinovic, D. Designing and implementing an undergraduate program in information systems security. Educ Inf Technol 15, 293–315 (2010). https://doi.org/10.1007/s10639-010-9123-y

Download citation

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s10639-010-9123-y

Keywords

Search

Navigation