Abstract
This paper describes development and delivery of the curriculum for a four-year undergraduate program in applied Information Sciences which comprises all the aspects of information systems security. After the first generation of students graduated in 2008, the program was evaluated by using multiple methods, including an exploration of the challenges and successes the program underwent in the process. By reflecting on the established need for such a program and how it evolved historically, the authors set up a baseline for comparing this program with other related programs in the field as well as with known information systems security curriculum models. While this curriculum continues to be modified in response to requirements from the job market and input from industry experts, some challenges for the program remain, such as scarcity of qualified instructors to ensure seamless program delivery, having students with varied educational backgrounds in the same class, and underrepresentation of females. Program curriculum details and useful experiential conclusions are also provided.
Similar content being viewed by others
Notes
SANS stands for SysAdmin, Audit, Network, Security; while (ISC)2 stands for International Information Systems Security Certification Consortium.
References
Aycock, J., & Barker, K. (2004). Creating a secure computer virus laboratory (case study). In U. E. Gattiker (Ed.), EICAR 2004 Conference CD-ROM: Best Paper Proceedings. 13 pages. Copenhagen: EICAR e.V.
Aycock, J., & Barker, K. (2005). Viruses 101, Department of Computer Science, University of Calgary, SIGCSE’05, February 23–27, 2005, St. Louis, Missouri, USA.
Blahnik, J., McVey, B., & Pankratz, D. (2006). Adding concentrations to the CS major: Our Dean calls us ‘innovative’. SIGCSE’06, March 1–5, 2006, Houston, Texas, pp. 191–194.
Bogolea, B., & Wijekumar, K. (2004). Information security curriculum creation: A case study. InfoSecCD Conference ’04, October 8, 2004, Kennesaw, GA, USA, 59–65.
CC2001 Joint Task Force (2001). Computing Curricula 2001: Computer Science. Retrieved September 5, 2009 from http://www.sigcse.org/resources/cs-2001.
Chen, L.-C., & Lin, C. (2007). Combining theory with practice in information security education. Proceedings of the 11th Colloquium for Information Systems Security Education, Boston University, Boston, MA June 4–7, 2007, 28–35.
Du, W., Teng, Z., & Wang, R. (2007). SEED: A suite of instructional laboratories for computer SEcurity EDucation. SIGCSE’07, March 7–10, 2007, Covington, Kentucky, pp. 486–490.
Frieze, C., Hazzan, O., Blum, L., & Dias, M. B. (2006). Culture and environment as determinants of women’s participation in computing: Revealing the “women-CS fit.” SIGCSE’06, March 1–5, 2006, Houston, Texas, pp. 22–26.
Frost & Sullivan (2008). The 2008 (ISC)2 global information security workforce study. Retrieved September 1, 2009 from http://www.isc2.org/uploadedFiles/Industry_Resources/2008_Global_WF_Study.pdf.
Furst, M., Isbell, C., & Guzdial, M. (2007). ThreadsTM: How to restructure a computer science curriculum for a flat world. SIGCSE’07, March 7–10, 2007, Covington, Kentucky, pp. 420–424.
Ontario Jobs and Investment Board (1999). A roadmap to prosperity: An economic plan for jobs in the 21st Century, Ontario Government Documents Collection.
Ontario Ministry of Training, Colleges and Universities (2000). “Increasing Degree Opportunities for Ontarians”, A Consultation Paper.
Sheoran, P., Friesen, C., & de Belón, H. (2006). Developing and sustaining information assurance: The role of community colleges, part 2. IEEE Security and Privacy, 4, 60–65.
Theoharidou, M., & Gritazalis, D. (2007). Common body of knowledge for information security. IEEE Security & Privacy, 5(2), 64–67.
Tipton, H. F., & Henry, K. (2006). Official (ISC)² guide to the CISSP CBK. New York: Auerbach Publications.
Whitman, M. E., & Mattord, H. J. (2004a). Designing and teaching information security curriculum. InfoSecCD Conference ’04, October 8, 2004, Kennesaw, GA, USA, 1–7.
Whitman, M., & Mattord, H. (2004b). A draft curriculum model for programs of study in information security and assurance. Retrieved March 30, 2009 from http://infosec.kennesaw.edu/InfoSecCurriculumModel.pdf.
Author information
Authors and Affiliations
Corresponding author
Rights and permissions
About this article
Cite this article
Ralevich, V., Martinovic, D. Designing and implementing an undergraduate program in information systems security. Educ Inf Technol 15, 293–315 (2010). https://doi.org/10.1007/s10639-010-9123-y
Published:
Issue Date:
DOI: https://doi.org/10.1007/s10639-010-9123-y