Universities now have access to the UK’s first higher education cybersecurity learning guidelines for undergraduate degrees to be referenced within BCS, the Chartered Institute for IT’s accreditation criteria for computing and IT-related degrees.
The guidelines are meant to be a resource for universities designed to solve critical cyber threats to UK economy by embedding cybersecurity into the core of computing degrees. If implemented, over 20,000 computer science graduates a year across 100 UK universities could be taught cybersecurity—a big step towards filling a drastic national skills shortage.
Published by (ISC)2 and the Council of Professors and Head of Computing (CPHC), the guidelines reflect broad consultation with more than 30 universities and industry bodies. Developed in support of the UK government’s National Cybersecurity Strategy, the guidelines define cybersecurity imperatives and learning outcomes affecting the next wave of computing degrees from as early as September 2015.
“The UK has a world-class cybersecurity sector, but we can only continue in this vein if we have the highly skilled workforce we need to thrive. Initiatives, such as this, are excellent examples of encouraging the best young people to consider careers in cyber,” said Matthew Hancock, Minister for the Cabinet Office.
The universities will benefit from specific guidance for embedding and enhancing relevant cybersecurity principles, concepts and learning outcomes within their curricula at all levels. Students can be taught a broad spectrum of cybersecurity concepts, from threats and attacks to designing secure systems and products to governance based on up-to-date industry expertise.
“This marks a significant shift in the teaching of security in higher education; cybersecurity is now being recognized as integral to every relevant computing discipline from computer game development to network engineering,” said Carsten Maple, professor of Cyber Systems Engineering at University of Warwick and vice chair of the Council of Professors and Heads of Computing. “Previously, cybersecurity was treated as a separate discipline to computing with students being taught how to create applications or develop systems and technology but not how to secure them; leading to proliferation of systems with built-in vulnerabilities. Academia, industry and government have all recognized this, which is why we have come together to address this issue and provide a practical and accessible way of incorporating cybersecurity into our curricula, and move the discipline forward.”