Bridging the disconnect within Cybersecurity Workforce Supply Chain

Abstract

Within the Cybersecurity workforce supply chain, there continues to be a disconnect between the undergraduate curriculum and industry skill demand. The cybersecurity workforce framework of the National Initiative for Cybersecurity Education can serve as one of the tools to bridge this disconnect. Borrowing from the learnings in the training of students in medical school, this paper performs a qualitative literature review on some of the existing efforts to develop the cybersecurity workforce. By exploring the integration of the cybersecurity workforce framework and the curriculum guideline of the Joint Task Force on Cybersecurity Education, it recommends the introduction of Entrustable Professional Activities and mandatory apprenticeship as part of the curriculum guideline. The Entrustable Professional Activities could be based on workforce tasks defined by NICE and cybersecurity graduates will be expected to demonstrate capability to perform those activities. Industry participation is required across all levels of the supply chain.