Examining the Pedagogical Best Practices of Student Mastery of Cyber Security in Higher Education

The intricacy of information security management (ISM) has become a major issue for organizations as Cybercrime is on the rise and cybercriminals are only getting better at what they do. The skills gap is growing between the people who hack and the people who could help protect against cybersecurity vulnerabilities of new technologies, such as drones and autonomous vehicles. As threats that exploit vulnerabilities in our cyber infrastructure grow and evolve, an integrated cybersecurity workforce must be capable of designing, developing, implementing, and maintaining defensive and offensive cyber strategies. The role of higher educational institutions (HEI) preparing students in cyber security workforce development could not have been more important as institutions are finding themselves with the challenge of preparing a workforce for a battle that is apparently hard with which to keep pace. The purpose of this study qualitative research was to determine best practices in cybersecurity competencies and teaching pedagogies in higher education. The study sought to find the best pedagogies being used in cybersecurity programs in institutions designed as Centers of Academic Excellence (CAE) to prepare students. The study also sought to determine specific pedagogical best practices depending upon type of competency. Interviews were conducted with cybersecurity educators from eight (8) colleges and universities in Alabama and Tennessee who are members of the National Centers of Academic Excellence (CAE) program in Cyber Defense (CD). The interviews data collected were kept confidential. The results from this study indicate that while cybersecurity competencies can be achieved through all the four (4) pedagogical themes: hands-on virtual reality online; hands-on with instructor; mixed or blended learning; and flipped classroom learning, hands-on with virtualization led by an instructor stands out as the best pedagogy.