Elizabeth K. Hawthorne

Toward curricular guidelines for cybersecurity

This session reports on a workshop convened by the ACM Education Board with funding by the US National Science Foundation and invites discussion from the community on the workshop findings. The topic, curricular directions for cybersecurity, is one that resonates in many departments considering how best to prepare graduates to face the challenges of security issues in employment and future research. The session will include presentation of the workshop context and conclusions, but will be open to participant discussion. This will be the first public presentation of the results of the workshop and the first opportunity for significant response.

Information assurance education in two- and four-year institutions

The 2011 ITiCSE working group on information assurance (IA) education examined undergraduate curricula at the two- and four-year levels, both within and outside the United States (US). A broad set of two-year IA degree programs were examined in order to get a sense of similarities and differences between them. A broad set of four-year IA degree programs were also examined to explore their similarities and differences. A comparison between the two-year and fourfour-year degree programs revealed that the common challenge of articulation between two- and four-year programs exists in IA as well. The challenge of articulation was explored in some depth in order to understand what remedies might be available. Finally, a number of IA programs at international institutions were examined in order to gain insight into differences between US and non-US IA programs.

Teaching secure coding: the myths and the realities

Teaching secure coding has never been more important. The CS2013 Ironman draft includes Information Assurance and Security as a new Knowledge Area and recommends that security be cross-cutting across all undergraduate computer science curricula. The Summit on Education in Secure Software recommended: 1) increasing the number of faculty who understand the importance of secure programming principles, and will require students to practice them; 2) integrating computer security content into existing technical and non-technical courses; and 3) using innovative teaching methods to strengthen the foundation of computer security knowledge. In this panel, we will speak to these recommendations and the new curricular guidelines and discuss the importance and challenges of teaching secure coding.

The role of two-year colleges in educating the cyber-security workforce

This poster presentation showcases a current project of the Two-Year College Education Committee, a standing committee of the ACM Education Board.

Celebrating 40 years of ACM's commitment to community colleges

2015 December • Vol. 6 • No. 4 acm Inroads 33 THE 2016 SIGCSE TECHNICAL SYMPOSIUM in Memphis, TN promises to be a special time for the ACM Committee for Computing Education in Community Colleges (CCECC). The Committee will be celebrating its silver anniversary as a standing committee of the ACM Education Board, as well as the ruby anniversary of ACM’s commitment to community colleges. Before reflecting upon the 25-year milestone, we must first travel back 40 years to 1975 for the complete historical picture—to the Committee’s seminal roots and her passionate champion, ACM Fellow Joyce Currie Little.

ACM/IEEE-CS computer science curricula 2013: implementing the final report

For over 40 years, the ACM and IEEE-Computer Society have sponsored international curricular guidelines for undergraduate programs in computing. The rapid evolution and expansion of the computing field and the growing number of topics in computer science have made regular revision of curricular recommendations necessary. Thus, the Computing Curricula volumes are updated on an approximately 10-year cycle, with the aim of keeping curricula modern and relevant. The latest volume in the series, Computer Science Curricula 2013 (CS2013), is due for release in the Fall of 2013. This panel seeks to inform the SIGCSE community about the final version of the report, provide insight on interpreting the CS2013 guidelines, and give guidance regarding how the guidelines may be implemented at different institutions.

Multifarious initiatives in cybersecurity education

According to the nAtionAl Security council, “president obama has identified cybersecurity as one of the most serious economic and national security challenges we face as a nation, but one that we as a government or as a country are not adequately prepared to counter [2].” in may of 2009, the president supported the recommendations from his commissioned cyberspace policy review that, among other endorsements, included promoting cybersecurity awareness and building the digital workforce of the 21st century. the recommendations from the cyberspace policy review were based upon the 2008 comprehensive National cybersecurity initiative (cNci), which consists of 12 individual initiatives designed to help secure the united States in cyberspace. this column will focus on initiative 8 – expand cyber education – as it relates to two-year college programs. First a little background on cNci initiative 8. presently, an insufficient number of cybersecurity practitioners and professionals exist to protect and defend the united States in cyberspace. the current cybersecurity training and education programs are limited in focus and lack unity of effort. Evolving from cNci initiative 8, the National initiative for cybersecurity Education (NicE) was established with the goal of creating “operational, sustainable and continually improving” cybersecurity education that will enhance the nation’s security [8]. the Department of Education and the National Science Foundation (NSF) are serving as co-leads for this NicE component called Formal Cybersecurity Education. the mission of this component is to bolster cybersecurity education programs from kindergarten through graduate school, with an emphasis on science, technology, engineering and mathematics (StEm) disciplines to fill the pipeline with technologicallyskilled and cyber-savvy personnel. During the summer of 2011, an acm innovation and technology in computer Science Education (iticSE) working group studied 16 associate-degree programs in information assurance (a.k.a. cybersecurity). the findings are revealing and in concert with cNci initiative 8. “a lack of consensus of what constitutes information assurance (ia) education has led to ia degree programs with widely varying curricula [10].” associate degree ia programs vary in their particular emphases, their curricular structure, and whether they are meant to place graduates into the workforce or to matriculate students into baccalaureate degree programs. of the 16 associate-degree programs examined by the 2011 working group, 14 were associate of applied Science (a.a.S.) degrees and 2 were associate of Science (a.S.) degrees. of the a.a.S. career programs, two areas of concentration emerged, network security and computer forensics. Figure 1 depicts the composition of a typical network security degree, while Figure 2 illustrates the composition of a typical computer forensics

Associate-degree curricular guidance for information technology

User Support Services and internet/web Services, reflects what many would characterize today as three foundational pillars of “traditional it.” between the publication of the March 2000 Guidelines and the world of associate-degree computing programs today, how the landscape has dramatically changed! And while at the turn of the century the term it may not have been sufficiently mature to connote meaningfully the nature of the Guidelines being produced, now in 2012 the term it has The ACM CoMMiTTee for computing education in community colleges (ccecc) was pleased – a decade ago – to produce the Guidelines for Associate degree programs to Support computing in a Networked environment. had the etymology of the term “information technology” (it) evolved more rapidly, this document would have undoubtedly been titled, “Guidelines for Associate degree it programs” or something closely akin to that. For in effect these Guidelines, constituted by tracks in Networking Services, evolved to include – or not, depending on one’s perspective – many, many degree programs. one can reasonably ask whether health information Management is considered an it degree program, while the same could be debated for biotechnology, Video and Film production, Geographic information Systems, instrumentation technology, electronics technology, and cybersecurity. the AcM ccecc, in fact, has posed such questions to a select team of professionals. charged by the AcM education board with formulating recommendations regarding the need for, and potential nature of, contemporary curricular guidance relevant to it-related associate-degree programs, the ccecc organized a diverse working group to undertake this charge. in this initial investigative phase, the team’s work coalesced around a series of foundational questions employing the delphi method. A subsequent phase, should these working group recommendations be adopted by the education board, will entail the development of curricular and assessment guidance by an international team. during the investigative phase, the working group arrived at the following key conclusions to help steer the development of the curricular and assessment guidance in the next phase:

CS2013: a call for community college exemplars

Brief History Starting with Curriculum 1968 [1], the Association for Computing Machinery (ACM) and the IEEE-Computer Society (IEEE-CS) – the major professional societies in computing – have joined together to provide ground-breaking and meaningful curricular recommendations for undergraduate computer science degree programs. Approximately every decade since, the guidelines were revised to reflect the field’s constant evolution: Computer Science Curriculum 1978 [2], 1991 [3], 2001 [4], interim 2008 [5], and forthcoming 2013.

Infusing software assurance in computing curricula

18 acm Inroads 2012 June • Vol. 3 • No.2 us. We need to keep up with, preferably in front of, technological and social change. What should we do when faced with the latest challenge (starting with mobile devices) to our professional world? We should embrace change. Each time we are faced with the latest “interference” with our teaching mission, we have an opportunity to think outside the box. Look for a way to