Conformity of Information Security Curriculum and Task Technology of Security System Design and Analysis
Abstract
Background/Objectives: The National Initiative for Cybersecurity Education (NICE) recommends the skills and capabilities required by cybersecurity officers in connection with the staffing framework for cybersecurity. However, college education programs that train information protection personnel lack discussion and reflection on them. Therefore, in this paper, we analyzed the information protection curriculum of five universities in the Seoul metropolitan area of Korea and studied whether this process is suitable for the job requirements technology presented in the Framework for the Training of Cybersecurity Personnel.
Methods/Statistical analysis: In this paper, the security techniques and security capabilities to be retained by the task force responsible for designing and analyzing the security system presented by NICE criteria were analyzed first. At that time, the security technologies required by the officer were classified into core and specialized technologies. The reason why NICE criteria are applied is because they are classified as most objective and reasonable internationally. In this paper, the curriculum of the major information protection departments in Korea and their relevance to the security technologies and technologies that should be equipped by those in charge were analyzed.
Findings: The reason for this analysis is to see if information security curricula in 5 universities of the Seoul metropolitan area appropriate education system for conducting security system design and analysis. To analyze this, we classified requirements and capabilities of job skill of NICE framework. And the required skills and capabilities were mapped to security education subjects in the department of information protection. Studies show that the information security curriculum of five universities in the Seoul metropolitan area should be supplemented to acquire the skills required for the design and analysis tasks of security systems. In this study, what we found that the curriculum of the relevant university has features and advantages in each curriculum. However, if the departments concerned want to train the personnel responsible for designing and analyzing security systems, there are many more subjects to be added to the current curriculum.
Improvements/Applications: The results of this paper were understandable about the security requirements and capabilities required to perform the tasks of design and analysis of security systems. It can also be used as a reference model when preparing and designing of future security curricula.
