Cybersecurity education often feels fragmented because of its broad spectrum which includes theoretical principles, cyber hygiene, board-level decision-making, and highly specialized technical skills. Workforce and academic training will benefit from cybersecurity instructors who position multi-faceted topics through the single lens of risk management. Effective programs do not seek to eliminate cyber risk, but to manage it appropriately. Helping students approach cybersecurity challenges from a risk management perspective will provide direction and confidence instead of fear and information overload. The National Centers of Academic Excellence (CAE) program seeks to reduce vulnerability in our national information infrastructure by promoting the development of professionals with appropriate expertise. Technical cyber professionals need help in communicating more effectively with decision makers. Non-cyber professionals need greater awareness of the importance of applying cybersecurity principles to non-IT-based roles. Introducing cybersecurity from a risk management perspective accomplishes both of these needs.
Barbara Fox
PDF Document