Semester of Graduation



Master of Science in Computer Science (MSCS)


Computer Science

Document Type



The growing cybersecurity workforce gap underscores the urgent need to address deficiencies in cybersecurity education: the current education system is not producing competent cybersecurity professionals, and current efforts are not informing the non-technical general public of basic cybersecurity practices. We argue that this gap is compounded by a fundamental disconnect between cybersecurity education literature and established education theory. Our research addresses this issue by examining the alignment of cybersecurity education literature concerning educational methods and tools with education literature.

In our research, we endeavor to bridge this gap by critically analyzing the alignment of cybersecurity education literature with education theory. To this end, we developed an ontology of learning theories and teaching styles, drawn from foundational education theory and modern education literature. This framework enabled us to systematically analyze cybersecurity education literature, assessing the efficacy of educational methods and tools in preparing cybersecurity professionals.

Our findings reveal an emphasis on "gamification" within cybersecurity education; a concept that, while moderately effective in educating the general public about basic cybersecurity concepts, falls short in adequately training cybersecurity professionals. This disproportionate focus on one method highlights the need for a more nuanced and comprehensive approach to cybersecurity education. Our findings also reveal a foundational misconception of education theory; cybersecurity education researchers are not well-educated in the field of education theory, and this is evident in the inaccuracies in their inclusion of education theory in their research, if they include it at all.

In light of these results, we advocate for a paradigm shift towards a more robust integration of education theory into cybersecurity curriculum development and instructional practices. By grounding cybersecurity education in sound pedagogical principles, we can better equip future cybersecurity professionals with the knowledge and skills necessary to address evolving cybersecurity threats effectively. Moving forward, further research is needed to explore alternative educational approaches that are grounded in education theory, and to assess their impact on closing the cybersecurity workforce gap and honing the skills of the next generation of cybersecurity professionals.



Committee Chair

Ibrahim Baggili