Assessing the Maturity of Cybersecurity Education in Virginia and the Impact of State Level Investment
Patrick Mero, Aaron Pepsin, Chris Kreider
TL;DR
This paper develops a scale to assess cybersecurity education maturity in Virginia universities, demonstrating increasing program offerings over time, which could help address the global cybersecurity jobs shortage.
Contribution
It introduces the Cybersecurity Education Maturity Model Scale (CEMMs) and validates its reliability for comparing university cybersecurity programs.
Findings
Virginia universities' cybersecurity offerings increased from 2017 to 2025.
The CEMMs scale is reliable and valid for assessing educational maturity.
Potential positive impact on closing cybersecurity jobs gap.
Abstract
With a global shortage of cybersecurity students with the education and experience necessary to fill more than 3 million jobs, cybersecurity education is an international problem. Significant research within this field has explored this problem in depth, identifying a variety of shortcomings in the cybersecurity educational pipeline including lack of certifications, security clearances, and appropriate educational opportunities within institutions of higher education. Additional research has built on this, exploring specific gaps within what cybersecurity opportunities are provided within institutions of higher education. We build an ordinal scale for assessing this, the cybersecurity education maturity model scale (CEMMs), and provide evidence of reliability and validity. We then calculate the CEMMs score for all public four-year universities in the state of Virginia between 2017 and…
Peer Reviews
No public reviews on file for this paper yet. If you reviewed it on a platform where reviews are public (OpenReview, ICLR, NeurIPS, ICML), you can paste yours below so the community can read it here.
Videos
No videos yet. Explain this paper in a talk, walkthrough, or lecture? Add one.
Taxonomy
TopicsInformation and Cyber Security · Cybercrime and Law Enforcement Studies