The field of cybersecurity has been rapidly developing over the past few years primarily from the quickly changing legal requirements for maintaining privacy and security of assets and their internal sensitive data. To address the changing computing field, the Accreditation Board for Engineering (ABET) proposed preliminary cybersecurity accreditation criteria a few years ago. After ABET introduced the preliminary criteria, less than 20 universities have both applied and become ABET Cybersecurity accredited. This research explores ABET Cybersecurity Assessment perspectives from multiple courses in the Bachelor of Science program at St. John’s University in Queens, New York. Specifically, this research first examines current published trends on ABET accreditation. We, then, examine how different ABET assessment criteria, such as the Student Outcomes (SO) and Performance Indicators (PI), are assessed with respect to three core cybersecurity courses in our program: Network Security, Digital Forensics, and Secure Software Development. These courses were chosen as they introduce the three different perspectives of cybersecurity: development, risk management, and forensics. Interestingly, the inter-curricular courses are all inter-related; but, each relates to a different perspective within the field. We also explore how the courses share fundamental cybersecurity ABET assessment topics. Finally, the paper concludes with both lessons learned, from the ABET assessments, and prospective future cybersecurity assessment research topics.
Keywords: Accreditation Board for Engineering, ABET, Network Security, Secure Software Development, Digital Forensics, Undergraduate Program, New York State.
References (partial list shown):
[1] C. Richard G. Helps, Barry M. Lunt, and David K. Anthony. 2005. ABET accreditation with IT criteria. In Proceedings of the 6th conference on Information technology education (SIGITE ’05). Association for Computing Machinery, New York, NY, USA, 353–359. DOI:https://doi.org/10.1145/1095714.1095716
[2] Christopher Nitta and Kurt Eiselt. 2020. Using the CS2013 Exam for ABET Student Outcome Assessment. In Proceedings of the 51st ACM Technical Symposium on Computer Science Education (SIGCSE ’20). Association for Computing Machinery, New York, NY, USA, 1305. DOI:https://doi.org/10.1145/3328778.3372614
[3] Jesús Gabalán Coello and Kevin Huggins. 2019. The Students Outcomes ABET (1-7) and SOLO’s Taxonomy: An Approach. In Proceedings of the 5th International Conference on Frontiers of Educational Technologies (ICFET 2019). Association for Computing Machinery, New York, NY, USA, 110–117. DOI:https://doi.org/10.1145/3338188.3338212
[4] Donald B. Sanderson. 2009. Revising an assessment plan to conform to the new ABET-CAC guidelines. In Proceedings of the 40th ACM technical symposium on Computer science education (SIGCSE ’09). Association for Computing Machinery, New York, NY, USA, 352–356. DOI:https://doi.org/10.1145/1508865.1508993
[5] Doug Maughan. 2009. National cyber security research assessment and roadmap. In Proceedings of the 5th Annual Workshop on Cyber Security and Information Intelligence Research: Cyber Security and Information Intelligence Challenges and Strategies (CSIIRW ’09). Association for Computing Machinery, New York, NY, USA, Article 6, 1. DOI:https://doi.org/10.1145/1558607.1558614