Overcoming the Challenges of Teaching Cybersecurity in UK Computer Science Degree Programmes

Tom Crick, James Davenport, P Hanna, Alastair Irons, Tom Prickett

Research output: Chapter in Book/Report/Conference proceedingConference contributionpeer-review

10 Citations (Scopus)
16 Downloads (Pure)


This Innovative Practice Full Paper explores the diversity of challenges relating to the teaching of cybersecurity in UK higher education degree programmes, through the lens of national policy, to the impact on pedagogy and practice.
There is a serious demand for cybersecurity specialists, both in the UK and globally; there is thus significant and growing higher education provision related to specialist undergraduate and postgraduate courses focusing on varying aspects of cybersecurity. To make our digital systems and products more secure, all in IT need to know some cybersecurity – thus, there is a case for depth as well as breadth; this is not a new concern, but it is a growing one. Delivering cybersecurity effectively across general computer science programmes presents a number of challenges related to pedagogy, resources, faculty and infrastructure, as well as responding to industry requirements. Computer science and cognate engineering disciplines are evolving to meet these demands – both at school-level, as well as at university – however, doing so is not without challenges. This
paper explores the progress made to date in the UK, building on previous work in cybersecurity education and accreditation by highlighting key challenges and opportunities, as well as identifying a number of enhancement activities for use by the international cybersecurity education community. It frames these challenges through concerns with the quality and availability of underpinning educational resources, the competencies and skills of faculty (especially focusing on pedagogy, progression and assessment), and articulating the necessary technical resources and infrastructure related to delivering rigorous cybersecurity
content in general computer science and cognate degrees. Though this critical evaluation of an emerging national case study of cybersecurity education in the UK, we also present a number of recommendations across policy and practice –
from pedagogic principles and developing effective cybersecurity teaching practice, challenges in the recruitment, retention and professional development of faculty, to supporting diverse routes into post-compulsory cybersecurity education (and thus, diverse careers) – to provide the foundation for potential replicability and portability to other jurisdictions contemplating related education
and skills reform initiatives and interventions.

Original languageEnglish
Title of host publication2020 IEEE Frontiers in Education Conference, FIE 2020 - Proceedings
Number of pages9
ISBN (Electronic)9781728189611
Publication statusPublished (in print/issue) - 4 Dec 2020

Publication series

NameProceedings - Frontiers in Education Conference, FIE
ISSN (Print)1539-4565

Bibliographical note

Funding Information:
The first, second, fourth and fifth authors’ institutions are members of the Institute of Coding, an initiative funded by the Office for Students (England) and the Higher Education Funding Council for Wales.

Funding Information:
The authors would like to thank Dr Phil Brooke of Green Pike Ltd, and the Royal Academy of Engineering for funding his position at Northumbria University for three academic years through the Visiting Professor Scheme.

Publisher Copyright:
© 2020 IEEE.

Copyright 2020 Elsevier B.V., All rights reserved.


  • cybersecurity
  • computer science education
  • curricula
  • pedagogy
  • assessment
  • accreditation
  • UK


Dive into the research topics of 'Overcoming the Challenges of Teaching Cybersecurity in UK Computer Science Degree Programmes'. Together they form a unique fingerprint.

Cite this