Overcoming the Challenges of Teaching Cybersecurity in UK Computer Science Degree Programmes

Tom Crick, James Davenport, P Hanna, Alastair Irons, Tom Prickett

Research output: Chapter in Book/Report/Conference proceedingChapterpeer-review

1 Citation (Scopus)
12 Downloads (Pure)


This Innovative Practice Full Paper explores the
diversity of challenges relating to the teaching of cybersecurity
in UK higher education degree programmes, through the lens of
national policy, to the impact on pedagogy and practice.
There is a serious demand for cybersecurity specialists, both
in the UK and globally; there is thus significant and growing
higher education provision related to specialist undergraduate
and postgraduate courses focusing on varying aspects of cybersecurity. To make our digital systems and products more secure,
all in IT need to know some cybersecurity – thus, there is a case
for depth as well as breadth; this is not a new concern, but it is a
growing one. Delivering cybersecurity effectively across general
computer science programmes presents a number of challenges
related to pedagogy, resources, faculty and infrastructure, as well
as responding to industry requirements.
Computer science and cognate engineering disciplines are
evolving to meet these demands – both at school-level, as well as
at university – however, doing so is not without challenges. This
paper explores the progress made to date in the UK, building
on previous work in cybersecurity education and accreditation
by highlighting key challenges and opportunities, as well as
identifying a number of enhancement activities for use by the
international cybersecurity education community. It frames these
challenges through concerns with the quality and availability
of underpinning educational resources, the competencies and
skills of faculty (especially focusing on pedagogy, progression and
assessment), and articulating the necessary technical resources
and infrastructure related to delivering rigorous cybersecurity
content in general computer science and cognate degrees.
Though this critical evaluation of an emerging national case
study of cybersecurity education in the UK, we also present
a number of recommendations across policy and practice –
from pedagogic principles and developing effective cybersecurity
teaching practice, challenges in the recruitment, retention and
professional development of faculty, to supporting diverse routes
into post-compulsory cybersecurity education (and thus, diverse
careers) – to provide the foundation for potential replicability and
portability to other jurisdictions contemplating related education
and skills reform initiatives and interventions.

Original languageEnglish
Title of host publicationProceedings of 50th Annual Frontiers in Education Conference
Publication statusPublished - 2020


  • cybersecurity
  • computer science education
  • curricula
  • pedagogy
  • assessment
  • accreditation
  • UK

Fingerprint Dive into the research topics of 'Overcoming the Challenges of Teaching Cybersecurity in UK Computer Science Degree Programmes'. Together they form a unique fingerprint.

Cite this