Study says higher education failing to prepare leaders for cyber threats
According to a new study from the Pell Center for International Relations and Public Policy, America’s colleges and universities are failing to prepare the next generation of leaders for responsibility in an age of cyber threat.
Written by Pell Center fellow Francesca Spidalieri, “One Leader at a Time: The Failure to Educate Future Leaders for an Age of Persistent Cyber Threat” details the failing of America’s most prestigious graduate programs to prepare their graduates – and ultimately the nation – for leadership of critical institutions.
In researching “One Leader at a Time,” Spidalieri surveyed 70 top-ranked master’s-level programs in business, law, public affairs, public policy, international relations, criminal justice and health care management. The results provide an overview of current efforts by graduate-level programs in the United States to include information technology and cybersecurity education in their curricula.
Not one of the programs reviewed includes any aspect of cybersecurity among their core requirements. Of the 70 elite programs surveyed, only 10 clustered among five universities scored 3.0 or higher on a four-point scale to assess the exposure their students receive to cybersecurity issues.
“Ultimately, achieving cybersecurity is more than a technical problem,” said Spidalieri, who studies the issue for the Pell Center. “It is an operational problem, and only the leaders of institutions have the authority necessary to implement the fundamental, overarching policies that can begin to address some of these threats.”
The report is based on the premise that institutional leaders need not have specific training in engineering or programming, but they must be equipped with a deep understanding of the cyber context in which they operate to harness the right tools, strategies, people and training to respond to a dynamic and rapidly‐developing array of threats.
Drafted after six months of research by Spidalieri, the report draws on a wealth of information and sources. The fundamental question was whether these academic institutions included courses, occasional conferences or other forms of training for their students to gain a comprehensive understanding of the cyber context and the practical knowledge needed to manage the information security needs of their sector.
Although the report makes clear that some American universities have started to develop new content for cybersecurity education across different disciplines, the report also illustrates that the problem runs deep and wide. In brief, there remains a strong imbalance between the evident need for leaders to have, at minimum, a basic knowledge of the web, its players, technical dynamics, policy implications and emerging trends, and the marginal role that cybersecurity education still plays in most graduate programs.