In the United States, there is a growing divergence between the number of open Cybersecurity/Information Assurance (CySIA) positions and the number of qualified graduates prepared to fill those vacancies. The ever-increasing use of e-commerce, cloud-based services, and the Internet of Things (IoT) have woven a basic understanding of CySIA concerns into the fabric of modern society. The gap in our cyber infrastructure highlights the need for providing a broad-based skill set in CySIA principles and implementations at all levels in the education system, not merely in four-year colleges and universities. To meet the growing demand for qualified professionals, work must be undertaken to promote CySIA education at the high school level and have it continued through traditional undergraduate programs, creating a cyber workforce pipeline.

Many colleges have implemented a Computer Science concentration in Information Assurance designed to teach the fundamentals of software-based principles such as cryptography, secure coding, and penetration testing, while computer engineering concentrations in Cybersecurity are designed to teach the hardware-based principles such as server hardening, defense in depth, and intrusion detection. These concentrations have been primarily aimed towards graduate degrees, but these standards need to be taught, and understood, as early in the Computer Science curriculum as possible.

Statistics show a huge gap between the number of CySIA aware high school graduates and the number of CySIA jobs available today. The overarching goal of this project is to provide high school teachers, initially in the Chicago and Philadelphia metro areas, with CySIA professional development training, providing resources they can bring back to their classrooms. By training teachers, we can indirectly reach many more students than would be possible by hosting student-focused workshops.

At the high school level, most states do not have a recommended curriculum for their introductory coursework. The Computer Science Teachers Association proposed a standard curriculum that should be followed for grades K-12; however this curriculum only provides a rough approximation of what should be covered without outlining any specific methodologies to follow or referencing any resources that can aid the instructor, who often do not have prior training in CySIA concepts. In addition, this curriculum truly begins teaching CySIA concepts in first grade. While the investigators understand the desire to gradually introduce topics over the course of a student's education, these guidelines will create problems in districts servicing underrepresented or underprivileged communities where schools are unable to provide this instruction or where students lack access to computer resources at home.

The lack of a detailed curriculum is not an issue for teachers who instruct the Advanced Placement (AP) course which has a detailed, prescribed curriculum; however, this program does not include any instruction topics in CySIA. This causes issues of its own since students taking the AP course are able to gain credit for introductory Computer Science classes at their chosen college or university, which often include material on CySIA that these students will not be exposed to.

The Cybersecurity Faculty Development for High School Teachers Workshop Project aims to address the problem of a lack of exposure and training in CySIA concepts among high school educators and, in turn, their students. The scope of our project will be to organize professional development workshops where the teachers will be trained to enhance their curriculum with the addition of CySIA topics.