Managing risk is a key component to achieving a strong cyber security posture. Practitioners must consider a combination of human, technology, and policy-based factors when establishing their postures. To help students understand these interdependencies, we designed and developed a course to apply, analyze, synthesize, and evaluate these in a real-world environment. Students have gained an appreciation for various technical and managerial concepts related to cyber security and demonstrated the knowledge gained by developing submissions to the annual Maritime Cyber Risk Symposium student poster contest. This paper describes the multi-year developmental journey in standing up a Cyber Risk Management course linked to National Security Agency/Department of Homeland Security National Center of Academic Excellence in Cyber Education knowledge units, ABET outcomes for cybersecurity computing programs, and the National Institute of Standards and Technology framework and guidance. It includes student-centered individual classroom learning, project-based team learning, and team development of scholarly work for submission and external evaluation. The efficacy of this approach after two offerings is based upon student feedback, ABET and NCAE assessment, and external results. The paper concludes with how we see the course evolving as the cyber systems major evolves. Teaching cyber-focused concepts in an interdisciplinary manner is critical and, in that spirit, the teaching of this course is moving from the School of Engineering and Cyber Systems to the School of Leadership and Management.
Are you a researcher? Would you like to cite this paper?
Visit the ASEE document repository at
for more tools and easy citations.