HR4RS stamp
Raul Garcia Hemonnet
When Marta Beltrán set out to plan the first and, until now, only degree of Cybersecurity Engineering existing in the Spanish university ecosystem, had to look for references outside of Spain. Driven by this need, now, when the degree is already a settled reality at URJC, she has coordinated the preparation of a kind of 'white paper' for the planning and design of future university degrees related to cybersecurity.
This document, which will be published during the first quarter of 2022, has been developed within the framework of the National Cybersecurity Forum, which belongs to the National Security Council. Within this forum, the working group dedicated to training, coordinated by Professor Beltrán, has dealt with the preparation of this guide.
“What we have now finished is the result of many months of work to establish a framework of competencies that is useful for all Spanish universities, regardless of their type,” explains the URJC professor.
During all this time, the team led by Marta Beltrán has collected information from the main public and private employers in the cybersecurity sector. It has been compiled thanks to the answers provided by the different cybersecurity managers of companies and institutions to the question about the type of professionals they would need in the medium-long term, as well as questions about skills, abilities, activities and tasks. As Marta Beltrán points out, “we assigned competencies to each of the tasks that were transmitted to us. With this information we have been grouping them, creating 10 large groups by subject”.
In addition, the team carried out an analysis of the existing qualifications in Spain, a total of more than 80 master's degrees, a management degree from the Francisco de Vitoria and the Cybersecurity Engineering degree from the URJC.
With all this data, a skills framework divided into three categories has been drawn up: specific cybersecurity skills, 'soft skills' and basic and general cybersecurity skills.
One of the reasons for establishing this type of competence, explains Marta Beltrán, is the fact that “many people in the sector told us that there were things in cybersecurity that are not common to other engineering companies. Our engineering is the only engineering where you have an adversary, which makes it a bit of a weird specialty.”
In addition to these competencies, the guide establishes a series of useful prerequisites when it comes to sequencing degree courses or when entering a master's degree and a compendium of suggestions with examples for those who want to design curricula on cybersecurity. "The idea is to provide a reference and a roadmap endorsed by experts for universities that want to design curricula in this field," explains the URJC professor.
But it is not only a document that will serve universities, it is also useful for companies, as Marta Beltrán points out, “we have been told that this document is good for them to have realistic expectations when designing job offers. It helps them to have a clearer idea of what people know when they finish their bachelor's or master's degrees, knowing that if they ask for more knowledge or skills they will have to complete the training in the company itself”.
Likely 100% employability
Marta Beltrán considers that, although it cannot yet be confirmed with certainty, it is "probable that we will have 100% employability" in the URJC Cybersecurity Engineering degree. “My feeling is that they have very good preparation thanks to the study plan. The first promotion is going to come out and we can now consider reviewing the plan and we are going to modify it. The work we've done on the forum helps us. We are very optimistic about the robustness of the curriculum and around the grade we have had many initiatives that have completed the development of the students, such as the activities 'Are you sure you are sure?' and 'Hack On' that have allowed them to work on some of the so-called 'soft skills' such as communication and teamwork, among others”, indicates the coordinator of the degree.
Looking to the future, Marta Beltrán considers that university Cybersecurity studies will be "longer and more specialized" and points out that we must begin to have a broader vision of this discipline, leave the area of engineering and establish synergies with other subjects since the implications of computer security go beyond technical training, “you have to go to degrees in other disciplines; law, criminology, psychology, anthropology”.
Beltrán also emphasizes the importance of continuous training in this field and the "important role that universities must play", and points out the need for the transversality of the subjects or units related to computer security in the curricula of the different degrees, especially in those of the Higher Technical School in Computer Engineering, (ETSII).