The need for skilled information security professionals has led various academic, governmental, and industrial organizations to work to develop a common body of knowledge (CBK) for the security domain. A CBK is a framework and collection of information that provides a basis for understanding terms and concepts in a particular knowledge area. It defines the basic information that people who work in that area are expected to know. The International Information Systems Security Certification Consortium ([ISC]; www.isc2.org) defines a CBK as a taxonomy of topics relevant to professionals around the world. Information security is a multidisciplinary endeavor. In practice, professionals need knowledge and experience from fields such as management, business administration, ethics, sociology, and political science. Yet, existing CBKs focus on specific information security subdomains and thus offer limited understanding and narrow perceptions of the overall domain. Our aim is to identify and define an InfoSec CBK to serve as a tool for developing an information security curriculum
[1]
Deborah A. Frincke,et al.
Integrating Security into the Curriculum
,
1998,
Computer.
[2]
Elmarie Kritzinger,et al.
Information security education : bridging the gap between academic institutions and industry
,
2005
.
[3]
Krassie Petrova,et al.
Embedding information security curricula in existing programmes
,
2004,
InfoSecCD '04.
[4]
Ed Crowley.
Information system security curricula development
,
2003,
CITC4 '03.
[5]
Charles Cresson Wood.
Why information security is now multi-disciplinary, multi-departmental, and multi-organizational in nature
,
2004
.
[6]
Keith A. Morneau.
Designing an information security program as a core competency of network technologists
,
2004,
CITC5 '04.