Within the context of the aims of a BYU education our mission is to educate professional leaders with an in-depth understanding of all aspects of computer systems and their relationship to the world. These leaders will combine their technical understanding with their broad-based general education to visualize systems, communicate effectively, think analytically and implement solutions.
As reflected in this mission statement, the program is strongly technological but intended to be part of a broader, liberal education context. Thus phrases such as "leaders", "relationship to the world" and "broad-based general education" are specifically intended to evoke the larger context of BYU's aims. Furthermore, as explicitly stated, this mission statement rests on the foundation of the "Aims of a BYU Education."
Cybersecurity Program Educational Objectives:
1. Practice as a competent professional in Cybersecurity or enrolled in an appropriate graduate program
2. Demonstrate leadership by positive influence on others towards shared goals
3. Collaborate and communicate effectively in diverse team environments
4. Show sensitivity for global, societal, organizational issues, compliant with the moral standards of the Gospel of Jesus Christ in the application of technology.
The Cybersecurity undergraduate program consists of a strong introduction to computer technology and programming with more advanced work in networking, operating systems, human computer interaction, databases, security and information assurance. It is closely aligned with our IT major, which has had cybersecurity woven into its required courses since its inception. The first two years are designed to be compatible with other technical computing majors on campus.
The Cybersecurity degree requires similar science and math courses as Computer Engineering (CpE) and Computer Science (CS) and, to a lesser extent, Information Systems in the Business School (ISys). Students should be able to transfer easily between Cybersecurity, CpE, CS and IT within the first two years of their studies as they refine their interests and understanding of the technical computer field. Cybersecurity rests on a foundation of Math and Science and thus includes classic courses in hardware architecture and computing (IT 124, IT 252, CS142, CS 235, CS 236), Math (Math 112, Stats 201) and science (Physics 121) etc. In line with Schools of Technology nationwide, there is a strong emphasis on experiential learning and integration of technology within the curriculum. This is reflected in the emphasis on lab-work and projects in major courses. All technical courses in the major include substantial lab and project requirements and the capstone experience for undergraduate students is a two-semester project class where the students work in assigned teams to propose, design, build, manage, complete and report on a significant project in the Cybersecurity field. Additionally, 200 hours of work in the area of Cybersecurity are required prior to graduation.
The graduate program consists of a thesis-based MS degree. Currently graduate enrollment is very strong and students complete a variety of projects/theses in Cybersecurity-related research and application.
Cybersecurity is a relatively new discipline nationwide and BYU faculty are actively involved in national committees and professional societies to create and comply with model curricula and accreditation requirements for IT and Cybersecurity programs. BYU's Cybersecurity program is also considered an NSA/DHS Center of Academic Excellence in Cyber Defense based on a rigorous review of course materials and learning outcomes.
Problem Analysis and Solutions
Analyze a complex computing problem and apply principles of computing and other relevant disciplines to identify solutions.
Design, implement, and evaluate a computing-based solution to meet a given set of computing requirements in the context of the program's discipline.
Communicate effectively in a variety of professional contexts.
Recognize professional responsibilities and make informed judgements in computing practice based on legal and ethical principles.
Function effectively as a member or leader of a team engaged in activities appropriate to the program's discipline.
An ability to apply security principles and practices to the environment, hardware, software, and human aspects of a system.
An ability to analyze and evaluate systems with respect to maintaining operations in the presence of risks and threats.
Evidence of Learning
At the course level, assessments include quizzes, exams, homework assignments, labs, papers and so on. Many projects require students to report orally and in formal technical reports. Students are also required to complete term papers and report on key developments within their discipline. The final capstone project includes significant reporting requirements in the form of public oral presentations, posters, videos, extensive formal technical reports and several presentations to external reviewers (Industrial Advisory Board members). External stakeholders help achieve a balanced evaluation of the program. Semi-annual meetings with the Industrial Advisory Board (IAB) and annual surveys of alumni provide data for both evaluating student competence and also evaluating the mission and goals of the program. Exit interviews with graduating students are conducted to identify areas of strength and improvement.
An extensive evaluation has been done relating program outcomes to:
- Individual course outcomes
- The Cybersecurity Curricular Guidelines published by ACM, IEEE, AIS SIGSEC, and IFIP.
- The NSA/DHS Center of Academic Excellence in Cyber Defense requirements.
- ABET Computing Commission accreditation Requirements.
All faculty members participated in this analysis and in the discussions of measuring achievement of these outcomes. The course outcomes are evaluated both directly and indirectly as discussed below.
Each course in the major has defined learning outcomes. These are displayed in the BYU course catalogue. These outcomes are used by faculty in teaching. They are also reviewed and changed as needed, after discussion in faculty meetings.
Achievement of these specific course outcomes is evaluated by faculty teaching the courses with assignments and evaluations directed towards the objectives.
Graduating students each have a face-to-face interview with the program chair as well as completing questionnaires. The questions to both of these groups specifically address the program objectives. Each core class is surveyed each semester relative to completion of course outcomes. Selected groups of alumni are surveyed regularly (annually).
Learning and Teaching Assessment and Improvement
On the program level, all courses are evaluated by students through a formal, anonymous student response system each semester (administered by BYU). Results are provided to individual instructors and to administrative supervisors. Exit interviews are conducted with every graduating student, results are anonymized and summarized and then provided to all faculty. These results are discussed in faculty meetings. An Industrial Advisory Board meets twice yearly, reviews the program content, meets individually with students and provides feedback to the program. These meetings are recorded and summaries are provided to faculty and discussed in faculty meetings. Peer evaluations of instructors are also conducted before advancement and promotion.
Analysis, Evaluation, and Improvement Process
The entire program is reviewed and modified at least annually. Regular (weekly) faculty meetings are held, and recorded, to deal with on-going program changes.
The program is closely aligned with the IT program, which was one of the first IT programs accredited by ABET in 2005/2006 and before that the EET program that was accredited in the 1970s. The Cybersecurity emphasis in the IT major was approved as an NSA/DHS Cybersecurity Academic Center of Excellence in Cyber Defense in 2012 and renewed again in 2018.