In 2016, the National CyberWatch Center Curriculum Standards Panel was established. The mission is to identify the learning objectives, concepts, procedures, situational judgments, and intellective abilities required to develop capabilities maturity in cybersecurity foundational principles, techniques, tactics, and protocols.

The standards produced by the Curriculum Standards Panel are the first to align instructional design, skill practice facilities, cybersecurity professional job performance standards, national workforce frameworks, and industry needs.

Cybersecurity Core Curriculum Mapping Project

The first project of the Curriculum Standards Panel was the Cybersecurity Core Curriculum Mapping Project. This project involved eight online working sessions with synchronous and asynchronous activities, involving over 100 faculty, industry professionals, and government representatives completing various tasks to determine the requirements for successfully completing five National CyberWatch Center courses:

  1. NCC 200: Networking I: Networking Fundamentals
  2. NCC 204: Linux Server I: Linux Fundamentals
  3. NCC 210: Information Security Fundamentals
  4. NCC 212: Scripting Fundamentals
  5. NCC 214: Ethical Hacking & Systems Defense

Core Curriculum Mapping Report: Mapping of the National CyberWatch Center’s Curriculum to National Workforce Competency Requirements (.PDF)

A Competency-Based, Mastery Learning (CBML) Curriculum

In 2017, the Curriculum Standards Panel architecture and mission was extended to develop course-specific standards panels to advance the models of instructional design used in cybersecurity education. The goal of this project was for each standards panel to develop a competency-based, mastery learning (CBML) curriculum library for one course.

The project (which ran from April 22, 2017 to April 22, 2018), funded by a grant (#H98230-17-1-0287) from the National Security Agency, applied psychometrically valid, competency-based instructional design techniques to develop the model domain taxonomy, assessment items, instructional content, and the sequencing plan for that content necessary to overcome constraints to achieving mastery of the National CyberWatch Information Security Fundamentals course (NCC 210).


The figure above was an outgrowth of two previous research projects: First, in 2016-2017, the initial Curriculum Standards Panel Cybersecurity Core Curriculum Mapping Project produced a mapping of National CyberWatch’s curriculum to various National Workforce Competency Frameworks. Second, in 2018, the original curriculum model was modified based on a study of the five-year history of the Community College Cyber Summit (3CS) to more accurately position the National CyberWatch Information Security Fundamentals course (NCC 210) as the gateway between the four Cyber Foundation Series courses (NCC 200, 204, 206 and 212) and the cybersecurity specialty pathways shown in the top of the diagram above (e.g., Operate and Maintain).

Raising the BAR of Cybersecurity Capability Maturity: Five Years of Competency-based Instructional Design at the Community College Cyber Summit (.PDF)

The results of these efforts identified curriculum pathways that must be mastered to enable higher education graduates and members of the existing IT workforce to raise their cybersecurity maturity through the centrally important NCC 210 course. Upon mastery of the fundamental capabilities taught in NCC 210, a learner is ready to begin learning cybersecurity specialties. Each specialty prepares the learner for careers in one of the seven NICE Cybersecurity Workforce Framework Specialty Areas.


In 2018, the Curriculum Standards Panel, with over 140 volunteers from academia, industry, and government, determined seven threshold Learning Objectives for the National CyberWatch Information Security Fundamentals course (NCC 210), the first in the Cyber Foundation Certificate, used as the basis for creating the first set of learning materials for the instructional library. The Learning Objectives and underlying concepts/topics were aligned with the primary Functions from the National Institute of Standards and Technology (NIST) Framework for Improving Critical Infrastructure Cybersecurity, as well as the Categories and Specialty Areas identified in the NICE Cybersecurity Workforce Framework.

The goals for this effort included four outcomes:

  1. Crowdsourced Instructional Designs Aligned with the NICE Cybersecurity Workforce Framework
  2. Inductive Concept Inventory Development
  3. Platform Independence, and
  4. Increasing Capability Maturity

For more information, see the Cybersecurity Foundations Series Overview (.PDF).


  • Alan Watkins, National University
  • Alex Razvan Mezei, Saint Martin’s University
  • Andrew Mangle, Bowie State University
  • Andrew Rozema, Grand Rapids Community College
  • Andrew Wolfe, Loyola University New Orleans
  • Angelo Thalassinidis, South University
  • Art Conklin, University of Houston
  • Barbara Fox, Georgia Tech
  • Bill Dafnis, Capella University
  • Bill Gardner, Marshall University
  • Brenda Holland, University of Maryland Global Campus
  • Bruce DeGrazia, University of Maryland
  • Casey W. O’Brien, National CyberWatch Center
  • Chanel Suggs, Wyvern Security LLC
  • Chen Zhong, Indiana University Kokomo
  • Christian Servin, El Paso Community College
  • Chuck Gardner, Cyber Innovation Center
  • David H. Tobey, Indiana University South Bend
  • David Law, Harford Community College
  • Diane Barrett, Bloomsburg University
  • Edward Bouling, Prince George’s Community College
  • Frank Mayer, Harford Community College
  • Gary Williams, College of the Desert
  • Harry Bulbrook, Durham Tech Community College
  • Heather Lawrence, Nebraska Applied Research Institute
  • Ira Winkler, Secure Mentem
  • James Weaver, CSRA
  • Jasper Green, Honolulu Community College
  • Jessica Edmondson
  • Jim Hoag, Champlain College
  • Jim Smith
  • Joe Eastman, Champlain College
  • Jonathan Yerby, Middle Georgia State University
  • Josh Adams, Saint Leo University
  • Karl Perman, EnergySec
  • Kellep Charles, Capitol Technology University
  • Kenneth Williams, American Public University
  • Laurin Buchanan, Secure Decisions
  • Leslie Corbo, Utica College
  • Lucas McCaine
  • Margaret Leary, Northern Virginia Community College
  • Mark Kosier, Tech+Equation
  • Mary Moore, West Virginia University Potomac State College
  • Michael Nowatkowski, Augusta University
  • Mike Greer, Columbus State Community College
  • Mourad Oulid-Aissa, South University
  • Neelu Sinha, Fairleigh Dickinson University
  • Nina Amey, Arapahoe Community College
  • Norma Colunga-Hernandez, Texas State Technical College
  • Rajni Goel, Howard University
  • Rhonda Farrell, Booz-Allen-Hamilton
  • Robert Doyle, New Mexico State University
  • Robin Gandhi, University of Omaha-Nebraska
  • Saa Fillie
  • Shahara Ruth, CyberVista
  • Terrance Campbell, University of Memphis
  • Terri Curran, Keiser University
  • Vini Nithianandam, Community College of Baltimore County