Competency Gaps in Cybersecurity Teaching: Digital Skills, Pedagogy, and Governance

Authors

  • Boris Zarkov Academy of National and Information Security

DOI:

https://doi.org/10.36690/2733-2039-2025-4-60-71

Keywords:

cybersecurity education, educator competence, digital competence, cyber pedagogy, assessment design, workforce frameworks, NICE Framework, ECSF, curriculum alignment, cyber governance, risk management, professional development

Abstract

Cybersecurity education increasingly occurs in digitally mediated environments that require educators to integrate technical expertise with effective pedagogy and accountable governance. Yet many programs still treat educator readiness as synonymous with subject matter knowledge, leaving critical capability gaps that affect learning quality, equity, and institutional risk. This article identifies and systematizes competency gaps in cybersecurity teaching across three interdependent domains: digital skills, pedagogy, and governance. A structured narrative review and framework mapping approach was applied. Key workforce and curriculum references were used as anchors, including the NIST NICE Framework, ENISA’s European Cybersecurity Skills Framework, and the Cybersecurity Curricula 2017 guidelines, complemented by educator digital competence frameworks and cybersecurity risk governance guidance. The analysis indicates three recurring gap patterns. First, technical teaching often underemphasizes platform, cloud, and AI enabled security contexts and the transferable skills emphasized by workforce evidence. Second, pedagogical gaps appear in assessment design for authentic performance, inclusive learning design, and safe handling of sensitive or exploit oriented content. Third, governance gaps emerge in procurement literacy, data governance, incident readiness for learning platforms, and alignment of teaching practice with institutional cybersecurity risk management. Competence in cybersecurity teaching is best treated as a role-based capability that integrates digital practice, pedagogy, and governance rather than as isolated technical mastery. Future studies should validate measurable educator competency indicators, test the effects of targeted professional development on learner outcomes, and develop audit-ready governance routines for AI enabled cybersecurity instruction.

Downloads

Download data is not yet available.

Author Biography

Boris Zarkov, Academy of National and Information Security

Ph.D. (National Security), Academy of National and Information Security, Plovdiv

References

CAST. (2018). Universal design for learning guidelines version 2.2 [Graphic organizer]. CAST. https://shorturl.at/uSN0l

Cybersecurity Curricula 2017: Curriculum Guidelines for Post-Secondary Degree Programs in Cybersecurity. (2017). Joint Task Force on Cybersecurity Education. https://www.acm.org/binaries/content/assets/education/curricula-recommendations/csec2017.pdf

ENISA. (2022). European cybersecurity skills framework: Role profiles. https://doi.org/10.2824/859537

European Union Agency for Cybersecurity. (2022). European cybersecurity skills framework: Role profiles. ENISA. https://doi.org/10.2824/859537

ISC2. (2024). ISC2 cybersecurity workforce study 2024. https://edu.arrow.com/media/wtjfmszx/2024-isc2-wfs.pdf

Joint Task Force on Cybersecurity Education. (2017). Cybersecurity curricula 2017: Curriculum guidelines for post-secondary degree programs in cybersecurity (Version 1.0). Association for Computing Machinery, IEEE Computer Society, AIS SIGSEC, and IFIP WG 11.8. https://www.acm.org/binaries/content/assets/education/curricula-recommendations/csec2017.pdf

National Institute of Standards and Technology. (2024). The NIST cybersecurity framework (CSF) 2.0 (NIST CSWP 29). https://doi.org/10.6028/NIST.CSWP.29

Office of the National Cyber Director. (2023). National cyber workforce and education strategy: Unleashing America’s cyber talent. Executive Office of the President. https://bidenwhitehouse.archives.gov/wp-content/uploads/2023/07/NCWES-2023.07.31.pdf

Petersen, R., Santos, D., Smith, M., Wetzel, K., & Witte, G. (2020). Workforce framework for cybersecurity (NICE framework) (NIST Special Publication 800-181 Rev. 1). National Institute of Standards and Technology. https://doi.org/10.6028/NIST.SP.800-181r1

Redecker, C. (2017). European framework for the digital competence of educators: DigCompEdu (JRC Science for Policy Report). Publications Office of the European Union. https://publications.jrc.ec.europa.eu/repository/bitstream/JRC107466/pdf_digcomedu_a4_final.pdf

UNESCO. (2018). UNESCO ICT competency framework for teachers (Version 3). https://unesdoc.unesco.org/ark:/48223/pf0000265721

Downloads

Published

2025-12-31

How to Cite

Zarkov, B. (2025). Competency Gaps in Cybersecurity Teaching: Digital Skills, Pedagogy, and Governance. Pedagogy and Education Management Review, (4(22), 60–71. https://doi.org/10.36690/2733-2039-2025-4-60-71

Issue

No. 4(22) (2015): Pedagogy and Education Management Review

Section

THEORY AND METHODS OF VOCATIONAL EDUCATION

License

Creative Commons License

This work is licensed under a Creative Commons Attribution 4.0 International License.

Crossref
Scopus
Google Scholar
Europe PMC