ACM Inroads: Archive

African nations encounter daily cybersecurity challenges. To minimize them, the World Bank urges countries to prioritize investments in developing cybersecurity capabilities. High-quality education is key to better security in the African context. The novel question examined here is what it takes to spawn an ABET-accreditable, two-year program in cybersecurity from a typical African BS in Computer Science. Using a systematic approach, we show what needs to be done to build such a program. Our methodology is comprehensive and replicable. Two-year programs are a big step toward developing a cybersecurity workforce in Africa, where few academic programs are dedicated to cybersecurity.

Introduction

The needs and uses of technology are expanding in a lagging but nonetheless developing Africa [10]. As in other regions of the world, cybercrimes in Africa are a growing daily occurrence—both in terms of frequency and significance of loss [5,18,19,23]. The systems for policing the digital environment in Africa are weaker than on other continents, making it easier for cyber criminals get to away with unlawful activities and base their activities there, as cyber policies and enforcement have not matured. Figure 1 shows the types of cybercrimes that are plaguing the continent.

Africa is considered the poorest continent, with about 50% of the population in sub-Saharan Africa living in poverty [9]. To promote investment and become a healthy, secure business environment, as required to develop successfully, how can African nations slow down the explosion of cybercrimes? We believe that a well-trained workforce in cybersecurity is a critical component. The goal of this paper is to demonstrate how to develop a well-educated workforce in cybersecurity. Our idea is to take a typical African Bachelor of Science in Computer Science degree, of which there are many, and forge an ABET-accreditable, two-year degree in cybersecurity. Note that ABET is not an acronym. As a historical note, before the Computing and the Applied and Natural Sciences Commissions were added to ABET, it stood for the 'Accreditation Board for Engineering and Technology.' ABET is one of the world's leading agencies for accrediting programs in computing. In 2022–2023, for the first time, ABET published accreditation criteria for two-year programs in cybersecurity.

We use a systematic methodology to evaluate and analyse a four-year computer science program in a detailed, step-by-step, easy-to understand manner and show what needs to be done to build a two-year cybersecurity program. Our approach is straightforward, comprehensive, and replicable, and not just in Africa, but anywhere. Two-year programs are a step toward developing an educated cybersecurity workforce in Africa, where there are few programs dedicated to cybersecurity. It is our hope that this work inspires and shows educational institutions a way to spawn two-year programs in cybersecurity from their existing computing programs. The cadre of workers that could be added quickly to Africa's workforce by implementing this research is relevant and critical to Africa's development and online security. Without having the personnel and tools to fight cybercrime properly, the continent falls further behind on the international stage and is unable to compete successfully for international businesses [10]. News reports of increasing incidents of cybercrimes originating from particular regions and countries, badly damage their reputations as locations for healthy and desirable places to conduct business [10]. Once the two-year programs in cybersecurity are in place, it would be natural to extend these to four-year programs. This two-step phase-in gives African institutions the opportunity to develop their teaching staff too, because as of this writing, there are a limited number of personnel capable of teaching upper-level undergraduate courses in cybersecurity.

Africa has more countries than any other continent and is the second largest in terms of size. With its half billion internet users, it surpasses the Middle East, North American, and South America individually in terms of sheer number of users [20]. There is no panacea for solving the cybersecurity problems of every country, region, and city in Africa. That would be asking too much given the vast socio-economic diversity across the continent and the various problems that different areas face. Cybercrimes are harder to track than certain biological diseases, which have yet to have been eradicated in Africa, despite the means of eradication being available for decades. We cannot hope for any easy or quick fix to resolving cybercrime in Africa as a whole, in an African region, or in an African country, nor can we hope for this in other parts of the world either. Interpol's "African Cybersecurity Assessment Report" provides a wealth of statistical information concerning cybercrimes in Africa [20]. Our work will apply to various places to different degrees. Interpol's Report [20] shows that the cybercrime problem is growing rapidly in Africa. There are educational institutions in every country in Africa that can benefit from this research. There are some locations that can benefit from it more than others and apply it more directly.

Two-year programs are a step toward developing an educated cybersecurity workforce in Africa, where there are few programs dedicated to cybersecurity. It is our hope this work inspires and shows educational institutions a way to spawn two-year programs in cybersecurity from their existing computing programs. The cadre of workers that could be added quickly to Africa's workforce by implementing this research is relevant and critical to Africa's development and online security.

In [1], ABET published Program Criteria for accrediting associate-degree programs in cybersecurity. These are two-year programs—equivalent to diplomas in some countries in Africa. Highly knowledgeable people from academia, industry, and the public, who have the latest and best curriculum information, are the ones who develop ABET Program Criteria. The criteria themselves influence how curricula evolve at institutions. To become ABET accredited, a program must meet ABET's curriculum requirements. The ABET curriculum becomes a guiding model, at least for those starting new programs, as well as a standard for those having or seeking ABET accreditation. For these reasons and additionally because we believe the ABET two-year model for cybersecurity is the best one, we adopted it as our benchmark of a quality two-year cybersecurity program.

Lacking sufficient educational programs in cybersecurity, Africa is unable to meet its own workforce demands [10]. There are not sufficient funds to bring in outsiders, who command high salaries throughout other parts of the world. The insufficient number of cybersecurity workers contributes to cybercriminals being successful in Africa. There are many well-established, four-year programs in computer science throughout the continent (see [12] South Africa; [8] Ethiopia; [29] Kenya; [24] Nigeria; [31] Zimbabwe; and [28] Tanzania for representative examples). Of the 21 institutions in the USA who have achieved ABET accreditation for their four-year cybersecurity programs [3], a majority evolved from computer science programs. It is therefore natural to look to computer science as a genesis for cybersecurity programs. By examining how a two-year program in cybersecurity could be spawned from an existing four-year computer science program, we demonstrate how African nations can build their needed cybersecurity workforces. The need for cybersecurity programs has been demonstrated [26], and the curriculum for cybersecurity has evolved [22]. ABET's two-year cybersecurity curriculum is stable and becoming widely accepted.

We have compared the computer science curriculums in a dozen African countries with that at the University of Namibia (UNAM) [30], and found them relatively comparable in their course offerings and requirements. As we are most familiar with UNAM's curriculum, it is used as a representative computer science curriculum from which to develop a two-year program in cybersecurity. Although this work is entirely original, of interest to readers may be related research literature and background information. In [6,7,27], early groundwork was laid for the curriculum of computing programs. The curriculum evolution continued in [4,13,21]. A recent curriculum model is presented in [14]. In [11] and [15] foundations for the accreditation standards of computing programs were presented and their history outlined. In [25], the authors there discuss how to interpret ABET's Computer Science Criteria using competencies. ABET has four-year Program Criteria for cybersecurity engineering [2], but has no such engineering criteria for two-year programs. A preliminary version of this paper appeared in [16], and the authors examined spawning a four-year cybersecurity program from a typical African computer science program in [17].

The urgency for cybersecurity capacity is evident now. There is a notable increase in the number of African governments and institutions on the continent that are hacked and suffer severe financial losses.

Although this paper describes how to build a two-year, ABET-accreditable program in cybersecurity, institutions do not have to seek accreditation for this work to be beneficial to them. Institutions can offer a two-year cybersecurity program that has a state-of-the-art curriculum but does not meet ABET's other requirements (those in the General Criteria). This is still valuable and of critical importance to Africa's educational and economic development. For programs that follow through and want to achieve ABET accreditation, a roadmap is provided, and the hurdles to be cleared and the resources required are discussed. We outline in the remainder of this paper what follows. In section 2, we give a brief overview of ABET's accreditation Criteria for an Associate Cybersecurity. Section 3 describes the program that we spawned from UNAM's computer science program. The modifications to the program necessary to make it ABET-compliant are described in section 4. The last section contains a summary and conclusions.

Abet's Criteria for an Associate Cybersecurity

Programs become ABET accredited by satisfying General Criteria and a specific Program Criteria. The General Criteria (see Table 1) consists of eight items: Students, Program Educational Objectives (PEOs), Student Outcomes (SOs), Continuous Improvement, Curriculum, Faculty, Facilities, and Institutional Support. The Program Criteria typically focus on SOs and curriculum, with the bulk of the requirements being in the latter area. The Associate Cybersecurity Program Criteria is unusual, even for ABET, in that the Program Criteria elements for Criterion 3, SOs, and Criterion 5, Curriculum, actually replace these two elements in the General Criteria rather than become additional requirements. The essentials of each criterion are covered next.

The SO requirements for cybersecurity are from the Program Criteria, and read as follows [1]:

"Analyze a broadly defined security problem and apply principles of cybersecurity to the design and implementation of solutions.
Apply security principles and practices to maintain operations in the presence of risks and threats.
Communicate effectively in a variety of professional contexts.
Recognize professional responsibilities and make informed judgments in practice based on legal and ethical principles.
Function effectively as a member of a team engaged in cybersecurity activities."

The Continuous Improvement Criterion requires programs have a robust system in place that is used regularly to determine the extent to which the SOs are being attained. The system should lead to improvements. Explicit curriculum requirements come from the Program Criteria. They are shown in Table 2 [1].

Expanding on the item in Table 2C: the material includes the following.

Application of techniques, skills, and tools necessary for the cybersecurity practice.
Application of the crosscutting concepts of confidentiality, integrity, availability, risk, adversarial thinking, and systems thinking.
Cybersecurity topics from each of the following areas: a) Data Security, b) Software Security, c) Component Security, d) Connection Security, e) System Security, f) Human Security, g) Organizational Security, and h) Societal Security.
Programming or scripting skills.
Advanced cybersecurity topics building on the crosscutting concepts and cybersecurity topics" [1].

The other three parts of Table 2 are self-explanatory.

Spawning an Associate Cybersecurity from a Computer Science Program

We studied UNAM's courses and analyzed them systematically with respect to ABET's requirements for the Program Criteria Associate Cybersecurity. Table 3 shows the courses selected to satisfy the bulk of ABET's Cybersecurity Program Criteria Curriculum requirements. Although UNAM's program requires and has many other computer science courses [30], many are at an advanced level and require pre-requisites from courses other than those listed in Table 3. Many of the computer science courses [30] naturally are focused on computing topics that are not specifically relevant to cybersecurity. Table 3 was developed by making judicious choices. The selected courses give the greatest coverage of the curriculum requirements in ABET's Program Criteria Associate Cybersecurity. The table shows a total of ten computing courses (40 credits), one math course (4 credits), and three general education half courses (6 credits), for an overall total of 50 credits. Note that we have taken the liberty of converting UNAM's credit system into one that is more typical to those familiar with ABET. It is common for two-year programs to have 60–65 credits and a value in that range is desirable. The 10 to 15 credits not yet specified give us flexibility to add curriculum elements not yet covered.

After processing ABET's requirements, each shortcoming is discussed. Where there is a shortcoming, meaning a part of the criteria is not yet met, it is indicated by Si, where 'i' is a number representing the shortcoming's number in numerical order. Note that the shortcomings are identified in terms of Parts A to D presented in Table 2, ABET's Cybersecurity Program Criteria Curriculum requirements. We next go through each requirement in turn, starting with Part A. As shown in Table 2, Part A stipulates that "Program requirements must be consistent with its PEOs and so SOs can be attained." [1] UNAM's program has not defined ABET-style PEOs (S1), which is natural because the program design did not use ABET's standards, and they have not sought ABET accreditation. S1 indicates the first shortcoming found; we will list other shortcomings as they are encountered. ABET's Cybersecurity Program Criteria SOs all focus specifically on cybersecurity, so the computer science program's curriculum does not directly address the Cybersecurity Program Criteria SOs (S2). The courses listed in Table 3 provide natural places where the necessary cybersecurity material can be inserted. We explain how this can be accomplished later (see Table 4).

Part B of Table 2 specifies that the curriculum needs to combine technical, professional, and general education components. The courses in Table 3 address this requirement, providing technical and professional components to prepare students for a career and lifelong professional development in cybersecurity. The other requirement of Part B, as shown in Table 2, is that students receive an appropriate general education. In the partial curriculum shown in Table 2, only six credits are allocated to general education, and most are in the English language. The institution offers many general education courses; we opted to devote four of the available credits to one. Roughly 15% of the program we are building is dedicated to general education. This eliminates a potential shortcoming.

Part C in Table 2 specifies that at least 30 hours of cybersecurity-related topics are included in the program. Table 3 shows 40 hours (items marked C1 in Table 3) that contain up-to-date materials on the specified topics. All these courses focus on the application of techniques, skills, and tools necessary for the computer science practice. They apply to cybersecurity too. It is required that the crosscutting concepts of confidentiality, integrity, availability, risk (S3), adversarial thinking (S4), and systems thinking (S5) be applied. See items in Table 3 marked with a C2. The third requirement of Part C (items marked with a C3 in Table 3) necessitates inclusion of cybersecurity topics from each of the following areas: a) Data Security (covered in Database and Human Computer Interaction), b) Software Security (Programming Fundamentals II and Emerging Technologies), c) Component Security (Digital Electronics, Networks I, and Architecture), d) Connection Security (Networks I and Architecture), e) System Security (Architecture and Emerging Technologies), f) Human Security (Human Computer Interaction), g) Organizational Security (S6), and h) Societal Security (Human Computer Interaction).

The fourth requirement of Part C (items marked C4 in Table 3) necessitates covering of programming or scripting skills. These items are covered in Programming Fundamentals I and II, where programming is taught. The final requirement of Part C (items marked C5 in Table 3) specifies that there must be advanced cybersecurity topics building on the crosscutting concepts and cybersecurity topics (S7). Part D in Table 2 stipulates that math skills must be included in order to meet the SOs and PEOs. Mathematics for Computer Science is a course in discrete mathematics that covers the math skills that a cybersecurity student requires. In the next section, the seven shortcomings identified are addressed. Remedies are presented to alleviate them. Table 4 summarizes all the shortcomings that we identified in the curriculum presented in Table 3.

S1 is expected because a program not seeking accreditation will not have ABET-style PEOs. UNAM's program has its own goals for graduates. These could, however, be modified into a couple PEOs for the Associate Cybersecurity graduates. Similarly in S2, programs not seeking ABET accreditation will not have adopted ABET's SOs. The two-year program being proposed would need to shift its focus from computer science specifically to cybersecurity. To accommodate ABET's SOs, the program would need to add teamwork, ethical and legal principles relating to cybersecurity, communication exercises, more material on the crosscutting concepts, and increase its focus on cybersecurity in general. To fill in these gaps, we propose adding two courses—Cyberattacks and Cyber Ethics. As elaborated on in Table 4, Cyberattacks remediates the shortcomings S2, S6, and S7 in the curriculum and contributes to SO 4. Cyber Ethics covers SOs 3 and 5. The shortcomings S3, S4, and S5 deal with the crosscutting concepts. In Table 4, certain courses are indicated where the missing crosscutting concepts can be incorporated. S6 is related to Organizational Security. In the new course Cyberattacks, a topic on Organizational Security is to be included. To remediate S7, the new course on Cyberattacks builds on fundamental cybersecurity topics and the crosscutting concepts to incorporate advanced cybersecurity.

Note that in Table 4 the last column provides a difficulty rating, as does the last column in Table 6. To provide informal guidance, we have provided this rating to indicate (in our opinion) how hard it will be to achieve the desired outcome. A rating of 'easy' indicates a modest amount of work, say about 20 hours; a rating of 'medium' indicates a substantial amount of work 20–50 hours; a rating of 'hard' indicates more than 50 hours of work, for example, mastering new material and developing an entirely new course. In practice, how difficult one finds implementing these fixes will depend on many factors: expertise in cybersecurity, knowledge of ABET, local infrastructure, national accreditation requirements, and so forth.

Table 5 shows the curriculum in the new two-year cybersecurity program. The lightly shaded courses require the introduction of new cybersecurity concepts into existing modules. The darker courses are completely new. Thus, by the introduction of just two new courses and the addition of cybersecurity content in only four already existing courses, we aligned a subset of UNAM's computer science program's curriculum to comply with ABET's Associate Cybersecurity. The proposed program contains 62 credits.

To assist programs having similar courses where additional cybersecurity content is required, we next provide guidance on supplemental material for inclusion, suggestions, and directions to illustrate specifically how such courses can be modified to overcome the shortcomings listed in Table 4. We do this in broad brushstrokes, so the ideas pertain to as many programs as possible. In Table 4, shortcoming S3, we indicated that by adding additional discussion topics into the Database and the Human Computer Interaction courses, we could overcome the shortcoming caused by the absence of the crosscutting concept of risk. In the Database course, for example, lectures could be provided covering topics such as human error, known exploitations of common database systems, previous hacks of database systems, insider threats, SQL injection attacks, denial of service attacks, malware targeting databases, buffer overflow attacks, and so forth. Students could be asked to write a paper on one of these topics or given homework assignments related to them. Students would be assessed and evaluated on this material. In the Human Computer Interaction (HCI) course, for example, lectures could be provided covering topics such as negligence, human error, social engineering, training in HCI, design choices, common security issues with graphical user interfaces (GUIs), and so forth. Once these topics are presented and discussed, students would be assigned work and evaluated as discussed for the Database course. By inclusion of these modules in these two courses, the crosscutting concept of risk and various aspects of it are now well covered and evaluated.

The methodology just described shows how to augment two of the light-grayed courses in Table 5. To eliminate shortcomings S4, S5, and S6, a similar approach can be followed. The main items relating to the topics of adversarial thinking, systems thinking, and organizational security can be added to the courses indicated in Table 5. Exactly how this is done does not really matter as far as ABET is concerned. The most crucial point is to cover the relevant material in a sufficient manner. Different programs will incorporate varied materials, depending on local expertise and what the faculty members can cover well.

In Table 5, we have added two additional courses: Cyberattacks and Cyber Ethics. What content belongs in such courses? How could a program develop such courses that would help to eliminate the shortcomings listed in Table 4? As noted in the introduction, as of this writing, there are 21 programs that have achieved ABET accreditation in Cybersecurity at the four-year level. Nearly all these programs have a course that covers cyberattacks. By introducing a course like one of these courses, a program would go a long way to removing S6 and S7. In addition, all these programs are required to cover material to meet Student Outcome 4 of the General Criteria which states: "Recognize professional responsibilities and make informed judgments in computing practice based on legal and ethical principles." Therefore, all these programs cover ethics in cybersecurity. Many of the programs have a course that is devoted to cyber ethics. A program wanting to add a course in cyber ethics can examine these existing courses and develop a course based on the aspects of these courses that are relevant to its program. Naturally, local faculty expertise will need to be considered, as will the goals of the local program. To summarize, the dark-gray courses listed in Table 5 already exist in many programs. A program seeking accreditation can modify and build on these courses to suit their own program's specific needs. They do not need to develop such courses from scratch, as the bulk of that content that goes into such courses is already well defined.

Next the remaining General Criteria requirements are examined to see what would need to be done to make the program fully ABET compliant rather than just curriculum compliant.

Modifications Required for Full Abet Compliance of the Cybersecurity Program

In turn, we analyzed each General Criteria item for the program proposed in Table 5. The shortcomings that we found are summarized and discussed in Table 6. Note that with a shift in focus toward cybersecurity and with two new courses added, Cyberattacks and Cyber Ethics, the SOs will be enabled.

Summary and Conclusion

To address the rapidly increasing number and severity of cybercrimes in Africa, there is a critical need to expand the continent's workforce in the cybersecurity domain. Rather than considering a minor in cybersecurity for computer science majors in four-year programs, a two-year standalone program allows for fast-tracking graduates for rapid entry into the workforce. In the USA, roughly half of undergraduate students are enrolled in two-year programs. Tuition cost is less per year in two-year programs and so far less than half the overall expense of a four-year program. The cost of an education often prevents otherwise capable students from attending and completing their studies. As noted in the body of the paper, importantly, the two-year program also allows institutions time to develop their teaching staff, which is useful if they hope to introduce a four-year program in cybersecurity at a later stage.

From a typical four-year computer science program in Africa, we forged a two-year cybersecurity program that meets ABET's Program Criteria for the Associate Cybersecurity. Figure 2 summarizes the process.

To address the rapidly increasing number and severity of cybercrimes in Africa, there is a critical need to expand the continent's workforce in the cybersecurity domain. Rather than considering a minor in cybersecurity for computer science majors in four-year programs, a two-year standalone program allows for fast-tracking graduates for rapid entry into the workforce.

The relevance and importance of such programs from an educational, economic, and societal point of view are huge. The curriculum modifications were relatively minor:

Increase the coverage of the ABET's crosscutting concepts in cybersecurity. They are confidentiality, integrity, availability, risk, adversarial thinking, and systems thinking.
Add discussion and modules to four existing courses in order to cover missing security topics.
Introduce a new course, Cyberattacks, which includes advanced cybersecurity topics, coverage of Organizational Security, and a team project.
Introduce a new course, Cyber Ethics, which covers legal and ethical principles of cybersecurity, and includes individual written and oral presentations. The course also focuses on students applying the crosscutting concepts.

Note that in the proposed curriculum only two new courses need to be added and the content of just four existing courses shifted to a greater focus on cybersecurity. With these relatively minor changes, similar computer science programs can quickly evolve two-year cybersecurity programs. Once such programs are implemented, new graduates will be ready to enter the workforce in just two years. The costs of developing such programs are minimal compared with those associated with implementing a new program from scratch. The rewards and benefits are great. If such programs decide to pursue ABET accreditation, they will need to ensure there is appropriate institutional support for the cybersecurity program and sufficient budget to cover ABET's fees.

This research shows a way forward for a typical African computer science program to develop a solid ABET-accreditable two-year cybersecurity program. Programs throughout the world can make use of this analysis as well. They too can build viable cybersecurity curriculums from their computer science programs, with perhaps only a few modifications and additions. With a few dedicated faculty, a supportive administration, and a knowledgeable consultant, the dream of expanding the cybersecurity workforce in Africa can be realized in a relatively short time.

References

1. ABET-a, Criteria for Accrediting Computing Programs, 2022–23. Computing Accreditation Commission, ABET; https://abet.org; accessed 2023 Apr 16.

2. ABET-b, Criteria for Accrediting Engineering Programs, 2022–23. Engineering Commission, ABET; https://abet.org; accessed 2023 Mar 15.

3. Accredited programs in cybersecurity, https://abet.org/accreditation; accessed 2023 February 21.

4. ACM/IEEE-CS Joint Task Force on Computing Curriculum, Computer Science Curricula 2013 (CS2013), (ACM Press and IEEE Computer Society Press), 2013.

5. Allen, N. Africa's Evolving Cyber Threats, 2021; https://africacen-ter.org/spotlight/africa-evolving-cyber-threats/; accessed 2022 Mar 25.

6. Atchison, J. W. F., Conte, S. D., Hamblen, J. W., Hull, T. E., Keenan, T. A., Kehl, W. B. and Young, D. M., Curriculum 68: Recommendations for Academic Programs in Computer Science: A Report of the ACM Curriculum Committee on Computer Science, Communications of the ACM, 11,3 (1968): 151–197.

7. Austing, R. H., Barnes, B. H., Bonnette, D. T., Engel G. L. and Stokes, G., Curriculum '78: Recommendations for the Undergraduate Program in Computer Science—A Report of the ACM Curriculum Committee on Computer Science, Communications of the ACM, 1979:147–166.

8. Bahirdar University, Computer Science Program National Level Harmonized Modular Curriculum. Ethiopia; https://nanopdf.com/download/14-course-handbook_pdf; accessed 2022 Mar 16.

9. Beegle, K., Christiansen, L., Dabalen, A. and Gaddis, I., Poverty in a Rising Africa Overview, World Bank, Washington D. C., 2016. https://openknowledge.worldbank.org/entities/publication/dc36650e-cebd-58e3-b235-89acb96e7e2e. Accessed 2023 April 16.

10. Begazo, T., Dutz, M. A. and Blimpo, M., "Digital Africa: Technological Transformation for Jobs, World Bank, Washington, D. C., 2023; https://www.worldbank.org/en/region/afr/publication/digital-africa; accessed 2023 Apr 16.

11. Besterfield-Sacre, M., Shuman, L. J., Wolfe, H., Atman, C. J., McGourty, J., Miller, R. L. Olds. B. M. and Rogers, G. M., Defining the Outcomes: A Framework for EC-2000, IEEE Transactions on Education, (2000): 100–110.

12. BSc in Computer Science - University of Pretoria; https://universityofpretoria-international.com/programs/bsc-computer-science/; accessed 2022 Mar 15.

13. Cassel, L., Clements, A., Davies, G., Guzdial, M., McCauley, R., McGettrick, A., Sloan, B., Snyder, L., Tymann, P. and Weide, B. W. Computer Science Curriculum 2008: An Interim Revision of CS 2001, (ACM, 2008).

14. Clear, A., Parrish, A., Ciancarini, P., Frezza, S., Gal-Ezer, J., Impagliazzo, J., Pears, A., Takada, S., Topi, H., van der Veer, G. and others, Computing Curricula 2020 (CC2020): Paradigms for Future Computing Curricula, (ACM/IEEE Computer Society, New York, 2020).

15. Engel, G., Impagliazzo, J. and LaMalva, P. A Brief History of the Computing Sciences Accreditation Board (CSAB): Promoting Quality Education in the Computing Fields, in 2009 IEEE Conference on the History of Technical Societies, 2009.

16. Greenlaw, R. and Mufeti, K. Reducing Cyber Crime in Africa through Education, in the World Engineering Education Forum and The Global Engineering Deans Council Conference, Cape Town, South Africa, 2022: 241–246,.

17. Greenlaw, R. and Mufeti, K. Spawning ABET-Accreditable Cybersecurity Programs from Existing African Computer Science Programs to Fight Cybercrime, submitted, 2023.

18. Haworth, J. Africa sees increase in ransomware, botnet attacks - but online scams still pose biggest threat, 2021; https://postswigger.net/daily-swig' accessed 2022 Mar 25.

19. Ikela, S. Cyber threats—anyone can be a victim, 2020; https://neweralive.na/posts/cyber-threats-anyone-can-be-a-victim; accessed 2022 Jul 9.

20. Interpol. African Cybersecurity Threat Assessment Report, October 2021; https://interpol.int/content/download/16759/file/AfricanCyberthreatAssessment_ENGLISH.pdf; accessed 2023 Jun 13.

21. The Joint Task Force on Computing Curricula, "Computing Curricula 2001," Journal on Educational Resources in Computing, 1, 3 (2001): 1–3.

22. NCC Webcast: Cyber2yr2020: ACM Curriculum Guidance for Associate Degree Programs in Cyber-security; https://youtube.com/watch?v=u8G34Oc7PTQ; accessed 2022 Mar 24.

23. Olivier, F. Cybercrime in Namibia, 2017; https://namibian.com.na-/165301/archive-read/Cybercrime-in-Namibia; accessed 2022 Jul 10.

24. Osun State University of Nigeria, Curriculum for B.Sc. Degree in Computer Science; https:\\uniosun.edu.ng/Curriculum/SET/ICT/CSC.pdf; accessed 2022 Mar 16.

25. Raj, R. K., Kumar, A. N., Sabin, M. and Impagliazzo, J., Interpreting the ABET Computer Science Criteria Using Competencies," SIGCSE 53rd ACM Technical Symposium on Computer Science Education, Providence R. I., USA, 2022, vol.1; 906–912,

26. Raj, R. K., Tang, C., Gibson, D., Jones, L. and O'Brien, C., The Need for ABET Accreditation of Associate's Cybersecurity Programs," ASEE Annual Conference, virtual meeting, 2021.

27. Tucker, A. B. and Barnes, B. H., Computing Curricula 1991-Report of the ACM/EE-CS Joint Curriculum Task Force, ACM Press, New York NY and IEEE Computer Society Press, Los Alamitos CA, 1, 1990.

28. University of Dar es Salaam, Bachelor of Science in Computer Science; https://cse.udsm.ac.tz/programs/program-details/bsc-in-computer-science-%28bsc-cs%29. accessed 2022 Mar 21.

29. University of Nairobi, Bachelor of Science in Computer Science; https://somo.co.ke/program-computer-science-sml-429#a_program; accessed 2022 Mar 15.

30. University of Namibia, School of Science Prospectus, https://www.unam.edu.na/wp-content/uploads/2022/01/Prospectus-2022-School-of-Science.pdf; accessed 2023 Apr 16.

31. University of Zimbabwe, Bachelor of Business Studies & Computing Science Degree; https://dex.php/staff-political/206-faculty-of; accessed 2022 Mar 20.

Authors

Raymond Greenlaw
Department of Mathematics, Statistics, and Computer Science
University of Namibia
Private Bag 13301
340 Mandume Ndemufayo Ave
Pionierspark, Windhoek 10005 NAMIBIA
[email protected]

Kauna Mufeti
Department of Mathematics, Statistics, and Computer Science
University of Namibia
Private Bag 13301
340 Mandume Ndemufayo Ave
Pionierspark, Windhoek 10005 NAMIBIA
[email protected]

Figures

Figure 1. Growing at an alarming rate, these cybersecurity challenges are confounding African nations and stifling business development, thus hindering the continent from solving its health, hunger, and economic problems [10 ].