Proposed Standards for Cybersecurity Curricula in Higher Education

 Background/Purpose: Cybersecurity has become a critical concern across national security, industry, and academia, yet higher education institutions lack a unified, standardized curriculum framework for training cybersecurity professionals. Unlike established disciplines such as medicine or accounting, cybersecurity programs vary widely in content, depth, and pedagogical approach, resulting in inconsistent graduate competencies, persistent workforce shortages, and a growing misalignment between academic preparation and industry demands. This paper addresses the urgent need for proposed standards that can guide the development of coherent and comprehensive cybersecurity curricula at both the undergraduate and graduate levels.  Methods: This study employs a comprehensive review and synthesis of major accreditation frameworks and curriculum guidelines, including ABET computing accreditation criteria, NSA/DHS Centers of Academic Excellence (CAE) designation requirements, the NIST/NICE Cybersecurity Workforce Framework, ACM/IEEE Cybersecurity Curricula Guidelines (CSEC2017), and industry certification pathways (e.g., CompTIA Security+, CISSP, CEH). By analyzing and crossreferencing these frameworks, the study proposes integrated year-by-year curriculum models for both undergraduate and graduate programs, mapping core knowledge areas, hands-on competencies, and professional development milestones.  Results/Findings: The analysis reveals significant gaps and inconsistencies across existing cybersecurity programs, including inadequate hands-on training, outdated course content, weak alignment between academic curricula and industry certifications, and disparities in institutional resources and faculty expertise. The paper presents structured four-year undergraduate and graduate curriculum standards encompassing foundational computing, core cybersecurity knowledge areas (network security, cryptography, secure software development), applied specializations (digital forensics, penetration testing, cloud security), and capstone experiences. It further identifies key barriers to standardization, such as balancing academic freedom with national standards and addressing resource inequities among institutions.  Conclusions: Establishing standardized, competency-based cybersecurity curricula aligned with recognized frameworks is essential to closing the cybersecurity skills gap and producing workforce-ready graduates. The paper recommends universal adoption of the NIST NICE framework, sustained collaboration among academia, industry, and government, dedicated investment in faculty development and laboratory infrastructure, and formalized processes for continuous curriculum review. These standards provide a scalable foundation for institutions to build rigorous, adaptive, and industry-relevant cybersecurity programs.