Scribd
Upload
13 views3 pages

Importance of Communities of Practice

Uploaded by

Pei Cheng Wu
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
13 views3 pages

Importance of Communities of Practice

Uploaded by

Pei Cheng Wu
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 3

Strategies for Enhancing Cybersecurity Communities of Practice

In the face of a severe global shortage of cybersecurity professionals—estimated


at 4.07 million by (ISC)² in 2019—the need to cultivate a more diverse and inclusive
cybersecurity workforce has never been more urgent. The paper "Cybersecurity
Communities of Practice: Strategies for Creating Gateways to Participation" by
Nathan Fisk, Nicholas M. Kelly, and Lori Liebrock addresses this critical issue by
exploring how educational institutions and industry stakeholders can create and
support informal cybersecurity communities of practice (CoPs) to foster greater
diversity and engagement within the field.
Importance of Communities of Practice
The paper highlights that while formal educational pathways are essential, they
often fall short in creating meaningful entry points into the broader cybersecurity
culture. Cybersecurity expertise is deeply rooted in participation within informal
CoPs, which provide tacit knowledge, social capital, and a sense of belonging that
formal education alone cannot offer. These communities are characterized by their
self-directed nature, resistance to hierarchical structures, and their role in
facilitating real-world engagement and professional networking.
Strategies for Supporting CoPs
1. Support Organic Informal Communities
Educational institutions should refrain from imposing top-down structures on
CoPs. Instead, they should support the organic growth of these communities by
providing resources and opportunities that align with the community’s interests.
Respecting the community’s autonomy and focusing on gentle influence rather
than directive control can help avoid resistance and promote a more collaborative
environment. Efforts should also be made to support diversity within these
communities, recognizing that more inclusive practices can lead to a richer, more
dynamic field.
2. Support Onboarding and Participation
To help new members integrate into CoPs, institutions should offer resources such
as wikis, reference documents, and guides that explain both technical concepts
and cultural references. This helps new participants feel less like outsiders and
more engaged with the community’s culture. Institutions can also facilitate access
to community resources and encourage participants to share their unique
perspectives, thereby enriching the community and fostering a more inclusive
environment.
3. Culturally Enrich Curricula
Integrating elements of popular culture into cybersecurity curricula can make the
field more relatable and engaging for students. By using films, books, and video
games that feature cybersecurity themes, educators can spark interest and
provide a bridge to real-world practices. This approach not only makes learning
more engaging but also helps students become familiar with the cultural
touchstones of the cybersecurity community, aiding their integration and
retention.
4. Advocate for CoP Resources and Inclusiveness
Educators and institutional leaders play a crucial role in advocating for and
supporting emerging cybersecurity CoPs. By providing visibility, infrastructure,
and mentorship, they can help establish and grow these communities. Additionally,
they can model inclusive practices and suggest ways to make CoPs more
welcoming to new participants. In cases where no existing CoPs are present,
institutional backing can help initiate and sustain the formation of new
communities.
Conclusion
The paper concludes that to address the critical shortage of cybersecurity
professionals and to foster a more inclusive and diverse workforce, educational
institutions and industry stakeholders must focus on creating and supporting
CoPs. This involves not only providing educational pathways but also ensuring that
students have opportunities to actively engage with and contribute to the
cybersecurity community. By embracing these strategies, institutions can help
scale the workforce and enrich the field with a wider array of perspectives and
experiences.
This approach emphasizes the importance of both formal education and informal
community participation in developing a robust cybersecurity workforce, ensuring
that new entrants have meaningful pathways into the field and the opportunity to
influence its future direction.

Nathan Fisk, Nicholas M. Kelly, Lori Liebrock,


Cybersecurity communities of practice: Strategies for creating gateways to
participation,
Computers & Security,
Volume 132,
2023,
103188,
ISSN 0167-4048,
https://doi.org/10.1016/j.cose.2023.103188.
(https://www.sciencedirect.com/science/article/pii/S0167404823000986)
Abstract: Amidst the critical international demand for cybersecurity talent,
educational institutions and industry stakeholders have emphasized the need for
broadening access to various forms of formal educational pathways and certificate
programs. While these efforts have operated to significantly increase the number
of students engaged in formal cybersecurity education, little has been done to
develop accessible entry points into informal cybersecurity communities of
practice. In this paper, we argue that cybersecurity expertise is largely predicated
on entry into and participation in these cybersecurity communities of practice.
Emphasizing the role of the cybersecurity community draws attention to the
importance of ad-hoc and informal experiences in the development of both tacit
knowledge and social capital within the workforce, and the ways in which
opportunities in the field are differentially and unequally distributed. As such, this
paper begins by describing the role and importance of the cybersecurity
community and cybersecurity culture in developing the cybersecurity workforce,
followed by a discussion of existing efforts at two major state universities to
develop cybersecurity education programs that explicitly provide onramps to the
cybersecurity community. We close this paper by exploring practical mechanisms
by which to develop educational experiences which act as both gateways into
cybersecurity communities of practice and as agents of change for the field itself
- seeking to actively scale the workforce while simultaneously creating space for
minoritized voices in the field.
Keywords: Education; Community; Workforce development; Hacker culture;
Diversity

You might also like