Professional Website of Gary A. Harris Ph.D., Ed.S.
    MENU 
 

  Education Detail

The Honor Society of Phi Kappa Phi

Doctor of Philosophy

Education Specialist

Master of Science

Master of Engineering Management

Bachelor of Science

Associate of Applied Science

Associate of Applied Science

  Doctoral Research Dissertation

EXPLORATION OF THE GAP BETWEEN THE SECURE WEB APPLICATION DEVELOPMENT COMPETENCIES NEEDED BY INDUSTRY AND THOSE COMPETENCIES PROVIDED BY GRADUATES OF U.S. UNDERGRADUATE SOFTWARE ENGINEERING PROGRAMS

Abstract:
Literature demonstrates that threats and attacks on computer systems and networks have been around since the beginning of computing, and the number, severity, sophistication, and costs of attacks and data breaches are continuing to grow. Several studies suggest that one of the most common causes of data breaches is insecure web applications that contain vulnerable application code. These studies suggest that poor secure web application development practices are a prime cause of the susceptible web applications. Additionally, studies suggest that higher education is not meeting industry's secure software/web application development needs. Employers have reported that they are not getting the employees with the necessary secure web application development mitigation knowledge and skills. The literature demonstrates there is a secure web application development skills gap between industry needs and the web application development skills graduates of U.S. undergraduate software engineering programs are bringing to organizations. This research study addresses this lack of secure web application development skills of graduates that are greatly needed by industry. The purpose of this study is to help reduce this skills gap. The research methodology selected for this study is the qualitative research approach because it has been used successfully for studies involving security and privacy and can help address the 'how' and 'what' in research questions. This study started with an extensive literature review that demonstrated several important factors that established a solid foundation for the study. From this foundation, the collection and analysis of data from two data sources was planned and executed. The data collection was accomplished by qualitative document reviews, and conceptual content analysis was used for analysis. The first data source, job advertisements, was analyzed to identify the level of secure web application development competencies organizations are requesting from potential employees. The second data source, academic curricula, was analyzed to identify the level of secure web application development competencies included in undergraduate software engineering/web development programs. The results of the analysis from the two data sources were compared to provide any corroboration or insights into how the secure web application development competencies in job postings correspond with undergraduate software engineering program curricula. There were 341 job advertisements and 156 undergraduate software engineering/web development program curricula analyzed. The results showed the level of intensity at the bottom 4 percent for job advertisements and bottom 13 percent for academic curricula. The extremely low intensity level results suggest that emphasis on secure software/web development competencies is low within both datasets. Employers are not including much of these skill requirements in job advertisements and higher education institutions are not including much of this content in their software engineering/web development programs. In addition, there appears to be a relationship between the two results due to the low levels of secure development intensity of both datasets. However, this cannot be proven because job advertisements are only one of several methods that are used to identify industry needs by higher education institutions. Based on the results of the study, several recommendations and a Secure Web Application Development Curriculum Model was developed and proposed. The goal of the recommendations and Curriculum Model is help generate more web developers with greater secure software/web development competencies. The Curriculum Model can help establish active communication and collaboration between industry and educational institutions. This could help to create academic curricula with secure development competencies integrated throughout the entire program. Overall, this could help bridge the gap between the secure web application development competencies needed by industry and those competencies provided by graduates of U.S. undergraduate software engineering programs, and help address current and future threats and vulnerabilities in software and web applications.

Link to Dissertation:
      https://www.proquest.com/docview/3144736881/

  Graduate Courses Completed (194 Semester Hours)

Graduate Studies Include

University of Arkansas at Little Rock

University of the Cumberlands

University of Missouri

Wilmington University

Nova Southeastern University

Eastern Michigan University

Saint Martin's University

University of Southern California

City University

  Certifications and Certificates

Professional Certifications

Graduate Certificates

Online Educator Graduate Certificate

  Key Undergraduate Courses Completed

Information Technology

Management / Business Administration

Psychology

  Other Education