Doctor of Philosophy
Education Specialist
Master of Science
Master of Engineering Management
Bachelor of Science
Associate of Applied Science
Associate of Applied Science
EXPLORATION OF THE GAP BETWEEN THE SECURE WEB APPLICATION DEVELOPMENT COMPETENCIES NEEDED BY INDUSTRY AND THOSE COMPETENCIES PROVIDED BY GRADUATES OF U.S. UNDERGRADUATE SOFTWARE ENGINEERING PROGRAMS
Abstract:
Literature demonstrates that threats and attacks on computer systems and networks have been around since the beginning of computing, and the number, severity, sophistication, and costs of attacks and data breaches are continuing to grow. Several studies suggest that one of the most common causes of data breaches is insecure web applications that contain vulnerable application code. These studies suggest that poor secure web application development practices are a prime cause of the susceptible web applications. Additionally, studies suggest that higher education is not meeting industry's secure software/web application development needs. Employers have reported that they are not getting the employees with the necessary secure web application development mitigation knowledge and skills. The literature demonstrates there is a secure web application development skills gap between industry needs and the web application development skills graduates of U.S. undergraduate software engineering programs are bringing to organizations. This research study addresses this lack of secure web application development skills of graduates that are greatly needed by industry. The purpose of this study is to help reduce this skills gap. The research methodology selected for this study is the qualitative research approach because it has been used successfully for studies involving security and privacy and can help address the 'how' and 'what' in research questions. This study started with an extensive literature review that demonstrated several important factors that established a solid foundation for the study. From this foundation, the collection and analysis of data from two data sources was planned and executed. The data collection was accomplished by qualitative document reviews, and conceptual content analysis was used for analysis. The first data source, job advertisements, was analyzed to identify the level of secure web application development competencies organizations are requesting from potential employees. The second data source, academic curricula, was analyzed to identify the level of secure web application development competencies included in undergraduate software engineering/web development programs. The results of the analysis from the two data sources were compared to provide any corroboration or insights into how the secure web application development competencies in job postings correspond with undergraduate software engineering program curricula. There were 341 job advertisements and 156 undergraduate software engineering/web development program curricula analyzed. The results showed the level of intensity at the bottom 4 percent for job advertisements and bottom 13 percent for academic curricula. The extremely low intensity level results suggest that emphasis on secure software/web development competencies is low within both datasets. Employers are not including much of these skill requirements in job advertisements and higher education institutions are not including much of this content in their software engineering/web development programs. In addition, there appears to be a relationship between the two results due to the low levels of secure development intensity of both datasets. However, this cannot be proven because job advertisements are only one of several methods that are used to identify industry needs by higher education institutions. Based on the results of the study, several recommendations and a Secure Web Application Development Curriculum Model was developed and proposed. The goal of the recommendations and Curriculum Model is help generate more web developers with greater secure software/web development competencies. The Curriculum Model can help establish active communication and collaboration between industry and educational institutions. This could help to create academic curricula with secure development competencies integrated throughout the entire program. Overall, this could help bridge the gap between the secure web application development competencies needed by industry and those competencies provided by graduates of U.S. undergraduate software engineering programs, and help address current and future threats and vulnerabilities in software and web applications.
Link to Dissertation:
https://www.proquest.com/docview/3144736881/
Graduate Studies Include
University of Arkansas at Little Rock
University of the Cumberlands
University of Missouri
Wilmington University
Nova Southeastern University
Eastern Michigan University
Saint Martin's University
University of Southern California
City University
Professional Certifications
Graduate Certificates
Online Educator Graduate Certificate
Information Technology
Management / Business Administration
Psychology