Next Article in Journal
Enhancing Federated Data Trading via Trustworthy Identity and Access Management Framework
Previous Article in Journal
Comparing the Use of EMBA for IoT Firmware Security Analysis on Cloud Services and Standalone Servers
 
 
Search for Articles:
Title / Keyword
Author / Affiliation / Email
Journal
Article Type
 
 
Advanced Search
 
Section
Special Issue
Volume
Issue
Number
Page
 
Journals
JCP
Volume 6
Issue 2
10.3390/jcp6020040
jcp-logo
Submit to this Journal Review for this Journal Propose a Special Issue
Article Menu

Article Menu

share Share announcement Help format_quote Cite question_answer Discuss in SciProfiles
first_page
settings
Order Article Reprints
Font Type:
Arial Georgia Verdana
Font Size:
Aa Aa Aa
Line Spacing:
Column Width:
Background:
Article

Strengthening Workforce Readiness: Evidence on Work-Based Learning in U.S. Higher Education Cybersecurity Programs

by
Oscar A. Aliaga
*,
Noémi Nagy
,
Bonnie Gómez Torres
,
Ajara Mahmoud
and
Courtney N. Callahan
College of Education, University of South Florida, 4202 E. Fowler Avenue, Tampa, FL 33620, USA
*
Author to whom correspondence should be addressed.
J. Cybersecur. Priv. 2026, 6(2), 40; https://doi.org/10.3390/jcp6020040
Submission received: 15 December 2025 / Revised: 3 February 2026 / Accepted: 6 February 2026 / Published: 25 February 2026
(This article belongs to the Section Security Engineering & Applications)
Versions Notes

Abstract

This study provides a foundational review of work-based learning (WBL) opportunities offered by colleges and universities to students in higher education cybersecurity (CS) programs in the United States, with the goal of mapping the WBL practices across institutional and program contexts. Integrating WBL into CS curricula is widely recognized as an effective way to strengthen essential skills and address employer concerns about the gap between academic preparation and labor market needs. We first outline the characteristics of institutions and CS programs offering WBL. Next, we examine the range of WBL experiences designed to enhance students’ professional competencies. Finally, we explore characteristics of the partnerships between higher education and industry that support these initiatives. Using a status survey approach, we collected responses from 92 higher education institutions offering CS programs. We analyzed the data using descriptive statistics and linear regression models to explore patterns of association between the type and number of WBL opportunities available to students, institutional characteristics related to the total number of WBL offerings, and program features associated with WBL intensity across Awareness, Exploration, and Direct Experience levels of intensity. Findings reveal a diverse array of WBL opportunities, with notable growth across credential levels. Notably, certificates and associate degrees place particular emphasis on WBL. Both institutional characteristics and program features explain, albeit partially, the number of WBL opportunities implemented and the intensity levels of those WBL. However, results also indicate an ambivalent connection to employers, despite their critical role in providing hands-on, problem-solving experiences. Based on these insights, we recommend expanding WBL beyond internships, strengthening institutional–industry partnerships, and fostering employer engagement through structured WBL collaboration models. These strategies aim to improve workforce readiness and create a more inclusive, scalable system of experiential learning in cybersecurity education.

1. Introduction

As emerging technologies like artificial intelligence, quantum computing, and the Internet of Things reshape society and industries, higher education institutions are seeing growing enrollment in technology-related majors that prepare students for these new digital realities. One of them is cybersecurity (CS), a field that has been growing out of concerns to protect private information and financial assets, safety in many industries, and attacks from foreign governmental institutions and other entities. The Center for Strategic & International Studies [1], for example, keeps records of significant cyber incidents that have taken place since 2006. The development of newer technologies and advanced automation, specifically artificial intelligence (AI) and machine learning (ML), has become more relevant to cybersecurity and thus has pushed the need to incorporate them into cybersecurity education programs [2].
Interest in cybersecurity has also affected a growing labor market. Although estimates of the actual number of jobs that need to be filled vary, it has been calculated that in the United States alone, there is a staffing gap that fluctuates from over half a million as of 2023 [3] to more than 750,000 openings [4,5]. The global needs surpass 4 million jobs currently unfilled. These estimates align with the findings of a survey conducted with IT managers in Australia, France, Germany, Israel, Japan, Mexico, the UK, and the US, which found that 82% of employers agreed that there was a “large shortage” of cybersecurity skills in their companies [6].
In the last decade, different efforts have been taken to respond to the new reality surrounding cybersecurity, and specifically to reduce the job gap. Colleges and universities are part of those initiatives and have created new programs granting degrees in cybersecurity at all levels. In their efforts, they have developed close relationships with businesses and industry to support the preparation of future professionals in the field and ensure their employability.
A critical issue in preparing the future workforce in cybersecurity is the actual engagement of students in the field, which provides them with hands-on experiences in real-life situations. To cover such needs, many of those schools have turned to work-based learning (WBL) to further prepare those professionals and to better align coursework and curriculum with industry needs. Institutions of higher education have access to a large number of WBL options that they can offer to students, in a range that includes those that require very little exposure (site visits) and contact with employers to those that demand more time commitment and carry potential monetary compensation (internships and apprenticeships).
In this introductory study, we explored the work-based learning opportunities that colleges and universities offer to further prepare cybersecurity professionals, positioning the analysis as a foundational effort to map WBL practices across higher education cybersecurity programs.

2. Work-Based Learning in Higher Education

2.1. Review of Existing Literature

Research on the offerings and types of WBL in higher education cybersecurity programs is, to the best of our knowledge, essentially nonexistent, both in the United States and in other countries. This deficit may affect the advancement of the knowledge of cybersecurity workforce education. It also presents serious challenges in understanding what and where efforts are placed to truly strengthen the CS workforce’s readiness. Work-based learning activities cover a wide variety of types, varying by students’ (and companies’) involvement in actual work activities and their time commitment. There are several frameworks that explain the WBL continuum [7,8,9]. Using an adapted version of the FHI 360 framework [8], the most common WBL can be further classified into levels of intensity that reflect one end of the spectrum of WBL activities, with less involvement and time commitment, to the other end, which requires more direct participation and greater time commitment. The available WBL can then be placed on the following levels of intensity: (1) Awareness (which includes Industry speaker series, Worksite visits, Job shadowing), (2) Exploration (including Practicum/workplace projects, Senior design projects, Capstone experience), and (3) Direct Experience (which includes Internship and Employee mentorships). This categorization is helpful to understand and predict the WBL that may be more effective in the preparation of a CS workforce with skills that respond to the needs of the labor market. While WBL targeting Awareness helps students learn, WBL in the Direct Experience will be more effective in developing and strengthening the technical and soft skills the CS workforce needs.
Most of the current studies on the connection between WBL and CS, however, do not take that perspective. A number of studies have highlighted, in rather general terms, the importance and need to establish a clear connection between WBL and the CS curriculum in higher education, but it is noticeable the absence of a more detailed examination of what those WBL activities are or how they relate to the CS curriculum in institutions of higher education. Mukherjee, Le, Chow, and Susilo [10], for example, have argued that work-integrated learning must be embedded in the CS curriculum, allowing for application-based learning opportunities that include hands-on tasks. Others, like Bartone, Wagner, and Pauli [11], argue for moving away from knowledge based on the traditional academic theory model, although they recognize that experiential learning remains underdeveloped and inconsistently implemented in the cybersecurity field. A report by Crawford [12] further stresses the need for WBL in CS programs and calls for employers to focus hiring practices on the skills developed by potential employees, rather than relying exclusively on college degrees. Examining CS programs in the United Kingdom, Prickett and his colleagues [13] discuss several components of those programs, including curriculum and quality assurance, but they don’t address WBL or its implementation.

2.2. The Benefits of WBL in Higher Education

The wide variety of WBL types, along with vocational coursework, allows students to have diverse experiences and views of the world of work and to engage in education through work [14]. Therefore, students will have exposure to a broad array of learning experiences, from career exploration activities and job shadowing that do not require task involvement but rather observation, to more specialized training and participation that do require task involvement, such as internships [15]. In the U.S. higher education system, the time commitment also depends on the type of WBL students participate in, ranging from one hour attending a speaker series to months completing an internship. Students can also participate whenever those WBL opportunities are available, but for associate, bachelor’s, and master’s degree programs, the most common form of WBL, internships, is usually completed during the Summer break, although individual programs may plan internships differently, and companies may expect a different time to completion. In those institutions, WBL is an additional requirement, and, as a general rule, it does not replace a semester’s worth of courses nor any graduation requirements (such as a thesis or dissertation).
In general, the main purpose of work-based learning, according to Cahill [15], is to develop “hands-on experiences in a work environment that provide training paths to employment or support career advancement” (p. 6). Although WBL has been conceptualized in various ways, reflecting its multifaceted nature, different forms, and different perspectives on its core purpose, it should not be viewed solely as a mechanism for developing technical skills. While WBL enables students to apply job-specific competencies, it also fosters a broader understanding of the world of work, deepens knowledge of business and industry, and in the process promotes the development of personal and social competencies [16]. Expanding on this idea, Stasz and Stern [17] identify five overarching purposes of WBL:
(1) enhancing students’ motivation and academic achievement; (2) increasing personal and social competence related to work in general; (3) gaining a broad understanding of an occupation or industry; (4) providing career exploration and planning; and (5) acquiring knowledge or skill related to employment in particular occupations or more generic work competencies. (p. 2)
In an education system often criticized for its lack of alignment with real-world demands, WBL offers a critical approach to bridge this gap by providing students with opportunities to gain practical experience in authentic work environments. While WBL has long existed in higher education, recent years have seen a resurgence of interest among those institutions to adopt WBL [18]. This renewed focus is driven by multiple factors, including the growing expectation for higher education institutions to engage with an “increased number and variety of communities […] each of [which] has its particular demand,” a phenomenon described as their “third mission” [19] (p. 304) [20]. Additionally, those institutions are responding to technological advancements, economic integration, and the increasing diversity of the workforce. Collectively, these dynamics underscore the need for deeper collaboration to foster skill development [21].
Work-based learning enables students to apply the knowledge acquired through coursework in real-world professional contexts. As such, WBL serves as a strategic approach to strengthen students’ professional preparation, ultimately benefiting both society and the economy [22]. By fostering the development of work-related skills, WBL “promotes a high level of work role identification and efficacy, which in turn positively influences their successful transition into the work environment” [23] (p. 10). Beyond applying academic knowledge, WBL helps students cultivate additional competencies, including those learned from working with others and those related to other social aspects of learning, like interpersonal skills and collaboration—i.e., soft skills and employability skills [24,25]. Furthermore, Lester and Costley [26] highlight that WBL participants not only gain expertise and technical skills but also experience “increased confidence, a propensity to reflect and to want to understand, and a hunger for further learning and development” (p. 568).
The labor market benefits of WBL participation are also well documented. Students who complete paid internships are more likely to secure employment with higher wages within a year of graduation [27], achieve greater job success, and report higher career satisfaction. They also tend to earn higher average salaries both overall and within their respective industry [28]. Similarly, WBL participants generally earn higher incomes than non-WBL participants [29,30], including those engaged in internships or mentorships. Additional advantages include assuming greater workplace responsibilities, enhanced competence and assuredness, reduced stress, and improved recognition [26]. Work-based learning is also associated with an increased likelihood of full-time employment [31].

2.3. Expanding WBL in Higher Education

With the push to support the challenges of the new economy, federal and state policies have turned, too, to higher education institutions to expand work-based learning, including 2-year degree programs. Reported by Wilson and Mehta [32], of particular importance are the WBL expansion initiatives allocating “direct resources for state staff or other organizations to support the growth of work-based learning” (p. 5). In 2024 alone, 46 states had adopted policies towards promoting industry partnerships to engage in work-based learning [33]. The result of different policies and initiatives is that more programs in community colleges and universities offer or require work-based learning as a critical component of a student’s preparation.
Given the significant benefits it provides to students, colleges and universities now regard WBL as a fundamental component of higher education curricula [18]. This burgeoning interest has resulted in a substantial expansion of WBL at the higher education level in the U.S., therefore augmenting WBL adoption in a growing number of degree programs and types, including STEM [34], business [35,36], and teacher preparation [37], among others.
One of the few comprehensive research studies about WBL in higher education is that of Bragg and her colleagues [38], who examined the characteristics associated with WBL in about 500 two-year colleges in the country. Some of their findings indicate that (1) there were few curriculum and program areas that WBL was linked to; (2) only about 1/5 of students in technical programs took part in WBL; (3) WBL was absent from manufacturing and high tech programs—contrary to the recognition that those were the areas in most need of such approach; (4) nursing, and business programs appeared to have more structured WBL offerings, and (5) programs in the surveyed colleges tended to gravitate around a reduced set of WBL options: professional/clinical, cooperative education, school-based enterprise, apprenticeship, and youth apprenticeship.
Three decades later, some of those facts have certainly changed. According to Aliaga et al. [39], most of the programs in 2-year college degrees now require a form of WBL, covering all occupational areas in the career and technical education career clusters spectrum; more technology programs require a WBL, although health-related programs still lead those requirements; and clinical still appears to be the leading form of WBL followed by capstone, practicum and internships at least in the state where their study was conducted.
However, regardless of the WBL educational and labor outcomes benefits, and in spite of the WBL supporting policies and changes introduced over the past decades, only 21% of students participated in WBL [40], only one-fifth of adults completed a WBL program, and only 14% participated in WBL as part of a higher education program [41]. A survey by the National Survey of College Internships [42] reports that internship participation among students at 2-year institutions was 13%, compared to 36% among those attending 4-year institutions. This is significant because these numbers are similar to the data reported by Bragg et al. [38] for 2-year colleges, who indicated that in 1995, an average of 18% of students in vocational education participated in WBL in most of the institutions that were surveyed.

2.4. Critical Partnerships for a Successful WBL

There is little doubt that, for WBL to be relevant and successful, cooperation among educational institutions, businesses, and other partners is essential. Bremer and Madzar [43] advocated and encouraged employer participation, suggesting that various efforts could be undertaken in this direction to overcome business representatives’ reluctance. In a study conducted in Massachusetts, businesses support internships as a potential source of skilled talent, an approach shared not only by colleges but also by policymakers and students [44].
Stevens [45] reported that internships with crucial partners in cybersecurity programs have resulted in students’ enhanced communication and technical skills. The benefits of business participation are countless; above all, the possibility of creating a skilled workforce that directly impacts those businesses. Similarly, Atkinson [46] has pointed out that work-based learning requires the involvement of employers and industry for the successful preparation of the workforce.
However, Reeve and Gallacher [47] have warned that these partnerships come with some challenges, because of the limited interest they may have to engage in these types of relationships with universities, and because of the differences in understanding concerning learning and knowledge they may have. To counter those potential obstacles in developing WBL partnerships, it has been suggested those relationships require clear information, ongoing communication, flexibility with approaches, committed and skilled teachers who support students, engaged students, the involvement of intermediary organisations to arrange and facilitate activities, and the commitment of business and education leaders to drive work-based learning and work-integrated learning in their communities and companies [46].

3. The Higher Education Cybersecurity Curriculum and the Need for Practical Experience

Although cybersecurity is a relatively recent field of study, higher education institutions have increasingly launched initiatives to develop and prepare the future CS workforce and strengthen the skills of students and professionals to address the existing employment gap. However, the role of higher education in meeting labor market demands appears to lag behind industry needs. Employers have questioned the availability and “relevance of cybersecurity-related education programs,” expressing their concerns that those programs do not meet “the needs of their organizations” [48] (p. 20) [49]. This disconnect highlights a gap between what students learn and the skills expected in real-world settings [50]. Companies also note the absence of metrics or rankings “to help employers understand what programs, certifications, and degrees are the most effective” [51] (p. 3), while college curricula often operate in silos [52], failing “to provide a holistic solution to the root causes of the skills gap” [10] (p. 1). Furthermore, inconsistencies in program focus and institutional arrangements persist among colleges and universities [53]. Preparing students for CS careers requires not only foundational concepts but also interdisciplinary content [54]. As Nizich [55] notes, “there will be specific areas of expertise that will inevitably need to be either attained or learned” (p. 100)—such as AI, data science, cognitive psychology, and law.
In the relationship between higher education and the CS industry—as with other sectors—higher education institutions are expected to prepare graduates with the knowledge and skills necessary to support organizational goals. However, employers consistently express concern that graduates lack both practical experience and essential soft skills [51]. Universities face persistent challenges in providing CS students with hands-on learning opportunities that strengthen their readiness and professional roles [56]. In many cases, institutions struggle to implement practical approaches such as work-based learning due to limited industry partnerships and resource constraints [50]. As a result, graduates often enter the workforce “unable to apply their theoretical knowledge to various real-life situations” [57].
In the critical field of CS, an essential consideration is that professionals should possess soft skills that are transferable across roles rather than being role-specific [58]. This flexibility is fundamental in an industry characterized by constant change and evolving responsibilities. Notably, the type and level of soft—or employability—skills demanded by the cybersecurity sector are shifting at an unprecedented pace [59]. Existing literature on the required soft skills in CS consistently highlights teamwork, problem-solving, and communication [54,60,61], alongside analytical thinking, troubleshooting ability, integrity, resilience under pressure [62], and critical thinking [55]. The strong link between experiential learning and positive career outcomes has prompted institutions to prioritize internships as a key curricular component [55]. Recent recommendations advocate for expanding experiential learning to include work-like experiences that allow students to apply theoretical knowledge while developing hands-on technical skills [49]. Furthermore, integrating internships and other experiential learning opportunities into the CS curricula has been widely suggested [63]. These practical competencies are indispensable in the cybersecurity industry and are most effectively cultivated through structured work-based learning experiences [58].

4. Using Experiential Learning and Project-Based Learning to Explain the Strengthening of the Workforce Readiness in CS Through WBL

We grounded our study on the theories of project-based learning (PBL) and experiential learning (EL). EL and PBL are purposely used as interpretive lenses to contextualize observed patterns in WBL implementation. PBL, as defined by Barrows [64], emphasizes student-centered learning through inquiry-driven approaches to solve complex, real-world problems. This methodology fosters critical thinking and self-efficacy—skills essential for addressing contemporary cybersecurity challenges such as data breaches [65] and emerging threats enabled by technologies like artificial intelligence and machine learning [66]. By engaging students in collaborative problem-solving, PBL equips students with self-directed inquiry, effective communication, and lifelong problem-solving abilities [2,67], making it a robust framework for preparing graduates to meet the evolving demands of the cybersecurity job market.
Experiential learning (EL) theories [68] position students in direct engagement with authentic work environments. According to these theories, learning occurs through active participation, experience, and practice within real-world contexts [24,69]. As in problem-based learning (PBL), EL emphasizes context-driven, active learning by fostering the development of both conceptual knowledge (theory) and applied technical skills (practice) to meet the unique demands of the workplace, such as those in the cybersecurity sector. Through internships, apprenticeships, worksite visits, industry speaker series, job shadowing, mentorships, and simulation labs, students acquire practical skills in real time, aligning their training with workforce expectations. Integrating these theories provides a framework for understanding how students not only grasp cybersecurity concepts but also apply them effectively in practice.
The blending of PBL and EL is anchored in core components such as problem design, collaboration, and skill development, all of which are essential for preparing students in CS. First, problem design in PBL involves presenting learners with authentic, real-world challenges—such as mitigating phishing attacks, conducting vulnerability assessments, or responding to data breaches [2,65]. EL builds on this by situating these tasks in authentic work environments, enabling students to apply theoretical knowledge while addressing industry-relevant problems [68]. Collaboration is central to both approaches: PBL emphasizes teamwork among peers, whereas EL extends this interaction to include coworkers, mentors, supervisors, and industry professionals. Finally, skill development encompasses both the critical thinking cultivated through PBL and the hands-on technical competencies reinforced by EL, such as threat detection and incident response.
The integration of PBL and WBL spans multiple dimensions, forming a cohesive and promising learning continuum. Mentorship, for example, shifts from facilitators guiding inquiry in PBL to industry professionals offering coaching and feedback in WBL. Reflection, another critical component, is embedded in both approaches: PBL encourages students to analyze their problem-solving processes, while WBL reinforces workplace lessons through performance evaluations. Finally, assessment bridges the two models, with formative, performance-based evaluations ensuring that theoretical understanding aligns with technical proficiency.
This framework responds to the growing demand for skilled professionals in the cybersecurity sector. According to the Bureau of Labor Statistics [70], employment for Information Security Analysts is projected to increase by 29% through 2034—a rate far above the average for all occupations. Meeting this demand requires training approaches that move beyond traditional instruction and foster real-world competence, which is achieved through work-based learning.
By integrating the conceptual depth of PBL with the practical rigor of EL and WBL, the framework equips students to address current cybersecurity threats while remaining adaptable to emerging challenges. It also promotes diverse pathways, including Non-Traditional Training Programs (NTTPs). Through this holistic approach, students develop critical thinking, soft skills, technical expertise, and industry readiness—essential for success in the rapidly evolving cybersecurity landscape.

5. Research Problem, Purpose, and Research Question

In recent years, interest in developing a skilled cybersecurity workforce has grown significantly, prompting studies that explore various aspects of cybersecurity education. From the perspective of professionals in the field, a persistent question remains: how can we better prepare future practitioners for critical roles in cybersecurity? This shared concern between industry and higher education has led to an expansion of cybersecurity programs and the integration of work-based learning into curricula. However, limited research exists on the types of cybersecurity work-based learning opportunities offered by colleges and universities to enhance students’ preparation and improve their employability.
The purpose of this study was to provide a foundational understanding of how work-based learning opportunities are implemented and offered in colleges and universities in the field of cybersecurity in the United States. Specifically, the study aims to map the scope, types, and intensity of WBL practices across programs and institutional contexts, and to examine how institutional and program characteristics are associated with these practices. To achieve this, we first examined the spectrum of WBL offered to students to support their professional development. Next, we analyzed the key institutional characteristics of the available WBL opportunities. Finally, we examined some characteristics of the business and industry partnerships with CS programs in colleges and universities. Our findings are based on a survey conducted with colleges and universities across the United States.
The research questions for this study were:
  • What is the scope and types of work-based learning opportunities within cybersecurity programs at colleges and universities?
  • To what extent do higher education institution characteristics predict the number of work-based learning opportunities they offer through their cybersecurity programs?
  • How effectively do cybersecurity program features explain the use of direct experience across differing levels of intensity of work-based learning?
  • What views do colleges and universities have regarding employers’ involvement in work-based learning opportunities in cybersecurity programs?

6. Method

This is a foundational study that utilized a cross-sectional survey research design to map work-based learning (WBL) practices across cybersecurity programs at U.S. colleges and universities. We followed a descriptive or status survey approach [71], which is intended to yield valuable insights into practices [72]. The primary goal was to document the prevalence, distribution, and characteristics of WBL opportunities rather than to examine trends, test causal relationships, or evaluate effectiveness. As is typical of foundational descriptive surveys, we attempted to provide a snapshot of current practices at a single point in time to describe an educational phenomenon [72]. Descriptive research is particularly important in the evolving field of cybersecurity [10,73,74] and is central to understanding a real cyber system [75]. Descriptive research is also more relevant for studying the connection between WBL in CS, as very few studies have addressed this issue before, even though a massive skills shortage exists in this rapidly evolving technological landscape. Our goal was to transform reality into data [76] and thus use compelling data to further the understanding and knowledge of WBL in CS. We considered that descriptive studies are essential for understanding and addressing the complex challenges in cybersecurity education and workforce preparation, as they provide data in a field that still lacks a universally accepted curriculum, thereby laying the groundwork for hypothesis-driven causal analyses. In addition to descriptive statistics, we also conducted linear regression models to test associations between variables.

6.1. Instrument

The instrument used in this study was created to examine the availability and characteristics of work-based learning opportunities in college and university cybersecurity programs. This effort marked a first step toward a deeper understanding of WBL, which is widely regarded as a critical component in preparing students for cybersecurity careers. After its initial development, the survey was reviewed by a panel of experts to assess item relevance and ease of response. No major revisions were required. The finalized version was uploaded to an online platform designed for seamless distribution to potential respondents, who then completed the instrument entirely online. The instrument was developed in the context of the apprenticeship sub-group of the National Initiative for Cybersecurity Education (NICE). NICE is a collaborative network of professionals from industry, higher education, and state and federal agencies, all working to advance cybersecurity education and strengthen the workforce pipeline in this field.

6.2. Participants

For this study, we intentionally focused on collecting data from higher education institutions in the United States. Given the limited existing research on the landscape of WBL opportunities within higher education cybersecurity programs, our goal was to develop a more comprehensive understanding of the types of WBL experiences available to students in those programs. To achieve this, we selected participants from both community colleges (primarily offering certificates and 2-year associate degrees) and universities (which usually offer 4-year degrees, including bachelor’s and graduate degrees). By focusing on higher education institutions, we excluded other key stakeholders directly connected to these programs, namely industry partners and students. Only higher education institutions were included in the study, as they share more common characteristics across programs.

6.3. Sample

An invitation to participate in the study was sent to members of the different NICE networks—higher education, K-12, and apprenticeship sub-groups—the primary target audiences. The request was sent to individuals in 247 institutions. Additionally, the invitation was shared with the Center of Academic Excellence (CAE) network, which distributed it to their affiliates; however, the number of recipients and participants from that group is unknown. Two follow-up reminders were sent over a 60-day period to encourage participation.
A total of 94 responses were collected during the survey period, of which 92 were deemed usable. Respondents represented 33 different states. California had the highest number of responses, with 10, followed by Alabama with 7. New York, Texas, and Virginia each provided 6 responses. Colorado, North Carolina, and Wisconsin each accounted for 5 responses, while Maryland, Michigan, and Nebraska contributed 3 each. Colleges from other states submitted one or two responses.

7. Results

7.1. Characteristics of Programs and Institutions

To address Research Question 1, we first described the participant institutions and the CS programs they offered. Colleges and universities offering these programs were classified using the Carnegie Classification of Institutions of Higher Education [77].
Table 1 shows the distribution of cybersecurity programs by institution type among the study participants. Among the participating institutions, 44% were colleges and 22% were universities. Community colleges primarily offer entry-level programs, offering a higher number of certificates (N = 40) and associate degrees (N = 48) in CS. In contrast, universities regularly offered advanced education, providing bachelor’s (N = 29) and master’s (N = 34) programs. Overall, certificates (N = 57) and associate degrees (N = 53) were the most common CS programs offered, highlighting how community colleges and universities complement each other in meeting diverse career and workforce needs. In those institutions, students had varying options for declaring a cybersecurity focus. The most common option was to select a track, emphasis, or concentration within a cybersecurity major (28%), followed by declaring cybersecurity as their primary major (13%).
We also examined two distinguishing components that reflect the advancement of cybersecurity education: whether the institution was designated as a Center of Academic Excellence (CAE) and whether it hosted a Cybersecurity Center (CSC). In addition, we analyzed whether the cybersecurity program incorporated opportunities to earn Industry-Recognized Credentials (IRC), which validate specialized knowledge and skills in specific areas. Notably, 67% of responses came from institutions designated as Centers of Academic Excellence (CAE) in Cybersecurity, a recognition jointly awarded by the National Security Agency (NSA) and the U.S. Department of Homeland Security. Institutions earn CAE designation by meeting rigorous criteria and may choose to specialize in one or more focus areas [78]. Our findings indicate that CAE designation and the presence of a CSC are similarly distributed across certificate and associate programs, as well as in bachelor’s and master’s degrees. In contrast, embedding IRC attainment is most prevalent in certificate and associate programs, where workforce readiness is a primary focus. In the United States, IRCs are certifications issued by businesses or industry groups that demonstrate a person’s specific job skills. IRCs are validated by employers and serve two main purposes: demonstrating competence for entry-level jobs and boosting marketability by demonstrating the knowledge and skills students have learned [79].

7.2. Scope and Types of Work-Based Learning in Cybersecurity Programs

We also examined the types, frequencies, and mechanisms by which work-based learning is integrated into cybersecurity education.
According to survey participants, the total number of WBL offered by programs was: certificate programs, 55; associate degrees, 52; bachelor’s degrees, 35; and master’s degrees, 33. These data indicate that WBL opportunities span all levels of higher education credentials, with certificates and associate degree programs accounting for the majority of offerings, which, in turn, point to a stronger emphasis on WBL at foundational levels, where workforce preparation is prioritized. In contrast, bachelor’s and master’s programs include fewer WBL. Overall, participants reported 175 distinct WBL activities across programs.
The survey included a list of WBL commonly available in higher education settings. In total, eight WBL types were included in the analyses: Industry speaker series; worksite visits; job shadowing; employee mentorships; practicums/workplace projects; internship/cooperative education; senior design projects; and capstone experience.
Data reported in Table 2 show that internships/cooperative education is, not surprisingly, the most common form of work-based learning offered by responding institutions, largely in associate degree programs. It is followed by industry speaker series, capstone experience, and worksite visits. Associate degree programs offered a wider variety of WBL opportunities than the other programs. Certificate and master’s programs show a more balanced distribution of WBL types, with a slight emphasis on industry speaker series and capstone experiences. Notably, neither of these program types includes job shadowing opportunities. The total of 266 WBL activities indicates programs incorporate a wide variety of WBL types for students, rather than focusing on a single approach. Colleges generally offered a mix of WBL opportunities, though the number and type varied by institution. For example, associate degree programs reported a combined 120 WBL activities, followed by institutions offering bachelor’s degrees that participated in the study.
Notably, institutions with a Cybersecurity Center tend to offer a broader range of WBL opportunities than those without one. Internships/cooperative education is the most prevalent WBL opportunity among institutions that hold a Center of Academic Excellence designation or host a Cybersecurity Center.

7.3. Institution Characteristics and Work-Based Learning Offerings

As noted above, different types of institutions offer various forms of work-based learning within their cybersecurity programs. However, the extent to which WBL is incorporated depends on institutional characteristics and the degree to which institutions are connected to labor market needs [80].
To address Research Question 2, we employed a linear regression model to examine the influence of institutional characteristics on the total number of WBL activities implemented by cybersecurity programs (dependent variable). The independent variables included: (1) whether the program had a cybersecurity center, (2) whether the program held a CAE designation, (3) the number of full-time tenure faculty, (4) the number of full-time staff, and (5) whether the curriculum included preparation for industry-recognized credentials (IRCs).
The results presented in Table 3 indicate that some institutional factors would predict the WBL implementation in bachelor’s and master’s degree programs at universities, but not necessarily in college-level programs that offer certificates and associate degrees. For bachelor’s programs, the CAE designation is the most influential predictor of the number of WBL experiences offered. In contrast, for master’s-level programs, increases in the number of full-time tenure-track faculty are associated with a higher total number of WBL activities. In both cases, the presence of a CAE designation and greater numbers of full-time faculty likely signal a stronger institutional commitment to enhancing program quality.

7.4. The Intensity of WBL Opportunities Offered

As indicated above, our results show that cybersecurity programs at U.S. institutions of higher education offer a wide variety of WBL opportunities. To address Research Question 3, we examined the intensity of WBL implemented in these programs. For this analysis, we grouped the eight WBL types listed in Table 2 into the three levels of intensity reported above: Awareness, Exploration, and Direct Experience.
The purpose of this analysis was to understand how program features influence the level of WBL intensity adopted. To do so, we conducted a linear regression analysis to identify program features associated with the number of WBL implemented at each intensity level (dependent variable). The program characteristics included as independent variables were: (1) the total number of formal requirements each program established with businesses to implement WBL, (2) the number of companies participating in WBL at the time of the survey (organized into five groups), and (3) the age of the cybersecurity program.
Our findings indicate that the number of participating businesses had varying effects on WBL intensity (Table 4). Notably, programs working with smaller groups of companies (1–6 or 6–10 companies), as well as those collaborating with more than 20 companies, exhibited increases in the number of WBL activities across all intensity levels throughout all programs. Importantly, the number of participating companies does not predict WBL activity within a single intensity category; rather, it influences all three levels, though to different degrees. However, only programs partnering with 6–10 companies and those with more than 20 companies showed significant associations with WBL at the Direct Experience level, which includes internships and mentorships.
Another important finding is that the number of formal business requirements was statistically significant only for predicting WBL at the Direct Experience level within associate degree programs. This is noteworthy because a foundational principle of high-quality WBL is the need for structured, well-designed experiences to support student success [8,9,81]. What is also revealing is that program age was associated only with the number of Direct Experience-level WBL opportunities in certificate and associate degree programs. This finding is particularly informative, as it may indicate that a focus on Direct Experience WBL is associated with the expansion of CS programs at the certificate and associate degree levels to address the evolving nature of CS.
While several program features show statistically significant associations with WBL intensity, particularly the number of participating businesses and, in some cases, formal requirements and program age, the overall explanatory power varies considerably across program types and intensity levels (R2 ranging from 0.166 to 0.449). This pattern suggests that WBL intensity is not determined by a single dominant factor but rather reflects multifactor, context-dependent dynamics that differ across certificate, associate, bachelor’s, and master’s degrees. Programs appear to tailor their WBL approaches based on their specific contexts, with business partnerships playing a particularly important role across multiple intensity levels, though the strength and nature of these relationships vary by credential type.

7.5. Institutions’ Views of Employer Engagement in Work-Based Learning

We also assessed the responsiveness of critical partners—employers—to supporting WBL to address Research Question 4. To do so, we gathered institutions’ views of employer responsiveness. Strong partnerships with business and industry are essential for successful WBL implementation, and the cybersecurity sector is no exception. Table 5 presents employer responsiveness to WBL participation across program types, measured on a 5-point scale, where higher average scores indicate greater responsiveness. Overall, employer responsiveness appears moderate across all programs. However, bachelor’s and master’s CS programs report a slightly higher level of employer responsiveness, while associate and certificate programs show somewhat lower levels of responsiveness.
We also examined whether employers’ responsiveness to participate in WBL opportunities varied by business size. Table 6 presents the test of association results about the relationship between company size and the types of WBL programs implemented. Companies with fewer than 100 employees primarily partner with certificate and associate programs, showing less involvement with bachelor’s programs and minimal participation in master’s programs. In contrast, larger companies with more than 500 employees exhibited broad, nearly balanced responsiveness across all program types, including institutions offering certificates and associate degrees. Companies in the mid-size ranges (101–300 and 301–500 employees) follow a similar balanced pattern, though with slightly less consistency across program levels.
We previously emphasized the importance of business and industry partnerships for the successful implementation of WBL. Building on that premise, we examined why companies choose to participate in WBL in cybersecurity programs and the challenges they encounter. In Table 7, we present the top 10 reasons, as identified and reported by higher institutions, for employer engagement in cybersecurity WBL. The top three reasons are primarily labor-market-related—a trend consistent across most program types, with certificates showing slightly higher figures. Other related motivations include access to pre-screened candidates, opportunities for part-time or short-term hiring, or meeting training requirements for employment. Overall, workforce needs emerge as the dominant reason. While contributing to the community is also an important factor, it ranks lower in comparison. Quite noticeably, improving student education also ranks low. However, only their interest in hiring is statistically significant, indicating that their reason for participating in WBL is directly associated with their interest in the labor market supply.
Perceived reasons for non-participation, as reported by participant higher education institutions, are noteworthy (Table 8). Leading the list—often appearing in multiple forms—are financial constraints, such as lack of staff, time, and money, uncertain future business decisions, lost productivity, uncertain economic climate, insurance costs, and student wages, along with lack of state or federal government support, and rigidity of existing regulations. A second major category of perceived obstacles concerns limited knowledge of WBL or uncertainty about how to collaborate effectively with higher education institutions on WBL initiatives. Finally, a third group of concerns centers on distrust of student participants, citing limited availability, the risk of leaving after training, unreliability or immaturity, and a lack of basic skills. Our data reveal that large companies most commonly express those negative issues. Nevertheless, only three items were statistically significant and therefore directly related to their views on discouraging factors: lack of staff, time, and money for WBL; lack of state or federal government support; and a negative perception of the program’s quality. They seem to be critical aspects for higher education institutions to consider.
We also explored whether there was an association between the perceived reasons companies had to participate in WBL in those CS programs, and the discouraging factors, for which purpose we conducted a correlation analysis using the Spearman Rho test on the top six reasons under each category (Table 9). Because they point to two different types of views, we wanted to analyze if their monotonic relationship was negative, meaning that as the views of the reasons they had to participate would increase (items 1–6) the discouraging factors would decrease (items 7–12). Surprisingly, wherever the relationships were statistically significant, the correlation between the two groups of items was always positive, contrary to what we would have expected. This finding may point to the continued value of participating in WBL despite the challenges companies may face in engaging with higher education institutions.

8. Discussion

This study provides a foundational, descriptive, data-driven map of how work-based learning is integrated into U.S. cybersecurity (CS) programs. Rather than offering causal explanations, it establishes an empirical baseline of how WBL is currently structured, differentiated, and implemented across credential levels, institutional missions, and industry contexts, to address industry concerns about the development of soft and technical skills among the workforce [49,50]. In a rapidly evolving field where programs vary widely in curricular focus and local labor-market conditions, such mapping is a necessary precursor to theory testing and intervention design. By documenting variation in WBL scope, form, and intensity, this study clarifies what WBL looks like in practice and where meaningful differences emerge.
Our data portrays a broad WBL landscape across CS programs. Examining WBL is critical for understanding its role in students’ acquisition, development, and strengthening of essential skills, as well as its broader implications for higher education institutions, the economy, and industry partners. Three patterns stand out. First, WBL availability is increasing, signaling sustained interest in workforce readiness. Second, programs employ a diverse set of WBL formats, suggesting deliberate efforts to strengthen both technical and professional competencies. Third, WBL is widely implemented across institution types and credential levels—sub-baccalaureate through master’s—indicating that it is not confined to traditionally workforce-oriented programs.
Certificate and associate programs account for the largest share of WBL offerings, consistent with workforce education priorities and experiential learning theory [62]. Authentic workplace contexts can accelerate skill development by linking instruction to real problems and professional expectations [2,64]. Across all credential levels, internships dominate WBL provision and align closely with employer expectations for hands-on participation. By contrast, the limited use of job shadowing and mentoring suggests missed opportunities for earlier exposure, informal learning, and developmental support throughout students’ academic trajectories.
Regression results add nuance to WBL, both in terms of the total number of WBL offered by institutions and the intensity of WBL. While institutional characteristics do affect the number of WBL implemented, they seem to be associated with larger, more structured institutions, i.e., universities. The more important results, however, relate to WBL intensity. Program features were more strongly associated with Direct Experience WBL (e.g., internships and mentoring) in certificate and associate programs than in bachelor’s and master’s programs. Program age was particularly relevant for sub-baccalaureate credentials, suggesting that more immersive WBL may require time to develop—often evolving from early reflection-oriented activities toward more structured, high-commitment direct experiences [26,68].
Across models, institutional characteristics showed limited predictive power relative to those for program features, suggesting that WBL implementation depends less on fixed institutional structures and more on curricular design and industry connectivity [26]. This pattern highlights institutional agency: community colleges can implement robust WBL even without extensive research infrastructure, while research universities may leverage established partnership networks and quality frameworks (e.g., CAE designation) to encourage applied learning and authentic problem-solving.
Importantly, the absence of strong, consistent linear relationships between single institutional characteristics or program features and WBL intensity should not be interpreted as weakness. Instead, it suggests that WBL adoption is context-dependent and multifactorial, shaped by combinations of conditions—such as credential level, labor markets, employer networks, faculty capacity, and program maturity—rather than any single factor. In this sense, the regression results reinforce the descriptive findings by indicating heterogeneity in implementation pathways rather than uniform adoption mechanisms.
Employer engagement emerges as a central lever: across credentials, the number of business partners is consistently and positively associated with exposure-, reflection-, and direct experience-based WBL implementation [25,82]. This indicates that mandating WBL alone is insufficient, as meaningful experiential learning requires strong, diverse partnerships and institutional scaffolding to support placements and quality experiences [18,23]. Our findings align with the importance and value of varied contexts for learning through experience, while, from a PBL standpoint, they underscore the importance of multiple industry partners in providing diverse and authentic problems for students to solve [64,68].
Industry partnership and commitment enable students to develop advanced problem-solving skills beyond the classroom [2,51] and gain exposure to emerging technological developments [59,66]. However, Institutional reports reveal mixed employer perspectives. Larger firms appear more responsive across WBL types, likely reflecting greater capacity [83] and more formalized talent pipelines [84], while small- and mid-sized employers remain underrepresented, pointing to the need for scalable partnership models that lower participation barriers.
At the same time, (keeping in mind these are the perspectives of higher education institutions), employer attitudes can be ambivalent: firms may value WBL for recruitment and workforce needs [85], yet they express distrust, uncertainty, or concerns about operational burden. Correlational analysis suggests that even when firms cite barriers, e.g., limited resources, limited understanding of WBL, limited knowledge of the college or university, or their views on students’ behaviors past their WBL experience, they may still participate due to workforce needs—underscoring the importance of relationship-building and clearer communication about the value and structure of school–industry partnerships.
Finally, experiential and problem-based learning serve as interpretive lenses, not causal frameworks, in this study. Experiential learning is particularly well-suited to explaining workforce development in cybersecurity because the field depends on both technical proficiency and situational judgment [11]. In this sense, experiential learning helps clarify why students who participate in WBL gain an advantage in the workforce [86], because their knowledge is reinforced and enriched by experience [18]. The fact that participating higher-education institutions have embedded WBL into their formal curricula demonstrates a purposeful effort to strengthen the cybersecurity workforce through experiential, practice-based education. A core principle of PBL is that learners take on the role of active problem-solvers, integrating knowledge across multiple domains to produce concrete, meaningful, and tangible outcomes. In a field such as cybersecurity, project-based experiences provide students with the context and opportunity to apply theoretical concepts to real problems, enabling them to develop critical thinking, collaboration, teamwork, and other essential skills required for success in this complex, highly interconnected profession [87]. It also helps explain how students cultivate adaptability as they confront shifting challenges and continuously refine their approaches.
The WBL patterns documented—authentic contexts, progressive involvement, and applied problem solving—reflect how these learning approaches manifest in cybersecurity education. Together, they help explain why WBL can strengthen both technical proficiency and situational judgment, and they provide a coherent foundation for future research on which forms of WBL work best, for whom, and under what conditions.

9. Conclusions

Colleges and universities play a critical role in preparing students for careers in cybersecurity. However, to remain effective, these institutions have recognized the imperative to integrate work-based learning into their curricula, thereby addressing concerns raised by business and industry.
Our first conclusion is that higher education institutions in the United States are making a deliberate effort to respond to labor market demands for a well-prepared cybersecurity workforce. This is evidenced by the widespread inclusion of WBL opportunities in cybersecurity program curricula across most levels of higher education. The findings of this research underscore the pivotal role of higher education in equipping students with applied, cybersecurity-relevant skills through the strategic implementation of WBL that addresses the rapidly evolving needs of the field. Confronting real-world challenges—such as data privacy violations, hacking incidents, and other forms of security breaches—requires competencies cultivated through experiential learning approaches that emphasize critical thinking, problem solving, and the application of knowledge in authentic contexts.
The second conclusion is that the diversity of institutional settings—ranging from community colleges to universities—combined with the assorted cybersecurity program features, enables the implementation of nearly all forms of WBL. Institutional characteristics and program-level features are central to understanding both the number and intensity of WBL opportunities available in cybersecurity programs. The observed differences help explain why certificate and associate degree programs often report substantial WBL activity despite having fewer formal resources: their close alignment with local industry partners may facilitate hands-on, practice-oriented learning through frequent interactions and employer-embedded activities. In contrast, bachelor’s and master’s programs appear to rely more heavily on institutional structures—such as accreditation frameworks, faculty capacity, and formalized industry partnerships—to support experiential and project-based learning that integrates theory, structured reflection, and advanced problem-solving.
A third conclusion concerns the somewhat ambivalent perspective of participant institutions regarding the engagement of businesses and industries in WBL. While companies seek to participate in WBL initiatives to address workforce shortages, they simultaneously encounter a variety of obstacles that hinder or discourage their involvement. Moreover, while businesses and industries are largely driven to participate in work-based learning alongside cybersecurity programs by labor market demands, they place comparatively less emphasis on supporting students’ further development. A related concluding remark is that, despite those differing views, our analysis indicates that companies still regard WBL as a critical mechanism for addressing their workforce needs.
As cybersecurity becomes increasingly vital to national and global infrastructures, the demand for hands-on, practice-oriented learning will continue to rise. Colleges and universities are uniquely positioned to meet this need through expanded work-based learning opportunities and strong partnerships with industry. To strengthen the talent pipeline, institutions must broaden access to diverse WBL models, foster collaboration between faculty and employers, and remain agile in addressing the evolving needs of both students and the cybersecurity workforce. By embedding experiential learning at the heart of cybersecurity education, higher education can play a pivotal role in shaping a future-ready workforce—one that not only tackles today’s challenges but also anticipates those of tomorrow. In doing so, institutions will help safeguard innovation and security while preparing graduates to lead in an increasingly complex digital landscape.
Taken together, these findings underscore the value of foundational, mapping-oriented research for understanding how work-based learning is variably implemented across cybersecurity programs before explanatory or evaluative models can be meaningfully applied.

10. Implications

Our study adds to a very limited body of literature on work-based learning in cybersecurity higher education by examining not only the types of WBL offered but also how they are distributed across program types. These findings provide preliminary data for future research and highlight the value of integrating Experiential Learning and Problem-Based Learning to understand WBL implementation, proposing a conceptual model in which students progress from scenario-based learning to industry-based application.
This work aligns with national efforts to strengthen the cybersecurity workforce pipeline, including the National Initiative for Cybersecurity Education (NICE) framework [87], which outlines seven categories and 50 related occupations requiring varied education and training. As the framework increasingly emphasizes WBL in workforce preparation, our study contributes to this broader effort in cybersecurity education.
Although limited to cybersecurity, the results offer insights for institutions seeking to enhance student experiences and may inform research in other fields where WBL provides similar benefits. The study contributes conceptually by showing how WBL, experiential learning, and problem-based learning form a cohesive framework for preparing cybersecurity professionals. It extends Kolb’s experiential learning theory to digitally mediated environments and enriches project-based learning theory by underscoring employer collaboration as essential to authentic problem-solving.
Practically, the findings encourage higher education institutions to design programs that balance technical training with applied, industry-informed experiences. Strengthening employer partnerships through co-designed curricula, shared supervision, and pathways from internships to employment can enhance the relevance of CS programs. Expanding WBL beyond traditional internships—through micro-projects, simulations, and virtual mentorships—can also increase access, especially for smaller organizations and nontraditional learners. Policymakers can support these efforts by developing incentives and frameworks that reduce barriers to employer participation and promote equitable access.

11. Limitations and Future Research

This study has several limitations. Although geographically diverse, the sample may not represent all programs or WBL practices, and the U.S.-only focus limits generalizability beyond the U.S. Reliance on institutional self-reporting may also affect data accuracy. While the data do not capture the most recent developments in cybersecurity education or workforce policy, they offer a useful baseline for future evaluations and longitudinal analysis.
The study does not include perspectives from industry partners and students—two key stakeholders in WBL—creating opportunities for future research to examine employer commitments, student experiences, and the overall impact of WBL on learning and employment outcomes. While higher education institutions’ views of industry participation are valuable, relying solely on them introduces potential attribution bias.
An emerging area not addressed in this study is the integration of artificial intelligence. Future research should explore how AI tools are incorporated into curricula, how AI-enabled technologies shape WBL experiences, and how to teach responsible and secure AI use in cybersecurity contexts. Models that capture how AI transforms experiential learning and industry collaboration will be critical as the cybersecurity field evolves.
Further research is needed on how WBL is embedded within programs, the quality and outcomes of specific WBL experiences, and stakeholder perceptions of their effectiveness. Mixed-methods and longitudinal studies could illuminate how WBL practices adapt to emerging technologies such as AI, cloud security, and quantum computing. Comparative international work could also clarify how cybersecurity WBL varies across educational systems and inform global standards.
The results of this study have both practical and theoretical implications for advancing cybersecurity education and workforce development.

Author Contributions

Conceptualization, O.A.A.; methodology, O.A.A., A.M., C.N.C.; formal analysis, O.A.A., B.G.T., A.M., N.N.; investigation, O.A.A., C.N.C., A.M.; writing—original draft preparation, O.A.A., B.G.T., C.N.C.; writing—review and editing, O.A.A., C.N.C., N.N., A.M. All authors have read and agreed to the published version of the manuscript.

Funding

This research received no external funding.

Data Availability Statement

The raw data supporting the conclusions of this article will be made available by the authors on request.

Acknowledgments

The authors would like to thank Girish Seshagiri and Tirthankar Ghosh, who decisively contributed with the drafting of the survey.

Conflicts of Interest

The authors declare no conflicts of interest.

References

  1. Significant Cyber Events List. Available online: https://csis-website-prod.s3.amazonaws.com/s3fs-public/2024-04/240418_Cyber_Events.pdf (accessed on 17 November 2024).
  2. Chowdhury, N.; Katsikas, S.; Gkioulos, V. Modeling effective cybersecurity training frameworks: A Delphi method-based study. Comput. Secur. 2022, 113, 1–15. [Google Scholar] [CrossRef]
  3. How the Economy, Skills Gap and Artificial Intelligence Are Challenging the Global Cybersecurity Workforce. Available online: https://www.isc2.org/ (accessed on 13 April 2025).
  4. 2023 Official Cybersecurity Jobs Report. Available online: https://bit.ly/esentire-2023 (accessed on 12 December 2024).
  5. Larson, E. Building bridges across the IT skills gap in fewer than four years. Tech. Dir. 2018, 77, 26–27. [Google Scholar]
  6. Hacking the Skills Shortage. A Study of the International Shortage in Cybersecurity Skills. Available online: https://bit.ly/McAfee-2016-HackingSkillsShortage (accessed on 10 October 2025).
  7. Work-Based Learning Continuum. Available online: https://www.michigan.gov/-/media/Project/Websites/mde/CTE/cte_wbl/WBL_Continuum_Guide.pdf (accessed on 12 July 2025).
  8. Work-Based Learning Manual. Available online: https://bit.ly/FHI360-WBL (accessed on 2 December 2024).
  9. Work-Based Learning: From Information to Action. The Framework. Available online: https://bit.ly/JFF-WBLFramework (accessed on 29 January 2025).
  10. Mukherjee, M.; Le, N.T.; Chow, Y.-W.; Susilo, W. Strategic approaches to cybersecurity learning: A study of educational models and outcomes. Information 2024, 15, 117. [Google Scholar] [CrossRef]
  11. Bertone, B.; Wagner, P.; Pauli, J. Experiential learning: Innovative approaches to post-secondary cybersecurity education. J. Cybersecur. Educ. Res. Pract. 2025, 15, 1–10. [Google Scholar] [CrossRef]
  12. Crawford, A. The Future of Work-Based Learning for Cyber Jobs. Available online: https://cset.georgetown.edu/publication/the-future-of-work-based-learning-for-cyber-jobs/ (accessed on 22 November 2025).
  13. Prickett, T.; Yang, L.; Irons, A.; Miller, K.; Brooke, P.; Crick, T.; Hayes, A.; Davenport, J.H.; English, R.; Maguire, J.; et al. Challenges and opportunities of teaching cybersecurity in UK university computing programmes. In Cybersecurity Teaching in Higher Education; Sikos, L., Haskell-Dowland, P., Eds.; Springer: Cham, Switzerland, 2023; pp. 1–36. [Google Scholar]
  14. Castellano, M.; Stringfield, S.; Stone, J.R., III. Career and technical education and comprehensive school reform: Implications for research and practice. Rev. Educ. Res. 2003, 73, 231–272. [Google Scholar] [CrossRef]
  15. Cahill, C. Making Work-Based Learning Work. Available online: https://bit.ly/Cahill-2023 (accessed on 17 February 2025).
  16. Hamilton, M.A.; Hamilton, S.F. When is work a learning experience? Phi Delta Kappan 1997, 78, 682–689. [Google Scholar]
  17. Stasz, C.; Stern, D. Work-Based Learning for Students in High Schools and Community Colleges. Available online: https://bit.ly/Stasz-Stern-1998 (accessed on 11 January 2024).
  18. Morley, D.A. Enhancing Employability in Higher Education Through Work Based Learning; Palgrave Macmillan: Cham, Switzerland, 2018. [Google Scholar]
  19. Jongbloed, B.; Enders, J.; Salerno, C. Higher education and its communities: Interconnections, interdependencies and a research agenda. High. Educ. 2008, 56, 303–324. [Google Scholar] [CrossRef]
  20. Narayanan, T.R. Academia–industry partnership: An impetus for strengthening teaching and research in higher education institutions. Curr. Sci. 2009, 96, 343–346. [Google Scholar]
  21. Thompson, D.; Brewster, S. Inclusive placement learning for diverse higher education students: Anxiety, uncertainty and opportunity. Educ. Rev. 2023, 75, 1406–1424. [Google Scholar] [CrossRef]
  22. Bailey, T.R.; Hughes, K.; Moore, D.T. Working Knowledge: Work-Based Learning and Education Reform; Routledge: New York, NY, USA, 2004. [Google Scholar]
  23. Raelin, J.A. Work-based learning in U.S. higher education policy. High. Educ. Ski. Work-Based Learn. 2011, 1, 10–15. [Google Scholar] [CrossRef]
  24. Rogers-Chapman, M.F.; Darling-Hammond, L. Preparing 21st Century Citizens: The Role of Work-Based Learning in Linked Learning. Available online: https://bit.ly/preparing21stcent (accessed on 12 December 2024).
  25. Siebert, S.; Mills, V.; Tuff, C. Pedagogy of work-based learning: The role of the learning group. J. Workplace Learn. 2009, 21, 443–454. [Google Scholar] [CrossRef]
  26. Lester, S.; Costley, C. Work-based learning at higher education level: Value, practice and critique. Stud. High. Educ. 2010, 35, 561–575. [Google Scholar] [CrossRef]
  27. Torpey-Saboe, N.; Leigh, E.W.; Clayton, D. The Power of Work-Based Learning; Strada Education Foundation: Indianapolis, IN, USA, March 2022; Available online: https://stradaeducation.org/wp-content/uploads/2022/03/031522-PV-report.pdf (accessed on 18 September 2025).
  28. Kahn, J.; Patil, S. Impacts of Experiential Learning on Gen Z Early Career Experience. Available online: https://bit.ly/Kahn-Patil-2025-ExpLearning (accessed on 18 October 2025).
  29. Galarneau, D.; Kinack, M.; Marshall, G. Work-Integrated Learning During Postsecondary Studies, 2015 Graduates. Available online: https://bit.ly/Galarneau (accessed on 23 February 2025).
  30. Plasman, J.; Thompson, C. The value of informal learning within work-based learning: The economic benefits of WBL. Int. J. Train. Dev. 2023, 27, 305–326. [Google Scholar] [CrossRef]
  31. Walters, D.; Zarifa, D. Earnings and employment outcomes for male and female postsecondary graduates of coop and non-coop programmes. J. Vocat. Educ. Train. 2008, 60, 377–399. [Google Scholar]
  32. Wilson, B.; Mehta, S. Work-Based Learning Policy: 50-State Scan. Available online: https://bit.ly/50-StateScan (accessed on 11 October 2024).
  33. State Policies Impacting CTE. 2024 Year in Review. Available online: https://careertech.org/wp-content/uploads/2025/02/CTE_2024YIR_02_022025.pdf (accessed on 28 July 2025).
  34. Remington, T.F.; Chou, P.; Topa, B. Experiential learning through STEM: Recent initiatives in the United States. Int. J. Train. Dev. 2023, 27, 327–359. [Google Scholar] [CrossRef]
  35. Hodge, L.; Proudford, K.L.; Holt, H. From periphery to core: The increasing relevance of experiential learning in undergraduate business education. Res. High. Educ. J. 2014, 26, 1–17. [Google Scholar]
  36. McCarthy, P.R.; McCarthy, H.M. When case studies are not enough: Integrating experiential learning into Business curricula. J. Educ. Bus. 2006, 81, 201–204. [Google Scholar] [CrossRef]
  37. Williams, L.; Sembiante, S.F. Experiential learning in U.S. undergraduate teacher preparation programs: A review of the literature. Teach. Teach. Educ. 2022, 112, 103630. [Google Scholar] [CrossRef]
  38. Bragg, D.D.; Hamm, R.E.; Trinkle, K.A. Work-Based Learning in Two-Year Colleges in the United States. Available online: https://files.eric.ed.gov/fulltext/ED378446.pdf (accessed on 12 October 1994).
  39. Aliaga, O.A.; Reinheimer, H.; Chipps-Walton, L. A review of work-based learning in postsecondary vocational education programs in the United States. In Career Development, Digitalization and Inclusive Learning. Empowering the Workforce in Technical and Vocational Education and Training; Moreno Herrera, L., Gougoulakis, P., Teräs, M., Kontio, J., Eds.; Palgrave Macmillan-Springer: Cham, Switzerland, 2025; pp. 217–241. [Google Scholar]
  40. Cronen, S.; McQuiggan, M.; Isenberg, E. Adult Training and Education: Results from the National Household Education Surveys Program of 2016. First Look. Available online: https://nces.ed.gov/pubs2017/2017103rev.pdf (accessed on 1 November 2024).
  41. Spaulding, S.; Hecker, I.; Bramhall, E. Expanding and Improving Work-Based Learning in Community Colleges. Better Data and Measurement to Realize Goals for Students and Employers. Available online: https://www.urban.org/sites/default/files/publication/101781/expanding20and20improving20work-based20learning20in20community20colleges.pdf (accessed on 10 March 2025).
  42. National Survey of College Internships. Spring 2023. Available online: https://www.collegeinternshipsurvey.org/dashboards/spring-2023 (accessed on 11 April 2024).
  43. Bremer, C.; Madzar, S. Encouraging employer involvement in youth apprenticeship and other work-based learning experiences for high school students. J. Career Tech. Educ. 1995, 12, 15–26. [Google Scholar] [CrossRef]
  44. Kazis, R.; Snyder, N. Uncovering Hidden Talent: Community College Internships That Pay and Pay Off for Students and Employers. Available online: https://bit.ly/Kazis-Snyder-2019-Interns (accessed on 11 October 2024).
  45. Stevens, D.J. Cybersecurity Internship Impacts on Participant Professional Development and Employment: A Case Study. Ph.D. Thesis, University of Hawai‘i at Manoa, Honolulu, HI, USA, 2025. [Google Scholar]
  46. Atkinson, G. Work-Based Learning and Work-Integrated Learning: Fostering Engagement with Employers. Available online: https://bit.ly/Atkinson-2016-WBL-Empl (accessed on 23 August 2025).
  47. Reeve, F.; Gallacher, J. Employer–university ‘partnerships’: A key problem for work-based learning programmes? J. Educ. Work. 2005, 18, 219–233. [Google Scholar] [CrossRef]
  48. U.S. Secretary of Commerce and U.S. Secretary of Homeland Security. A Report to the President on Supporting the Growth and Sustainment of the Nation’s Cybersecurity Workforce: Building the Foundation for a More Secure American Future. Available online: https://bit.ly/US-Sec-Comm-DHS-2018-CSWf (accessed on 12 March 2025).
  49. Murphy, D.; Tryfona, N.; Marshall, A.M. A targeted study on the match between cybersecurity higher education offerings and workforce needs. Virg. J. Sci. 2023, 74, 1–17. [Google Scholar]
  50. Ghosh, T.; Francia, G., III. Assessing competencies using scenario-based learning in cybersecurity. J. Cybersecur. Priv. 2021, 1, 539–552. [Google Scholar] [CrossRef]
  51. Crumpler, W.; Lewis, J.A. The Cybersecurity Workforce Gap. Available online: https://bit.ly/Crumper-Lewis-2019-CSWfGap (accessed on 22 February 2025).
  52. McDuffie, E.L.; Piotrowski, V.P. The future of cybersecurity education. Comp. Ed. 2014, 47, 67–69. [Google Scholar]
  53. Crabb, J.; Hundhausen, C.; Gebremedhin, A. A critical review of cybersecurity education in the United States. In Proceedings of the 55th ACM Technical Symposium on Computer Science Education V, Portland, OR, USA, 20–23 March 2024. [Google Scholar]
  54. Justice, C.; Sample, C.; Loo, S.M.; Ball, A.; Hampton, C. Future needs of the cybersecurity workforce. In Proceedings of the 17th International Conference on Cyber Warfare and Security, Albany, NY, USA, 17–18 March 2022. [Google Scholar]
  55. Nizich, M. The Cybersecurity Workforce of Tomorrow; Emerald: Bingley, UK, 2023. [Google Scholar]
  56. Atatsi, E.K. Exploring the Use of Internships to Build Practical Experience for Emerging Cybersecurity Professionals in Order to Meet Industry Work Experience Requirements. Ph.D. Thesis, Marymount University, Arlington, VA, USA, 2024. [Google Scholar]
  57. Takács, J.M.; Pogatsnik, M. A systematic review of human aspects in Industry 4.0 and 5.0: Cybersecurity awareness and soft skills. In Proceedings of the 27th IEEE International Conference on Intelligent Engineering Systems, Nairobi, Kenya, 26–28 July 2023. [Google Scholar]
  58. Griffin, A.J.; Johnson, N.F.; Valli, C.; Vernon, L. The impact of twenty-first century skills and computing cognition cyber skills on graduates’ work readiness in cyber security. In Advances in Security, Networks, and Internet of Things. Transactions on Computational Science and Computational Intelligence. Proceedings of the SAM’20, ICWN’20, ICOMP’20, and ESCS’20, Las Vegas, NV, USA, 27–30 July 2020; Springer: Cham, Switzerland, 2021. [Google Scholar]
  59. Doherty, O.; Stephens, S. Hard and soft skill needs: Higher education and the Fintech sector. J. Educ. Work. 2023, 36, 186–201. [Google Scholar] [CrossRef]
  60. Castellanos, S. Cybersecurity Requires ‘Insatiable’ Problem-Solving Skills; Technical Skills Can Be Taught. Available online: https://www.wsj.com/articles/cybersecurity-requires-insatiable-problem-solving-skills-technical-skills-can-be-taught-1527180960 (accessed on 15 October 2025).
  61. Payne, B.; Sandy, M. Hampton Roads Cybersecurity Education, Workforce, and Economic Development Alliance. Available online: https://bit.ly/Payne-Sandy-2018-HR-CSWfEcDev (accessed on 31 August 2025).
  62. Survey Says: Soft Skills Highly Valued by Security Team. Available online: https://www.tripwire.com/state-of-security/survey-says-soft-skills-highly-valued-security-team (accessed on 13 December 2024).
  63. Payne, B.K.; Mayes, L.; Paredes, T.; Smith, E.; Wu, H.; Xin, C.S. Applying high impact practices in an interdisciplinary cybersecurity program. J. Cybersecur. Educ Res. Pract. 2020, 2020, 1–26. [Google Scholar]
  64. Barrows, H.S. A taxonomy of problem-based learning methods. Med. Educ. 1986, 20, 481–486. [Google Scholar] [CrossRef]
  65. Al-Harrasi, A.; Shaikh, A.K.; Al-Badi, A. Towards protecting organisations’ data by preventing data theft by malicious insiders. Int. J. Organ. Anal. 2021, 31, 875–888. [Google Scholar] [CrossRef]
  66. Schmitt, M.; Flechais, I. Digital deception: Generative artificial intelligence in social engineering and phishing. Artif. Intell. Rev. 2024, 57, 1–23. [Google Scholar] [CrossRef]
  67. Jaganathan, S.; Bhuminathan, S.; Ramesh, M. Problem-based learning—An overview. J. Pharm. Bioallied Sci. 2024, 16, 1435–1437. [Google Scholar] [CrossRef]
  68. Kolb, D.A. Experiential Learning: Experience as the Source of Learning and Development, 2nd ed.; Pearson: Upper Saddle River, NJ, USA, 2015. [Google Scholar]
  69. Thomassen, A.O. Facilitated work based learning: A new method for continuing education? In Increasing Student Engagement and Retention Using Mobile Applications: Smartphones, Skype and Texting Technologies; Wankel, L.A., Blessinger, P., Eds.; Emerald: Bingley, UK, 2013; pp. 241–286. [Google Scholar]
  70. Occupational Outlook Handbook. Available online: https://www.bls.gov/ooh/computer-and-information-technology/information-security-analysts.htm (accessed on 27 June 2025).
  71. Tanner, K. Survey designs. In Research Methods: Information, Systems, and Contexts, 2nd ed.; Williamson, K., Johanson, G., Eds.; Chandos: Cambridge, MA, USA, 2018; pp. 159–192. [Google Scholar]
  72. Gall, M.D.; Gall, J.P.; Borg, W.R. Educational Research. An Introduction, 8th ed.; Pearson: Boston, MA, USA, 2007; pp. 298–306. [Google Scholar]
  73. Medina-Rodríguez, C.E.; Casas-Valadez, M.A.; Faz-Mendoza, A.; Castañeda-Miranda, R.; Gamboa-Rosales, N.K.; López-Robles, J.R. The Cyber Security in the Age of Telework: A Descriptive Research Framework through Science Mapping. In Proceedings of the 2020 International Conference on Data Analytics for Business and Industry: Way Towards a Sustainable Economy (ICDABI 2020), Sakheer, Bahrain, 26–27 October 2020. [Google Scholar]
  74. Crandall, K.S.; Noteboom, C.; El-Gayar, O.F.; Crandall, K. High school students’ perceptions of cybersecurity: An explanatory case study. Issues Inf. Syst. 2019, 20, 74–82. [Google Scholar]
  75. Edgar, T.W.; Manz, D.O. Research Methods for Cyber Security; Elsevier: Cambridge, MA, USA, 2017. [Google Scholar]
  76. Loeb, S.; Morris, P.; Dynarski, S.; Reardon, S.; McFarland, D.; Reber, S. Descriptive Analysis in Education: A Guide for Researchers. Available online: https://files.eric.ed.gov/fulltext/ED573325.pdf (accessed on 3 January 2026).
  77. American Council of Education. Carnegie Classification of Institutions of Higher Education. Available online: https://bit.ly/Carnegie2025 (accessed on 1 December 2025).
  78. National Centers of Academic Excellence. Available online: https://www.nsa.gov/Academics/Centers-of-Academic-Excellence/ (accessed on 10 March 2024).
  79. Industry Recognized Credentials. Catapulting Learners Forward. Available online: https://bit.ly/CTE-DC-IRC (accessed on 22 November 2025).
  80. Little, B.; Brennan, J. A Review of Work Based Learning in Higher Education. Available online: https://oro.open.ac.uk/11309/ (accessed on 8 August 2023).
  81. Alfeld, C.; Charmer, I.; Johnson, L.; Watts, E. Work-Based Learning Opportunities for High School Students. Available online: https://bit.ly/Alfeld-et-al-WBL-NRCCTE (accessed on 14 March 2013).
  82. Johnson, K.W. An exploration of employer participation in internships and other work-based learning experiences. J. Career Tech. Educ. 2022, 37, 1–20. [Google Scholar] [CrossRef]
  83. Bishop, D. Firm size and workplace learning processes: A study of the restaurant sector. Eur. J. Train. Dev. 2020, 44, 305–320. [Google Scholar] [CrossRef]
  84. In Their Words: Why Business Leaders Support CTE, Career Pathways & Career Academies. Available online: https://bit.ly/AdvanceCTE-InTheirWords2016 (accessed on 21 November 2025).
  85. Bradberry, L.A.; De Maio, J. Learning by doing: The long-term impact of experiential learning programs on student success. J. Pol. Sci. Ed. 2019, 15, 94–111. [Google Scholar]
  86. Kipers, J.; Wagner, P.; Honomichl, R.J. Arizona’s experiential learning opportunities: Regional security operations centers and cybersecurity clinics. J. Cybersecur. Educ. Res. Pract. 2025, 2025, 18. [Google Scholar] [CrossRef]
  87. Newhouse, W.; Keith, S.; Scribner, B.; Witte, G. National Initiative for Cybersecurity Education (NICE) Cybersecurity Workforce Framework. Available online: https://bit.ly/NICE-Framewk-2017 (accessed on 25 January 2024).
Table 1. Cybersecurity Program and Institution of Higher Education Type (N = 91).
Table 1. Cybersecurity Program and Institution of Higher Education Type (N = 91).
Cybersecurity ProgramInstitution Type
Community CollegeUniversityTotal
Certificate401757
Associate48553
Bachelor’s62935
Master’s03434
Total9782179
Table 2. Frequency of Work-Based Learning by Program Type.
Table 2. Frequency of Work-Based Learning by Program Type.
Work-Based LearningProgramTotal
CertificateAssociateBachelor’sMaster’s
Industry speaker series 9278953
Worksite visits 6184634
Job shadowing 083011
Employee mentorships 485421
Practicums/workplace projects 6105627
Internship/cooperative education 73112757
Senior design projects 726722
Capstone experience 8169841
Total471205247266
Table 3. Impact of Institutional Characteristics on the Total Number of Work-Based Learning Opportunities Implemented, by Program Type. Linear Regression Standardized Coefficients.
Table 3. Impact of Institutional Characteristics on the Total Number of Work-Based Learning Opportunities Implemented, by Program Type. Linear Regression Standardized Coefficients.
Cybersecurity Program Total Number of WBL
Institutional CharacteristicCertificate/Associate
Degree		Bachelor’s
Degree		Master’s
Degree
Cybersecurity Center−0.027−0.0330.231
CAE Designation−0.0700.403 **0.163
Number of Full-Time Tenure Faculty−0.1980.2900.679 *
Number of Full-Time Staff−0.012−0.151−0.295
IRC−0.219−0.2050.200
Adjusted R2−0.0850.2060.244
N413230
* Statistically significant at p < 0.01. ** Statistically significant at p < 0.05.
Table 4. Impact of Program Features on the Intensity of Work-Based Learning Opportunities, by Number and Program Type. Linear Regression Standardized Coefficients.
Table 4. Impact of Program Features on the Intensity of Work-Based Learning Opportunities, by Number and Program Type. Linear Regression Standardized Coefficients.
ProgramCertificate ProgramsAssociate DegreeBachelor’s DegreeMaster’s Degree
FeatureNumber of WBL Implemented by Intensity Level
Awa aExpl bExp cAwaExplExpAwaExplExpAwaExplExpe
Requirements0.035−0.9790.1750.072−0.0970.279 **0.172−0.1210.0830.050−0.049−0.064
Business 1–50.477 *4.616 *0.313 **0.305 **0.446 *0.0540.413 **0.583 *0.1790.2280.379 **0.061
Business 6–100.397 *2.386 **0.227 ***0.352 **0.315 **0.223 ***0.360 **0.514 *0.507 **0.506 **0.656 *0.655 *
Business 11–150.354 **0.9020.200 0.407 *−0.0300.1590.526 *0.452 *0.0470.470 **0.352 ***0.064
Business 16–200.1431.4960.1910.0340.440 *0.219 ***0.0890.425 *0.330 ***−0.1030.335 **−0.032
Business 20+0.261 **2.713 *0.284 **0.238 ***0.277 **0.277 **0.534 **0.637 *0.492 **0.669 *0.629 *0.624 *
Program Age −0.007−0.1980.279 **−0.0460.0800.255 **−0.0400.089 *0.068−0.0970.114−0.261
Adj R20.3600.2980.3340.2670.3750.4350.2670.4490.1660.1770.4090.283
N53523431
a Awareness: Industry speaker series; Worksite visits; Job shadowing. b Exploration: Practicum/workplace projects; Senior design projects; Capstone experience. c Direct Experience: Internship; Employee mentorships. * Statistically significant at p < 0.01. ** Statistically significant at p < 0.05. *** Statistically significant at p < 0.10.
Table 5. Employers’ Responsiveness to Participation in Work-based Learning by Program (N = 92).
Table 5. Employers’ Responsiveness to Participation in Work-based Learning by Program (N = 92).
ProgramMean ResponseStandard Deviation
Certificate3.331.205
Associate3.341.159
Bachelor’s 3.741.172
Master’s3.761.062
Table 6. Company Size and Work-based Learning by Program. Test of Association (N = 92).
Table 6. Company Size and Work-based Learning by Program. Test of Association (N = 92).
ProgramBusiness SizeTotalχ2 (df)
<5051–100101–300301–500>500
Certificate1097626581.299 (4)
Associate11108519538.825 (4) **
Bachelor’s352520355.132 (4)
Master’s0325243418.429 (4) *
Total2427192189180
* Significant at p < 0.01. ** Significant at p < 0.10.
Table 7. Higher Education Institutions Understanding of Employers Reasons for WBL Participation. Top 10. Test of Association.
Table 7. Higher Education Institutions Understanding of Employers Reasons for WBL Participation. Top 10. Test of Association.
ReasonsPrograms
CertificateAssociateBachelor’sMaster’sTotalχ2
Local or community-wide job shortage423226241241.126
Opportunity to test potential employees333324251152.545
Access to pool of qualified workers342925261141.177
Contribution to community23211715760.933
Part-time/short-term hiring2421119653.011 *
Access to pre-screened applicants20161311600.637
Improve student education 151674420.821
Encouragement from industries101144290.498
Required training for hiring7621162.237
Government subsidies5432140.844
Reduction in benefits expenses4244140.036
Certificate (N = 58), Associate (N = 53), Bachelor’s (N = 35), Master’s (N = 34). * Significant at p < 0.10.
Table 8. Higher Education Institutions’ Understanding of Employer’s Discouraging Factors to Engage in Work-Based Learning. Test of Association.
Table 8. Higher Education Institutions’ Understanding of Employer’s Discouraging Factors to Engage in Work-Based Learning. Test of Association.
Discouraging FactorsPrograms
CertificateAssociateBachelor’sMaster’sχ2
Lack of staff, time, and money for WBL363627254.165 *
Lack of knowledge about WBL242511150.645
Lack of knowledge or obstacles in working with the institution15131090.062
Students not always available1071290.539
Possibility of leaving after training139661.614
Lack of interest in WBL1011560.539
Uncertain future business decisions88660.078
Lost productivity for trainers77672.063
Employee resistance106641.252
Uncertain economic climate78540.002
Insurance issues79330.131
Lack of state or federal government support108226.577 *
Rigidity in existing local, state, or federal regulations910210.847
Students unreliable or immature74630.233
Lack of cooperation among institutional partners65530.056
Students lack basic skills45430.640
Negative attitudes towards WBL45220.113
Negative perception of the quality of the program55103.099 **
Students’ wages are too costly34110.021
Opposition from unions10110.593
Certificate (N = 58), Associate (N = 53), Bachelor’s (N = 35), Master’s (N = 34). * Significant at p < 0.05. ** Significant at p < 0.10.
Table 9. Correlation Analysis of Reasons to Participate and Discouraging Factors. Spearman Rho.
Table 9. Correlation Analysis of Reasons to Participate and Discouraging Factors. Spearman Rho.
123456789101112
11.000−0.0830.0580.0760.1520.1080.0090.185 **0.0140.0400.082−0.019
2−0.0831.000−0.032−0.1010.1340.0830.130−0.0840.130−0.0200.016−0.020
30.058−0.0321.000−0.027−0.0320.1970.221 *0.0610.0940.051−0.0260.051
40.076−0.101−0.0271.0000.096−0.0290.0080.0080.1010.0100.1470.120
50.1520.134−0.0320.0961.0000.241 *0.0370.1720.211 *−0.0150.182 **0.043
60.1080.0830.197 **−0.0290.241 *1.0000.245 *−0.0910.095−0.040−0.1420.078
* Significant at p < 0.05. ** Significant at p < 0.10. Reasons to participate: 1 = Job shortage; 2 = Test potential employees; 3 = Access to qualified workers; 4 = Contribution to community; 5 = Hiring; 6 = Access to pre-screened applicant. Views of employers’ discouraging factors to participate: 7 = Lack of staff, time, money; 8 = Lack of knowledge about WBL; 9 = Lack of knowledge of institution; 10 = Students not always available; 11 = Students leaving after training; 12 = Lack of interest in WBL.
Disclaimer/Publisher’s Note: The statements, opinions and data contained in all publications are solely those of the individual author(s) and contributor(s) and not of MDPI and/or the editor(s). MDPI and/or the editor(s) disclaim responsibility for any injury to people or property resulting from any ideas, methods, instructions or products referred to in the content.

Share and Cite

MDPI and ACS Style

Aliaga, O.A.; Nagy, N.; Gómez Torres, B.; Mahmoud, A.; Callahan, C.N. Strengthening Workforce Readiness: Evidence on Work-Based Learning in U.S. Higher Education Cybersecurity Programs. J. Cybersecur. Priv. 2026, 6, 40. https://doi.org/10.3390/jcp6020040

AMA Style

Aliaga OA, Nagy N, Gómez Torres B, Mahmoud A, Callahan CN. Strengthening Workforce Readiness: Evidence on Work-Based Learning in U.S. Higher Education Cybersecurity Programs. Journal of Cybersecurity and Privacy. 2026; 6(2):40. https://doi.org/10.3390/jcp6020040

Chicago/Turabian Style

Aliaga, Oscar A., Noémi Nagy, Bonnie Gómez Torres, Ajara Mahmoud, and Courtney N. Callahan. 2026. "Strengthening Workforce Readiness: Evidence on Work-Based Learning in U.S. Higher Education Cybersecurity Programs" Journal of Cybersecurity and Privacy 6, no. 2: 40. https://doi.org/10.3390/jcp6020040

APA Style

Aliaga, O. A., Nagy, N., Gómez Torres, B., Mahmoud, A., & Callahan, C. N. (2026). Strengthening Workforce Readiness: Evidence on Work-Based Learning in U.S. Higher Education Cybersecurity Programs. Journal of Cybersecurity and Privacy, 6(2), 40. https://doi.org/10.3390/jcp6020040

Article Metrics

Back to TopTop