Designing Learning for In-Demand Skills: Cybersecurity


What does it take to create good learning content? This is a question we, as instructional designers, are asked in one form or another pretty often. When I first started in the field, I would develop an outline, do some light validation, and then build the program — then off to the races! 

Since then, a few things have changed: learning design has evolved as a discipline, and competition for high-quality learning content and experiences has skyrocketed. 

This has coincided with an ongoing multipart effort by our Instructional Design team. Every day, we’re engaged in developing deep learning design processes and rigor around our learning and content design. We’re also striving for a deeper understanding of the jobs market and what skills and bootcamps employers and learners are scouring the internet for. This comes into play when considering backward design, where we start with “why” and focus on establishing the overarching learning outcomes and skills needed before designing the content to support that experience.

So, what does that look like in practice?

Moving from theory, let’s get into a real-life example of a learning solution GA just released this quarter: Cybersecurity for Developers Accelerator. We’ll take a look at three parts: (1) the background research and validation, (2) the skills needed, and (3) the product itself.

Step 1: Research & Validation

When building a program, our Instructional Design team partners closely with a product manager to help us ensure we are building best-fit learning solutions for our clients. This process includes deep market and industry research, performing a skills growth analysis for our target learners, and interviewing our best customers and partners. 

All of these inputs helped us to confirm that businesses, now more than ever, need cybersecurity skills to prevent breaches and that all developers can benefit from upskilling on more secure coding practices. 

Here are some fast facts from our market research:

  • Cybersecurity skills remain one of the top 10 most in-demand tech skills to-date.
  • Preparing developers for security risks has never been more pressing for enterprise businesses, i.e., 2020 was reported as the “worst year on record” for security breaches. 
  • Burning Glass has predicted 164% growth in application development security over the next five years, among other skill areas associated with building secure digital infrastructures from the ground up. This underscores businesses’ shift from retroactive security strategies to proactive security strategies.

Step 2: The Skills Needed

What skills do our developers need to be able to walk away from our course in order to prevent these breaches? We looked at job descriptions for the role itself and worked with a subject matter expert (SME) who is a real-world practitioner and expert in the field to validate our research. Here are some of the skills we identified: 

  • Input Validation
  • End to End Encryption
  • Prevent Injection Attacks
  • Develop and Implement Security Policies + Headers
  • Logging
  • Threat Modeling
  • Hashing
  • Evaluating 3rd-Party Libraries

Step 3: The Finished Product 

Using the instructional design concept of backward design, we sequenced the material for the skills needed and researched into these five units, which can be delivered in a 1-week accelerator course or a 10-week part-time course:

  • Cybersecurity for Web Applications
  • Front- and Back-End Security
  • Threat Modeling and Logging
  • Additional Security Features
  • Applied Practice

As students progress through the course, we have embedded guided demos and walkthroughs of key concepts followed by labs where students can try them independently. This is a key instructional design concept:  “I do, we do, you do,” meaning that first, an instructor walks the class through a concept via a demo, and then the class tries it together. After that, students try things on their own in carefully developed labs.

Lastly, we work to simulate the real world as much as possible, especially for something as specific and high-stakes as cybersecurity. To this end, we developed a project that students work on throughout the course as they learn new concepts. In the case of the Cybersecurity Accelerator, we developed a purposely buggy fictional application where students need to spot the vulnerabilities and use the skills they learn in the course to patch and fix those vulnerabilities to prevent a security breach. 

Now that I’m on the other side of this project, what’s most exciting to me as an instructional designer is that we can get really robust courses for in-demand skills — for both employees and employers — out into the world.  As things inevitably change and the world shifts, we’ll continue to build solutions that bring integral skills to your organization.

Want to learn more about our Cybersecurity Accelerator? Reach out here

Disclaimer: General Assembly referred to their Bootcamps and Short Courses as “Immersive” and “Part-time” courses respectfully and you may see that reference in posts prior to 2023.