After the successful launch of a DBA program for working executives, the program’s academic director ponders whether or not there might be an opportunity to create a cybersecurity doctoral program based on the existing program’s research core.
Grandon Gill, Academic Director of the Doctorate of Business Administration Program (DBA) at the University of South Florida’s (USF) Muma College of Business pondered the email he had just sent to Moez Limayem, the dean of the college (see Exhibit 1). In that email, he had raised the possibility of developing a version of the college’s highly successful DBA program specifically targeting cybersecurity professionals. He also noted the possibility of funding from the National Science Foundation (NSF) to help cover the costs of launching the program.
The idea of starting the program sparked when Gill had attended an NSF principal investigator’s meeting earlier in the year. A key area of discussion in the meeting involved the serious shortage of terminally qualified faculty candidates to teach cybersecurity-related graduate courses at universities across the United States. These discussions were confirmed by subsequent research. Recent surveys by the U.S. Department of Labor found that the demand for cybersecurity graduates had increased by 27% in 2016 to reach a record high, and increasing number of data breaches and cyber-attacks highlighted the need for trained security professionals. Although there was a lot of practical experience out there in the cybersecurity arena, when a research university like USF wanted to hire faculty, candidates needed to have a terminal degree such as a PhD or DBA. These were much less common among the security experts that would be a good fit with business schools or MIS departments. Indeed, there were few doctoral programs in cybersecurity that focused on researching the human side of cybersecurity—increasingly important in the worlds of business and government. The Muma College of Business has experienced many challenges in its own efforts to hire cybersecurity faculty. What Gill also recognized was that much of the research content of the DBA program that he led could be quite applicable to nontechnical cybersecurity research.
The possibility of initiating the new program was not a decision to be taken lightly. Indeed, it raised a series of related questions and decisions: 1) Would such a program be viable in the first place? 2) Should the launch of such a program be contingent on the acquisition of external funding to cover startup expenses? 3) Could the DBA program faculty and staff, already stretched thin by the DBA program’s larger than expected cohorts, support such an additional program? 4) At a university where responsibility for cybersecurity was spread across three colleges, what type of support or opposition could be anticipated for such a program?
Authors: Utkarsh Shrivastava, Taufeeq Mohammed
Cite as: Shrivastava, U. & Mohammed, T. (2017). A cybersecurity executive DBA? Muma Case Review 2(9). 1-35. https://doi.org/10.28945/3913