Date of Award


Degree Type


Degree Name

Master of Science (MS)


Computer and Information Technology

Committee Chair

Kevin Dittman

Committee Member 1

J. Eric Dietz

Committee Member 2

Kathryn Seigfried-Spellar

Committee Member 3

Jeffrey Brewer


Information assurance and cybersecurity has become a critical element in the daily lives of almost every individual and organization across the globe. To be able to protect Personal Identity Information (PII), Intellectual Property (IP) and organizational trademarks requires producing more cybersecurity practitioners. The problem being addressed by this study is the identification of comprehensive competency levels for information assurance and cybersecurity practitioners is unknown. This research created definitions for three levels of cybersecurity practitioners that can be utilized by government, industry and academia individuals and organizations. 14 core competencies for cybersecurity practitioners were identified and defined. The Qualtrics survey was distributed through email by sending a link to survey participants. To obtain the opinions of the government the survey was distributed to the United States Army Information Technology and Security community and the Department of Homeland Security (DHS) Office of Technology. To gain insight from the academia community the survey was distributed to the Purdue community and affiliates of the Center for Education and Research in Information Assurance and Security (CERIAS) and the Department of Computer and Information Technology. For input from the industry the following Information Assurance and Security departments of the following companies received the survey: Lockheed Martin Cybersecurity, Cook Medical, RSA Security, LLC., Dell, Cisco, SAP Software Solutions, and Business Applications and Technology. The data was analyzed using SPSS a statistical software package available to Purdue faculty, staff, and students. Overall there were 61 government participants, 27 industry participants, and 13 academia participants. The one-way ANOVA test for all the government, industry and academia practitioners yielded many significant findings. Some of the most important competencies that spanned across all affiliations and levels were Access Control and Incident Management and Response. This research aimed to identify a broad list of competencies that could be used to design training, curriculum, and certification courses for cybersecurity practitioners.