ATLSECCON 2025

Cybersecurity education often neglects the critical role of risk management despite its fundamental importance in protecting data and systems. This presentation argues that cybersecurity professionals need a robust understanding of risk assessment, mitigation, and management.

We will demonstrate a significant deficiency in risk management instruction by analyzing current cybersecurity education frameworks and widely used definitions of cybersecurity. We will discuss the implications of this gap, highlighting how it impacts the security posture of organizations and the professional development of cybersecurity practitioners.

This presentation aims to raise awareness of this critical issue and provide actionable recommendations for educators, institutions, and professionals to integrate comprehensive risk management training into cybersecurity curricula. By bridging this gap, we can cultivate a more proactive and resilient cybersecurity workforce capable of effectively addressing the evolving threats of the digital world.