Philip Cao

Stay Hungry. Stay Foolish.

The University of the Cumberlands Knows No Boundaries

3 min read



For Donnie Grimes, (ISC)² Global Academic Program (GAP) instructor and vice president of information systems and creator of the Master’s program in cybersecurity for the University of the Cumberlands, based in Williamsburg, Kentucky, breaches know no boundaries – and neither should cybersecurity education.

A GAP member since 2014, the University has historically served people from the Appalachia area; and until 2014, had no cybersecurity offering. Over the past 10-15 years, however, its sphere of influence has increased, with thriving graduate programs and students representing 58 different countries and most U.S. states. With a 40-year stint as a two-year school, Cumberlands is now a four-year college with 5,500 students. Cumberlands is one of the largest online schools in Kentucky, with an online population of approximately 4,000.

In 2012, Cumberlands tasked Grimes with developing the graduate cybersecurity curriculum for the University. As part of this process, he researched hundreds of different programs but couldn’t find many in cybersecurity, let alone those that adequately prepared students to enter the field. He found many schools that offered Master’s programs, but he believed they were really just glorified computer science programs. They included classes on data structures and programming, and just tacked one or two classes on at the end of the program and called them a “Master’s” in cybersecurity.

His vision for the Cumberlands was to create a Master’s program that was more in line with certification programs, such as the CISSP®, that exposes students to real-world concepts and prepares them for the pursuit of continual learning, which is essential for success in the field. Grimes designed the curriculum around the CISSP CBK®, with each course based upon a different CISSP CBK domain. He believes this approach provides a great foundation for students and ensures well-rounded graduates.

He worked to get the University and the information security program accredited through the Commission on Colleges of the Southern Association of Colleges and Schools (SACS). While there have been no graduates yet, there are 120 students enrolled in the program, including CIOs from a wide variety of industries. Their feedback has been very positive, and Grimes sees this compliment from professionals working in the field as the best they could receive.

Grimes implemented a process to review modifications to the CBK domains so they can keep up with industry fluctuations. Says Grimes, “We are not afraid of change. Our goal is to keep the program flexible enough to accommodate the realities of a dynamic industry.”

In discussing why the Cumberlands became a GAP school, Grimes comments that it was a “…value-add for our program and a natural fit because our curriculum was already aligned with the CISSP. We were already encouraging our graduates to sit for the CISSP exam because it validates their core knowledge. Becoming a GAP school streamlines the process and helps us keep our curriculum aligned with real-world concepts they can apply not only to their education process, but that will contribute to their success in the field.”

So what’s next for this rapidly growing school? Grimes would like to create courses that train future cybersecurity leaders and to see the University reach students in more parts of the world. The University also plans to launch a PhD program in information security this year. The University is currently working with the NSA and DHS to become a National Center of Academic Excellence. He reflected, “Our extensive online program means that students’ educational opportunities are not limited by their physical location. Breaches know no boundaries, and as an educational institution, we shouldn’t either. Regional colleges have an important role in stemming the cybersecurity skills shortage, and we should take advantage of virtual learning systems to improve the cybersecurity situation globally.”

For more information on the GAP, please visit

(ISC)² Management

[(ISC)² Blog]

Leave a Reply

Copyright © 2006-2022 Philip Hung Cao. All rights reserved