I cannot wait to get into a room with people and just hack on curriculum. Learning is such an embodied experience, and we lose that on Zoom (learning is always embodied so we don’t lose it, but the energy goes negative…zoom fatigue). You need to get up and move around, curse, throw things.

You know. Learning.

Instructional design is no different. You throw around ideas and keep what sticks.

This is why I am excited that the Cybersecurity Maturity Model Certification curriculum team at Southern Connecticut State University continues to grow.

Next time we gather for a curriclum hack day, Leighton Johnson, a forty year cybersecurity veteran, will join us.

Leighton Johnson

Leighton Johnson, who started his career as a SATCOM Repair Specialist with the Army down at Fort Gordon in 1980, holds over thirty IT Security and six Homeland Security professional certifications.

Johnson also brings an unparalled level of leadership experience to the team. His managerial and supervisory experiences span over 25 years, and provide support for multiple levels of activities, including Computer Security Lead Engineer, Regional CIO for Professional Services organization and Information Security Program Manager (CISO) for DOD field-level agency.

Recently, Leighton has become one of the nation’s leading CMMC experts. He has completed training for and achieved CMMC Provisional Assessor Levels 1-3 certification. Johnson developed and taught cyber warfare and cyber defense courses to DOD/DISA organizations around the world. He has authored two books on Incident Response Team Management and Security Controls Assessments. Johnson also wrote 5 training manuals on the implementation and management of the NIST-based Risk Management Framework. This curriculum leadership will only strengthen the work we publish.

As an expert, Leighton Johnson will first serve on our content validity team. He begins by taking our objectives and the description of the AB’s Bodies of Knowledge. Johnson then identifies what BoK he thinks our objectives fit, determines how sure he is of his choice, and then decides how relevant he thinks the objective is to the BoK. We then combine his data with other experts and calculate a content validity index score.

As a next step, Johnson will move into writing curriculum. He will take his expertise in developing RMF trainings for NIST, and help create problem sets around each objective at the practice level.

We are very excited for our next curriculum hack days.