Online cybersecurity education increasingly serves diverse cohorts, including students with non-technical backgrounds and those balancing their studies with work or family responsibilities. Yet, research on sustaining educational quality while scaling fully online enrolments remains limited, particularly in foundational technical subjects where learning requires both conceptual understanding and professional judgement. This study aims to examine how teaching presence can be operationalised in fully online foundational cybersecurity subjects through inspectable artefacts and routines that remain workable for large cohorts and distributed teaching teams. This paper reports a Scholarship of Teaching and Learning (SoTL) design and transfer case grounded in the Community of Inquiry (CoI) framework. This study examines the redesign of CSE1ICB (Introduction to Cybersecurity) and the transfer of the same design logic to CSE1CPR (Cybersecurity in Practice). The findings identify a coherent four-component design model comprising (1) real-world incident integration, (2) scenario-based learning and interactive checks, (3) structured, layered support, and (4) a predictable communication rhythm across the learning management system (LMS) and email. Across these two subjects, these elements are presented as an integrated system intended to make learning objectives salient, increase opportunities for guided practice in professional reasoning, reduce avoidable friction in practical work, and create consistent instructor visibility through routine communication and support structures. This paper synthesises the approach into nine transferable design principles, mapped to CoI teaching presence dimensions and illustrated through concrete design choices, including incident-framing templates, scenario prompt patterns, layered support resources, formative feedback patterns, and communication routines. Overall, this study shows that teaching presence can be operationalised as a coordinated design system rather than as a set of isolated tactics. This paper contributes a reusable and theory-informed model for educators coordinating foundational cybersecurity subjects delivered online at scale.
Shahraki et al. (Mon,) studied this question.