Abstract
Recruiting, retaining, and maintaining sufficient numbers of cybersecurity professionals in the workplace is a constant battle, not only for the technical side of cybersecurity, but also for the overlooked area of non-technical, managerial-related jobs in the cyber sector. The problem is the lack of cybersecurity skills in the European labour force. This paper presents the results of a study carried out with the aim to identify how much the cybersecurity education system within the high-level educational institutions and the industrial sector meets the needs for graduate students to gain the required cybersecurity skills. The method applied in the study is based on data collected from surveys carried out by the European competence centres on cybersecurity and the European Cybersecurity organisation. The problem of common educational program accreditation in Europe is highlighted and discussed. The actions undertaken to improve the education in both sectors are described and the emerging educational landscape is commented. The main cybersecurity knowledge specified by the industrial needs is presented in the form of five knowledge pillars. The study’s findings show that there are missing topics in high-level institution’s cybersecurity programs and that that there is a need to re-shape the content of the courses provided by the professional education providers.
Highlights
Cybersecurity has increasingly been a headline feature in news media in recent years, generally prompted by spectacular breaches of various information systems, including airlines, health organisations, credit agencies, administrations, financial institutions, telecoms, and many others (EU, 2017)
The work presented in this paper is a step towards a better understanding of the changing landscape of the cybersecurity education in the European Union (EU) provided by surveys, actions and initiatives
This paper has identified that the answers to the cybersecurity skills gap can be found in the enrichment of the higher-education institutions (HEIs) curricula with new content from the knowledge areas that are least covered, such as the organisational or human aspects of cybersecurity, and with better usage of cyber ranges for training and building skills, either as own installations of HEIs or by cooperation with the ranges provided on the European market
Summary
Cybersecurity has increasingly been a headline feature in news media in recent years, generally prompted by spectacular breaches of various information systems, including airlines, health organisations, credit agencies, administrations, financial institutions, telecoms, and many others (EU, 2017). The problem is wide-ranging and clear, and it needs to be addressed Both higher-education institutions (HEIs) and professional trainers are working to address the increased skills shortage, but as reported by the European Cybersecurity organisation paper (ECSO, 2020) and by other authors (Libicki et al, 2014; Michael, 2018), cybersecurity should be viewed as an emerging meta-discipline that is not academic, because the contents of existing HEI programmes are focused mainly on the traditional cybersecurity topics while modern learning methodology has been left behind. The demand for cybersecurity skills in the industry makes it difficult for academia to attract academics with knowledge, practical experience, a research background, and academic aspirations Another problem to be addressed in combating the current cybersecurity skills shortage is an understanding of the diverse needs in this field, which should be used to shape the curriculum of cybersecurity educational programmes.
Sign-in/Register to view highlights & summary Sign-in/Register to access full text options 
Free) 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call
